{"vulnerability": "cve-2021-4257", "sightings": [{"uuid": "dcfc0b68-0a10-4742-898f-9cd0be0773c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/791", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aGenerate malicious files using recently published bidi-attack (CVE-2021-42574)\nURL\uff1ahttps://github.com/js-on/CVE-2021-42574", "creation_timestamp": "2021-11-02T15:34:35.000000Z"}, {"uuid": "10842011-3b81-45f7-a16f-66fdb3920081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://gist.github.com/zeyi2/ef0acd0169c043f94a62282d357255f4", "content": "", "creation_timestamp": "2025-11-08T07:36:32.000000Z"}, {"uuid": "ea161b75-0051-4c9c-9923-5d4725d656fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://gist.github.com/stackbleed-ctrl/b7b2f989c6e06be627285851f6176f92", "content": "", "creation_timestamp": "2026-03-16T21:16:24.000000Z"}, {"uuid": "abdc5d0c-fda6-48f2-8e37-d32a6dc0aa79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/45", "content": "CVE-2021-42574 - Code generator.\n\nhttps://github.com/js-on/CVE-2021-42574", "creation_timestamp": "2021-11-02T19:56:48.000000Z"}, {"uuid": "92e19daa-c8e0-48a1-8d91-b50ae7623344", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/habr_com_news/698", "content": "\u200b\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043a\u043e\u043d\u0446\u0435\u043f\u0442 \u0430\u0442\u0430\u043a\u0438 Trojan Source\n\n\u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0438\u0435 \u0443\u0447\u0435\u043d\u044b\u0435 \u0438\u0437 \u043a\u0435\u043c\u0431\u0440\u0438\u0434\u0436\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0420\u043e\u0441\u0441 \u0410\u043d\u0434\u0435\u0440\u0441\u043e\u043d \u0438 \u041d\u0438\u043a\u043e\u043b\u0430\u0441 \u0411\u0430\u0443\u0447\u0435\u0440, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043a\u043e\u043d\u0446\u0435\u043f\u0442 \u0430\u0442\u0430\u043a\u0438 Trojan Source \u0441 \u0438\u043d\u0434\u0435\u043a\u0441\u043e\u043c CVE-2021-42574. \u041e\u043d\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043b\u0438\u0441\u0442\u0438\u043d\u0433 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u043b\u0435\u0439 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432. \u0421\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0443\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u043d\u0430 GitHub.", "creation_timestamp": "2021-11-03T08:20:47.000000Z"}, {"uuid": "12a31bae-6804-4a36-bdf4-15282543e557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "Telegram/-oJMUkiRIMwxohphZHtIBNPP8uclYBfsB-4VKcH4VGbyCg", "content": "", "creation_timestamp": "2021-11-02T19:54:23.000000Z"}, {"uuid": "a8c397ac-b342-42dc-b03c-b1b2e5ae87f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7873", "content": "CVE-2021-42574 - Code generator.\n\nhttps://github.com/js-on/CVE-2021-42574", "creation_timestamp": "2021-11-02T19:56:55.000000Z"}, {"uuid": "4d5cb5da-1404-434d-bc51-7b753ae5b698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7874", "content": "CVE-2021-42574 - Code generator.\n\nhttps://github.com/js-on/CVE-2021-42574", "creation_timestamp": "2021-11-02T19:57:03.000000Z"}, {"uuid": "830585cc-afd3-4c36-97f1-a36700673bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/818", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aChecks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574 \nURL\uff1ahttps://github.com/maweil/bidi_char_detector", "creation_timestamp": "2021-11-07T00:33:04.000000Z"}, {"uuid": "6ec62cf2-3e76-481f-8158-4bd66176ee26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://t.me/cKure/7870", "content": "\u25cf This logical vulnerability is tracked as CVE-2021-42574.", "creation_timestamp": "2021-11-02T19:50:06.000000Z"}, {"uuid": "153350eb-a818-4e4c-af43-6bc30fbb2973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/43", "content": "CVE-2021-42574\n\nResearchers devised a new attack method called \u2018Trojan Source\u2019 that allows hide vulnerabilities into the source code of a software project.\n\nhttps://www.trojansource.codes/\n\nDetails: https://securityaffairs.co/wordpress/124081/hacking/trojan-source-attack.html", "creation_timestamp": "2021-11-02T19:49:29.000000Z"}, {"uuid": "dc2db534-68fc-4645-8eab-36e8f53a8252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "Telegram/QwmctutZhDu7jrXaU5oyRyKKwHKFEtgOupcJXhz2cTVjfw", "content": "", "creation_timestamp": "2021-11-03T15:01:34.000000Z"}, {"uuid": "95af5226-6cb8-4e27-82a1-26536745c39d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4361", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041a\u0435\u043c\u0431\u0440\u0438\u0434\u0436\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0440\u0435\u0446\u0435\u043d\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0442\u0435\u043a\u0441\u0442\u044b. \u041f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 (CVE-2021-42574) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043f\u043e\u0434 \u0438\u043c\u0435\u043d\u0435\u043c Trojan Source \u0438 \u0431\u0430\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0442\u0435\u043a\u0441\u0442\u0430 \u043f\u043e \u0440\u0430\u0437\u043d\u043e\u043c\u0443 \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0449\u0435\u0433\u043e \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u0430/\u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0430 \u0438 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430, \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u043a\u043e\u0434. \u041f\u0440\u0438\u043c\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043c\u0435\u0442\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0438 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u043e\u0432, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0434\u043b\u044f \u044f\u0437\u044b\u043a\u043e\u0432 C, C++ (gcc \u0438 clang), C#, JavaScript (Node.js), Java (OpenJDK 16), Rust, Go \u0438 Python.