{"vulnerability": "cve-2024-2480", "sightings": [{"uuid": "ef270b01-01d5-4816-9841-bb9a42688771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "ed5fd2dc-3637-4939-b16b-c94e0b660eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e224a73a-f7b2-473c-b21d-818363b767b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:01.000000Z"}, {"uuid": "b6e3cc7a-099c-4dad-b3cd-d4ab128117e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "84201d5b-9e9c-4a5b-8e04-5b5ad5a9193d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/paloalto_expedition_rce.rb", "content": "", "creation_timestamp": "2024-11-12T23:19:17.000000Z"}, {"uuid": "9424d072-e10b-4a75-9049-084a33871e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/traccar_rce_upload.rb", "content": "", "creation_timestamp": "2024-09-24T09:29:35.000000Z"}, {"uuid": "71dc5a79-078c-467d-9a4d-cbfef778e322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24808", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15784", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-24808\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login. This vulnerability has been patched with commit fe94451.\n\ud83d\udccf Published: 2024-02-06T03:17:16.532Z\n\ud83d\udccf Modified: 2025-05-09T16:31:14.196Z\n\ud83d\udd17 References:\n1. https://github.com/pyload/pyload/security/advisories/GHSA-g3cm-qg2v-2hj5\n2. https://github.com/pyload/pyload/commit/fe94451dcc2be90b3889e2fd9d07b483c8a6dccd", "creation_timestamp": "2025-05-09T17:25:47.000000Z"}, {"uuid": "86186e27-2379-450f-8755-d703fbeb38f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "https://t.me/HackingInsights/11505", "content": "\u200aCVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately\n\nhttps://securityonline.info/cve-2024-31214-cve-2024-24809-traccar-users-urged-to-update-immediately/", "creation_timestamp": "2024-08-29T09:08:08.000000Z"}, {"uuid": "b52cf164-707f-4923-af00-149e24052f26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "Telegram/2SeTCIiHBvCs4LVhVvK9AryaSJ2WidRT7x_DqlZDi98wEGdQ", "content": "", "creation_timestamp": "2024-08-30T16:48:36.000000Z"}, {"uuid": "45a35591-ed7e-46d2-91ce-f5ffb94b3331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://t.me/arpsyndicate/4720", "content": "#ExploitObserverAlert\n\nCVE-2024-24806\n\nDESCRIPTION: Exploit Observer has 18 entries in 4 file formats related to CVE-2024-24806. libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.001110000\nNVD-IS: 3.4\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7291118", "creation_timestamp": "2024-04-19T00:48:47.000000Z"}, {"uuid": "b2e5d352-824f-404c-8659-46377eb86d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24801", "type": "seen", "source": "https://t.me/arpsyndicate/3445", "content": "#ExploitObserverAlert\n\nCVE-2024-24801\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24801. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt OWL Carousel \u2013 WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel \u2013 WordPress Owl Carousel Slider: from n/a through 1.4.0.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-12T05:49:52.000000Z"}, {"uuid": "ce4cf391-aaf1-4db4-b83e-1073ba72d895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2480", "type": "seen", "source": "https://t.me/arpsyndicate/4247", "content": "#ExploitObserverAlert\n\nCVE-2024-2480\n\nDESCRIPTION: Exploit Observer has 84 entries in 13 file formats related to CVE-2024-2480. A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente at\u00e9 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256888. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-03-16T20:17:40.000000Z"}, {"uuid": "a350a4cc-15d4-48de-ae89-6706e92d131b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24804", "type": "seen", "source": "https://t.me/arpsyndicate/3483", "content": "#ExploitObserverAlert\n\nCVE-2024-24804\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24804. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in websoudan MW WP Form allows Stored XSS.This issue affects MW WP Form: from n/a through 5.0.6.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-12T07:28:04.000000Z"}, {"uuid": "108ecb1f-536d-4600-8ccb-3bf7703f0ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24801", "type": "seen", "source": "https://t.me/arpsyndicate/3482", "content": "#ExploitObserverAlert\n\nCVE-2024-24801\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24801. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt OWL Carousel \u2013 WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel \u2013 WordPress Owl Carousel Slider: from n/a through 1.4.0.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-12T07:22:57.000000Z"}, {"uuid": "3aab3b2e-d90d-454e-9169-0ddaca4e657e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24804", "type": "seen", "source": "https://t.me/arpsyndicate/3455", "content": "#ExploitObserverAlert\n\nCVE-2024-24804\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24804. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in websoudan MW WP Form allows Stored XSS.This issue affects MW WP Form: from n/a through 5.0.6.