Nov 3, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 79 CVEs added to CISA KEV today.
  • Thedaylightstudio Fuel Cms: public exploit or PoC linked (RCE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2010-5326 SAP NetWeaver Remote Code Execution

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

SAP NetWeaver RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2018-16763 Thedaylightstudio Fuel Cms RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Thedaylightstudio Fuel Cms RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2020-18262 Ed01-cms Project Ed01-cms SQL Injection

  • CVSS 9.8

New critical Ed01-cms Project Ed01-cms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Google Chromium Intents Improper Input Validation

Yealink Device Management Server-Side Request Forgery (SSRF)

View KEV additions

Exploit & PoC activity

CVE-2021-34429 Exploit

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the...

CVE-2021-29156 Exploit

ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol.

CVE-2018-16763 Exploit

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-18261 CVSS 9.8

An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.

CVE-2020-18262 CVSS 9.8

ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.

CVE-2020-20982 CVSS 9.6

Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privilege...

CVE-2020-23679 CVSS 9.8

Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password fi...

CVE-2020-24000 CVSS 9.8

SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the...

CVE-2020-24743 CVSS 9.8

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges v...

CVE-2021-41492 CVSS 9.8

Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System (POS) 1.0 via the (1) Product Code in the pos pag...

CVE-2021-42772 CVSS 9.8

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management...

CVE-2021-43082 CVSS 9.8

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Serv...

CVE-2021-43140 CVSS 9.8

SQL Injection vulnerability exists in Sourcecodester.

View critical disclosures

cvelogic Threat Intelligence