{"vulnerability": "CVE-2024-3971", "sightings": [{"uuid": "d01ba887-996a-455b-a9ed-190eeaa5d951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39712", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113473672654140678", "content": "", "creation_timestamp": "2024-11-13T04:07:16.110113Z"}, {"uuid": "8a75f0c0-0d85-49e5-ac1f-534c55f3b5c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39710", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113473613638026301", "content": "", "creation_timestamp": "2024-11-13T03:52:15.205228Z"}, {"uuid": "c2509dac-dd57-45a6-8a10-e28ef5853c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39711", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113473613651920583", "content": "", "creation_timestamp": "2024-11-13T03:52:15.423046Z"}, {"uuid": "681daf3b-74bb-4db4-8c49-50fa5ebeb419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-24T00:10:02.000000Z"}, {"uuid": "1708a54b-a7f0-4ebc-a874-3224e39faa15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "78b77aba-fc42-4d31-b46f-6e67bb93edf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-30)", "content": "", "creation_timestamp": "2025-03-30T00:00:00.000000Z"}, {"uuid": "2038de1d-5202-4140-ba7b-c69e10a5157c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-39713", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/113964326855977547", "content": "", "creation_timestamp": "2025-02-07T19:47:04.646330Z"}, {"uuid": "8ccbf0ba-2116-4073-9a29-6c189d32d8db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-25)", "content": "", "creation_timestamp": "2025-03-25T00:00:00.000000Z"}, {"uuid": "299715de-1efe-47fa-b0ef-2d532d5a9e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv7vlgky7f2p", "content": "", "creation_timestamp": "2025-07-31T00:40:20.377378Z"}, {"uuid": "cddf296e-39d0-41e2-9d25-0e8506e30cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "6559a514-186a-4466-94b1-a6cc25e133fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:57.000000Z"}, {"uuid": "560ad2b2-1644-4400-89ff-ba13ce8161eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "b31d166b-358b-4278-9782-1f8af48cc9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-12)", "content": "", "creation_timestamp": "2025-04-12T00:00:00.000000Z"}, {"uuid": "654a9551-a42b-4a4b-ab7c-16fc272aa241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "f9b0a06b-1267-4ee7-a164-bbda8d62f988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "9db8e72c-c15b-459a-ab3f-03ca6b7cafb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "a3e7305a-9199-4efa-ad58-7480483fa90c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "27d64b36-5d04-4d9d-a4fe-edabba18c5d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "2ab7a194-65df-4e2a-9026-383788d1b71c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "77615117-d1ae-499f-9eb3-8fc73b50d4f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39719", "type": "seen", "source": "MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40", "content": "", "creation_timestamp": "2025-09-24T00:43:16.000000Z"}, {"uuid": "379c04fe-247b-4b83-958e-049427dfc92c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39719", "type": "seen", "source": "https://gist.github.com/vitaliysobur/f447fc26c0787121f1dd7c923623486f", "content": "", "creation_timestamp": "2026-02-21T14:07:01.000000Z"}, {"uuid": "59803795-b154-4966-afbd-23ff6ba37425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ce826ec3-906e-48a5-98c7-b548692c68d9", "content": "", "creation_timestamp": "2026-02-02T12:26:30.731522Z"}, {"uuid": "273000b4-4893-4cca-9ef9-49774ec21b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "published-proof-of-concept", "source": "Telegram/ktfF1YjAfTgGnV4T6AQBqxJFytPD6zIUM1POBEH3rhcPUWE", "content": "", "creation_timestamp": "2025-09-03T15:00:07.000000Z"}, {"uuid": "ef3ce058-025f-4e52-9b6a-6a7a26ba5e9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "published-proof-of-concept", "source": "Telegram/0bRfJSeBlp6vzURpP_3ixCuFmuQ1BEJ7M8KtQr6_hqRGyNY", "content": "", "creation_timestamp": "2025-10-31T09:00:04.000000Z"}, {"uuid": "c8940910-1495-4684-8a9c-d344772f3a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_News/612", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: CVE-2024-39713: Rocket.Chat SSRF PoC\nLink: https://darkwebinformer.com/cve-2024-39713-rocket-chat-ssrf-poc/", "creation_timestamp": "2025-02-07T19:47:36.000000Z"}, {"uuid": "c6c0d8d4-9beb-4b34-9231-7c6b43da7361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/11934", "content": "CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 - https://www.redpacketsecurity.com/cisa-versa-networks-releases-advisory-for-a-vulnerability-in-versa-director-cve-2024-39717-04-09-2024/", "creation_timestamp": "2024-09-04T03:29:45.000000Z"}, {"uuid": "5b3e8a26-2c10-413e-8a39-3777675923c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/12293", "content": "CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 - https://www.redpacketsecurity.com/cisa-versa-networks-releases-advisory-for-a-vulnerability-in-versa-director-cve-2024-39717-08-09-2024/", "creation_timestamp": "2024-09-08T13:45:58.000000Z"}, {"uuid": "803065b5-6845-40e0-81d4-a40e2167d551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "Telegram/T9xdYwlwPijHvtNeaEE-YgLdaXHKQCw88avBbq5nPlU26w", "content": "", "creation_timestamp": "2024-08-24T10:09:40.000000Z"}, {"uuid": "47b1486d-3d49-4e60-b6ed-04d44ce29a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39710", "type": "seen", "source": "https://t.me/cvedetector/10767", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39710 - Ivanti Connect Secure and Policy Secure Argument Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39710 \nPublished : Nov. 13, 2024, 2:15 a.m. | 43\u00a0minutes ago \nDescription : Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T04:07:11.000000Z"}, {"uuid": "82d33fd7-8a7e-46fc-b77d-1c3f5bbda9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39712", "type": "seen", "source": "https://t.me/cvedetector/10769", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39712 - Ivanti Connect Secure and Policy Secure Argument Injection RCE\", \n  \"Content\": \"CVE ID : CVE-2024-39712 \nPublished : Nov. 13, 2024, 2:15 a.m. | 43\u00a0minutes ago \nDescription : Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T04:07:16.000000Z"}, {"uuid": "64b46d31-a81e-4cb9-8479-26c65520498c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39711", "type": "seen", "source": "https://t.me/cvedetector/10768", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39711 - Ivanti Connect Secure Argument Injection Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-39711 \nPublished : Nov. 13, 2024, 2:15 a.m. | 43\u00a0minutes ago \nDescription : Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T04:07:12.000000Z"}, {"uuid": "6947b92c-db88-44ca-9b7f-405cbd7142bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39719", "type": "seen", "source": "https://t.me/cvedetector/9536", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39719 - Ollama Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-39719 \nPublished : Oct. 31, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api/create. When calling the CreateModel route with a path parameter that does not exist, it reflects the \"File does not exist\" error message to the attacker, providing a primitive for file existence on the server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:57:42.000000Z"}, {"uuid": "7f4f321c-2367-4246-9505-ac464d40d255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/hackyourmom/8954", "content": "\ud83c\udf10 CVE-2024-39717 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043d\u0443\u043b\u044c\u043e\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Versa Director, \u044f\u043a\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0443\u044e\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u044c\u043a\u0456 \u0445\u0430\u043a\u0435\u0440\u0438, \u0437\u0430\u0433\u0440\u043e\u0436\u0443\u0454 \u0431\u0435\u0437\u043f\u0435\u0446\u0456 \u043c\u0435\u0440\u0435\u0436 \u0456\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0456\u0432 \ud83d\udc40 \u0411\u0456\u043b\u044c\u0448\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u0438\u0446\u044c \ud83d\udc48 #cybernews", "creation_timestamp": "2024-08-28T18:22:18.000000Z"}, {"uuid": "3d07c3fb-e532-41a2-9463-28734a2eaac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39714", "type": "seen", "source": "https://t.me/cvedetector/5049", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39714 - VSPC File Upload Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39714 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:11:02.000000Z"}, {"uuid": "ad1e6e0a-131a-4ff4-b33c-40cac2edea18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/12281", "content": "CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 - https://www.redpacketsecurity.com/cisa-versa-networks-releases-advisory-for-a-vulnerability-in-versa-director-cve-2024-39717-07-09-2024/", "creation_timestamp": "2024-09-08T13:45:57.000000Z"}, {"uuid": "912f7940-8231-431e-ab97-e4050edfed04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/cvedetector/3947", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39717 - Versa Networks Versa Director Favicon PNG File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39717 \nPublished : Aug. 22, 2024, 7:15 p.m. | 37\u00a0minutes ago \nDescription : The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The \u201cChange Favicon\u201d (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.   \n  \nSeverity: HIGH  \n   \nExploitation Status:  \n  \nVersa Networks is aware of one confirmed customer reported instance where this vulnerability was exploited because the Firewall guidelines which were published in 2015 &amp; 2017 were not implemented by that customer. This non-implementation resulted in the bad actor being able to exploit this vulnerability without using the GUI. In our testing (not exhaustive, as not all numerical versions of major browsers were tested) the malicious file does not get executed on the client. There are reports of others based on backbone telemetry observations of a 3rd party provider, however these are unconfirmed to date. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T21:53:48.000000Z"}, {"uuid": "4eebdecc-8cb2-466b-abcc-4a0fe7a5f356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/cibsecurity/79296", "content": "\ud83e\udd85 CVE-2024-39717 Exposes Critical Vulnerability in Versa Director \ud83e\udd85\n\n    Key Takeaways      This CVE202439717 vulnerability impacts Versa Director, a key platform for managing Versa SDWAN solutions used by ISPs and MSPs.   CVE202439717 involves an unrestricted file upload flaw that allows authenticated users to upload malicious files disguised as .png images.   Exploitation of this flaw can lead to unauthorized access and potential system compromise, posing a serious risk to affected organizations.   Cybles scan reveals 31 internetexposed instances of Versa Director, with 16 in the U.S., indicating significant potential for exploitation.   An APT actor has exploited the vulnerability due to a failure to implement recommended firewall and hardening measures.   Users are advised to upgrade to Versa Director version 22.1.4 or later and follow additional sec...