{"vulnerability": "CVE-2023-4681", "sightings": [{"uuid": "6c61fe84-d83f-4fc8-9f2c-b0d04059bda4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ispconfig_lang_edit_php_code_injection.rb", "content": "", "creation_timestamp": "2025-07-09T05:55:58.000000Z"}, {"uuid": "a357a8bd-9c1a-4336-b292-39b48baf4bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltkpmawjzb2z", "content": "", "creation_timestamp": "2025-07-09T21:02:20.476588Z"}, {"uuid": "27a38bd4-982c-497e-9f9b-b86e4b7dc66d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "78de90a7-e603-43ed-b083-92051878f0a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/YzbpGbL1ih43JnW9bbIM91Q9MCmFYDnJfG6ZYS4qtd5wFPE", "content": "", "creation_timestamp": "2025-06-14T21:00:04.000000Z"}, {"uuid": "35a90c0d-00f0-487f-9910-ce0322f60929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46810", "type": "seen", "source": "https://t.me/itsec_news/4463", "content": "\u200b\u26a1\ufe0f\u0421\u0440\u0430\u0437\u0443 \u043f\u044f\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Ivanti \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\n\n\ud83d\udcac21 \u043c\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043a\u0430\u043a Endpoint Manager, Avalanche, Neurons for ITSM, Connect Secure \u0438 Secure Access. \u0421\u0443\u043c\u043c\u0430\u0440\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 16 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b \u043a\u0440\u0430\u0442\u043a\u043e \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043d\u0438\u0436\u0435.\n\n\u0418\u0437 \u0434\u0435\u0441\u044f\u0442\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Endpoint Manager \u0448\u0435\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f\u043c\u0438 (CVE-2024-29822, CVE-2024-29823, CVE-2024-29824, CVE-2024-29825, CVE-2024-29826, CVE-2024-29827). \u041e\u043d\u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9.6 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Endpoint Manager (CVE-2024-29828, CVE-2024-29829, CVE-2024-29830, CVE-2024-29846) \u0443\u0436\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 8.4 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f Core \u0441\u0435\u0440\u0432\u0435\u0440 Ivanti EPM 2022 SU5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0412 \u043a\u043b\u0438\u0435\u043d\u0442\u0435 Ivanti Avalanche \u0432\u0435\u0440\u0441\u0438\u0438 6.4.3.602 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-29848 (CVSS 7.2), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f (CVE-2024-22059, CVSS 8.8) \u0438 \u043e\u0448\u0438\u0431\u043a\u0430 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-22060, CVSS 8.7) \u0432 Ivanti Neurons for ITSM, CRLF-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f \u0432 Ivanti Connect Secure (CVE-2023-38551, CVSS 8.2) \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Ivanti Secure Access: CVE-2023-38042, CVSS 7.8 (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Windows) \u0438 CVE-2023-46810, CVSS 7.3 (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Linux).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430, \u0447\u0442\u043e \u0443 \u043d\u0435\u0451 \u043d\u0435\u0442 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0441\u0435\u0445 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u043b\u0438 \u0438\u0445 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Ivanti \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0422\u0430\u043a\u0436\u0435 \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043b\u0443\u0447\u0448\u0438\u043c \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0434\u0438\u0442 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0442\u044c \u043f\u043b\u0430\u043d \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0439 \u0440\u0435\u0430\u043a\u0446\u0438\u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-24T23:27:46.000000Z"}, {"uuid": "381a7dbf-5186-49dc-9573-04b82f54dad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/6tsNPngCJJc2PuKtjS5_37WNa-fKGq-6Vb5elS9ax5fMzMI", "content": "", "creation_timestamp": "2025-09-06T09:00:05.000000Z"}, {"uuid": "6a5d1bfb-5ac9-40a0-ba87-92e94f27acba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/290", "content": "1. https://github.com/Sachinart/CVE-2025-32432\nCheck for CVE-2025-32432 vulnerability\n#github #exploit\n\n\n2. https://github.com/helidem/CVE-2025-24054-PoC\nProof of Concept for NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n3. https://github.com/ajdumanhug/CVE-2023-46818\nCVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 PHP Code Injection\n#github #exploit\n\n\n4. https://github.com/0x6rss/CVE-2025-24071_PoC\nNTLM hash leak via .library-ms inside ZIP/RAR (CVE-2025-24071)\n#github #poc\n\n\n5. https://github.com/trickest/cve/blob/main/2022/CVE-2022-42092.md\nCVE-2022-42092 \u2013 Backdrop CMS RCE PoC\n#github #exploit\n\n\n6. https://github.com/nomi-sec/PoC-in-GitHub\nAggregated CVE Exploits and PoCs from GitHub\n#github #tool\n\n\n7. https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker\nLinux Container Escape CVE-2022-0492 vulnerability checker\n#github #exploit\n\n\n8. https://github.com/xigney/CVE-2025-24054_PoC\nAlternate NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n9. https://github.com/bipbopbup/CVE-2023-46818-python-exploit\nPython PoC for CVE-2023-46818 in ISPConfig\n#github #exploit\n\n\n10. https://github.com/Marcejr117/CVE-2025-24071_PoC\nNTLM Hash Leak using .library-ms via ZIP trick (CVE-2025-24071)\n#github #poc\n\n\n11. https://github.com/Ostorlab/KEV\nKnown Exploited Vulnerabilities Detector\n#github #scanner\n\n\n12. https://github.com/edoardottt/missing-cve-nuclei-templates\nMissing CVE Detection via Nuclei Templates\n#github #scanner\n\n\n13. https://github.com/hyp3rlinx/Advisories\nZero-Day Security Advisories and Exploits by Hyp3rlinx\n#github #exploit\n\n\n14. https://github.com/Kubashok/apple-cve-repos\nApple CVE Database Links Repository\n#github #cve\n\n\n15. https://github.com/esnet/Seccubus_v2\nSeccubus Test Data for Vulnerability Scanners\n#github #tool\n\n\n16. https://github.com/skordemir/Xml2Ontology\nNessus XML Vulnerability Report Samples\n#github #data\n\n\n17. https://github.com/madirish/hector\nHector: Vulnerability Management Tool with Sample Nessus Reports\n#github #tool\n\n\n18. https://github.com/projectdiscovery/nuclei-templates/issues/8804\nNuclei Template request for ISPConfig CVE-2023-46818\n#github #scanner\n\n\n19. https://github.com/projectdiscovery/nuclei-templates/issues/12020\nNuclei Template PoC Request for CraftCMS CVE-2025-32432\n#github #scanner\n\n\n20. https://github.com/tanjiti/sec_profile\nSecurity Profile Aggregator \u2013 CVE, CISA, NVD, etc.\n#github #intel\n\n\n21. https://github.com/cube0x0/CVE-2021-1675\nPrintNightmare Exploit PoC (CVE-2021-1675 / CVE-2021-34527)\n#github #exploit\n\n22. https://github.com/Maldev-Academy/LsassHijackingViaReg\n\nInjecting DLL into LSASS at boot\n#github #tools\n\n\nOpen-source tools and proof-of-concept (PoC) repositories related to recent CVEs, exploits, and security research. These resources are valuable for educational purposes and can aid students in understanding real-world vulnerabilities and exploitation