CVE-2021-36750

HIGH

ENC DataVault < 7.2 and VaultAPI < 67.0 - Weak Password Hashing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-36750. PoCs published by mamba-4-ever.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2021-36749, which leverages an SSRF vulnerability in Apache Druid's HTTP InputSource to read arbitrary local files. The script sends crafted HTTP requests to exfiltrate sensitive files from the target system.

Description

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names).

Exploits (1)

nomisec WORKING POC
by mamba-4-ever · poc
https://github.com/mamba-4-ever/CVE-2021-36750

The repository contains a functional exploit for CVE-2021-36749, which leverages an SSRF vulnerability in Apache Druid's HTTP InputSource to read arbitrary local files. The script sends crafted HTTP requests to exfiltrate sensitive files from the target system.

Classification
Working Poc 95%
Attack Type
Ssrf
Complexity
Trivial
Reliability
Reliable
Target: Apache Druid (versions before 0.21.0, as the issue was not fixed in 0.21.0 or 0.21.1)
Auth required
Prerequisites: Authenticated access to the Druid ingestion system · Network access to the target Druid instance
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.1
EPSS 0.1970
EPSS Percentile 95.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-307
Status published
Products (3)
sandisk/secureaccess 3.02
zendesk/enc_datavault < 7.2
zendesk/enc_vaultapi < 67.0
Published Dec 22, 2021
Tracked Since Feb 18, 2026