{"vulnerability": "cve-2024-21378", "sightings": [{"uuid": "f84b5c22-4082-4908-9312-bbff2f29b3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/206", "content": "\ud83c\udfed We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!\n\nA brief instruction for red teams:\n\n1. Compile our enhanced DLL;\n2. Use NetSPI's ruler and wait!\n\nNo back connect required!\n\n\ud83d\udd25 \ud83d\udcd0\ud83d\udccf", "creation_timestamp": "2024-04-11T14:05:43.000000Z"}, {"uuid": "0982cb59-12af-4642-b3ef-7c8f92dda005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12516", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2024-21378 \u2014 Remote Code Execution in Microsoft Outlook.\n\nhttps://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/", "creation_timestamp": "2024-03-13T18:02:48.000000Z"}, {"uuid": "7e13ed97-1d1f-4fb1-b768-f02cf6dcc3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21378", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "076e63af-9700-4d6e-aecf-579ce6fef717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/RedTeamFeed/227", "content": "CVE-2024-21378 \u2014 Remote Code Execution in Microsoft Outlook\n#netspi\n\nNetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. Learn how NetSPI discovered and exploited the vulnerability.\n\nvia NetSPI Technical Blog (author: Rich Wolferd)", "creation_timestamp": "2024-03-13T15:42:20.000000Z"}, {"uuid": "15f053ff-e8e4-4cdf-b8f3-f23807bfd8f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6787", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC Exploit for Outlook Vulnerability, CVE-2024-21378\nURL\uff1ahttps://github.com/JohnHormond/CVE-2024-21378\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-12T14:21:03.000000Z"}, {"uuid": "7b3f9e94-894e-49d1-b0a2-ffb02bea8541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/bughunter_circuit/323", "content": "\ud83c\udfed We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!\n\nA brief instruction for red teams:\n\n1. Compile our enhanced DLL;\n2. Use NetSPI's ruler and wait!\n\nNo back connect required!\n\n\ud83d\udd25 \ud83d\udcd0\ud83d\udccf", "creation_timestamp": "2024-04-11T17:17:45.000000Z"}, {"uuid": "48288644-b79f-41a8-88e5-93c269d3ccbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2005", "content": "CVE-2024-21378 Microsoft Outlook Remote Code Execution\n*\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u0444\u0430\u0439\u043b\u0430\n*\nPOC exploit\n\n#outlook #exploit", "creation_timestamp": "2024-04-12T13:11:58.000000Z"}, {"uuid": "64db80d6-75fb-4d47-9158-7a00525245c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1476", "content": "\ud83c\udfed We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!\n\nA brief instruction for red teams:\n\n1. Compile our enhanced DLL;\n2. Use NetSPI's ruler and wait!\n\nNo back connect required!\n\n\ud83d\udd25 \ud83d\udcd0\ud83d\udccf", "creation_timestamp": "2024-04-11T18:53:44.000000Z"}, {"uuid": "a8c22943-d29c-4e65-9645-fe52a82a580a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/2780", "content": "https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/ \u0435\u0431\u0430\u0448\u0438\u043c \u0430\u0443\u0442\u043b\u0443\u043a \u0447\u0435\u0440\u0435\u0437 \u0441\u0432\u0435\u0436\u0443\u044e CVE \u043f\u043e\u0434\u0440\u0443\u0447\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438", "creation_timestamp": "2024-03-18T23:20:04.000000Z"}, {"uuid": "be1bff20-c51f-4646-9915-d5d11648f64a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1422", "content": "CVE-2024-21378 \u2014 Remote Code Execution in Microsoft Outlook\u00a0\n\nIn 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered\u00a0CVE-2024-21378\u00a0and weaponized it by modifying\u00a0Ruler,\u00a0an Outlook penetration testing tool published by SensePost. Note, a pull request containing the proof-of-concept code is forthcoming to provide organizations with sufficient time to patch.\n\nhttps://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/", "creation_timestamp": "2024-03-13T03:05:20.000000Z"}, {"uuid": "7503c2fa-1b41-4f0a-b0ea-8ef662c24fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "seen", "source": "https://t.me/ctinow/206353", "content": "https://ift.tt/t7d86og\nCVE-2024-21378 Exploit", "creation_timestamp": "2024-03-13T03:16:50.000000Z"}, {"uuid": "5ef7cfda-816f-4fe5-af01-ab5bfb82a577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21378", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10134", "content": "#exploit\n1. CVE-2024-21378:\nRCE in Microsoft Outlook\u00a0\nhttps://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378\n]-> DLL for testing CVE-2024-21378 in MS Outlook: https://gist.github.com/Homer28\n\n2. CVE-2023-5808:\nHitachi NAS SMU Backup/Restore - \nInsecure Direct Object Reference\nhttps://packetstormsecurity.com/files/177516/Hitachi-NAS-SMU-Backup-And-Restore-Insecure-Direct-Object-Reference.html", "creation_timestamp": "2024-04-12T05:53:57.000000Z"}]}