Mar 30, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

Cszcms Csz Cms: public exploit or PoC linked (SQL Injection)
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-24405 Izsoft Easy Cookies Policy CSRF

Public exploit or PoC available
Exploit activity linked
Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Active exploit activity

CVE-2021-26599 ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection.

Public exploit or PoC available
Exploit activity linked

Impresscms SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-43142 Jox Project Jox XXE

CVSS 9.8

New critical Jox Project Jox XXE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-43701 Exploit

CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint /admin/export/getcsv/article_db, via the fie...

CVE-2021-26599 Exploit

ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection.

CVE-2021-24405 Exploit

The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any au...

CVE-2019-17124 Exploit

Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-43142 CVSS 9.8

An XML External Entity (XXE) vulnerability exists in wuta jox 1.16 in the readObject method in JOXSAXBeanInput.

CVE-2021-46007 CVSS 9.8

totolink a3100r V5.9c.4577 is vulnerable to os command injection.

CVE-2021-46009 CVSS 9.8

In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication.

CVE-2022-23795 CVSS 9.8

An issue was discovered in Joomla!

CVE-2022-23797 CVSS 9.8

An issue was discovered in Joomla!

CVE-2022-23799 CVSS 9.8

An issue was discovered in Joomla!

CVE-2022-24790 CVSS 9.1

Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications.

CVE-2022-26645 CVSS 9.8

A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafte...

CVE-2022-26646 CVSS 9.8

Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.

CVE-2022-28223 CVSS 9.1

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin.

View critical disclosures

cvelogic Threat Intelligence