techniques.", "creation_timestamp": "2025-05-05T10:30:13.000000Z"}, {"uuid": "516fb804-d5d2-41c3-8361-e6be4f4ab1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34449", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE)\nURL\uff1ahttps://github.com/ajdumanhug/CVE-2022-42092\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-27T17:55:40.000000Z"}, {"uuid": "f23ef3be-2059-4aa3-b334-d30008b43aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "Telegram/lDzxx419LmTfyuLmsPSW31421MarDrsNh-ZW3fTm9VSStQ", "content": "", "creation_timestamp": "2023-10-27T12:26:30.000000Z"}, {"uuid": "749c9beb-882f-4209-a847-85f20cc204ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/kPRwdse26OL24RRCXFgr-20UFoPAircdPCmhtViT2fQDNms", "content": "", "creation_timestamp": "2025-08-01T03:00:05.000000Z"}, {"uuid": "cf8a6cf6-ac21-47c5-aac5-ed659858f574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/Xd5Dp2K-pK8eim0GR99MlfqC5INsxluEke7iGLM_07w0WZI", "content": "", "creation_timestamp": "2025-06-25T09:00:03.000000Z"}, {"uuid": "516ae66f-5656-4d93-a90c-3a8939dda7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4681", "type": "published-proof-of-concept", "source": "Telegram/hkqEFwwh606UEFPfmjcYFdm2vUfHHs20xhtGk7qU0l2VFRM", "content": "", "creation_timestamp": "2025-04-27T23:00:06.000000Z"}, {"uuid": "1081a962-aa12-4c21-8269-52a8bea27de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46815", "type": "seen", "source": "Telegram/LdfXs4V87LgXb6XDJ0UJHcge2u_0-25N3d1LLgeXf5CI0w", "content": "", "creation_timestamp": "2023-10-27T12:27:06.000000Z"}, {"uuid": "6c54a7a5-78d5-4927-81e4-fba72716c5f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46816", "type": "seen", "source": "Telegram/lDe5AZ6JwDABLtV-GpTsNoLPfstS8N7dfaIBuiTYWJlJSQ", "content": "", "creation_timestamp": "2023-10-27T12:26:47.000000Z"}, {"uuid": "89a9dea1-bc3d-4f7f-ae3d-affefaf09197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46817", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/200", "content": "Tools - Hackers Factory\n\nThis project generates DNS zonefiles with custom NSEC3 parameters to reproduce and evaluate the attacks in CVE-2023-50868. \n\nhttps://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack\n\nGitHub - kgdn/buffet: Web-based virtual machine manager - BSc. Computer Systems dissertation project (Heriot-Watt University)\n\nhttps://github.com/kgdn/buffet\n\nA full Mod_Security guide to use local software like clam-av, chkrootkit, fail2ban, rkhunter for Nginx & Apache \n\nhttps://github.com/VolkanSah/ModSecurity-Webserver-Protection-Guide\n\nMac RDP Client: Kerberos and Protected Users Guide\nhttps://awakecoding.com/posts/mac-rdp-client-kerberos-and-protected-users-guide/\n\n#exploit\n1. CVE-2023-46817:\nphpFox <=4.8.13 (redirect) PHP Object Injection\nhttps://karmainsecurity.com/pocs/CVE-2023-46817.php\n\n2. Magento CE RCE Exploit\nhttps://github.com/Hackhoven/Magento-RCE\n\n#tools #Offensive_security\n\n1. Tools for analyzing EDR agents\nhttps://github.com/outflanknl/edr-internals\n\n2. Benevolent Shellcode Loader\nhttps://github.com/jakobfriedl/BenevolentLoader\n\n#exploit\n1. CVE-2024-30850, CVE-2024-31839:\nCHAOS RAT v5.01 web panel RCE\nhttps://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc\n\n2. CVE-2024-28995:\nSolarWinds Serv-U directory transversal\nhttps://github.com/rapid7/metasploit-framework/pull/19255\n\nhttps://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis\n\n#reversing\n1. TempleOS Reverse Engineering\nhttps://starkeblog.com/bootsector/templeos/2024/06/13/templeos-reverse-engineering-part-i.html\n2. Thecus NAS Firmware Decryption\nhttps://starkeblog.com/cryptography/firmware/2024/06/11/thecus-nas-firmware-decrypt.html\n\nhttps://github.com/nstarke/thecus-firmware-decrypt\n\nHijack clicks on and within links, probably for client-side routing \n\n#Research\n\"Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains\", 2024.