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-12T06:08:40.000000Z"}, {"uuid": "16cbd263-eb23-4be1-a227-83faae1a0b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://t.me/arpsyndicate/3390", "content": "#ExploitObserverAlert\n\nCVE-2024-24806\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24806. libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.000620000", "creation_timestamp": "2024-02-11T13:42:46.000000Z"}, {"uuid": "12a2deef-6f1b-46bc-9b95-ef708bf50d8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24802", "type": "seen", "source": "https://t.me/arpsyndicate/3913", "content": "#ExploitObserverAlert\n\nCVE-2024-24802\n\nDESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2024-24802. Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-22T04:04:23.000000Z"}, {"uuid": "a3a807a8-f504-4a64-ab59-71b21d13e89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24809", "type": "seen", "source": "https://t.me/true_secator/6131", "content": "\u041f\u043e\u0436\u0430\u043b\u0443\u0439, \u043d\u0430\u0447\u043d\u0435\u043c \u043d\u0435\u0434\u0435\u043b\u044e \u0441 \u043e\u0431\u0437\u043e\u0440\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043a\u0430\u0436\u0434\u043e\u0439 \u0441\u043c\u044b\u0441\u043b\u0430 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u043d\u0435\u0442, \u043d\u043e \u0441\u0441\u044b\u043b\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043e\u0441\u0442\u0430\u0432\u0438\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e \u0434\u0432\u0443\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 GPS-\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Traccar.\n\nCVE-2024-24809\u00a0(CVSS: 8,5) \u0438 CVE-2024-31214\u00a0(CVSS: 9,7) \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f RCE \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445. \n\n\u041a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 - \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Horizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0442\u0440\u0435\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NTLM.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Traceable \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0439 API \u0432 Honeywell BEDQ, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0430\u043c\u0438 \u0438 \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0432\u0441\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\nDEVCORE \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u0435\u0440\u0432\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u00a0\u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Kernel Streaming Service (MSKSRV). \n\n\u0410\u0432\u0442\u043e\u0440\u044b \u043e\u0431\u0440\u0430\u0449\u0430\u044e\u0442 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u043f\u0443\u0449\u0435\u043d\u043d\u0443\u044e \u0438\u0437 \u0432\u0438\u0434\u0443 \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u043d\u0430\u0439\u0442\u0438 \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0441\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 2 \u043c\u0435\u0441\u044f\u0446\u0430.\n\nZoho \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 ManageEngine OpManager.\n\nSonicWall \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 SonicOS. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u0438\u043b\u0438 \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cymulate \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Entra ID (\u0440\u0430\u043d\u0435\u0435 Azure AD), \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0435\u0439 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f. \n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0434\u043b\u044f \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. Microsoft \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043d\u043e \u0431\u0435\u0437 \u043e\u0441\u043e\u0431\u043e\u0439 \u0441\u043f\u0435\u0448\u043a\u0438.\n\nPrompt Armor \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 Slack AI \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043d\u0430\u043b\u043e\u0432\n\n\u0412 \u0440\u044f\u0434\u0435 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0443\u0436\u0435\u043d \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0440\u0435\u0434\u0435 Slack \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u044a\u0435\u043a\u0442\u0430, \u043d\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0438 \u0431\u0435\u0437 \u043d\u0435\u0433\u043e.