{"vulnerability": "CVE-2024-38094", "sightings": [{"uuid": "0758ca28-6b93-4435-b470-0d6ec1367061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-22T18:10:02.000000Z"}, {"uuid": "09ea2352-24be-407a-9489-ac19eca51ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:00.000000Z"}, {"uuid": "e7c01028-65c5-4dfd-b245-cdaa26f19fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/1610", "content": "(Photo by Tayfun Coskun/Anadolu via Getty Images)\n\u062d\u0634\u0648\u062f \u062e\u0627\u0631\u062c \u0645\u0642\u0631 \u0645\u064a\u062a\u0627 (\u0641\u064a\u0633\u0628\u0648\u0643) \u0644\u0644\u0627\u062d\u062a\u062c\u0627\u062c \u0639\u0644\u0649 \u0631\u0642\u0627\u0628\u0629 \u0645\u0627\u0631\u0643 \u0632\u0648\u0643\u0631\u0628\u064a\u0631\u063a \u0648\u0645\u064a\u062a\u0627 \u0639\u0644\u0649 \u0645\u0646\u0634\u0648\u0631\u0627\u062a \u0641\u0644\u0633\u0637\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u0645\u0646\u0635\u0627\u062a \u0627\u0644\u0627\u062c\u062a\u0645\u0627\u0639\u064a\u0629 \u0641\u064a \u0645\u064a\u0646\u0644\u0648 \u0628\u0627\u0631\u0643\u060c \u0643\u0627\u0644\u064a\u0641\u0648\u0631\u0646\u064a\u0627 (\u0627\u0644\u0623\u0646\u0627\u0636\u0648\u0644)\n23/5/2024-\u0622\u062e\u0631 \u062a\u062d\u062f\u064a\u062b: 23/5/202403:28 \u0645 (\u0628\u062a\u0648\u0642\u064a\u062a \u0645\u0643\u0629 \u0627\u0644\u0645\u0643\u0631\u0645\u0629)\n\u0646\u0628\u0647 \u0645\u0648\u0642\u0639 \u0625\u0646\u062a\u0631\u0633\u0628\u062a \u0627\u0644\u0623\u0645\u064a\u0631\u0643\u064a \u0625\u0644\u0649 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0645\u062c\u0647\u0648\u0644\u0629 \u0628\u062a\u0637\u0628\u064a\u0642 \u0648\u0627\u062a\u0633\u0627\u0628 \u062a\u0645\u0643\u0646 \u0627\u0644\u062d\u0643\u0648\u0645\u0627\u062a \u0645\u0646 \u0645\u0639\u0631\u0641\u0629 \u0645\u0646 \u062a\u0631\u0627\u0633\u0644\u0647\u060c \u0648\u062d\u0630\u0631 \u0627\u0644\u0645\u0647\u0646\u062f\u0633\u0648\u0646 \u0641\u064a \u0634\u0631\u0643\u0629 \u0645\u064a\u062a\u0627 (\u0641\u064a\u0633\u0628\u0648\u0643) \u0645\u0646 \u0623\u0646 \u0627\u0644\u062f\u0648\u0644 \u064a\u0645\u0643\u0646\u0647\u0627 \u0645\u0631\u0627\u0642\u0628\u0629 \u0627\u0644\u062f\u0631\u062f\u0634\u0627\u062a\u060c \u0648\u064a\u062e\u0634\u0649 \u0627\u0644\u0645\u0648\u0638\u0641\u0648\u0646 \u0623\u0646 \u062a\u0633\u062a\u063a\u0644 \u0625\u0633\u0631\u0627\u0626\u064a\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0627\u0646\u062a\u0642\u0627\u0621 \u0623\u0647\u062f\u0627\u0641 \u0627\u0644\u0627\u063a\u062a\u064a\u0627\u0644 \u0641\u064a \u063a\u0632\u0629.\n\n\u0648\u0630\u0643\u0631 \u0627\u0644\u0645\u0648\u0642\u0639 \u0623\u0646\u0647 \u0641\u064a \u0634\u0647\u0631 \u0645\u0627\u0631\u0633/\u0622\u0630\u0627\u0631\u060c \u0623\u0635\u062f\u0631 \u0641\u0631\u064a\u0642 \u0623\u0645\u0646 \u0648\u0627\u062a\u0633\u0627\u0628 \u062a\u062d\u0630\u064a\u0631\u0627 \u062f\u0627\u062e\u0644\u064a\u0627 \u0644\u0632\u0645\u0644\u0627\u0626\u0647 \u0628\u0623\u0646\u0647 \u0631\u063a\u0645 \u0627\u0644\u062a\u0634\u0641\u064a\u0631 \u0627\u0644\u0642\u0648\u064a \u0644\u0644\u0628\u0631\u0646\u0627\u0645\u062c\u060c \u0641\u0642\u062f \u0638\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0648\u0646 \u0639\u0631\u0636\u0629 \u0644\u0634\u0643\u0644 \u062e\u0637\u064a\u0631 \u0645\u0646 \u0623\u0634\u0643\u0627\u0644 \u0627\u0644\u0645\u0631\u0627\u0642\u0628\u0629 \u0627\u0644\u062d\u0643\u0648\u0645\u064a\u0629.\n\n\u0648\u0648\u0641\u0642\u0627 \u0644\u062a\u0642\u064a\u064a\u0645 \u0627\u0644\u062a\u0647\u062f\u064a\u062f \u0627\u0644\u0630\u064a \u0644\u0645 \u064a\u064f\u0628\u0644\u063a \u0639\u0646\u0647 \u0645\u0633\u0628\u0642\u0627\u060c \u0648\u062d\u0635\u0644 \u0639\u0644\u064a\u0647 \u0627\u0644\u0645\u0648\u0642\u0639\u060c \u0641\u0625\u0646 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0645\u062d\u0627\u062f\u062b\u0627\u062a \u0628\u064a\u0646 \u0645\u0633\u062a\u062e\u062f\u0645\u064a \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0628\u0627\u0644\u063a \u0639\u062f\u062f\u0647\u0645 2 \u0645\u0644\u064a\u0627\u0631 \u0645\u0633\u062a\u062e\u062f\u0645 \u062a\u0638\u0644 \u0622\u0645\u0646\u0629\u060c \u0644\u0643\u0646 \u0627\u0644\u062f\u0648\u0627\u0626\u0631 \u0627\u0644\u062d\u0643\u0648\u0645\u064a\u0629\u060c \u0643\u0645\u0627 \u0643\u062a\u0628 \u0627\u0644\u0645\u0647\u0646\u062f\u0633\u0648\u0646\u060c \u0643\u0627\u0646\u062a \"\u062a\u062a\u062c\u0627\u0648\u0632 \u062a\u0634\u0641\u064a\u0631\u0646\u0627\" \u0644\u0645\u0639\u0631\u0641\u0629 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0627\u0644\u0630\u064a\u0646 \u064a\u062a\u0648\u0627\u0635\u0644\u0648\u0646 \u0645\u0639 \u0628\u0639\u0636\u0647\u0645 \u0627\u0644\u0628\u0639\u0636\u060c \u0648\u0639\u0636\u0648\u064a\u0629 \u0627\u0644\u0645\u062c\u0645\u0648\u0639\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629\u060c \u0648\u0631\u0628\u0645\u0627 \u062d\u062a\u0649 \u0645\u0648\u0627\u0642\u0639\u0647\u0645. \u0648\u062d\u062b \u0627\u0644\u062a\u0642\u064a\u064a\u0645 \u0639\u0644\u0649 \u0623\u0646 \u064a\u062e\u0641\u0641 \u0648\u0627\u062a\u0633\u0627\u0628 \u0645\u0646 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \u0644\u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0641\u064a \u062a\u062d\u0644\u064a\u0644 \u062d\u0631\u0643\u0629 \u0627\u0644\u0645\u0631\u0648\u0631 \u0627\u0644\u062a\u064a \u062a\u0645\u0643\u0646 \u0627\u0644\u062f\u0648\u0644 \u0645\u0646 \u062a\u062d\u062f\u064a\u062f \u0645\u0646 \u064a\u062a\u062d\u062f\u062b \u0625\u0644\u0649 \u0645\u0646.\n\nThe Smart Shadow:\n\u2206 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0627\u062a \u0648\u0625\u062b\u0628\u0627\u062a\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645 (PoCs) \u0644\u0644\u062b\u063a\u0631\u0627\u062a \n\n\u2206 1. \u062b\u063a\u0631\u0629 Profile Builder \u0648 Profile Builder Pro\n- \u062e\u0637\u0648\u0631\u0629: 9.8/10\n- \u0627\u0644\u0648\u0635\u0641: \u062a\u0633\u0645\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0648\u0635\u0648\u0644 \u0627\u0644\u0645\u0633\u0624\u0648\u0644 \u062f\u0648\u0646 \u0627\u0644\u062d\u0627\u062c\u0629 \u0625\u0644\u0649 \u062d\u0633\u0627\u0628 \u0639\u0644\u0649 \u0627\u0644\u0645\u0648\u0642\u0639.