{"vulnerability": "cve-2019-1960", "sightings": [{"uuid": "67451742-28de-4476-9647-b13b7acfe5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19609", "type": "seen", "source": "MISP/c3194d12-092c-4e29-9ca6-9a45c8416475", "content": "", "creation_timestamp": "2024-11-14T06:09:59.000000Z"}, {"uuid": "a292f42a-48af-4e79-b01c-c02657c96d20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19609", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/129", "content": "HackTheBox:\n\n\u2014Easy Machines\u2014\n\nDriver - WinRM (evil-winrm), printnightmare CVE-2021-1675 (https://habr.com/ru/sandbox/156538/)\nhttps://0xdf.gitlab.io/2022/02/26/htb-driver.html\n\nSecret - JWT, Git source (tig), crush-dumps\nhttps://0xdf.gitlab.io/2022/03/26/htb-secret.html\n\nBackDoor - Wordpress eBook Dir Trav (https://www.exploit-db.com/exploits/39575), gdb exploit (https://www.exploit-db.com/exploits/50539, https://www.rapid7.com/db/modules/exploit/multi/gdb/gdb_server_exec/) \nhttps://0xdf.gitlab.io/2022/04/23/htb-backdoor.html\n\nPrevise - Backup, Site Reverse Shell, low-encrypted passwords\nhttps://0xdf.gitlab.io/2022/01/08/htb-previse.html\n\nBountyHunter - XXE, (root) NOPASSWD python code\nhttps://0xdf.gitlab.io/2021/11/20/htb-bountyhunter.html\n\nHorizontal - Strapi CMS 3.0.0 CVE-2019-18818/CVE-2019-19609 (https://www.exploit-db.com/exploits/50239, https://github.com/diego-tella/CVE-2019-19609-EXPLOIT), Laravel v8 (https://www.exploit-db.com/exploits/49424)\nhttps://0xdf.gitlab.io/2022/02/05/htb-horizontall.html\n\nOptimum - Windows 2012 (https://www.rapid7.com/db/modules/exploit/windows/http/rejetto_hfs_exec/, https://www.rapid7.com/db/modules/exploit/windows/local/ms16_032_secondary_logon_handle_privesc/)\nhttps://0xdf.gitlab.io/2021/03/17/htb-optimum.html\n\nLame - FTP Anonymous, SAMBA exploit (https://github.com/amriunix/CVE-2007-2447)\nhttps://0xdf.gitlab.io/2020/04/07/htb-lame.html\n\nJerry - Tomcat Default Cred, shell via .WAR\nhttps://0xdf.gitlab.io/2018/11/17/htb-jerry.html\n\nBlue - Win7 eternalblue (https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue/)\nhttps://0xdf.gitlab.io/2021/05/11/htb-blue.html\n\nDevel - Microsoft IIS httpd 7.5 reverse shell via .ASPX, MS11-046 or ms10_015_kitrap0d (https://github.com/abatchy17/WindowsExploits/tree/master/MS11-046)\nhttps://0xdf.gitlab.io/2019/03/05/htb-devel.html\n\nNetmon - PRTG Network Monitor 18.1.37.13946, Backup credentials, CVE-2018-9276 (https://github.com/A1vinSmith/CVE-2018-9276) / (https://www.exploit-db.com/exploits/46527) + evil-winrm\nhttps://0xdf.gitlab.io/2019/06/29/htb-netmon.html\n\nExplore (Android) - 59777 port CVE-2019-6447 (https://www.exploit-db.com/exploits/50070), SSH Creds on Photo, adb shell\nhttps://0xdf.gitlab.io/2021/10/30/htb-explore.html\n\nAntique - Telnet password via snmpget (https://www.irongeek.com/i.php?page=security/networkprinterhacking#JetDirect%20password%20notes), CUPS 1.6.1 (https://github.com/jpillora/chisel) \nhttps://0xdf.gitlab.io/2022/05/03/htb-antique.html\n\nReturn - evil-winrm, Server Operators in net user svc-printer /domain, sc.exe\nhttps://0xdf.gitlab.io/2022/05/05/htb-return.html\n\nGrandpa - CVE-2017-7269 (https://www.rapid7.com/db/modules/exploit/windows/iis/iis_webdav_scstoragepathfromurl/), SEImpersonalPrivilege Churrasco (https://github.com/Re4son/Churrasco/)\nhttps://0xdf.gitlab.io/2020/05/28/htb-grandpa.html\n\nBeep - ShellShock or Elastix 2.2.0 - 'graph.php' Local File Inclusion, (root) NOPASSWD nmap\nhttps://0xdf.gitlab.io/2021/02/23/htb-beep.html\n\nPandora - snmpwalk creds, CVE-2021-32099, Site