Jan 28, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2014-1776 Microsoft Internet Explorer Memory Corruption

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Microsoft Internet Explorer DoS is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2021-40408 Reolink Rlc-410w Firmware Command Injection

  • CVSS 9.8

New critical Reolink Rlc-410w Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-40409 Reolink Rlc-410w Firmware Command Injection

  • CVSS 9.8

New critical Reolink Rlc-410w Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2021-20038 KEV

SonicWall SMA 100 Appliances Stack-Based Buffer Overflow

CVE-2020-5722 KEV

Grandstream Networks UCM6200 Series SQL Injection

CVE-2020-0787 KEV

Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management

CVE-2017-5689 KEV

Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation

CVE-2014-7169 KEV

GNU Bourne-Again Shell (Bash) Arbitrary Code Execution

CVE-2014-6271 KEV

GNU Bourne-Again Shell (Bash) Arbitrary Code Execution

CVE-2014-1776 KEV

Microsoft Internet Explorer Memory Corruption

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-22820 CVSS 9.8

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hij...

CVE-2021-23484 CVSS 9.8

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extracti...

CVE-2021-40408 CVSS 9.8

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.

CVE-2021-40409 CVSS 9.8

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102.

CVE-2021-44971 CVSS 9.8

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_...

CVE-2021-46444 CVSS 9.8

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID.

CVE-2021-46445 CVSS 9.8

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id.

CVE-2021-46446 CVSS 9.8

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_group_...

CVE-2021-46448 CVSS 9.8

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID.

CVE-2022-21217 CVSS 9.8

An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102.

View critical disclosures

cvelogic Threat Intelligence