\n\nhttps://opennet.ru/56083/", "creation_timestamp": "2021-11-02T10:34:52.000000Z"}, {"uuid": "abca96f4-d886-4f65-be7e-19913081f72d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42573", "type": "seen", "source": "https://t.me/true_secator/2254", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-26T18:55:45.000000Z"}, {"uuid": "5f15a2d9-2f18-49b4-90e1-2d9644936bcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2278", "content": "\u0423\u0447\u0435\u043d\u044b\u0435 \u0438\u0437 \u041a\u0435\u043c\u0431\u0440\u0438\u0434\u0436\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0432 \u0421\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u043e\u043c \u041a\u043e\u0440\u043e\u043b\u0435\u0432\u0441\u0442\u0432\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0435\u0449\u0435 25 \u0438\u044e\u043b\u044f \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 Trojan Source, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0440\u0435\u0446\u0435\u043d\u0437\u0435\u043d\u0442\u044b \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c\u0443 \u041f\u041e \u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n \nTrojan Source \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043f\u0440\u0438\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u0430 \u0438\u043b\u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0443\u0445\u0438\u0449\u0440\u0435\u043d\u0438\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f C, C ++, C #, JavaScript, Java, Rust, Go \u0438 Python. \u0412\u0441\u044f \u0444\u0438\u0448\u043a\u0430 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 Unicode \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u0440\u044f\u0434\u043a\u0430 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n \n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u044b, \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u0438 \u0441\u0442\u0440\u043e\u043a\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0443\u043f\u043e\u0440\u044f\u0434\u043e\u0447\u0438\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u043c\u0435\u043d\u044f\u044f \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043a\u0430\u0440\u0442\u0438\u043d\u043a\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0433\u043e \u043b\u043e\u0433\u0438\u043a\u0443 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043f\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n \n\u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f Trojan Source \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043f\u043e \u0434\u0432\u0443\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c: CVE-2021-42574 (\u0438\u043b\u0438 \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430) \u0438 CVE-2021-42694 (\u0433\u043e\u043c\u043e\u0433\u043b\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0430\u0442\u0430\u043a\u0430).\n \n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Unicode \u0434\u043b\u044f \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0442\u0435\u043d\u0442. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, LRI \u0438 RLI. \u0414\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 (Bidi) \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f LRI \u0438 RLI \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438, \u0438 \u043e\u043d\u0438 \u043d\u0435 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435. \u0412\u0432\u043e\u0434\u044f \u044d\u0442\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438, \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u043c\u043e\u0436\u0435\u0442 \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0434, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u0442 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0432\u0438\u0434\u0438\u0442 \u0447\u0435\u043b\u043e\u0432\u0435\u043a.\n \n\u0412\u043d\u0435\u0434\u0440\u044f\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u044b \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f Unicode Bidi \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u0438 \u0441\u0442\u0440\u043e\u043a\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0439 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u044f\u0437\u044b\u043a\u043e\u0432, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0443, \u043e\u0442\u043b\u0438\u0447\u0430\u044e\u0449\u0443\u044e\u0441\u044f \u043e\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0438.