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-08-28T20:10:39.000000Z"}, {"uuid": "605bb546-ced6-42ec-999a-d24c3cf29bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39718", "type": "seen", "source": "https://t.me/cvedetector/5052", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39718 - Citrix NetScaler Remote File Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39718 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:11:07.000000Z"}, {"uuid": "de8eaacc-4f53-4054-a603-5d3b02ff7777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39715", "type": "seen", "source": "https://t.me/cvedetector/5051", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39715 - Apache VSPC Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39715 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:11:04.000000Z"}, {"uuid": "c6b47e78-4537-41c5-9b10-738d8e0a807b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "https://t.me/cvedetector/2432", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39713 - Rocket.Chat Twilio SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39713 \nPublished : Aug. 5, 2024, 5:15 a.m. | 45\u00a0minutes ago \nDescription : A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T08:03:13.000000Z"}, {"uuid": "1a20ca74-8315-42d3-8609-18e35a2c9dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/13691", "content": "CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 - https://www.redpacketsecurity.com/cisa-versa-networks-releases-advisory-for-a-vulnerability-in-versa-director-cve-2024-39717-09-09-2024/", "creation_timestamp": "2024-09-20T09:03:55.000000Z"}, {"uuid": "e16e4f8b-0406-48b6-aa48-38428d5f54ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/12259", "content": "CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 - https://www.redpacketsecurity.com/cisa-versa-networks-releases-advisory-for-a-vulnerability-in-versa-director-cve-2024-39717-05-09-2024/", "creation_timestamp": "2024-09-08T13:45:51.000000Z"}, {"uuid": "45400a6a-3b4b-4f24-8bae-d425cf608aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/12143", "content": "\ud83d\udea8CVE-2024-39713: Rocket.Chat SSRF PoC\n\nhttps://github.com/typical-pashochek/CVE-2024-39713\n\nhttps://darkwebinformer.com/cve-2024-39713-rocket-chat-ssrf-poc/", "creation_timestamp": "2025-02-07T20:47:17.000000Z"}, {"uuid": "a7c8898b-0fd7-4907-8e7d-90985d49d41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/HackingInsights/11436", "content": "Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717\nhttps://ift.tt/HvRLPCi", "creation_timestamp": "2024-08-27T21:18:03.000000Z"}, {"uuid": "e906a2a8-f1b7-46a9-9b43-ccc3d57ccfa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/18653", "content": "The Hacker News\nCISA Urges Federal Agencies to Patch Versa Director Vulnerability by September\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.\nThe medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the \"Change Favicon\" feature that could allow a threat actor to", "creation_timestamp": "2024-08-24T10:09:40.000000Z"}, {"uuid": "bcc5d0e8-086c-41d3-983d-acf856e1a2a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "Telegram/MCOry_lDNfSHHF63rr7loei4gZC0JwPU0kSOFYSYoy09YA", "content": "", "creation_timestamp": "2024-08-24T10:38:53.000000Z"}, {"uuid": "d027eddd-afac-43ad-9142-85d3a31309f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/KomunitiSiber/2459", "content": "CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September\nhttps://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.\nThe medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the \"Change Favicon\" feature that could allow a threat actor to", "creation_timestamp": "2024-08-24T12:07:58.000000Z"}, {"uuid": "03cf68df-ce0c-4c34-afd6-172127364937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3734", "content": "The Hacker News\nCISA Urges Federal Agencies to Patch Versa Director Vulnerability by September\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.\nThe medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the \"Change Favicon\" feature that could allow a threat actor to", "creation_timestamp": "2024-08-24T10:09:40.000000Z"}, {"uuid": "5ed9a348-66c0-47c2-baf4-37861b4dd6f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/true_secator/6137", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Lumen Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT Volt Typhoon \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u0443\u044e 0-day \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Versa Director \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0438 MSP.\n\n\u0421\u0435\u0440\u0432\u0435\u0440\u044b Versa Director \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u041f\u041e SD-WAN, \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c\u0438 \u0438 MSP-\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-39717 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f Versa Director \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\nCVE-2024-39717 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u00ab\u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0437\u043d\u0430\u0447\u043a\u0430 \u0441\u0430\u0439\u0442\u0430\u00bb \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f PNG.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-39717 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044e \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432\u00a0(\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441 2017 \u0438 2015 \u0433\u043e\u0434\u043e\u0432).