{"vulnerability": "cve-2025-2611", "sightings": [{"uuid": "c9895e46-2e82-4349-a05e-7c6c52e90910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvom73qofp2a", "content": "", "creation_timestamp": "2025-08-05T21:02:18.893144Z"}, {"uuid": "88a53eab-bd4e-43bc-a605-322553dbe353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "4764b74b-c615-462e-8eb6-d88514f75590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3m3cjfgpwus2f", "content": "", "creation_timestamp": "2025-10-16T10:11:26.259850Z"}, {"uuid": "81e06f0c-e1b3-4f02-8186-0bf03c2d3845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3m3dmz7dinw2t", "content": "", "creation_timestamp": "2025-10-16T20:48:47.489794Z"}, {"uuid": "4b9e9e14-f11d-4401-84cb-c2bacb01301c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3m3ckexzggs2d", "content": "", "creation_timestamp": "2025-10-16T10:29:03.054529Z"}, {"uuid": "493e94e4-abba-4b07-b4d6-022e79d720e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/115373491530044618", "content": "", "creation_timestamp": "2025-10-14T16:36:11.294309Z"}, {"uuid": "553aa0c1-8af7-41d9-8ea2-6763d5949fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-2611", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3m36wrmvywz2w", "content": "", "creation_timestamp": "2025-10-15T00:00:12.105351Z"}, {"uuid": "c1b7693e-c694-40f1-a41c-d66c6b291374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ictbroadcast_unauth_cookie.rb", "content": "", "creation_timestamp": "2025-08-05T07:39:11.000000Z"}, {"uuid": "ab85fd42-c0c2-4a6d-aa92-c414e3c3ed84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://thehackernews.com/2025/10/hackers-target-ictbroadcast-servers-via.html", "content": "", "creation_timestamp": "2025-10-15T04:16:00.000000Z"}, {"uuid": "09831efd-6bdb-47cd-8be0-ce35f302c210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m344f7wsq723", "content": "", "creation_timestamp": "2025-10-13T21:02:42.526837Z"}, {"uuid": "ac392b68-dd02-4625-914c-d6a3f054cc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "exploited", "source": "https://t.me/thehackernews/7724", "content": "\ud83c\udf6a A cookie that spawns a shell \ud83d\udc80\n\nA critical flaw (CVE-2025-2611, CVSS 9.3) in ICTBroadcast autodialer software is under active exploitation.\n\nAttackers inject commands via the BROADCAST session cookie for unauthenticated remote code execution.\n\nNo patch yet \u2014 check your stack \u2192 https://thehackernews.com/2025/10/hackers-target-ictbroadcast-servers-via.html\n\n~200 servers are exposed.", "creation_timestamp": "2025-10-15T06:21:55.000000Z"}, {"uuid": "8b01d341-5c4e-4113-9b6f-0c10ac3d4f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2611", "type": "exploited", "source": "https://t.me/hackyourmom/12919", "content": "\ud83d\udc7e CVE-2025-2611 \u0443 ICTBroadcast \u0434\u0430\u0454 \u0432\u0438\u043a\u043e\u043d\u0430\u043d\u043d\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 cookie \u0456 \u0432\u0436\u0435 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0454\u0442\u044c\u0441\u044f \u0434\u043b\u044f reverse-shell \u2014 \u0442\u0435\u0440\u043c\u0456\u043d\u043e\u0432\u043e \u0432\u0456\u0434\u043a\u043b\u044e\u0447\u0456\u0442\u044c \u043f\u0443\u0431\u043b\u0456\u0447\u043d\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e \u0456\u043d\u0441\u0442\u0430\u043d\u0441\u0456\u0432, \u0456\u0437\u043e\u043b\u044e\u0439\u0442\u0435 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456 \u0441\u0435\u0440\u0432\u0435\u0440\u0438, \u0437\u0431\u0435\u0440\u0435\u0436\u0456\u0442\u044c \u043b\u043e\u0433\u0438/\u0444\u043e\u0440\u0435\u043d\u0437\u0456\u043a\u0443 \u0442\u0430 \u043f\u0456\u0434\u043a\u043b\u044e\u0447\u0456\u0442\u044c EDR/IDS \ud83d\udcac #cybernews", "creation_timestamp": "2025-10-15T17:56:53.000000Z"}]}