\n \n\u0412\u0442\u043e\u0440\u043e\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0430\u0442\u0430\u043a\u0438 \u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0438 \u0433\u043e\u043c\u043e\u0433\u043b\u0438\u0444\u043e\u0432, \u0442\u043e \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0445\u043e\u0442\u044c \u0438 \u0438\u043c\u0435\u044e\u0442 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u0435 \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0440\u0430\u0437\u043d\u044b\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b. \u0427\u0435\u043b\u043e\u0432\u0435\u0447\u0435\u0441\u043a\u0438\u0439 \u0433\u043b\u0430\u0437 \u0431\u0443\u0434\u0435\u0442 \u0432\u0438\u0434\u0435\u0442\u044c \u043e\u0431\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u044b\u043c\u0438, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442 \u043b\u0430\u0442\u0438\u043d\u0441\u043a\u0443\u044e \u00abH\u00bb \u0438 \u043a\u0438\u0440\u0438\u043b\u043b\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u00abH\u00bb \u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043a\u043e\u0434 \u043a\u0430\u043a \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u0432\u0435 \u0440\u0430\u0437\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 \u0440\u0430\u0437\u043d\u044b\u043c.\n \n\u041e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0441\u0438\u043c\u0432\u043e\u043b\u044b Bidi \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438/\u0432\u0441\u0442\u0430\u0432\u043a\u0435 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u043e\u0432 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. Trojan Source \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430\u0445 \u043a\u043e\u0434\u0430 \u0438 \u0432\u0435\u0431-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 (\u043e\u0446\u0435\u043d\u0438\u0442\u0435 \u0441\u0430\u043c\u0438 \u043d\u0438\u0436\u0435 \u0432 \u0442\u0430\u0431\u043b\u0438\u0446\u0435)\n \n\u0417\u0430 \u0441\u0432\u043e\u0438 \u0438\u0437\u044b\u0441\u043a\u0430\u043d\u0438\u044f \u043d\u0430\u0443\u0447\u043d\u044b\u0435 \u0434\u0435\u044f\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c 2 246 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u043f\u043e bugbounty. \u041d\u0430 GitHub \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442, \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u0442\u0430\u043a\u0430: \u0442\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e Trojan Source \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0447\u0442\u0438 \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u0435 \u044f\u0437\u044b\u043a\u0438, \u0430 \u043f\u0430\u0442\u0447\u0438 \u0435\u0449\u0435 \u0442\u043e\u043b\u043a\u043e\u043c \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043f\u043e\u0447\u0442\u0438 \u0434\u0432\u0430 \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.", "creation_timestamp": "2021-11-02T15:50:04.000000Z"}, {"uuid": "41916e10-de12-4343-acda-a4b88c44fa4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42571", "type": "seen", "source": "https://t.me/true_secator/2254", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-26T18:55:45.000000Z"}, {"uuid": "91ae6296-6dda-4a8c-abc4-e8de03d91bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42572", "type": "seen", "source": "https://t.me/true_secator/2254", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-26T18:55:45.000000Z"}, {"uuid": "61b6d76a-e57e-494e-a911-d9c8f5261c7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://t.me/NeKaspersky/1410", "content": "Trojan Source \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0441\u043e\u0444\u0442\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443 \n\n\u0412\u0447\u0435\u0440\u0430 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u043d\u0430  C, C++, C#, Go, Java, JavaScript, Python \u0438 Rust. \u041d\u0435 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0438 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u044f\u0437\u044b\u043a\u043e\u0432.  \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2021-42574 . \u0415\u0435 \u0441\u0443\u0442\u044c \u0432 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u0434\u043b\u044f \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445. \u0415\u0441\u043b\u0438 \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043f\u0440\u043e\u0449\u0435, \u0442\u043e \u0440\u0430\u0431\u043e\u0442\u0430 Trojan Source \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u043d\u0435 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 Unicode-\u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0441\u0440\u0430\u0437\u0443 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0443 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0432\u0431\u0440\u043e\u0441\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u0434.