CVE-2021-36770
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.
We have discovered 36,191 live websites that are affected by CVE-2021-36770.
Affected Software
| Product |  Perl |
| Category | Programming Languages |
| Vulnerable Domains | 36,191 live websites (93.70% of Perl install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 56 versions ( 82.35% of all versions) |
Details
- Published - Aug 12, 2021
- Updated - Aug 4, 2024
CVE References
CVE-2021-36770 usage by Country
 United States | 10,031 websites |
 Russia | 3,811 websites |
 France | 2,747 websites |
 Germany | 2,532 websites |
 Chile | 1,903 websites |
 Finland | 1,420 websites |
 Japan | 1,391 websites |
 China | 1,098 websites |
 Czech Republic | 1,059 websites |
CVE-2021-36770 usage by TLD
| .com | 13,448 websites |
| .ru | 3,161 websites |
| .org | 2,282 websites |
| .net | 1,977 websites |
| .de | 1,848 websites |
| .fi | 1,054 websites |
| .cz | 744 websites |
| .edu | 716 websites |
| .fr | 543 websites |
| .at | 519 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2021-36770
Top websites that are affected by CVE-2021-36770. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.********.***.uk |  GB | *,*** | |
| ***.***.org | United States | *,*** | |
| ******.com | United States | *,*** | |
| **********.org | United States | *,*** | |
| *****.com | United States | *,*** | |
| **********.*****.de | Germany | *,*** | |
| *****.********.edu | United States | *,*** | |
| ********************.org | United States | **,*** | |
| ****.***.edu | GB | **,*** | |
| *********.com | United States | **,*** |
References
- https://metacpan.org/dist/Encode/changes
- https://security-tracker.debian.org/tracker/CVE-2021-36770
- https://github.com/dankogai/p5-encode/commit/527e482dc70b035d0df4f8c77a00d81f8d775c74
- https://github.com/Perl/perl5/commit/c1a937fef07c061600a0078f4cb53fe9c2136bb9
- https://news.cpanel.com/unscheduled-tsr-10-august-2021/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KOZYD7BH2DNIAEZ2ZL4PJ4QUVQI6Y33/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NDGQSGMEZ75FJGBKNYC75OTO7TF7XHB/
- https://security.netapp.com/advisory/ntap-20210909-0003/