\n\n\u041f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043d\u0435 \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0438 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Versa, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 APT-\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u00ab\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c\u00bb \u0432 \u043e\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c,\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u0443\u044e 0-day \u0432 \u0441\u0435\u0440\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Versa Director \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 22.1.4, \u0437\u0430\u043c\u0435\u0442\u0438\u0432 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 TTPs Black Lotus Labs \u0441\u0432\u044f\u0437\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0441\u00a0Volt Typhoon, \u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 12 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f Volt Typhoon \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0436\u0435\u0440\u0442\u0432 \u0432 \u0448\u0442\u0430\u0442\u0430\u0445 \u0441 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 Versa Director.\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Black Lotus Labs \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u0441 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438.", "creation_timestamp": "2024-08-27T17:00:06.000000Z"}, {"uuid": "a64aeb0e-b0eb-49c5-a47e-91f67997b455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39719", "type": "published-proof-of-concept", "source": "Telegram/Pmh7GqPqZEp7yCoSKiYzNwDev9YVek893setQPVdRhEh4RI", "content": "", "creation_timestamp": "2025-05-09T01:00:08.000000Z"}, {"uuid": "d36f3a49-4506-4ae5-a1ad-d8384235f5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39710", "type": "seen", "source": "https://t.me/true_secator/6429", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c Ivanti \u0432 \u0433\u043b\u0430\u0432\u043d\u043e\u0439 \u0440\u043e\u043b\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0436\u0435\u0440\u0442\u0432\u044b, \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 50 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Endpoint Manager, Avalanche, Connect Secure, Policy Secure \u0438 Secure Access Client, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 8 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-38655, CVE-2024-38656, CVE-2024-39710 - CVE-2024-39712 \u0438 CVE-2024-11005 - CVE-2024-11007 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE.\n\nIvanti \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u044d\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Connect Secure \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.3 \u0438 Policy Secure \u0432\u0435\u0440\u0441\u0438\u0438 22.7R1.2, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043e\u0441\u044c\u043c\u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0441\u0440\u0435\u0434\u043d\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a EoP, DoS \u0438 RCE.\n\n\u041f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Secure Access Client \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f EoP, \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0430\u043f\u043e\u043a \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0441\u043b\u043e\u0432\u0438\u0439 DoS.\n\n\u0412 Secure Access Client 22.7R4 \u0432\u043d\u0435\u0441\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0435\u043c\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438 \u0435\u0449\u0435 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0437\u0430\u043a\u0440\u044b\u0442\u043e \u0432 Endpoint Manager, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e ZDI \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50330 \u0441 CVSS 9,8, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f RCE.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c Endpoint Manager \u0432\u0435\u0440\u0441\u0438\u0439 2024 November Security Update \u0438 2022 SU6 November Security Update \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 17 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 RCE \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0448\u0435\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Avalanche, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438\u043b\u0438 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Ivanti \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 (\u0431\u0443\u0434\u0435\u043c \u0441\u0447\u0438\u0442\u0430\u0442\u044c, \u0447\u0442\u043e \u0432\u044b\u0437\u043e\u0432 \u0431\u0440\u043e\u0448\u0435\u043d), \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043e\u0431 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-11-14T12:19:17.000000Z"}, {"uuid": "7b800145-6584-40ea-ba31-d0c44f23108d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39712", "type": "seen", "source": "https://t.me/true_secator/6429", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0437\u043e\u043d \u0441\u0435\u0440\u0438\u0430\u043b\u0430 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c Ivanti \u0432 \u0433\u043b\u0430\u0432\u043d\u043e\u0439 \u0440\u043e\u043b\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0436\u0435\u0440\u0442\u0432\u044b, \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 50 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Endpoint Manager, Avalanche, Connect Secure, Policy Secure \u0438 Secure Access Client, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 8 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-38655, CVE-2024-38656, CVE-2024-39710 - CVE-2024-39712 \u0438 CVE-2024-11005 - CVE-2024-11007 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE.\n\nIvanti \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u044d\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Connect Secure \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.3 \u0438 Policy Secure \u0432\u0435\u0440\u0441\u0438\u0438 22.7R1.2, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043e\u0441\u044c\u043c\u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0441\u0440\u0435\u0434\u043d\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a EoP, DoS \u0438 RCE.