\n\n\u0420\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u043f\u043e\u0440\u044f\u0434\u043a\u0430 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u044d\u0442\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u043e \u0435\u0433\u043e \u043b\u043e\u0433\u0438\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0445\u043e\u0442\u044f \u0438 \u0441\u0435\u043c\u0430\u043d\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430, \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043b\u043e\u0433\u0438\u043a\u0438, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0443\u043f\u043e\u0440\u044f\u0434\u043e\u0447\u0435\u043d\u0438\u0435\u043c \u043c\u0430\u0440\u043a\u0435\u0440\u043e\u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0421\u0430\u043c\u043e\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432. \n\n \u041b\u044e\u0431\u043e\u0439 \u0445\u0430\u043a\u0435\u0440 \u0438\u043b\u0438 \u043b\u0430\u043c\u0435\u0440 \u0441\u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0438\u043d\u0443\u0442\u044c \u0441\u0432\u043e\u0439 \u043f\u0443\u0441\u0442\u044c \u0434\u0430\u0436\u0435 \u0441\u0430\u043c\u044b\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043a\u043e\u0434, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u044f\u0437\u044b\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043d\u043e \u043d\u0438 \u043e\u0434\u0438\u043d \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u0443\u0432\u0438\u0434\u0438\u0442. \u0412 \u044d\u0442\u043e \u0442\u0440\u0443\u0434\u043d\u043e \u043f\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u043e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u043e \u0433\u043e\u0440\u044c\u043a\u0430\u044f \u043f\u0440\u0430\u0432\u0434\u0430.\n\n\u041c\u043e\u0436\u043d\u043e \u043b\u0438 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 \u044d\u0442\u043e\u0433\u043e?\u041a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u0438 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u044b, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0435 Unicode-\u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b, \u0434\u043e\u043b\u0436\u043d\u044b \u0441\u0440\u0430\u0437\u0443 \u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u0434\u043b\u044f \u0434\u0435\u0442\u0435\u0440\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f\u0445 \u0438\u043b\u0438 \u0441\u0442\u0440\u043e\u043a\u043e\u0432\u044b\u0445 \u043b\u0438\u0442\u0435\u0440\u0430\u043b\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u043e \u0441\u043c\u0435\u0448\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438, \u0430 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u044f\u0437\u044b\u043a\u0430 \u0437\u0430\u043f\u0440\u0435\u0449\u0430\u0442\u044c \u043d\u0435\u0443\u0442\u043e\u0447\u043d\u0435\u043d\u043d\u044b\u0435 \u0434\u0432\u0443\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u044b \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f\u0445.\n\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0435 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u043a\u043e\u0434\u043e\u0432 \u043e\u0442 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 Rust.", "creation_timestamp": "2021-11-02T13:24:33.000000Z"}, {"uuid": "7645691d-c773-4f4b-a838-97bac899f351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42573", "type": "exploited", "source": "https://t.me/S_E_Reborn/1208", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-27T10:22:02.000000Z"}, {"uuid": "ac181c90-fa1f-45d5-9b63-6c4a5ce2ea73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4257", "type": "seen", "source": "https://t.me/cibsecurity/54828", "content": "\u203c CVE-2021-4257 \u203c\n\nA vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. It is recommended to apply a patch to fix this issue. VDB-216214 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T19:48:04.000000Z"}, {"uuid": "99d1a912-c2d0-4522-84bc-7cdfa37eb73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42576", "type": "seen", "source": "https://t.me/cibsecurity/30706", "content": "\u203c CVE-2021-42576 \u203c\n\nThe bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-18T18:32:10.000000Z"}, {"uuid": "259755fe-b1a8-41ed-aae7-839059f7d734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42575", "type": "seen", "source": "https://t.me/ctinow/182047", "content": "https://ift.tt/yHF5YZl\nCVE-2021-42575 | Oracle Hyperion Planning 11.2.14.0.000 Hub input validation", "creation_timestamp": "2024-02-09T14:57:12.000000Z"}, {"uuid": "4c5dfb90-2ea3-485d-a969-c3cc0c10af5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42575", "type": "seen", "source": "https://t.me/cibsecurity/30700", "content": "\u203c CVE-2021-42575 \u203c\n\nThe OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-18T18:32:00.000000Z"}, {"uuid": "e117815d-d8be-46d8-a6cf-1a01b411d1f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42571", "type": "exploited", "source": "https://t.me/S_E_Reborn/1208", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-27T10:22:02.000000Z"}, {"uuid": "44edc126-b38d-48c4-9578-d293c0a69045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42572", "type": "exploited", "source": "https://t.me/S_E_Reborn/1208", "content": "\u041d\u0438 \u0434\u043d\u044f \u0431\u0435\u0437 ransomware: \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 BQE Software \u0432\u0434\u043e\u043b\u044c \u0438 \u043f\u043e\u043f\u0435\u0440\u0435\u043a \u0448\u0438\u0444\u0440\u0443\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0431\u0438\u043b\u043b\u0438\u043d\u0433\u043e\u0432\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0439 BillQuick Web Suite. \u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 - 400 