diff --git a/cves/2021/CVE-2021-40859.yaml b/cves/2021/CVE-2021-40859.yaml
new file mode 100644
index 0000000000..b74ad998c6
--- /dev/null
+++ b/cves/2021/CVE-2021-40859.yaml
@@ -0,0 +1,36 @@
+id: CVE-2021-40859
+
+info:
+  name: CVE-2021-40859
+  author: pussycat0x
+  severity: critical
+  description: unauthenticated endpoint ("https://192.168.1[.]2/about_state"), enabling the bad actor to gain access to a web interface that allows for resetting the administrator password.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-40859
+    - https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html
+  metadata:
+    fofa-dork: '"auerswald"'
+  tags: cve,cve2021,iot,unauth,voip
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/about_state"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"pbx"'
+          - '"dongleStatus":0'
+          - '"macaddr"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/misconfiguration/unauthorized-puppet-node-manager-detect.yaml b/misconfiguration/unauthorized-puppet-node-manager-detect.yaml
new file mode 100644
index 0000000000..d229013dd5
--- /dev/null
+++ b/misconfiguration/unauthorized-puppet-node-manager-detect.yaml
@@ -0,0 +1,24 @@
+id: unauthorized-puppet-node-manager
+
+info:
+  name: Pupet Node Manager
+  author: pussycat0x
+  severity: medium
+  metadata:
+    fofa-dork: 'app="puppet-Node-Manager"'
+  tags: node,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<a href="/nodes">Nodes</a>'
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/puppet-node-manager-detect.yaml b/technologies/puppet-node-manager-detect.yaml
new file mode 100644
index 0000000000..24d0ce4789
--- /dev/null
+++ b/technologies/puppet-node-manager-detect.yaml
@@ -0,0 +1,24 @@
+id: puppet-node-manager-detect
+
+info:
+  name: Puppet Node Manager
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="puppet-Node-Manager"'
+  tags: node,tech
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Puppet Node Manager</title>'
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file