CVE report

CVE-2021-41277highKEV

Metabase - Local File Inclusion

Events 7d

6

Distinct IPs

1

Severity

high

CISA KEV

Actively exploited

Downloads & integrations

Top sources probing for CVE-2021-41277

Top networks the attempts come from

Fingerprints of the clients exploiting this

The HTTP (JA4H) and TLS (JA4) fingerprints seen on these attempts. Click one to see the whole population that carries it.

Sample request paths observed

  • /api/geojson?url=file:///etc/hosts

URL patterns we match

An event counts toward CVE-2021-41277 if its URL path contains any of these substrings (case-insensitive).

  • · /api/geojson