\n\n\u041f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Secure Access Client \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f EoP, \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0430\u043f\u043e\u043a \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0441\u043b\u043e\u0432\u0438\u0439 DoS.\n\n\u0412 Secure Access Client 22.7R4 \u0432\u043d\u0435\u0441\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0435\u043c\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438 \u0435\u0449\u0435 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0437\u0430\u043a\u0440\u044b\u0442\u043e \u0432 Endpoint Manager, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e ZDI \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50330 \u0441 CVSS 9,8, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f RCE.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c Endpoint Manager \u0432\u0435\u0440\u0441\u0438\u0439 2024 November Security Update \u0438 2022 SU6 November Security Update \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 17 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 RCE \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0448\u0435\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Avalanche, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438\u043b\u0438 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Ivanti \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 (\u0431\u0443\u0434\u0435\u043c \u0441\u0447\u0438\u0442\u0430\u0442\u044c, \u0447\u0442\u043e \u0432\u044b\u0437\u043e\u0432 \u0431\u0440\u043e\u0448\u0435\u043d), \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043e\u0431 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-11-14T12:19:17.000000Z"}, {"uuid": "2017db75-ae8f-4e69-8a28-db2afbc10e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "seen", "source": "https://t.me/ctinow/222496", "content": "Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717\nhttps://ift.tt/HvRLPCi", "creation_timestamp": "2024-08-27T19:50:16.000000Z"}, {"uuid": "4d346d61-4daf-4057-bd8b-ab98a5b453f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/thehackernews/5471", "content": "CISA has added a new #vulnerability in Versa Director (CVE-2024-39717) to its Known Exploited Vulnerabilities catalog due to active exploitation. \n \nThis flaw lets attackers upload malicious files, posing a serious threat to organizations. \n \nRead: https://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html", "creation_timestamp": "2024-08-24T09:11:44.000000Z"}, {"uuid": "aa97e6d2-f28f-449d-bdcf-b29a161597cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "ab29633e-ddc9-421a-bd2a-77238402fa39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/S_E_Reborn/5062", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Lumen Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT Volt Typhoon \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u0443\u044e 0-day \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Versa Director \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0438 MSP.\n\n\u0421\u0435\u0440\u0432\u0435\u0440\u044b Versa Director \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u041f\u041e SD-WAN, \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c\u0438 \u0438 MSP-\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-39717 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f Versa Director \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\nCVE-2024-39717 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u00ab\u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0437\u043d\u0430\u0447\u043a\u0430 \u0441\u0430\u0439\u0442\u0430\u00bb \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f PNG.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-39717 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044e \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432\u00a0(\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441 2017 \u0438 2015 \u0433\u043e\u0434\u043e\u0432).\n\n\u041f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043d\u0435 \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0438 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Versa, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 APT-\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u00ab\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c\u00bb \u0432 \u043e\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c,\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u0443\u044e 0-day \u0432 \u0441\u0435\u0440\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Versa Director \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 22.1.4, \u0437\u0430\u043c\u0435\u0442\u0438\u0432 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 TTPs Black Lotus Labs \u0441\u0432\u044f\u0437\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0441\u00a0Volt Typhoon, \u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 12 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f Volt Typhoon \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0436\u0435\u0440\u0442\u0432 \u0432 \u0448\u0442\u0430\u0442\u0430\u0445 \u0441 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 Versa Director.\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Black Lotus Labs \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u0441 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438.", "creation_timestamp": "2024-08-27T19:29:35.000000Z"}, {"uuid": "d32b1b68-bea4-407d-a5dd-b118fa77847d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-27)", "content": "", "creation_timestamp": "2026-05-27T00:00:00.000000Z"}]}