\n\n\u0412 Python Pip Pandas v2.2.2 \u043d\u0430\u0448\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432. PoC \u0442\u0430\u043a\u0436\u0435 \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438.", "creation_timestamp": "2024-08-26T14:44:44.000000Z"}, {"uuid": "145426c8-8a6c-472e-a884-ecb27a622c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2480", "type": "seen", "source": "https://t.me/ctinow/209724", "content": "https://ift.tt/8BOEdJR\nCVE-2024-2480 | MHA Sistemas arMHAzena 9.6.0.0 Executa Page Companhia/Planta/Agente de/Agente at\u00e9 sql injection", "creation_timestamp": "2024-03-16T22:51:12.000000Z"}, {"uuid": "cfecbf4f-cf9b-452d-ada2-abd08782dfaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24804", "type": "seen", "source": "https://t.me/ctinow/198694", "content": "https://ift.tt/mDB78Py\nCVE-2024-24804 | websoudan MW WP Form Plugin up to 5.0.6 on WordPress cross site scripting", "creation_timestamp": "2024-03-03T11:41:51.000000Z"}, {"uuid": "e813872f-499c-4503-aebd-6fdec851f3ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2480", "type": "seen", "source": "https://t.me/ctinow/208459", "content": "https://ift.tt/qLGUrRJ\nCVE-2024-2480", "creation_timestamp": "2024-03-15T07:21:44.000000Z"}, {"uuid": "f607296c-f01d-4303-800f-58acd5e9427f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2480", "type": "seen", "source": "https://t.me/ctinow/208464", "content": "https://ift.tt/qLGUrRJ\nCVE-2024-2480", "creation_timestamp": "2024-03-15T07:26:38.000000Z"}, {"uuid": "6934d226-55ab-4d78-a21c-29e9fe3cc875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24803", "type": "seen", "source": "https://t.me/ctinow/198684", "content": "https://ift.tt/rHPaOcZ\nCVE-2024-24803 | WPoperation Ultra Companion Plugin up to 1.1.9 on WordPress cross site scripting", "creation_timestamp": "2024-03-03T11:11:32.000000Z"}, {"uuid": "21da5ec7-3221-4b39-a6a5-8839b0a31bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24801", "type": "seen", "source": "https://t.me/ctinow/198671", "content": "https://ift.tt/evEXiQl\nCVE-2024-24801 | LogicHunt OWL Carousel Plugin up to 1.4.0 on WordPress cross site scripting", "creation_timestamp": "2024-03-03T10:46:28.000000Z"}, {"uuid": "7b72c045-fc22-4d5b-a00e-72d3f236ee1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24808", "type": "seen", "source": "https://t.me/ctinow/196778", "content": "https://ift.tt/XclYrOf\nCVE-2024-24808 | pyLoad up to 0.4.20 get_redirect_url (fe94451)", "creation_timestamp": "2024-02-29T16:21:50.000000Z"}, {"uuid": "90575ec3-1b09-450b-870c-d9fcac9b80b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24807", "type": "seen", "source": "https://t.me/ctinow/196464", "content": "https://ift.tt/grC1eaM\nCVE-2024-24807 | Sulu up to 2.4.15/2.5.11 Tag Name cross site scripting (GHSA-gfrh-gwqc-63cv)", "creation_timestamp": "2024-02-29T10:26:07.000000Z"}, {"uuid": "9c40f7d5-7ad2-42da-990e-604eb6575dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24802", "type": "seen", "source": "https://t.me/ctinow/189389", "content": "https://ift.tt/bX8sgGn\nCVE-2024-24802", "creation_timestamp": "2024-02-21T09:26:58.000000Z"}, {"uuid": "cc5865d1-44c8-417b-9de4-2646cd2170c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24802", "type": "seen", "source": "https://t.me/ctinow/189383", "content": "https://ift.tt/bX8sgGn\nCVE-2024-24802", "creation_timestamp": "2024-02-21T09:21:27.000000Z"}, {"uuid": "a6f54b33-44d5-4e32-9db4-97c9c94b42b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24804", "type": "seen", "source": "https://t.me/ctinow/182496", "content": "https://ift.tt/Kl6AvZ1\nCVE-2024-24804", "creation_timestamp": "2024-02-10T09:31:54.000000Z"}, {"uuid": "eeab6fe6-2f80-4100-9b16-8ab35f77c177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24801", "type": "seen", "source": "https://t.me/ctinow/182493", "content": "https://ift.tt/oU6Cy4f\nCVE-2024-24801", "creation_timestamp": "2024-02-10T09:21:24.000000Z"}, {"uuid": "b51e1b0d-490b-46f8-9bda-e55e1b4441e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://t.me/ctinow/181034", "content": "https://ift.tt/Pul5jE8\nCVE-2024-24806", "creation_timestamp": "2024-02-07T23:32:00.000000Z"}, {"uuid": "381a0468-3083-47a9-9add-7db36574b1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24803", "type": "seen", "source": "https://t.me/ctinow/182494", "content": "https://ift.tt/q5TQ40h\nCVE-2024-24803", "creation_timestamp": "2024-02-10T09:21:28.000000Z"}, {"uuid": "cdf2e054-ea7a-4475-9f5a-a9534c06a379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://t.me/ctinow/185329", "content": "https://ift.tt/z8jeCpP\nCVE-2024-24806 Exploit", "creation_timestamp": "2024-02-15T08:17:10.000000Z"}, {"uuid": "c079088f-cd6a-40c5-86d2-08c4c0478f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24808", "type": "seen", "source": "https://t.me/ctinow/184369", "content": "https://ift.tt/i3fyBzw\nCVE-2024-24808 Exploit", "creation_timestamp": "2024-02-14T02:16:37.000000Z"}, {"uuid": "b1dadd4a-54e2-456b-8740-b2a9d5cf436a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24807", "type": "seen", "source": "https://t.me/ctinow/179550", "content": "https://ift.tt/DGikXyz\nCVE-2024-24807", "creation_timestamp": "2024-02-05T22:32:02.000000Z"}, {"uuid": "681d48a0-c7a6-440d-afd4-39806fc744a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24808", "type": "seen", "source": "https://t.me/ctinow/179758", "content": "https://ift.tt/6hzGpWl\nCVE-2024-24808", "creation_timestamp": "2024-02-06T05:21:29.000000Z"}, {"uuid": "849fc68e-e726-44c8-b0ca-e4777f127345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24806", "type": "seen", "source": "https://t.me/ctinow/181374", "content": "https://ift.tt/JjBql7M\nCVE-2024-24806", "creation_timestamp": "2024-02-08T13:51:42.000000Z"}]}