\n\nhttps://github.com/mapbox/link-hijacker\n\n#exploit\n1. CVE-2022-41034:\nVSCode ipynb RCE\nhttps://packetstormsecurity.com/files/179029/VSCode-ipynb-Remote-Code-Execution.html\n\n2. CVE-2024-27801:\nUaF in NSXPC on all Apple platforms\nhttps://github.com/wangtielei/POCs/tree/main/CVE-2024-27801\n+ UAF in AGX (iOS <13):\nhttps://github.com/wangtielei/POCs/tree/main/No_CVE\n\n#HackersFactory", "creation_timestamp": "2024-06-18T09:33:59.000000Z"}, {"uuid": "9f69f39a-dd06-4d50-961a-dc897c099f75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/ggL6AH1lRYorBCzgwro177IArqCXjxjkyvjAx2FEfC3c0Ls", "content": "", "creation_timestamp": "2025-04-13T23:00:06.000000Z"}, {"uuid": "6b965555-387a-422f-b158-2fff83c1bfdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4681", "type": "seen", "source": "https://t.me/cibsecurity/69571", "content": "\u203c CVE-2023-4681 \u203c\n\nNULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:28.000000Z"}, {"uuid": "3ccccaad-2e0c-4d47-82c5-3b429ddd720c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/3WDKzCztn6fhsFP0h502IW0gqJijz_QXvsQbayWM_ehdyuQ", "content": "", "creation_timestamp": "2025-04-14T05:00:07.000000Z"}, {"uuid": "1f56bc79-fc51-46e0-b27f-cde2eb70917e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46817", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6752", "content": "Tools - Hackers Factory\n\nThis project generates DNS zonefiles with custom NSEC3 parameters to reproduce and evaluate the attacks in CVE-2023-50868. \n\nhttps://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack\n\nGitHub - kgdn/buffet: Web-based virtual machine manager - BSc. Computer Systems dissertation project (Heriot-Watt University)\n\nhttps://github.com/kgdn/buffet\n\nA full Mod_Security guide to use local software like clam-av, chkrootkit, fail2ban, rkhunter for Nginx & Apache \n\nhttps://github.com/VolkanSah/ModSecurity-Webserver-Protection-Guide\n\nMac RDP Client: Kerberos and Protected Users Guide\nhttps://awakecoding.com/posts/mac-rdp-client-kerberos-and-protected-users-guide/\n\n#exploit\n1. CVE-2023-46817:\nphpFox <=4.8.13 (redirect) PHP Object Injection\nhttps://karmainsecurity.com/pocs/CVE-2023-46817.php\n\n2. Magento CE RCE Exploit\nhttps://github.com/Hackhoven/Magento-RCE\n\n#tools #Offensive_security\n\n1. Tools for analyzing EDR agents\nhttps://github.com/outflanknl/edr-internals\n\n2. Benevolent Shellcode Loader\nhttps://github.com/jakobfriedl/BenevolentLoader\n\n#exploit\n1. CVE-2024-30850, CVE-2024-31839:\nCHAOS RAT v5.01 web panel RCE\nhttps://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc\n\n2. CVE-2024-28995:\nSolarWinds Serv-U directory transversal\nhttps://github.com/rapid7/metasploit-framework/pull/19255\n\nhttps://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis\n\n#reversing\n1. TempleOS Reverse Engineering\nhttps://starkeblog.com/bootsector/templeos/2024/06/13/templeos-reverse-engineering-part-i.html\n2. Thecus NAS Firmware Decryption\nhttps://starkeblog.com/cryptography/firmware/2024/06/11/thecus-nas-firmware-decrypt.html\n\nhttps://github.com/nstarke/thecus-firmware-decrypt\n\nHijack clicks on and within links, probably for client-side routing \n\n#Research\n\"Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains\", 2024.\n\nhttps://github.com/mapbox/link-hijacker\n\n#exploit\n1. CVE-2022-41034:\nVSCode ipynb RCE\nhttps://packetstormsecurity.com/files/179029/VSCode-ipynb-Remote-Code-Execution.html\n\n2. CVE-2024-27801:\nUaF in NSXPC on all Apple platforms\nhttps://github.com/wangtielei/POCs/tree/main/CVE-2024-27801\n+ UAF in AGX (iOS <13):\nhttps://github.com/wangtielei/POCs/tree/main/No_CVE\n\n#HackersFactory", "creation_timestamp": "2024-06-18T09:34:50.000000Z"}, {"uuid": "c14f3c45-eaeb-4134-ac7f-0e318eb357ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "Telegram/341xXm5UtN9QICspfpxP1D9SSpGTYEVNLbqcOtHFcgKSJEI", "content": "", "creation_timestamp": "2025-05-02T11:00:06.000000Z"}, {"uuid": "75b8fc10-b392-49d3-90ca-9d47676e9851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46817", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3316", "content": "Tools - Hackers Factory\n\nThis project generates DNS zonefiles with custom NSEC3 parameters to reproduce and evaluate the attacks in