000 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n \n\u0412 \u043c\u0430\u0441\u0441\u0435 \u0441\u0432\u043e\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 BillQuick, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u043b\u044f CVE-2021-42258, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 (\u043e\u0434\u0438\u043d\u0430\u0440\u043d\u0430\u044f \u043a\u0430\u0432\u044b\u0447\u043a\u0430) \u0432 \u043f\u043e\u043b\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 22.0.9.1 BQE Software, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0431\u0430\u0433\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u044b Huntress ThreatOps \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u0434\u0440\u0443\u0433\u0438\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 BillQuick (CVE-2021-42344, CVE-2021-42345, CVE-2021-42346, CVE-2021-42571, CVE-2021-42572, CVE-2021-42573, CVE-2021-42741, CVE-2021-42742). \u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0430 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 - \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b.\n \n\u0410\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 Huntress Labs \u043a \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u043d\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f: \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u0434\u0435\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ransomware \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u043c\u0430\u044f 2020 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0437\u0430\u0438\u043c\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043e\u0434 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 AutoIT. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0412\u041f\u041e \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043e\u043a \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0432 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0430 \u043b\u0438\u0448\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 pusheken91@bk.ru \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.\n \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, BQE Software \u0432\u043e\u0432\u0441\u044e \u0432\u0435\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438, \u0432\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0445\u0430\u043a\u0435\u0440\u044b. \u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043a \u0430\u0442\u0430\u043a\u0430\u043c BillQuick \u0443\u0436\u0435 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b.", "creation_timestamp": "2021-10-27T10:22:02.000000Z"}, {"uuid": "914718f9-4155-49b4-b29c-5201f514b941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "Telegram/Iwb1D9IzvS2orK-cp1WadfQSK7-RMozGWg0hCvnc74bOZ8s", "content": "", "creation_timestamp": "2021-11-02T20:27:58.000000Z"}, {"uuid": "6bba259b-b565-4b31-af8b-99ca01202f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://gist.github.com/serpi4/aba8a4ee71a0b5033f1f2918195fdd95", "content": "# dev-signals \u2192 dev-a substrate reconciliation \u2014 survey of 12 candidate predicates\n\n**Purpose**: facilitate decision on Option (3) \u2014 bulk reconcile vs sequential re-lift \u2014 by surveying what's actually in the dev-signals substrate.\n\n**Date**: 2026-05-10\n**dev-a tip**: `10defe8c` (3 predicates: FF-22/23/46)\n**dev-signals tip**: `594d3368` (14 predicates: FF-22 + 13 unique)\n**Subject of immediate Q**: FF-39 (excluded from this survey \u2014 assessed separately)\n**Survey target**: 12 dev-signals-only predicates (FF-28/29/34/35/36/37/38/40/41/42/43/45) + a note on FF-22 divergence\n\n> **Why 12 and not 11**: the original Q referenced \"remaining 11\"; counting the actual dev-signals-only set yields 12 (excluding FF-39 + FF-22-which-is-on-both). FF-22 also has a 217-line divergence between dev-a and dev-signals \u2014 included as Annex A.\n\n---\n\n## TL;DR\n\n| Bucket | FFs | Recommendation |\n|---|---|---|\n| **A. Strong-architectural** (clear AC candidate, anchor incidents, generalizing principle) | FF-40, FF-42, FF-43, FF-45 | Port with adaptation \u2014 high signal, modest re-derivation cost |\n| **B. Medium-architectural** (architectural in spirit, but heuristic classification or domain-leaning) | FF-28, FF-29, FF-34, FF-36 | Port if the matching AC slot exists \u2014 lift gate Q1/Q2 will likely pass |\n| **C. Borderline / process-flavored** (might fail Q1 \"is it architectural?\" or Q3 \"anchor evidence?\") | FF-35, FF-37, FF-38, FF-41 | Architectural-lift gate first; some likely demote to integration tests / ADRs / process-FFs |\n| **Subject** | FF-39 | Pick (1) or (2) per separate convo; this gist informs the (3) frame |\n\n**Bucket A** alone is ~5 days of port work (saves ~20+ days of from-scratch lift).\n**Bucket A+B** is ~11 days port (saves ~40+ days from-scratch).\n**Bucket C** likely 1-2 demote out of the lift entirely.