{"vulnerability": "cve-2023-2955", "sightings": [{"uuid": "eb41ffea-203a-4d60-b808-c9f70a76c24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-08T18:10:02.000000Z"}, {"uuid": "d1ab2006-b306-4cbf-99fc-5ee05583b662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971913", "content": "", "creation_timestamp": "2024-12-24T20:35:34.222138Z"}, {"uuid": "1ea6365e-ee16-4e6d-b2a3-925d2a2e97f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cyberSkolkovo/123", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552 (8,6 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437. \u0412 \u0447\u0438\u0441\u043b\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0432\u0445\u043e\u0434\u044f\u0442 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b VMWare ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, IBM IMM \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041e\u043d\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u0440\u044f\u0434\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 1000, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439, \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0441\u0442\u0440\u0430\u0445\u043e\u0432\u0430\u043d\u0438\u044f, \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432, \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430.\n\n#\u043a\u0438\u0431\u0435\u0440\u0445\u0430\u0431_\u0446\u0438\u0444\u0440\u044b", "creation_timestamp": "2023-05-28T11:01:35.000000Z"}, {"uuid": "64584799-8df4-4e63-b766-12b86f4eec1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "ad7d6098-1258-4348-ba23-f3c1065be666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a7b2e9e6-d290-41b3-af34-4085e8dafa7d", "content": "", "creation_timestamp": "2026-02-02T12:26:47.433070Z"}, {"uuid": "f2106d07-826f-465e-835f-5cd59121e547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cKure/10963", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 High-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP).\n\nhttps://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", "creation_timestamp": "2023-04-26T17:40:19.000000Z"}, {"uuid": "edf9b29a-0474-4d96-8680-0a6aab7c8c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3311", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2023-04-25T16:15:09.537\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n2. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n3. https://datatracker.ietf.org/doc/html/rfc2608\n4. https://github.com/curesec/slpload\n5. https://security.netapp.com/advisory/ntap-20230426-0001/\n6. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n7. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n8. https://www.suse.com/support/kb/doc/?id=000021051\n9. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n10. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n11. https://datatracker.ietf.org/doc/html/rfc2608\n12. https://github.com/curesec/slpload\n13. https://security.netapp.com/advisory/ntap-20230426-0001/\n14. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n15. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n16. https://www.suse.com/support/kb/doc/?id=000021051", "creation_timestamp": "2025-01-28T23:18:07.000000Z"}, {"uuid": "da0fd379-9d5f-4d32-ab87-fecc345bad97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "Telegram/j_NOQaSS6WIfk39XQXCw2qQeJoi2-3-FLwOGvgRF5EFSFfs", "content": "", "creation_timestamp": "2023-04-25T20:02:10.000000Z"}, {"uuid": "8b4a4f62-fd30-464b-9837-9738e9c88219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/purple_medved/12", "content": "\u0412 \u0431\u043b\u043e\u0433\u0435 BitSight \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP (Service Location Protocol). \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u0432 \u0434\u0430\u043b\u0435\u043a\u043e\u043c 1997 \u0433\u043e\u0434\u0443, \u043e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 427 \u0447\u0435\u0440\u0435\u0437 TCP \u0438 UDP. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0443\u0440\u043e\u0432\u043d\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 - 8,6 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0443 CVSS. \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 SLP, \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u044f \u0430\u0434\u0440\u0435\u0441 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u044f 29-\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u0432 65,536-\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u043e\u0442\u0432\u0435\u0442 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0441\u0442\u0430\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 VMWare ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, IBM IMM \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0445 \u043c\u0435\u0440, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SLP \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u043b\u0430 \u0441 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 TCP \u0438 UDP \u043d\u0430 427 \u043f\u043e\u0440\u0442\u0443.