Feb 17, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2021-44868 A problem was found in ming-soft MCMS v5.1.

  • CVSS 9.8

New critical Mingsoft Mcms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-45382 D-Link Multiple Routers Remote Code Execution

  • CVSS 9.8
  • Remote code execution exposure

New critical D-Link Multiple Routers RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-46314 Dlink Dir-846 Firmware Command Injection

  • CVSS 9.8

New critical Dlink Dir-846 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-45382 CVSS 9.8

D-Link Multiple Routers Remote Code Execution

CVE-2021-46314 CVSS 9.8

A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1...

CVE-2021-46315 CVSS 9.8

Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin a...

CVE-2021-46319 CVSS 9.8

Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin.

CVE-2022-0623 CVSS 9.1

Out-of-bounds Read in Homebrew mruby prior to 3.2.

CVE-2022-22912 CVSS 9.8

Prototype pollution vulnerability via .parse() in Plist before v3.0.4 allows attackers to cause a Denial of Service (DoS) and may lead to...

CVE-2022-22916 CVSS 9.8

O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.

CVE-2022-22922 CVSS 9.8

TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, all...

View critical disclosures

cvelogic Threat Intelligence