\n- \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645: \u0644\u0627 \u064a\u0648\u062c\u062f \u0625\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 \u0645\u062d\u062f\u062f \u0641\u064a \u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0639\u0627\u0645\u0629\u060c \u0648\u0644\u0643\u0646 \u062a\u0642\u0627\u0631\u064a\u0631 WPScan \u062a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0633\u064a\u0646\u0627\u0631\u064a\u0648\u0647\u0627\u062a \u062a\u0641\u0635\u064a\u0644\u064a\u0629 \u0644\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\n- \u0645\u062b\u0627\u0644 \u0644\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645:\n   \n    import requests\n\n    url = \"http://target-website/wp-login.php\"\n    payload = {\n        \"username\": \"attacker_username\",\n        \"password\": \"attacker_password\"\n    }\n    response = requests.post(url, data=payload)\n    print(response.text)\n    \n- \u0627\u0644\u062a\u062e\u0641\u064a\u0641: \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0625\u0636\u0627\u0641\u0629 \u0625\u0644\u0649 \u0623\u062d\u062f\u062b \u0646\u0633\u062e\u0629 \u0643\u0645\u0627 \u064a\u0646\u0635\u062d \u0627\u0644\u0645\u0637\u0648\u0631\u0648\u0646.\n\n\u2206 2. \u062b\u063a\u0631\u0629 \u0643\u0627\u0645\u064a\u0631\u0627\u062a Synology BC500 IP\n- \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644: \u062a\u0633\u0645\u062d \u0628\u0627\u0644\u062a\u0628\u062f\u064a\u0644 \u0645\u0646 WAN \u0625\u0644\u0649 LAN\u060c \u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0641\u064a \u0645\u0633\u0627\u0628\u0642\u0629 Pwn2Own Toronto.\n- \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645: \u0646\u0634\u0631\u062a Claroty \u062a\u0641\u0627\u0635\u064a\u0644 \u0641\u0646\u064a\u0629 \u062d\u0648\u0644 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\n- \u0645\u062b\u0627\u0644 \u0644\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645:\n   \n    import requests\n\n    url = \"http://target-camera-ip/api/exploit\"\n    payload = {\"command\": \"switch_network\"}\n    response = requests.post(url, json=payload)\n    print(response.text)\n    \n- \u0627\u0644\u062a\u062e\u0641\u064a\u0641: \u062a\u062d\u062f\u064a\u062b \u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0627\u0644\u0643\u0627\u0645\u064a\u0631\u0627 \u0625\u0644\u0649 \u0623\u062d\u062f\u062b \u0625\u0635\u062f\u0627\u0631.\n\n#### 3. \u062b\u063a\u0631\u0629 Apache HugeGraph (CVE-2024-27348)\n- \u062e\u0637\u0648\u0631\u0629: 9.8/10\n- \u0627\u0644\u0648\u0635\u0641: \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u0627\u0644\u062a\u062d\u0643\u0645 \u0641\u064a \u062e\u0648\u0627\u062f\u0645 \u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a.\n- \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645: \u0645\u062a\u0627\u062d \u0639\u0644\u0649 GitHub \u0643\u0645\u0627 \u0630\u0643\u0631.\n- \u0645\u062b\u0627\u0644 \u0644\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645:\n   \n    import requests\n\n    url = \"http://target-hugegraph-server\"\n    payload = {\"exploit\": \"malicious_code_here\"}\n    response = requests.post(url, json=payload)\n    print(response.text)\n    \n- \u0627\u0644\u062a\u062e\u0641\u064a\u0641: \u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u062a\u0635\u062d\u064a\u062d \u0627\u0644\u0623\u0645\u0646\u064a \u0627\u0644\u0635\u0627\u062f\u0631 \u0641\u064a \u0623\u0628\u0631\u064a\u0644.\n\n\u2206 4. \u062b\u063a\u0631\u0627\u062a Microsoft SharePoint (CVE-2024-38023\u060c CVE-2024-38024\u060c CVE-2024-38094)\n- \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644: \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u064f\u0639\u062f.\n- \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645: \u0646\u0634\u0631\u0647 Nguyen Giang.\n- \u0645\u062b\u0627\u0644 \u0644\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645:\n   \n    # \u0647\u0630\u0627 \u0645\u062b\u0627\u0644 \u0627\u0641\u062a\u0631\u0627\u0636\u064a\u061b \u0642\u062f \u064a\u062e\u062a\u0644\u0641 \u0631\u0645\u0632 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0641\u0639\u0644\u064a.\n    Invoke-WebRequest -Uri \"http://target-sharepoint-server/exploit\" -Method GET\n    \n- \u0627\u0644\u062a\u062e\u0641\u064a\u0641: \u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u062a\u0635\u062d\u064a\u062d\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u0642\u062f\u0645\u0629 \u0645\u0646 Microsoft.\n\n\u2206 5. \u062b\u063a\u0631\u0629 SonicWall SMA100\n- \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644: \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0641\u064a \u0627\u0644\u0648\u0636\u0639 \u0627\u0644\u0643\u0644\u0627\u0633\u064a\u0643\u064a \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0627\u0644\u0645\u0635\u0627\u062f\u0642 \u0639\u0644\u064a\u0647\u0645.\n- \u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645: \u062a\u0645 \u0646\u0634\u0631\u0647 \u0628\u0648\u0627\u0633\u0637\u0629 SSD.\n- \u0645\u062b\u0627\u0644 \u0644\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645:\n   \n    curl -k -X POST https://target-sma100-device -d \"exploit_payload_here\"\n    \n- \u0627\u0644\u062a\u062e\u0641\u064a\u0641: \u0625\u0632\u0627\u0644\u0629 \u0627\u0644\u0648\u0636\u0639 \u0627\u0644\u0643\u0644\u0627\u0633\u064a\u0643\u064a \u0648\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0627\u0644\u062b\u0627\u0628\u062a\u0629.\n\n\u2206 \u0627\u0644\u062a\u0648\u0635\u064a\u0627\u062a \u0627\u0644\u0639\u0627\u0645\u0629\n- \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062a\u0635\u062d\u064a\u062d\u0627\u062a: \u062a\u062d\u062f\u064a\u062b \u062c\u0645\u064a\u0639 \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0648\u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0627\u0644\u062b\u0627\u0628\u062a\u0629 \u0628\u0627\u0646\u062a\u0638\u0627\u0645 \u0625\u0644\u0649 \u0623\u062d\u062f\u062b \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a.\n- \u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a: \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0623\u062f\u0648\u0627\u062a \u0645\u062b\u0644 Nessus \u0623\u0648 OpenVAS \u0644\u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629.