\n\n#CVE-2023-29552 #DDoS-\u0430\u0442\u0430\u043a\u0438 #DoS_amplification", "creation_timestamp": "2023-04-27T19:23:37.000000Z"}, {"uuid": "de3e7215-4fc9-498d-a457-4eb5bc2ed43d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/ctinow/148464", "content": "https://ift.tt/mxWLcCh\nNetography Releases Detection for Actively Exploited DoS Amplification CVE-2023-29552", "creation_timestamp": "2023-11-09T21:37:02.000000Z"}, {"uuid": "dae0b1b8-6055-4265-a41a-f05a7ff9d81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/ctinow/109866", "content": "CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks\n\nhttps://ift.tt/TYqUj9l", "creation_timestamp": "2023-05-04T18:03:29.000000Z"}, {"uuid": "01a594b0-4abb-4ac3-b608-2882c4bac273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/true_secator/4325", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SLP \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c DDoS-\u0430\u0442\u0430\u043a\u0430\u043c \u0441 2200-\u043a\u0440\u0430\u0442\u043d\u044b\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435\u043c.\n\nSLP \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0432 1997 \u0433\u043e\u0434\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c (\u041f\u041a, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u0430\u043c, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c) \u043b\u0435\u0433\u043a\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433 \u0434\u0440\u0443\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0432 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0435\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u043c \u0441\u043f\u0435\u043a\u0442\u0440\u0435 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0422\u0430\u043a, \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0431\u043e\u043b\u0435\u0435\u00a070 000\u00a0\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438\u043c\u0435\u044e\u0442 \u043e\u0442\u0435\u0440\u0442\u044b\u0435 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043f\u043e\u0440\u0442\u044b SLP (427 \u043a\u0430\u043a \u0434\u043b\u044f UDP, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f TCP), \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043a\u0430\u043a \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b VMware ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex, \u0441\u0435\u0440\u0432\u0435\u0440\u044b Supermicro IPMI \u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0435\u0434\u0438\u043d\u0438\u0446 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f IBM.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438\u0437\u00a0Bitsight\u00a0\u0438\u00a0Curesec. \n\n\u041e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-29552 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 SLP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u044b \u0432 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0431\u043e\u043b\u044c\u0448\u0435\u043c \u0440\u0430\u0437\u043c\u0435\u0440\u0435.\n\n\u042d\u0442\u043e\u0442 \u0442\u0440\u044e\u043a \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 SLP, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0435\u0447\u0435\u0440\u043e\u0432, \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0435 2200x, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 SLP \u0442\u0440\u0435\u0442\u044c\u0438\u043c \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e.\n\nCloudflare\u00a0\u0438\u00a0Netscout\u00a0\u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f SLP \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a \u0431\u0443\u0434\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0443\u0447\u0430\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0431\u0430\u0433\u0443.\u00a0\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u0443\u0447\u0435\u0441\u0442\u044c, \u0447\u0442\u043e SLP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f ESXiArgs ransomware\u00a0\u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 VMWare. \n\n\u0411\u0443\u0434\u0435\u043c \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u0441\u043b\u0443\u0447\u0430\u044f \u0445\u043e\u0442\u044f \u0431\u044b \u043a\u0430\u043a\u0430\u044f-\u0442\u043e \u0447\u0430\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0437\u0430\u0434\u0443\u043c\u044b\u0432\u0430\u043b\u0430\u0441\u044c \u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0432\u043e\u0438\u0445 \u043f\u043e\u0440\u0442\u043e\u0432 SLP.