\n\n---\n\n## Quick stats (dev-signals predicates)\n\n| FF | LOC | Tier | Kind | Coverage | Scope | Anchor incidents |\n|---|---:|---|---|---|---|---|\n| FF-22 | 273+217=490 | regex | (n/a, on dev-a) | cross-cutting | atomic | TASK-4173, TASK-4204 |\n| FF-28 | 265 | regex | trend (implicit) | cross-cutting | atomic | B1 typo, /admin/ops/* (lessons-learned 2026-04-27) |\n| FF-29 | 164 | regex | trend (implicit) | cross-cutting | holistic | EventOpsNavBlock drop (2026-04-27, ~7d undetected) |\n| FF-34 | 308 | regex | **tripwire** | domain-specific | holistic | TASK-4161, TASK-4291 (ADR-046) |\n| FF-35 | 183 | ast-grep | **tripwire** | domain-specific | atomic | TASK-4307 (ADR-048) |\n| FF-36 | 245 | ast-grep | trend (implicit) | cross-cutting | holistic | (none \u2014 preventive) |\n| FF-37 | 283 | ast-grep | trend (implicit) | cross-cutting | holistic | (none \u2014 preventive) |\n| FF-38 | 501 | ast-grep | trend (implicit) | cross-cutting | holistic | (none \u2014 preventive) |\n| FF-39 | 385 | regex | (subject) | cross-cutting | holistic | (none cited) |\n| FF-40 | 327 | ast-grep | trend (implicit) | cross-cutting | holistic | (none \u2014 preventive, ADR-005) |\n| FF-41 | 276 | fs-walk | trend (implicit) | cross-cutting | holistic | (none \u2014 process-FF) |\n| FF-42 | 251 | regex | **tripwire** | cross-cutting | atomic | ZWSP/ICU translator copy-paste class, CVE-2021-42574 |\n| FF-43 | 185 | fs-walk | **trend** (declared) | cross-cutting | holistic | 2026-04-29 ID collision crisis (TASK-4250..4254) |\n| FF-45 | 249 | regex | **trend** (declared) | cross-cutting | holistic | 2026-04-29 retro (no-build-id forensics gap) |\n\n**Total dev-signals-only LOC**: 3,622 across 13 predicates (avg 279 LOC each)\n**Total fixtures across 12 surveyed**: 117 corpus files\n\n---\n\n## Per-FF assessment\n\n### Bucket A \u2014 Strong-architectural (port with high confidence)\n\n#### FF-40 \u2014 BC Coupling Trend (LOC-weighted isolation gradient)\n- **Principle**: ADR-005 \u2014 no cross-BC value imports. Generalizes to \"every BC is a clean island\" \u2014 same shape as Conway's Law decoupling, hexagonal-arch port boundaries.\n- **AC candidate**: **AC-04 \u2014 Module-Boundary Discipline** (charter has placeholder \"Module-boundary discipline \u2014 backed by FF-01, FF-40\").\n- **Lift gate verdict**: PASS. Q1 architectural \u2713 (cross-BC coupling is universal arch concern). Q2 generalizes \u2713 (all 6 BCs). Q3 anchor evidence \u2014 **WEAK** (no specific incidents cited; preventive). Q4 falsifiable \u2713. Q5 escapable via SAFE annotation \u2713. Q6 detector tier appropriate \u2713.\n- **Port effort**: 1-2 days. Logic is solid; needs `kind: 'trend'` declared, AC-04 charter entry, anchor-incident hunt (look at FF-01 v1 violations for backfill).\n- **Note**: substantial overlap with FF-36 (cross-BC events) \u2014 same imports, different scoring. Decide if both port or pick one.\n\n#### FF-42 \u2014 Invisible Unicode Detector\n- **Principle**: source files must contain only printable+intentional characters. Maps to **AC-05 \u2014 Source Integrity / Trojan-Source Defense** (would be a NEW AC).\n- **Lift gate verdict**: PASS. Q1 \u2713 (security boundary, CVE-2021-42574 class). Q2 \u2713 (any source file). Q3 \u2713 (translator copy-paste class, ZWSP equality bugs). Q4 \u2713 (lexical detection). Q5 \u2713 (SAFE annotation). Q6 \u2713 (regex tier appropriate).\n- **Port effort**: 1 day. Already declared `kind: 'tripwire'`. Needs new AC-05 charter entry.\n- **Strongest case in the survey** \u2014 clear bug class, framework-agnostic principle, cheap detection.\n\n#### FF-43 \u2014 Backlog Ticket-ID Uniqueness (trend)\n- **Principle**: ID-space integrity for the project's traceability spine. Maps to **AC-06 \u2014 Traceability** (charter has placeholder \"Traceability \u2014 backed by FF-25, FF-26, FF-43\").\n- **Lift gate verdict**: PASS-with-note. Q1 architectural \u2713 (traceability is a quality attribute per Ford ch.2). Q2 \u2713 (whole backlog). Q3 \u2713 (2026-04-29 collision crisis). Q4 \u2713 (filename detection). Q6 \u2713 (fs-walk).\n- **Note**: technically a **process-FF / Ford-canonical** (not code-architecture). Charter entry would explain that distinction.\n- **Port effort**: 0.5 day. Already declared `kind: 'trend'`. Needs AC-06 entry consolidating with FF-25/26.\n\n#### FF-45 \u2014 Build-Version Exposure (ADR-034 \u00a75)\n- **Principle**: deployed images must be self-identifying for incident forensics. Maps to **AC-07 \u2014 Diagnosability** (charter has placeholder \"Diagnosability \u2014 backed by FF-27, FF-45\").\n- **Lift gate verdict**: PASS. Q1 \u2713 (observability/diagnosability is a textbook architectural characteristic). Q2 \u2713 (every Docker build site). Q3 \u2713 (2026-04-29 retro, build-id forensics gap). Q4 \u2713 (regex). Q6 \u2713.\n- **Port effort**: 1 day. Already declared `kind: 'trend'`. Needs AC-07 entry.\n\n**Bucket A total**: ~4 days port + 4 new AC entries + ~36 corpus fixtures preserved.\n\n---\n\n### Bucket B \u2014 Medium-architectural (port if AC slot exists)\n\n#### FF-28 \u2014 Admin HREF Validity\n- **Principle**: framework-mounted route table is the truth; static hrefs must agree. Maps to existing **AC-02 (Admin-List Primary-Column Navigability)** as a peer invariant, OR a new \"Admin UI Surface Integrity\" AC consolidating FF-28/29.\n- **Lift gate verdict**: PASS. Q1 \u2713 (mental-model-drift class generalizes). Q2 \u2713 (cross-BC). Q3 \u2713 (B1 typo, /admin/ops/* drops). Q4-Q6 \u2713.