{"vulnerability": "CVE-2018-6961", "sightings": [{"uuid": "49dc4f4c-ef07-409b-bdce-ed561ef25364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "MISP/5df8e293-8fe4-4dc0-a0c4-4c3502de0b81", "content": "", "creation_timestamp": "2019-12-17T14:15:18.000000Z"}, {"uuid": "46538888-83d2-41c8-bbb8-eaf02ef9541d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "MISP/08d290fb-f97b-4471-b4fb-65cd5672f476", "content": "", "creation_timestamp": "2020-10-09T14:49:39.000000Z"}, {"uuid": "b4566240-1293-41d3-9abe-a984fea0e909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "45da5475-0f0e-4b76-92fd-2d713d5030d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "https://www.exploit-db.com/exploits/44959", "content": "", "creation_timestamp": "2018-07-02T00:00:00.000000Z"}, {"uuid": "089544c8-4890-41d4-9c7d-bc74902dbd03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971428", "content": "", "creation_timestamp": "2024-12-24T20:29:11.524384Z"}, {"uuid": "dbbb5a5e-490a-495e-be72-9b633e248d0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:20.000000Z"}, {"uuid": "b8a02d78-b10b-447c-8b08-bf5f13e7ea2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-10)", "content": "", "creation_timestamp": "2026-02-10T00:00:00.000000Z"}, {"uuid": "1ddb642b-8c4f-4724-a6f6-1edb414fe228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-31)", "content": "", "creation_timestamp": "2026-01-31T00:00:00.000000Z"}, {"uuid": "4be8ec01-5283-4ea1-b1c0-9073b9787931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-25)", "content": "", "creation_timestamp": "2026-02-25T00:00:00.000000Z"}, {"uuid": "fea1cbda-d13d-4d3b-84f5-eb05823af4b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-04)", "content": "", "creation_timestamp": "2026-03-04T00:00:00.000000Z"}, {"uuid": "e0381190-ff9b-4e84-bfb7-a01d91cb529e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "2c80787a-1066-47a8-b2ef-22257c17e17a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-02)", "content": "", "creation_timestamp": "2026-02-02T00:00:00.000000Z"}, {"uuid": "e1cab4a0-329e-443d-a206-20a0396bfb80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-29)", "content": "", "creation_timestamp": "2026-01-29T00:00:00.000000Z"}, {"uuid": "25fe789f-d6ba-4e24-b859-6799b5fb4b45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbuej6v35m2f", "content": "", "creation_timestamp": "2026-01-07T21:03:17.684146Z"}, {"uuid": "3cace1a7-0726-4937-bdc2-e3e64fcf00d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "196368ac-f292-4833-ba61-f6cd5ba0e57a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-30)", "content": "", "creation_timestamp": "2026-03-30T00:00:00.000000Z"}, {"uuid": "d15acbf5-4b89-4fe8-9d45-12f11f3737c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2ad979ea-9c27-4e62-88c2-feca91b5410a", "content": "", "creation_timestamp": "2026-02-02T12:28:02.336979Z"}, {"uuid": "15a99119-ef9d-40fd-be56-4ad1334585b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-07)", "content": "", "creation_timestamp": "2026-04-07T00:00:00.000000Z"}, {"uuid": "4967ea79-beb2-4ce0-a9b9-ad5951d564a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-09)", "content": "", "creation_timestamp": "2026-04-09T00:00:00.000000Z"}, {"uuid": "d858737b-6bfe-49a4-8c52-4bb7524ad0b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "Telegram/urGPpT3cJUlorY6_7nC72AgsjCPfZq25HqCJ6SGivSSs-Maq", "content": "", "creation_timestamp": "2025-02-14T10:05:09.000000Z"}, {"uuid": "a1ec9bb6-f28f-4ee2-92f5-3f31a09472f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-17)", "content": "", "creation_timestamp": "2026-04-17T00:00:00.000000Z"}, {"uuid": "4103d0f8-17a6-4e80-8d1d-bcfc74ec9ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "published-proof-of-concept", "source": "https://t.me/antichat/1694", "content": "#vmware #exploit #\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f #\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware NSX SD-WAN Edge (CVE-2018-6961). \u0414\u044b\u0440\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u0440\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442: https://www.exploit-db.com/exploits/44959/\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 2.\u0445 \u0432\u0441\u0435\u0445, 3.1.1 \u0438 \u043d\u0438\u0436\u0435. \u0412 3.1.2 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435. \u041b\u0438\u0431\u043e \u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u0435\u0431 GUI.\n\n\u0418 \u0441\u0434\u0435\u0440\u0436\u0430\u043d\u043d\u0430\u044f, \u043d\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u0440\u0435\u0430\u043a\u0446\u0438\u044f VMware \u0441\u043e \u0432\u0441\u044f\u043a\u0438\u043c\u0438 \u0441\u0441\u044b\u043b\u043e\u0447\u043a\u0430\u043c\u0438: https://www.vmware.com/security/advisories/VMSA-2018-0011.html", "creation_timestamp": "2018-07-05T08:32:02.000000Z"}, {"uuid": "1afce524-75d6-41d7-9af2-e7bfc92795b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/59", "content": "#exploit\n1. CVE-2018-6961:\nVMware NSX SD-WAN Edge by VeloCloud <3.1.0 contains a command injection in local web UI component\nhttps://github.com/bokanrb/CVE-2018-6961\n]-> VMware NSX SD-WAN command injection vulnerability (Exploit in Python3)\nhttps://github.com/r3dxpl0it/CVE-2018-6961\n\n2. RCE in MVPower DVR/CCTV-DVR\naffecting over 70 different vendors\nhttp://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html\n]-> https://www.pentestpartners.com/security-blog/pwning-cctv-cameras\n]-> RCE exploit on TVT DVR:\nhttps://github.com/k1p0d/h264_dvr_rce\n\n3. Exploiting a Windows 10 PagedPool off-by-one overflow\nhttps://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one\n]-> PoC: https://gist.github.com/j00ru/2347cf937366e61598d1140c31262b18", "creation_timestamp": "2024-02-15T13:22:05.000000Z"}, {"uuid": "5ed202f4-9ec8-4c7d-8986-2bdbe5385c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-20)", "content": "", "creation_timestamp": "2026-05-20T00:00:00.000000Z"}, {"uuid": "9ba475f7-297a-47a6-b023-72da7a16dde0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-11)", "content": "", "creation_timestamp": "2026-05-11T00:00:00.000000Z"}, {"uuid": "ad4b9888-26ef-4cb2-bbb2-be5851537c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6961", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-25)", "content": "", "creation_timestamp": "2026-05-25T00:00:00.000000Z"}]}