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-04-26T17:04:39.000000Z"}, {"uuid": "4f5a40a5-2262-451f-af48-165165537b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/arpsyndicate/1111", "content": "#ExploitObserverAlert\n\nCVE-2023-29552\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-29552. The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nFIRST-EPSS: 0.043370000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T04:17:18.000000Z"}, {"uuid": "b0a969e3-7922-4ec9-b6f5-87332f47665f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "Telegram/ITlnoIKxw8fWTwUOX0oLpzTnmNV1tK6JMvQUjg6Rza1JcQ", "content": "", "creation_timestamp": "2023-11-09T10:16:29.000000Z"}, {"uuid": "00d3cf97-4ca2-4f25-9c8a-5286f857c770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/KomunitiSiber/1047", "content": "CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation\nhttps://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday\u00a0added\u00a0a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nTracked as\u00a0CVE-2023-29552\u00a0(CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS", "creation_timestamp": "2023-11-09T07:06:05.000000Z"}, {"uuid": "192e0637-ae7c-4dfb-aab4-7ba4b7a2697f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/GhostPrincess/11578", "content": "What is SLP protocol?\n\nService Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the Internet Engineering Task Force (IETF) and defined in RFC 2608, SLP eliminates the need for users or administrators to manually configure clients with the addresses of available network services. Instead, it allows devices and applications to automatically find and connect to services in their local area networks (LANs). Since the SLP protocol doesn\u2019t require authentication, anyone can register new services, which is why it wasn\u2019t intended to be publicly available over the Internet.\n\nHow Does SLP Work?\n\nSLP operates based on a request-response model that involves three primary components: User Agents (UAs), Service Agents (SAs), and Directory Agents (DAs).\n\nUser Agents (UAs): UAs are clients seeking network services. They send out service requests to discover the available services in the network.\n\nService Agents (SAs): SAs represent the network services themselves. They advertise the services they offer and respond to service requests from UAs.\n\nDirectory Agents (DAs): DAs act as a centralized repository for service information. They cache the advertisements from SAs, and UAs can query them to find the desired services more efficiently. Although DAs are optional, their presence improves the overall performance of the SLP system.\n\nUnderstanding How CVE-2023-29552 Works\n\nThe attack technique allows an unauthenticated, remote attacker to register arbitrary services. This would enable the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nAn Ghost Clan channel:\nhttps://t.me/TheGrayHats\n\n#cybersec #infosec #hacking #hack #cybersecurity #hackers #grayhats", "creation_timestamp": "2023-05-09T03:31:51.000000Z"}, {"uuid": "e88ddcc6-2962-4ea4-a12f-3f48208e11c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/5741", "content": "What is SLP protocol?\n\nService Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the Internet Engineering Task Force (IETF) and defined in RFC 2608, SLP eliminates the need for users or administrators to manually configure clients with the addresses of available network services. Instead, it allows devices and applications to automatically find and connect to services in their local area networks (LANs). Since the SLP protocol doesn\u2019t require authentication, anyone can register new services, which is why it wasn\u2019t intended to be publicly available over the Internet.\n\nHow Does SLP Work?\n\nSLP operates based on a request-response model that involves three primary components: User Agents (UAs), Service Agents (SAs), and Directory Agents (DAs).\n\nUser Agents (UAs): UAs are clients seeking network services. They send out service requests to discover the available services in the network.\n\nService Agents (SAs): SAs represent the network services themselves. They advertise the services they offer and respond to service requests from UAs.\n\nDirectory Agents (DAs): DAs act as a centralized repository for service information. They cache the advertisements from SAs, and UAs can query them to find the desired services more efficiently. Although DAs are optional, their presence improves the overall performance of the SLP system.\n\nUnderstanding How CVE-2023-29552 Works\n\nThe attack technique allows an unauthenticated, remote attacker to register arbitrary services. This would enable the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nhttps://t.me/GrayHatsHack\n\n#cybersec #infosec #hacking #hack #cybersecurity #hackers #grayhats", "creation_timestamp": "2024-05-29T23:44:40.000000Z"}, {"uuid": "9f61d6a0-0d6c-442e-b34b-67ea23f7f511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/true_secator/5071", "content": "\u041a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 KEV \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u043b\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b SLP \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-29552 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 7,5 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u0438\u043f\u0430 DoS, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a \u0441 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435\u043c, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 Bitsight\u00a0\u0438 Curesec.