Oct 18, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Mitsubishielectric Smartrtu Firmware: public exploit or PoC linked (cross-site scripting)
  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2018-16061 Mitsubishi Electric Europe B.V.

  • Public exploit or PoC available
  • Exploit activity linked

Mitsubishielectric Smartrtu Firmware cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2020-11738 WordPress Snap Creek Duplicator Plugin File Download

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Critical exposure

CVE-2021-22961 Glasswire RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Glasswire RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-41382 Exploit

Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server management interface.

CVE-2020-11738 Exploit

WordPress Snap Creek Duplicator Plugin File Download

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-22961 CVSS 9.8

A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from...

CVE-2021-23449 CVSS 9.8

This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the h...

CVE-2021-33023 CVSS 9.8

Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execu...

CVE-2021-38297 CVSS 9.8

Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOA...

CVE-2021-38389 CVSS 9.8

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely exec...

CVE-2021-42575 CVSS 9.8

The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

CVE-2021-42576 CVSS 9.8

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associat...

View critical disclosures

cvelogic Threat Intelligence