\n- \u0627\u0644\u0645\u0631\u0627\u0642\u0628\u0629: \u062a\u0637\u0628\u064a\u0642 \u0623\u0646\u0638\u0645\u0629 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0627\u0644\u062a\u0633\u0644\u0644 \u0648\u0645\u0646\u0639 \u0627\u0644\u062a\u0633\u0644\u0644 \u0644\u0645\u0631\u0627\u0642\u0628\u0629 \u0648\u0645\u0646\u0639 \u0645\u062d\u0627\u0648\u0644\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\n\n\u2206 \u0627\u0644\u0645\u0635\u0627\u062f\u0631\n- [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-3352)\n- [Security-Database](https://www.security-database.com/detail.php?alert=CVE-2023-3352)\n- [Vulners](https://vulners.com/cve/CVE-2023-3352)\n\n## \u0634\u0631\u062d \u0648\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 CVE-2024-33352: \u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0641\u064a BlueStacks \u0639\u0628\u0631 \u0632\u0631\u0639 \u0628\u0631\u0646\u0627\u0645\u062c \u0636\u0627\u0631 \u0641\u064a \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a\n\n### \u0646\u0638\u0631\u0629 \u0639\u0627\u0645\u0629", "creation_timestamp": "2024-12-13T19:00:22.000000Z"}, {"uuid": "06dceb35-bbc4-4cd7-a37f-c2cbcb56f03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3139d8e4-880d-4a4a-b19b-0015c5d7db01", "content": "", "creation_timestamp": "2026-02-02T12:26:25.633921Z"}, {"uuid": "a9635c30-b6c4-40ca-9420-6cf8308a8205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/BleepingComputer/20957", "content": "\u200aMicrosoft SharePoint RCE bug exploited to breach corporate network\n\nA recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-sharepoint-rce-bug-exploited-to-breach-corporate-network/", "creation_timestamp": "2024-11-02T23:54:19.000000Z"}, {"uuid": "0ef7393d-709d-45a5-8ce4-18a09db415c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14640", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38094\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft SharePoint Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2024-07-09T17:03:24.222Z\n\ud83d\udccf Modified: 2025-05-02T23:47:14.335Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094", "creation_timestamp": "2025-05-03T00:16:58.000000Z"}, {"uuid": "146ef334-3db8-4fae-a112-a7c9690aa0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/cibsecurity/80514", "content": "\ud83e\udd85 CISA Warns About New Microsoft SharePoint Vulnerability CVE-2024-38094: High Risks and Immediate Patching Needed \ud83e\udd85\n\n    Overview     The Cybersecurity and Infrastructure Security Agency CISA has issued a critical advisory regarding newly discovered vulnerabilities in Microsoft SharePoint, specifically addressing a deserialization vulnerability now included in CISAs Known Exploited Vulnerability KEV catalog.\u00a0   The vulnerability in question, identified as CVE202438094, has a CVSSv3.1 score of 7.2, which indicates a highseverity risk. It affects several SharePoint products, including Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, and Microsoft SharePoint Enterprise Server 2016.   An authenticated attacker with Site Owner permissions could exploit this vulnerability to inject and execute arbitrary code within the SharePoint environment. The risk of such exploitation ...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-11-02T06:52:29.000000Z"}, {"uuid": "7e8610d7-f0ae-4776-bbd9-3919d38de438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/kasperskyb2b/1476", "content": "\ud83c\udf83 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83c\udfea\u041d\u0435\u0434\u0435\u043b\u044f \u0431\u044b\u043b\u0430 \u0431\u043e\u0433\u0430\u0442\u0430 \u043d\u0430 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043e Lazarus. \u042d\u0442\u043e\u0442 APT-\u0430\u043a\u0442\u043e\u0440, \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e \u043b\u044e\u0431\u044f\u0449\u0438\u0439 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u0443:\n\ud83c\udd97 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0443\u044e MOBA-\u0438\u0433\u0440\u0443, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u0438\u043d\u0432\u0435\u0441\u0442\u043e\u0440\u043e\u0432 \u043d\u0430 \u0435\u0451 \u0441\u0430\u0439\u0442 \u0438 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0412\u041f\u041e, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 Chrome. \u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0438\u0433\u0440\u044b \u0432\u0435\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u0440\u0435\u043a\u043b\u0430\u043c\u0430 \u0432 \u0441\u043e\u0446\u043c\u0435\u0434\u0438\u0430;\n\ud83c\udd97 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 npm-\u043f\u0430\u043a\u0435\u0442 NFT_marketplace, \u0437\u0430\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c BeaverTail;\n\ud83c\udd97 \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u043e \u0440\u0430\u0431\u043e\u0442\u0435 \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \"\u0441\u043e\u0431\u0435\u0441\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\" \u043f\u043e\u0431\u0443\u0436\u0434\u0430\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0412\u041f\u041e \u043d\u0430 Python.\n\n\u2757\ufe0f \u041e\u0431\u0437\u043e\u0440 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432: Kral, Amos, Vidar.\n\n\u2757\ufe0f \u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0430\u0440\u043c\u044f\u043d\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0436\u0435\u0440\u0442\u0432 \u043f\u043e\u0431\u0443\u0436\u0434\u0430\u044e\u0442 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0432\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432 PowerShell \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0438\u0439 PDQ RMM. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u0443\u044e\u0442 \u0430\u0442\u0430\u043a\u0443 APT MuddyWater.\n\n\u2757\ufe0f\u0420\u0430\u0437\u0431\u043e\u0440 \u0441\u0432\u0435\u0436\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0431\u0430\u043d\u043a\u0435\u0440\u0430 Grandoreiro, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0440\u0430\u0436\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 1700 \u0431\u0430\u043d\u043a\u043e\u0432 \u0432 45 \u0441\u0442\u0440\u0430\u043d\u0430\u0445. \u0423\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u044d\u0442\u043e Windows \u0412\u041f\u041e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0432\u0435\u0442\u0430\u0442\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0440\u043e\u0441\u0442 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u0430\u043d\u043a\u0438\u043d\u0433\u0430 \u0432\u043e \u0432\u0441\u0451\u043c \u043c\u0438\u0440\u0435.\n\n\u2757\ufe0f\u041d\u043e\u0432\u044b\u0435 \u0434\u0435\u044f\u0442\u0435\u043b\u0438 \u043d\u0430 \u0430\u0440\u0435\u043d\u0435 ransomware: Embargo. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0412\u041f\u041e \u043d\u0430 Rust \u0438 \u0433\u043b\u0443\u0448\u0430\u0442 EDR \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 MS4Killer.