Reverse Shell\nhttps://0xdf.gitlab.io/2022/05/21/htb-pandora.html\n\nPaper - WPS 5.2.3 - Cve-2019-17671 (https://www.exploit-db.com/exploits/47690, https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/), Chat Bot Dir Trav, CVE-2021-3560 (https://github.com/Almorabea/Polkit-exploit/blob/main/CVE-2021-3560.py)\nhttps://0xjin.medium.com/paper-hackthebox-write-up-2abca22d3b54\n\n\n#hackthebox #ctf", "creation_timestamp": "2022-06-18T10:22:36.000000Z"}, {"uuid": "259a81bd-6b68-4a44-b148-459de35cbce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19609", "type": "published-proof-of-concept", "source": "Telegram/lRUCC0BJHYPhHSLUp64yC2-a8BbOW7ihAUJb144dihN1Y0A", "content": "", "creation_timestamp": "2025-02-17T04:00:07.000000Z"}, {"uuid": "3877a4ae-fe66-446c-b75f-0de18413c1a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19604", "type": "seen", "source": "https://t.me/ctinow/204145", "content": "https://ift.tt/qut5EGS\nCVE-2019-19604 | Git up to 2.20.1/2.21.0/2.22.1/2.23.0/2.24.0 Submodule Update input validation (FEDORA-2019-1cec196e20)", "creation_timestamp": "2024-03-10T08:41:52.000000Z"}, {"uuid": "f3d0a6dd-e142-4336-a889-4d9908ecb53b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19603", "type": "seen", "source": "https://t.me/ctinow/203859", "content": "https://ift.tt/09drg8Z\nCVE-2019-19603 | SQLite 3.30.1 CREATE Statement Table Name privileges management (ssa-389290)", "creation_timestamp": "2024-03-09T09:36:32.000000Z"}, {"uuid": "0863cd25-14d9-4f18-89fe-7b44755cab8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19609", "type": "seen", "source": "https://t.me/ctinow/202616", "content": "https://ift.tt/P8aAObT\nCVE-2019-19609 | Strapi Framework up to 3.0.0-beta.17.7 Plugin execa input validation (ID 163940)", "creation_timestamp": "2024-03-07T18:06:51.000000Z"}, {"uuid": "79270e8e-3f22-4c89-8547-2e9e32de28ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19602", "type": "seen", "source": "https://t.me/ctinow/202453", "content": "https://ift.tt/Z2Ii4gW\nCVE-2019-19602 | Linux Kernel up to 5.4.1 internal.h fpregs_state_valid permission assignment", "creation_timestamp": "2024-03-07T15:11:46.000000Z"}, {"uuid": "cf524810-8dcb-43e3-bb6c-6f8f2a70bd10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19601", "type": "seen", "source": "https://t.me/ctinow/202452", "content": "https://ift.tt/sZEXmGV\nCVE-2019-19601 | OpenDetex 2.8.5 detex.l TexOpen memory corruption (Issue 60)", "creation_timestamp": "2024-03-07T15:11:45.000000Z"}, {"uuid": "11ffd15a-45d3-4b2f-8d37-8146357eb9ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19609", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/548", "content": "#exploit \n1. CVE-2018-11686:\nFlexPaper PHP Publish Service <=2.3.6 RCE\nhttps://pastebin.com/7ahymH9p\n\n2. CVE-2019-19609:\nStrapi CMS RCE Exploit\nhttps://github.com/glowbase/CVE-2019-19609", "creation_timestamp": "2024-10-14T22:49:33.000000Z"}, {"uuid": "d1349bd5-d824-44d1-9967-58581a988904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19606", "type": "seen", "source": "https://t.me/cibsecurity/10860", "content": "ATENTION\u203c New - CVE-2019-19606\n\nX-Plane 11.41 and earlier has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-31T03:17:23.000000Z"}, {"uuid": "852ac900-644f-4eef-b373-4baf3112e730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19605", "type": "seen", "source": "https://t.me/cibsecurity/10861", "content": "ATENTION\u203c New - CVE-2019-19605\n\nX-Plane 11.41 and earlier allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-31T03:17:27.000000Z"}]}