{"uuid": "d1073b1a-8fe6-4020-9ba4-c52a2e2f035c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34362", "type": "exploited", "source": "https://t.me/ptswarm/175", "content": "MOVEit Transfer CVE-2023-34362 Deep Dive and Indicators of Compromise\n\n\ud83d\udc64 by Zach Hanley \n\nOn May 31, 2023, Progress released a security advisory for their MOVEit Transfer application which detailed a SQL injection leading to remote code execution and urged customers to update to the latest version. The vulnerability, CVE-2023-34362, at the time of release was believed to have been exploited in-the-wild as a 0-day dating back at least 30 days.\n\n\ud83d\udcdd Contents:\n\u25cf Taking a Peek \u2013 Patch Diff\u2019ing \n\u25cf A Path to Exploitation\n    \u2022 The Path to Unclean Input\n    \u2022 The Path to SQL Injection\n    \u2022 The Path to Administrator Session\n    \u2022 The Path to Remote Code Execution\n    \u2022 Post-Exploitation Bonus\n\u25cf Indicators of Compromise\n\nhttps://www.horizon3.ai/moveit-transfer-cve-2023-34362-deep-dive-and-indicators-of-compromise/", "creation_timestamp": "2023-06-12T15:17:19.000000Z"}