\n\n\u2757\ufe0f\u0410 \u0430\u0432\u0442\u043e\u0440\u044b Akira ransomware \u0440\u0430\u0437\u043e\u0447\u0430\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0441\u0432\u043e\u0435\u0439 v2 \u043d\u0430 Rust  \u0438 \u0432\u0435\u0440\u043d\u0443\u043b\u0438\u0441\u044c \u043a \u0441\u0442\u0430\u0440\u043e\u0439 \u0441\u0445\u0435\u043c\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 C++.\n\n\u2757\ufe0f\u041d\u043e\u0432\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0443\u0445\u043e\u0434\u0430 \u043e\u0442 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 Quilin/Agenda RaaS. \n\n\u2757\ufe0f\u0421\u0435\u0440\u0432\u0435\u0440\u044b Docker \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u043c \u0431\u043e\u0442\u043e\u043c SRBminer. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u0435\u043d \u0441\u043f\u043e\u0441\u043e\u0431 \u0430\u0442\u0430\u043a\u0438 \u2014 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b gRPC \u043f\u043e\u0432\u0435\u0440\u0445 h2c (HTTP/2 \u0431\u0435\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f).\n\n\u041d\u0435\u0434\u0435\u043b\u044f \u043f\u0440\u043e\u0448\u043b\u0430 \u0431\u043e\u0434\u0440\u043e \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438:\n\ud83c\udd97 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c Cisco \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 ASA & FTD, CVE-2024-20481, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0432\u044b\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u0430 RAVPN.\n\n\ud83c\udd97 Fortinet \u0437\u0430\u043a\u0440\u044b\u043b\u0430 CVE-2024-47575, RCE \u0432 FortiManager, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e. \u0413\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0441\u0445\u0435\u043c\u0430 \u0430\u0442\u0430\u043a\u0438 \u0442\u0430\u043a\u043e\u0432\u0430: \u0447\u0435\u0440\u0435\u0437 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u044e\u0442 MSP, \u0430 \u0437\u0430\u0442\u0435\u043c \u2014 \u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u2757\ufe0f\u041d\u0435 \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u043d\u043e \u0442\u043e\u0436\u0435 \u0431\u043e\u0434\u0440\u043e \u2014  CVE-2024-38094 \u0432 SharePoint server \u0431\u044b\u0441\u0442\u0440\u043e \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c PoC, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u0435\u0451 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-10-28T12:05:13.000000Z"}, {"uuid": "b8ff6e6c-d6e0-479b-a760-6fa6a9c7e1c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/CyberBulletin/1337", "content": "\u26a1\ufe0fCVE-2024-38094 Exploited: Attackers Gain Domain Access via Microsoft SharePoint Server.\n\n#CyberBulletin", "creation_timestamp": "2024-11-01T08:07:17.000000Z"}, {"uuid": "7f004cfb-b297-42d3-abe0-b9e304cfadd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "Telegram/PJNjv47ecI2YZXAm2kx7Qwj2FBFqk7vXvysMosod-Do_qw", "content": "", "creation_timestamp": "2024-10-23T17:38:29.000000Z"}, {"uuid": "39d3ba6c-8336-4bf3-8199-69b5afa3f77e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4205", "content": "\ud83d\uddbc\ufe0f Microsoft SharePoint Server 20219 \u2014 RCE \n\nPoC for: \n\u2014 CVE-2024-38094\n\u2014 CVE-2024-38024\n\u2014 CVE-2024-38023\n\n\ud83d\udd17 Source:\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n#sharepoint #poc #rce #cve", "creation_timestamp": "2024-07-10T09:41:41.000000Z"}, {"uuid": "bf3385ae-8517-41e6-af74-fe4e9e7be1fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/cibsecurity/80520", "content": "\ud83d\udd8b\ufe0f CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) \ud83d\udd8b\ufe0f\n\nA highseverity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE202438094 CVSS score 7.2, has been described as a deserialization vulnerability impacting SharePoint that could result.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-10-23T16:00:53.000000Z"}, {"uuid": "52fd4ecd-edf5-4ce0-9866-d62717bbab78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/ViralCyber/7451", "content": "\ud83d\udd34\u0647\u0634\u062f\u0627\u0631 CISA \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f Sharepoint\n\u25c0\ufe0f\u0622\u0698\u0627\u0646\u0633 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0648 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc \u0627\u06cc\u0627\u0644\u0627\u062a \u0645\u062a\u062d\u062f\u0647 (CISA) \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f\u06cc \u062f\u0631  SharePoint \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2024-38094 \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0646\u0642\u0635\u060c \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0627\u0632 SharePoint \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0628\u06af\u0630\u0627\u0631\u062f.\n\u25c0\ufe0f\u0627\u06af\u0631 Sharepoint \u062f\u0627\u0631\u06cc\u062f \u0646\u0635\u0628 \u0641\u0648\u0631\u06cc \u0648\u0635\u0644\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0631\u0627\u0626\u0647\u200c\u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0628\u0631 \u0634\u0645\u0627 \u0648\u0627\u062c\u0628 \u0627\u0633\u062a!\n \ud83c\udf10\u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\n\u2b1b\ufe0f\u067e.\u0646: \n\u0627\u0632 \u0646\u06af\u0627\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c Sharepoint \u0628\u0631\u0627\u062f\u0631 Exchange \u0627\u0633\u062a!\ud83d\ude11\n\n\u2709\ufe0f @PingChannel\n\u062e\u0628\u0631\u060c \u062a\u062d\u0644\u06cc\u0644\u060c \u0627\u0646\u062a\u0642\u0627\u062f - \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a\n\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\u00a0 \ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b\ud83d\udd2b", "creation_timestamp": "2024-10-27T22:00:32.000000Z"}, {"uuid": "6da2a19f-f7ec-47bd-9013-0452dcd1e859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/123", "content": "#exploit\n1. CVE-2024-39877:\nApache Airflow Arbitrary Code Execution\nhttps://blog.securelayer7.net/arbitrary-code-execution-in-apache-airflow\n\n2. CVE-2024-7395,\nCVE-2024-7396,\nCVE-2024-7397:\nInsufficient Authentication, Plaintext Communication, Unauthenticated CI\u00a0in Korenix JetPort\nhttps://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetport/index.html\n\n3. CVE-2024-38094,\nCVE-2024-38023,\nCVE-2024-38024:\nMS SharePoint RCEs\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC", "creation_timestamp": "2024-08-07T05:34:10.000000Z"}, {"uuid": "f39b18c3-ef30-47b2-8d36-49c6e2c019fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/rootdr_research/19", "content": "CVE-2024-38094 / CVE-2024-38024 / CVE-2024-38023\n\nMicrosoft SharePoint RCE\n\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\nFor more join to channel (:\nhttps://t.me/rootdr_research\n\n#CVE \n#Exploit", "creation_timestamp": "2024-07-10T13:41:51.000000Z"}, {"uuid": "09a792d4-0c64-40e8-9306-137b4eab94cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/706", "content": "#exploit\n1. CVE-2024-39877:\nApache Airflow Arbitrary Code Execution\nhttps://blog.securelayer7.net/arbitrary-code-execution-in-apache-airflow\n\n2. CVE-2024-7395,\nCVE-2024-7396,\nCVE-2024-7397:\nInsufficient Authentication, Plaintext Communication, Unauthenticated CI\u00a0in Korenix JetPort\nhttps://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetport/index.html\n\n3. CVE-2024-38094,\nCVE-2024-38023,\nCVE-2024-38024:\nMS SharePoint RCEs\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC", "creation_timestamp": "2024-08-07T05:34:27.000000Z"}, {"uuid": "923ddb17-eddf-4a09-958b-5da49259b607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/cvedetector/397", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38094 - Microsoft SharePoint Remote Code Execution Vulnera\", \n  \"Content\": \"CVE ID : CVE-2024-38094 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Microsoft SharePoint Remote Code Execution Vulnerability \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:35.000000Z"}, {"uuid": "9015bbb1-df6b-41b5-a654-dcac465b8d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "Telegram/tYP4By9DP5b0OV8NJUBbtbxf9kCpFNpdsweXC0eB5ryTdQ", "content": "", "creation_timestamp": "2024-10-23T16:10:54.000000Z"}, {"uuid": "e2481224-7988-443d-badc-94401b11fe36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "Telegram/veIOHsbV5kLZGnQksJSl1JOrCFYfC-6sYrwF7hGdBF9KK0en", "content": "", "creation_timestamp": "2024-07-23T18:28:14.000000Z"}, {"uuid": "23ff3a66-a5c7-435f-8fb1-8ab9d5e448ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/sycebrex/191", "content": "\u0414\u0430\u0432\u0435\u0447\u0430 \u0437\u0430\u043b\u0438\u043b\u0438 \u043d\u0430 GitHub \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0434\u043b\u044f \nMicrosoft SharePoint Server 2019\n\n\u0417\u0430\u043b\u0438\u0432\u0448\u0438\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u043b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0440\u0430\u0437\u0443 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: \n\ud83c\udf53 CVE-2024-38094\n\ud83c\udf53 CVE-2024-38024\n\ud83c\udf53 CVE-2024-38023\n\n\u0428\u0442\u043e\u0448. \u041d\u0435 \u0443\u0434\u0438\u0432\u043b\u044e\u0441\u044c, \u0435\u0441\u043b\u0438 \u0443\u0436\u0435 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442 \u0433\u0434\u0435-\u0442\u043e \u0447\u0442\u043e-\u0442\u043e \u0442\u044b\u043a\u0430\u0442\u044c \u0431\u0435\u0437\u0431\u043e\u0436\u043d\u043e. \u0410 \u043a\u0442\u043e-\u0442\u043e \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u0436\u0435 \u00ab\u0437\u0430\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u0442\u00bb \u044d\u0442\u043e \u0432 \u0431\u043e\u0435\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442. \u0414\u0443\u043c\u0430\u044e, \u0447\u0442\u043e \u0441\u043a\u043e\u0440\u043e \u0431\u0443\u0434\u0435\u0442 \u0432 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u0445 \n\n\u041c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043d\u0430 \u0432\u0438\u0434\u0435\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u043b\u0438 \u0441\u0442\u0430\u0440\u044b\u0439 \u043f\u0441\u0438\u0445\u043e\u0434\u0435\u043b\u0438\u0447\u043d\u044b\u0439 \u043a\u043b\u0438\u043f Chemical Brothers \u043d\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u044e\u0431\u0438\u043c\u0435\u0439\u0448\u0438\u0445 \u0442\u0440\u0435\u043a\u043e\u0432 The Test (\u0442\u0430\u043c \u043a\u0441\u0442\u0430\u0442\u0438 \u0432\u043e\u043a\u0430\u043b \u0420\u0438\u0447\u0430\u0440\u0434\u0430 \u042d\u0448\u043a\u0440\u043e\u0444\u0442\u0430 \u0438\u0437 The Verve)", "creation_timestamp": "2024-07-11T11:22:38.000000Z"}, {"uuid": "c36d658b-dfa4-4e3d-83e7-03b47a5e5329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "Telegram/GK7E4Bzz6DmkI8R-gO_pxJKnbmpiUq4s_6lbaClsn8odGw", "content": "", "creation_timestamp": "2024-10-23T20:59:45.000000Z"}, {"uuid": "72eb9823-0e7c-4c89-930d-0b470b0708a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/24430", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) \u2013 thehackernews.com\n\nWed, 23 Oct 2024 20:54:00", "creation_timestamp": "2024-10-23T18:03:13.000000Z"}, {"uuid": "5d6824dc-024e-4001-b4d8-e59e001da9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/dc_main/6434", "content": "Microsoft SharePoint Server 2019 \u2014 RCE \n\nPoC for: \n\u2014 CVE-2024-38094\n\u2014 CVE-2024-38024\n\u2014 CVE-2024-38023\n\nSource:\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n#sharepoint #poc #rce #cve", "creation_timestamp": "2024-08-15T04:59:17.000000Z"}, {"uuid": "3ae876dc-b2d2-49cf-b245-48681aaeebf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/KomunitiSiber/2759", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)\nhttps://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html\n\nA high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation.\nThe vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result", "creation_timestamp": "2024-10-23T16:28:08.000000Z"}, {"uuid": "85ca5363-a9d1-44a9-99b9-324397361b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "Telegram/JdMoVB3Dk4QWIjoir-XpoF425YxCOG6rpGYbwBE_Oz6Y8AE", "content": "", "creation_timestamp": "2024-08-09T09:36:15.000000Z"}, {"uuid": "dbf2c7c2-b38a-492a-a376-8e31666539ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "Telegram/DOvVBYl81gcQnEx0SnDYShnK_l00AQ-j6ykpGr0q_-DsSYc", "content": "", "creation_timestamp": "2024-09-08T07:41:49.000000Z"}, {"uuid": "32db8847-696d-4283-b5e1-7a428b07b4d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5381", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) \u2013 thehackernews.com\n\nWed, 23 Oct 2024 20:54:00", "creation_timestamp": "2024-10-23T18:03:13.000000Z"}, {"uuid": "690369ba-b507-4a04-bae9-2baccfde1b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/eaglecyberwashere/55246", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) \u2013 thehackernews.com\n\nWed, 23 Oct 2024 20:54:00", "creation_timestamp": "2024-10-23T18:03:13.000000Z"}, {"uuid": "b6023269-995c-4c00-90bf-04a31a30918b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/eaglecyberwashere/3308", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) \u2013 thehackernews.com\n\nWed, 23 Oct 2024 20:54:00", "creation_timestamp": "2024-10-23T18:03:13.000000Z"}, {"uuid": "c17a6560-bcef-4cbf-91b7-573440863e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/true_secator/6392", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n1. Rapid7 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e\u00a0\u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft SharePoint, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-38094. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043b\u0435, \u043d\u043e \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043e\u043d\u0430 \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f. \n\nRapid7 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u0432\u0435\u0440\u0441\u0438\u044e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u041f\u041e Huorong, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u0441\u0431\u043e\u044e \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n2. \u0411\u043e\u043b\u0435\u0435 3500 Xlight FTP \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n3. Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Splunk SIEM.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Oligo \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0448\u0435\u0441\u0442\u044c \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0440\u0435\u0434\u0435 LLM \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Ollama.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CyberArk \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Portainer, \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u0430\u043c\u0438 Kubernetes \u0438 Docker.\n\n6. HN Security \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0430\u0443\u0434\u0438\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Keycloak.\n\n7. Guardio Security \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Opera, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0430\u0441\u0442\u043d\u044b\u043c API \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0434\u043b\u044f \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u0435\u043a, VPN, Pinboard \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u0438\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b Chromium.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0432 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0435 Chrome, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Opera.\n\nOpera \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0446\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0437\u043a\u0438\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0430\u0442\u0430\u043a.\n\n8. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421\u0430\u0439\u0431\u0435\u0440\u041e\u041a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 User Enumeration \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 Autodiscover \u041f\u041e Microsoft Exchange Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041c\u043e\u0434\u0443\u043b\u044c \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u043f\u0440\u0438 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0435 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u043f\u0435\u0440\u0435\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 \u0444\u0438\u0448\u0438\u043d\u0433.\n\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e Microsoft Exchange Server 2019 CU 14 \u0438 Microsoft Exchange Server 2016 CU 23.\n\n\u0412 \u0440\u0443\u0442\u043d\u0435\u0442\u0435 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 10.000 Microsoft Exchange, \u0431\u043e\u043b\u0435\u0435 10% \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f BDU:2024-08516.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e: \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044f\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.", "creation_timestamp": "2024-11-02T16:30:06.000000Z"}, {"uuid": "e788208c-a287-4eec-bb9e-7ac2cb1b93b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "Telegram/Vo83wCiACBKaQo-85ZwqfoN6O3rJPF4zWUGp9s8pd5qq5Fc", "content": "", "creation_timestamp": "2024-10-24T07:34:51.000000Z"}, {"uuid": "01090f8e-9749-4685-969b-11b6b0a3d077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2156", "content": "CVE-2024-38094 / CVE-2024-38024 / CVE-2024-38023\n*\nMicrosoft SharePoint RCE\n*\nVIDEO\n*\nPOC exploit", "creation_timestamp": "2024-07-10T11:45:05.000000Z"}, {"uuid": "9384c333-65e1-419d-b6b7-9c7ae0ce9953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "Telegram/mLuXIhkdQoQwPvwhDsS4ApxxO_4ER5M9JWf4bsHNwYwF5rU", "content": "", "creation_timestamp": "2024-07-20T19:49:10.000000Z"}, {"uuid": "5494e9d5-89f4-4225-9913-c60f3f4e704d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/44", "content": "Microsoft SharePoint Server 2019 \u2014 RCE \n\nPoC for: \n\u2014 CVE-2024-38094\n\u2014 CVE-2024-38024\n\u2014 CVE-2024-38023\n\nSource:\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n#sharepoint #poc #rce #cve", "creation_timestamp": "2024-07-11T03:45:26.000000Z"}, {"uuid": "9142613b-9273-4bdd-bd7b-2e316b092d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1516", "content": "RCE \u0447\u0435\u0440\u0435\u0437 Microsoft SharePoint Server 2019\n\nMicrosoft SharePoint \u2014 \u0432\u0435\u0431-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0443\u0432\u0438\u0434\u0435\u043b \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u044d\u0442\u0443 \u0432\u0435\u0431-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443: \n\nCVE-2024-38094 \nCVE-2024-38024\nCVE-2024-38023\n\n\u0427\u0442\u043e\u0431\u044b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u0441\u043b\u043e\u0432\u0438\u0439, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e\n1) \u0421\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 SharePoint.\n2) \u0423\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 (\u043b\u043e\u0433/\u043f\u0430\u0441\u0441) \u0434\u043b\u044f NTLM \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 + \u0443\u0447\u0435\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u043e\u043b\u0436\u043d\u0430 \u0438\u043c\u0435\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043f\u0430\u043f\u043e\u043a.