CVE-2023-50868. \n\nhttps://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack\n\nGitHub - kgdn/buffet: Web-based virtual machine manager - BSc. Computer Systems dissertation project (Heriot-Watt University)\n\nhttps://github.com/kgdn/buffet\n\nA full Mod_Security guide to use local software like clam-av, chkrootkit, fail2ban, rkhunter for Nginx & Apache \n\nhttps://github.com/VolkanSah/ModSecurity-Webserver-Protection-Guide\n\nMac RDP Client: Kerberos and Protected Users Guide\nhttps://awakecoding.com/posts/mac-rdp-client-kerberos-and-protected-users-guide/\n\n#exploit\n1. CVE-2023-46817:\nphpFox <=4.8.13 (redirect) PHP Object Injection\nhttps://karmainsecurity.com/pocs/CVE-2023-46817.php\n\n2. Magento CE RCE Exploit\nhttps://github.com/Hackhoven/Magento-RCE\n\n#tools #Offensive_security\n\n1. Tools for analyzing EDR agents\nhttps://github.com/outflanknl/edr-internals\n\n2. Benevolent Shellcode Loader\nhttps://github.com/jakobfriedl/BenevolentLoader\n\n#exploit\n1. CVE-2024-30850, CVE-2024-31839:\nCHAOS RAT v5.01 web panel RCE\nhttps://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc\n\n2. CVE-2024-28995:\nSolarWinds Serv-U directory transversal\nhttps://github.com/rapid7/metasploit-framework/pull/19255\n\nhttps://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis\n\n#reversing\n1. TempleOS Reverse Engineering\nhttps://starkeblog.com/bootsector/templeos/2024/06/13/templeos-reverse-engineering-part-i.html\n2. Thecus NAS Firmware Decryption\nhttps://starkeblog.com/cryptography/firmware/2024/06/11/thecus-nas-firmware-decrypt.html\n\nhttps://github.com/nstarke/thecus-firmware-decrypt\n\nHijack clicks on and within links, probably for client-side routing \n\n#Research\n\"Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains\", 2024.\n\nhttps://github.com/mapbox/link-hijacker\n\n#exploit\n1. CVE-2022-41034:\nVSCode ipynb RCE\nhttps://packetstormsecurity.com/files/179029/VSCode-ipynb-Remote-Code-Execution.html\n\n2. CVE-2024-27801:\nUaF in NSXPC on all Apple platforms\nhttps://github.com/wangtielei/POCs/tree/main/CVE-2024-27801\n+ UAF in AGX (iOS <13):\nhttps://github.com/wangtielei/POCs/tree/main/No_CVE\n\n#HackersFactory", "creation_timestamp": "2024-06-18T09:33:42.000000Z"}, {"uuid": "cd334e1b-13c6-46a5-a1c7-ddfe9902493d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9584", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-03-20T05:06:02.000000Z"}, {"uuid": "542913f8-fdfd-49e0-a5e8-abc10b7b5c58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "seen", "source": "https://t.me/Rootsec_2/2265", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-08-16T08:56:17.000000Z"}, {"uuid": "bbfbc232-93e8-456c-878a-0ee1ce67dc86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46815", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10613", "content": "#exploit\n1. CVE-2023-46815:\nSugarCRM <=13.0.1 (set_note_attachment) Unrestricted File Upload\nhttps://karmainsecurity.com/KIS-2023-11\n\n2. Telerik Reporting XmlSerializer Deserialization RCE\nhttps://xz.aliyun.com/t/14693", "creation_timestamp": "2024-06-03T13:26:44.000000Z"}, {"uuid": "77eb5e90-c26b-4f11-b448-b04c5636cbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46817", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10686", "content": "#exploit\n1. CVE-2023-46817:\nphpFox <=4.8.13 (redirect) PHP Object Injection\nhttps://karmainsecurity.com/pocs/CVE-2023-46817.php\n\n2. Magento CE RCE Exploit\nhttps://github.com/Hackhoven/Magento-RCE", "creation_timestamp": "2024-06-16T22:40:45.000000Z"}, {"uuid": "b0c36b89-2934-48f4-8344-23f43f0a3cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46818", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/1929", "content": "https://github.com/ajdumanhug/CVE-2022-42092\n\nCVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE)\n#github #exploit", "creation_timestamp": "2025-05-02T14:06:34.000000Z"}]}