\n- **Port effort**: 1.5 days. Route registry needs refresh (hardcoded snapshot from 2026-05-03 \u2014 likely already stale on dev-a). No `kind:` declared \u2192 needs `tripwire` (each broken href = silent regression).\n- **Risk**: route registry maintenance cost \u2014 every collection slug change requires an update. Could be auto-derived from payload.config.ts.\n\n#### FF-29 \u2014 Admin Shell Wiring\n- **Principle**: components that don't get referenced from config are dead. Companion to FF-19. Same AC slot as FF-28 (Admin UI Surface Integrity).\n- **Lift gate verdict**: PASS. Q1 \u2713. Q2 \u2713 (any shell component). Q3 \u2713 (EventOpsNavBlock incident). Q4-Q6 \u2713.\n- **Port effort**: 1 day. Probably consolidate with FF-28 into one \"admin-config-vs-code drift\" lift.\n\n#### FF-34 \u2014 Invariant Parity (ADR-046 cross-layer enforcement)\n- **Principle**: if you publish a pure invariant module, it must be consumed by both server hooks AND client UI (otherwise bare PATCH bypasses the gate). **Already declared `kind: 'tripwire'`**.\n- **AC candidate**: NEW \u2014 **AC-08 \u2014 Cross-Layer Enforcement Discipline** (would map to \"tripwire FF for ADR-046 violations\"). Or fold into a broader \"Approval Pipeline Input Fidelity\" extension (AC-01 already exists for FF-46 \u2014 but that's about preservation, not parity).\n- **Lift gate verdict**: PASS, but Q1 is borderline. Axes declares `coverage: 'domain-specific'` \u2014 acknowledging the rule is project-specific (ADR-046 + ADR-006). Q2 generalizes across BCs \u2713 (any pure-invariant module). Q3 \u2713 (TASK-4161, TASK-4291).\n- **Port effort**: 2 days. Architectural-lift gate Q1 will need defense \u2014 \"is this architectural or domain?\" The principle (cross-layer enforcement of pure functions) is architectural; the specific mechanism (ADR-046 module convention) is project-specific. Frame it as ADR-046 \u2192 arch char.\n\n#### FF-36 \u2014 Cross-BC Event Coverage\n- **Principle**: cross-BC interactions must mediate via eventBus, not direct imports. Same AC-04 as FF-40 (or sibling).\n- **Lift gate verdict**: PASS. Q1-Q6 mirror FF-40.\n- **Port effort**: 1.5 days. **Note overlap with FF-40** \u2014 they detect the same import pattern but score differently (FF-36 = D/(D+E), FF-40 = LOC-ratio). Worth deciding if both add signal or one is redundant.\n\n**Bucket B total**: ~6 days port if all four ported; could collapse to ~4 days if FF-28+29 merged and FF-36/40 merged.\n\n---\n\n### Bucket C \u2014 Borderline / process-flavored\n\n#### FF-35 \u2014 State-Transition Idiom (ADR-048)\n- **Principle**: `dispatchFields` is racy under React 18 batching \u2192 use `submit({ overrides })`. Already declared `kind: 'tripwire'`.\n- **Lift gate verdict**: BORDERLINE. Q1 \u2014 the rule is **specific to one Payload UI primitive in one BC pattern** (admin gate components). Q2 generalizes across \"transition fields\" but only within Payload admin gates. The principle (avoid stale-snapshot reads) is architectural; the specific manifestation is narrow.\n- **Recommendation**: **lift gate first** \u2014 likely demotes to ADR-048 enforcement test, not a top-level FF. Or keep as a tripwire under a \"React Concurrency Discipline\" AC if other patterns surface.\n- **Port effort if kept**: 1 day.\n\n#### FF-37 \u2014 Hook Side-Effect Declarativeness\n- **Principle**: hooks should be EMITS / AUDIT_WRITES / PURE / OPAQUE; declarative ratio measures architectural debt.\n- **Lift gate verdict**: BORDERLINE. Q1 \u2014 declarativeness IS an architectural characteristic. Q3 \u2014 **no anchor incidents cited**. Q4 \u2014 classification heuristic is fragile (e.g., \"import-anchored publish() detection\" can false-positive/negative).\n- **Recommendation**: lift gate first. Likely outcome: defer until anchor incidents surface OR demote to \"hook code review checklist\" via `.claude/skills/`. The 4-class classification has subjective edges.\n- **Port effort if kept**: 2 days.\n\n#### FF-38 \u2014 Access Control Completeness\n- **Principle**: scope filters (Where conditions) are stronger than role-only checks. Score = STRONG / total.\n- **Lift gate verdict**: BORDERLINE. Q1 \u2713 (security boundary). Q3 \u2014 **no anchor incident**; this is a preventive gradient. Q4 \u2014 STRONG vs ROLE_ONLY classification is heuristic and false-positive prone (e.g., a role check inside `where:` clause might miscount). Q6 \u2014 501 LOC suggests the heuristic is fragile.\n- **Recommendation**: lift gate first. Probably lands as report-only-forever \u2014 useful as a surveillance metric but not a tripwire. Could re-frame as ADR-009 enforcement audit.\n- **Port effort if kept**: 2 days. Highest LOC in the set.\n\n#### FF-41 \u2014 Invariant Test Coverage Gradient (per-BC)\n- **Principle**: every BC has \u22651 invariant test. Companion to FF-09.\n- **Lift gate verdict**: BORDERLINE. Q1 \u2014 this is a **process-FF** (Ford ch.2 \u00a7Coverage uses these for governance, not arch). Q3 no anchor incident. The principle (\"all BCs have tests\") is testing hygiene, not architectural integrity.\n- **Recommendation**: **probably DON'T port as architectural FF.** Either keep as a `kind: 'process'` (introduce that classifier), or demote to a CI gate alongside `pnpm test`.