\n\n\u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u0440\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430: poc_filtered.py, poc_specific.py \u0438 poc_sub.py. \u0421\u0435\u0439\u0447\u0430\u0441 \u043a\u043e\u0440\u043e\u0442\u043a\u043e \u0440\u0430\u0437\u0431\u0435\u0440\u0435\u043c \u0441\u0443\u0442\u044c \u0438 \u043a\u0430\u043a \u043e\u043d\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442. \n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 NTLM \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a API SharePoint \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u0441\u0445\u043e\u0436\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f: \n\n\u0421\u043a\u0440\u0438\u043f\u0442\u044b \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 SharePoint \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0430\u043f\u043a\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a BusinessDataMetadataCatalog, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f POST-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a API SharePoint \u043f\u043e \u043f\u0443\u0442\u0438 /api/web/Folders.\n\n\u0414\u0430\u043b\u0435\u0435 \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0444\u0430\u0439\u043b \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0445 BDCMetadata.bdcm, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 SharePoint, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a GetCreatorView, GetDefaultValues, GetFilters \u0438 FindFiltered. \u042d\u0442\u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 SharePoint, \u0447\u0442\u043e \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \n\n\u0422\u043e \u0435\u0441\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 poc_filtered.py \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u044f \u043f\u0430\u043f\u043a\u0430 BusinessDataMetadataCatalog, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 X-RequestDigest \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. X-RequestDigest \u2014 \u044d\u0442\u043e \u0442\u043e\u043a\u0435\u043d, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0449\u0438\u0439, \u0447\u0442\u043e \u0437\u0430\u043f\u0440\u043e\u0441 \u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u042d\u0442\u043e\u0442 \u0442\u043e\u043a\u0435\u043d \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u0438\u0445 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438. \u0417\u0430\u0442\u0435\u043c \u0441\u043a\u0440\u0438\u043f\u0442 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0444\u0430\u0439\u043b \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0445 BDCMetadata.bdcm \u0432 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0430\u043f\u043a\u0443. \u042d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u043a\u043e\u043d\u0446\u0435, \u0441\u043a\u0440\u0438\u043f\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 XML-\u0437\u0430\u043f\u0440\u043e\u0441 \u043a API SharePoint \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u041d\u043e \u043c\u0435\u0436\u0434\u0443 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438 \u0435\u0441\u0442\u044c \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0440\u0430\u0437\u043d\u0438\u0446\u0430, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u0430\u0445. \n\n1) poc_filtered.py \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043c\u0435\u0442\u043e\u0434 FindFiltered \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 SharePoint.\n2) poc_specific.py \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043c\u0435\u0442\u043e\u0434 FindSpecific \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434.\n3) poc_sub.py \u0432 \u044d\u0442\u043e\u043c \u0441\u043a\u0440\u0438\u043f\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u0435\u0442\u043e\u0434 Subscribe \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u043a\u0438 \u043d\u0430 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0438\u043b\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\nPoC \nPoC Video", "creation_timestamp": "2024-08-06T17:12:22.000000Z"}, {"uuid": "5b950079-dc38-4049-b0ba-e7eb8248cb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5978", "content": "\u041f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0443\u0447\u043d\u043e.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 WPScan \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WordPress \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Profile Builder \u0438 Profile Builder Pro.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8/10.\n\nClaroty\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430\u00a0\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445 Synology BC500, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441 WAN \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 LAN.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Pwn2Own Toronto \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u00a0\u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445 Apache HugeGraph.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-27348, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8/10 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430\u00a0\u0432 \u0430\u043f\u0440\u0435\u043b\u0435.\n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00a0\u0438\u00a0PoC\u00a0\u043d\u0430 GitHub.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041d\u0433\u0443\u0435\u043d \u0414\u0436\u0430\u043d\u0433 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438\u00a0\u0434\u043b\u044f \u0442\u0440\u0435\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 Microsoft SharePoint (CVE-2024-38023, CVE-2024-38024 \u0438 CVE-2024-38094).\n\nSonicwall \u0432\u0442\u0430\u0439\u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 SMA100. \n\n\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 SSD \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SMA100 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Classic Mode, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e Sonicwall \u0443\u0434\u0430\u043b\u0438\u043b\u0430 Classic Mode \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 SMA100 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u0432 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u0442 Sonicwall \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u044f \u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e, \u043d\u0435 \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u043b\u0430 CVE \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0432\u0441\u0435 \u0435\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0441\u0442\u0430\u0440\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0436\u0435 SSD \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u00a0\u0438 \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.", "creation_timestamp": "2024-07-17T13:08:33.000000Z"}, {"uuid": "d006ae81-9243-4538-9cfe-5483e66ad3e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/ctinow/225480", "content": "CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)\nhttps://ift.tt/L7BPNJ4", "creation_timestamp": "2024-10-23T15:59:39.000000Z"}, {"uuid": "3dfa2a37-9027-4b92-8f56-10472716f89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1509", "content": "\ud83d\uddbc\ufe0f Microsoft SharePoint Server 20219 \u2014 RCE \n\nPoC for: \n\u2014 CVE-2024-38094\n\u2014 CVE-2024-38024\n\u2014 CVE-2024-38023\n\n\ud83d\udd17 Source:\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n#sharepoint #poc #rce #cve", "creation_timestamp": "2024-07-10T11:35:17.000000Z"}, {"uuid": "a9b789bb-dd0d-4333-8e30-569e3622488e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/thehackernews/5776", "content": "\u26a0\ufe0f A high-severity flaw in #Microsoft SharePoint (CVE-2024-38094) has been added to CISA's Known Exploited Vulnerabilities catalog. \n \nProof-of-concept (PoC) scripts are already public, making exploitation more accessible. \n \nLearn more: https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html", "creation_timestamp": "2024-10-23T14:57:48.000000Z"}, {"uuid": "1bceefad-d08d-4d6f-9668-6c895f465ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10820", "content": "#exploit\n1. CVE-2024-38094,\nCVE-2024-38024,\nCVE-2024-38023:\nMS SharePoint RCE\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n2. CVE-2024-33327:\nLumisXP XSS\nhttps://seclists.org/fulldisclosure/2024/Jul/9\n\n3. Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge RCE\nhttps://0reg.dev/blog/evernote-rce", "creation_timestamp": "2024-07-12T13:22:56.000000Z"}, {"uuid": "cc505e32-6496-4ab8-a276-acca29a17769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/CyberBulletin/26287", "content": "\u26a1\ufe0fCVE-2024-38094 Exploited: Attackers Gain Domain Access via Microsoft SharePoint Server.\n\n#CyberBulletin", "creation_timestamp": "2024-11-01T08:07:17.000000Z"}, {"uuid": "9fa6da9d-488d-4a85-be37-a9d9ed339d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2958", "content": "https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\nCVE-2024-38094\nCVE-2024-38024\nCVE-2024-38023\n#github #poc", "creation_timestamp": "2024-08-07T06:18:21.000000Z"}, {"uuid": "b2848ab9-ab8a-48b6-abfa-db560e40bd06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "exploited", "source": "https://t.me/S_E_Reborn/4953", "content": "\u041f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0443\u0447\u043d\u043e.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 WPScan \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WordPress \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Profile Builder \u0438 Profile Builder Pro.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u0435\u0437 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8/10.\n\nClaroty\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430\u00a0\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445 Synology BC500, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441 WAN \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 LAN.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Pwn2Own Toronto \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u00a0\u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445 Apache HugeGraph.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-27348, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8/10 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430\u00a0\u0432 \u0430\u043f\u0440\u0435\u043b\u0435.\n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00a0\u0438\u00a0PoC\u00a0\u043d\u0430 GitHub.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041d\u0433\u0443\u0435\u043d \u0414\u0436\u0430\u043d\u0433 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438\u00a0\u0434\u043b\u044f \u0442\u0440\u0435\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 Microsoft SharePoint (CVE-2024-38023, CVE-2024-38024 \u0438 CVE-2024-38094).\n\nSonicwall \u0432\u0442\u0430\u0439\u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 SMA100. \n\n\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 SSD \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SMA100 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Classic Mode, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e Sonicwall \u0443\u0434\u0430\u043b\u0438\u043b\u0430 Classic Mode \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 SMA100 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u0432 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u0442 Sonicwall \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u044f \u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e, \u043d\u0435 \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u043b\u0430 CVE \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0432\u0441\u0435 \u0435\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0441\u0442\u0430\u0440\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0436\u0435 SSD \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u00a0\u0438 \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.", "creation_timestamp": "2024-07-17T19:33:17.000000Z"}, {"uuid": "2310bc46-90e2-4854-8f31-b18f30fd82c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3733", "content": "#exploit\n1. CVE-2024-39877:\nApache Airflow Arbitrary Code Execution\nhttps://blog.securelayer7.net/arbitrary-code-execution-in-apache-airflow\n\n2. CVE-2024-7395,\nCVE-2024-7396,\nCVE-2024-7397:\nInsufficient Authentication, Plaintext Communication, Unauthenticated CI\u00a0in Korenix JetPort\nhttps://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetport/index.html\n\n3. CVE-2024-38094,\nCVE-2024-38023,\nCVE-2024-38024:\nMS SharePoint RCEs\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC", "creation_timestamp": "2024-08-16T11:23:44.000000Z"}, {"uuid": "516f0216-ad0b-45c2-a6c6-1f6ca0c48d52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3410", "content": "#exploit\n1. CVE-2024-38094,\nCVE-2024-38024,\nCVE-2024-38023:\nMS SharePoint RCE\nhttps://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC\n\n2. CVE-2024-33327:\nLumisXP XSS\nhttps://seclists.org/fulldisclosure/2024/Jul/9\n\n3. Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge RCE\nhttps://0reg.dev/blog/evernote-rce", "creation_timestamp": "2024-08-16T11:16:24.000000Z"}]}