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 SLP \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 UDP-\u0442\u0440\u0430\u0444\u0438\u043a \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Bitsight \u0438 Curesec, \u0443 SLP \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f DDoS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u00a02200, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440.\n\nDDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c SLP \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u043d\u0430 GitHub, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0447\u043d\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-11-10T12:27:23.000000Z"}, {"uuid": "d6aa0e94-8966-4ab7-849c-a79aa40f08b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/thehackernews/3282", "content": "\ud83d\udd25 New SLP protocol vulnerability (CVE-2023-29552) could be weaponized for massive DoS amplification attacks with an amplification factor of up to 2,200.\n\nLearn more: https://thehackernews.com/2023/04/new-slp-vulnerability-could-let.html\n\nMore than 2,000 global organizations and 54,000 SLP instances are said to be affected.", "creation_timestamp": "2023-04-25T15:36:49.000000Z"}, {"uuid": "6af73722-636a-4304-9d78-d7809d1909f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2955", "type": "seen", "source": "https://t.me/cibsecurity/64758", "content": "\u203c CVE-2023-2955 \u203c\n\nA vulnerability, which was classified as critical, was found in SourceCodester Students Online Internship Timesheet System 1.0. Affected is an unknown function of the file rendered_report.php of the component GET Parameter Handler. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230142 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T13:43:47.000000Z"}, {"uuid": "0fd79227-5a82-484a-9822-c143f73de24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cibsecurity/62820", "content": "\u203c CVE-2023-29552 \u203c\n\nThe Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T20:24:58.000000Z"}, {"uuid": "49ae951d-d16a-40b2-9822-59454a6c6b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29551", "type": "seen", "source": "https://t.me/cibsecurity/64918", "content": "\u203c CVE-2023-29551 \u203c\n\nMozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android &lt; 112, Firefox &lt; 112, and Focus for Android &lt; 112.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:39:32.000000Z"}, {"uuid": "10219d87-a14b-42e8-981a-8cd6a5e3ef7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/xakep_ru/13966", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0435\u0442 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0432 2200 \u0440\u0430\u0437\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b BitSight \u0438 Curesec \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP (Service Location Protocol), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0431\u043e\u043b\u0435\u0435 2000 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 54 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 SLP, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0441\u0442\u0430\u0442\u044c \u043c\u0438\u0448\u0435\u043d\u044f\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\nhttps://xakep.ru/2023/04/26/slp-ddos/", "creation_timestamp": "2023-04-26T16:50:44.000000Z"}, {"uuid": "de34d1a4-4a4e-414b-9f93-c1f0c34e1872", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/thehackernews/4126", "content": "CISA adds high-severity flaw (CVE-2023-29552) in SLP to Known Exploited Vulnerabilities list. This flaw is being actively exploited to launch massive DoS amplification attacks. \n \nRead: https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html", "creation_timestamp": "2023-11-09T07:16:19.000000Z"}, {"uuid": "56057f71-d290-4616-8ad0-d6061f58ab34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/secmedia/1076", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-29552 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 SLP. \u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 BitSight \u0438 Curesec, \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0432 2200 \u0440\u0430\u0437.", "creation_timestamp": "2023-04-26T08:38:19.000000Z"}, {"uuid": "5dffc557-ad32-4370-bcb9-676e1e7db1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "Telegram/hfwgAwOr-I2NY7E1jCzKYP-osK24R_uQmKQfV3N5WixAHog", "content": "", "creation_timestamp": "2023-04-27T23:02:35.000000Z"}, {"uuid": "3eb1a60b-65ff-43d7-bcbd-5da0c738b57f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8192", "content": "#exploit\n1. CVE-2023-29552:\nAmplifying SLP Traffic\nhttps://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n\n2. Telegram: RCE via WebView\nhttps://davtur19.medium.com/telegram-bug-bounties-rce-privacy-issues-and-more-b1f06a641c1b\n\n3. CVE-2022-29804:\nA directory traversal vulnerability hidden in the Go language standard library\nhttps://tttang.com/archive/1884", "creation_timestamp": "2023-04-27T11:05:13.000000Z"}]}