\n- **Port effort if kept**: 1 day.\n\n**Bucket C verdict**: 1-2 of these likely get demoted/deferred during the gate pass. Saves 4-6 days vs porting all.\n\n---\n\n## Recommended phasing IF (3) is chosen\n\n**Tier-1 Reconcile (sprint 1, ~5 days)** \u2014 port Bucket A:\n- FF-40 + FF-42 + FF-43 + FF-45\n- Charter additions: AC-04 (Module-Boundary), AC-05 (Source Integrity), AC-06 (Traceability), AC-07 (Diagnosability)\n- Single audit PR + 4 port PRs\n\n**Tier-2 Reconcile (sprint 2, ~6 days)** \u2014 port Bucket B:\n- FF-28+29 merged into one Admin Surface Integrity lift\n- FF-34 (cross-layer enforcement)\n- FF-36 (decide vs FF-40 overlap)\n- Charter: AC-08 + AC-09 (or consolidate into AC-04)\n\n**Tier-3 Reconcile (sprint 3, ~3 days)** \u2014 Bucket C lift-gate:\n- Run architectural-lift Q1-Q6 gate on FF-35/37/38/41\n- Output: Demote 1-2 to process FFs / ADR-only / regression tests; port the survivors\n- Likely: keep FF-35 (already tripwire-classified), demote FF-41 to process-FF, defer FF-37/38 until anchor incidents\n\n**Total Tier-1+2+3**: ~14 days for ~10 ported predicates + 5-6 new AC charter entries + ~110 corpus fixtures preserved.\n\n**Compare to from-scratch sequential** (the dev-a \"drop-and-rederive\" plan): ~5 days \u00d7 13 FFs = ~65 days at the FF-23 cadence. Net savings from (3): ~50 days.\n\n---\n\n## Decision matrix \u2014 (1) vs (2) vs (3)\n\n|  | (1) Port FF-39 only | (2) Rebuild FF-39 from scratch | (3) Reconcile substrates first |\n|---|---|---|---|\n| Time to ship FF-39 | ~1.5 days | ~4 days | ~6 days (1.5 audit + Tier-1 Bucket A includes FF-39) |\n| Strategy clarity | Low \u2014 repeats decision 12 more times | Medium \u2014 each FF gets fresh gate | **High** \u2014 decide once, execute |\n| Lift-gate value | Skipped retroactively | Applied per-FF | **Applied across substrate** \u2014 discovers patterns |\n| AC charter completeness | +1 entry (AC-04) | +1 entry (AC-04) | **+5-6 entries** (AC-04..09) |\n| Risk if FF-40/42/43/45 get stale | Low (will be re-lifted later) | Low | **Eliminates risk** \u2014 they all land |\n| PR count to clear backlog | 1 now + 12 later = 13 PRs | 1 now + 12 later = 13 PRs | 1 audit + ~10 port = ~11 PRs |\n| Effort cost if you only want FF-39 | **Lowest** | High | Highest (sunk cost on Bucket A/B even if you don't use them) |\n| Effort cost if you want full v2 | **Highest** (sequential drag) | Highest (rebuild \u00d7 13) | **Lowest** (~14 days vs ~65 days) |\n\n---\n\n## Annex A \u2014 FF-22 divergence\n\ndev-signals has a **217-line larger FF-22** than dev-a (490 LOC vs 273 LOC). dev-a's version is the architectural-lift output of PR #18537. dev-signals' version pre-dates it \u2014 likely has the calibration logic from PR #18410 sidecar phase 1 plus subsequent fixes.\n\n**Decision needed regardless of (1)/(2)/(3)**: which FF-22 wins on dev-a if dev-signals work ever merges? Recommend: dev-a's version (architectural-lift-gated) is canonical; dev-signals' version absorbs its delta into adversarial corpus fixtures or gets discarded.\n\n---\n\n## My recommendation\n\nIf the goal is **\"v2 substrate complete in <1 month\"** \u2192 **(3) Reconcile**, executing Tier-1 first (covers FF-39 + 3 high-value Bucket A FFs).\n\nIf the goal is **\"FF-39 specifically because of an anchor incident I haven't surfaced yet\"** \u2192 **(1) Port**, then defer the rest until an actual incident demands a port.\n\nIf the goal is **\"force every FF through the architectural-lift gate ceremony\"** \u2192 **(2) Rebuild**, accepting the ~65-day re-lift cost.\n\nThe **Bucket A** FFs (FF-40/42/43/45) are unambiguously high-value \u2014 the question for (3) is mainly whether to take them now or accept they'll get sequentially re-lifted later anyway. Each month of delay = month of dev-signals work being increasingly stale (the sidecar branch hasn't been touched since 2026-05-04 PR #18410, and dev-a has diverged 57 commits ahead \u2014 including substantial test reorganization).\n", "creation_timestamp": "2026-05-10T19:16:47.000000Z"}, {"uuid": "ded46284-5428-42de-b55c-d693bac1f2c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42574", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4889", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Nov 1-30)\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-30883 - iOS IOMFB Vuln\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-3064 - Memory Corruption in PAN-OS GlobalProtect Portal/Gateway Interfaces\nhttps://t.me/cybersecuritytechnologies/4724\nCVE-2021-41379 - Windows Installer LPE\nhttps://t.me/cybersecuritytechnologies/4813\nCVE-2021-42321 - MS Exchange Post-Auth RCE\nhttps://t.me/cybersecuritytechnologies/4809\nCVE-2021-40539 - Zoho ManageEngine Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/4718\nCVE-2021-41277 - MetaBase Arbitrary File Read\nhttps://t.me/cybersecuritytechnologies/4802\nCVE-2021-43267 - Remote Kernel Heap Overflow in TIPC\nhttps://t.me/cybersecuritytechnologies/4678\nCVE-2021-42574 - Unicode Bidirectional override vuln\nhttps://github.com/js-on/CVE-2021-42574\nhttps://github.com/pierDipi/unicode-control-characters-action\nCVE-2021-24084 - Windows MDM LPE\nhttps://t.me/cybersecuritytechnologies/4850", "creation_timestamp": "2021-12-03T11:00:35.000000Z"}]}