Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 05:46:46 +0000 9eedc62a-77f2-4246-be59-e6a2bc37519c https://db.gcve.eu/sighting/9eedc62a-77f2-4246-be59-e6a2bc37519c/export {"uuid": "9eedc62a-77f2-4246-be59-e6a2bc37519c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35841", "type": "seen", "source": "https://t.me/cibsecurity/49691", "content": "\u203c CVE-2022-35841 \u203c\n\nWindows Enterprise App Management Service Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T22:25:52.000000Z"} {"uuid": "9eedc62a-77f2-4246-be59-e6a2bc37519c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35841", "type": "seen", "source": "https://t.me/cibsecurity/49691", "content": "\u203c CVE-2022-35841 \u203c\n\nWindows Enterprise App Management Service Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T22:25:52.000000Z"} https://db.gcve.eu/sighting/9eedc62a-77f2-4246-be59-e6a2bc37519c/export Tue, 13 Sep 2022 22:25:52 +0000 a5af4207-f4af-4998-b0a4-1563060e9742 https://db.gcve.eu/sighting/a5af4207-f4af-4998-b0a4-1563060e9742/export {"uuid": "a5af4207-f4af-4998-b0a4-1563060e9742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35846", "type": "seen", "source": "https://t.me/cibsecurity/51677", "content": "\u203c CVE-2022-35846 \u203c\n\nAn improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to guess the credentials of an admin user via a brute force attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:21.000000Z"} {"uuid": "a5af4207-f4af-4998-b0a4-1563060e9742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35846", "type": "seen", "source": "https://t.me/cibsecurity/51677", "content": "\u203c CVE-2022-35846 \u203c\n\nAn improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to guess the credentials of an admin user via a brute force attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:21.000000Z"} https://db.gcve.eu/sighting/a5af4207-f4af-4998-b0a4-1563060e9742/export Tue, 18 Oct 2022 18:14:21 +0000 9d7b3a1b-763d-43fd-9717-fc6491af5f13 https://db.gcve.eu/sighting/9d7b3a1b-763d-43fd-9717-fc6491af5f13/export {"uuid": "9d7b3a1b-763d-43fd-9717-fc6491af5f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35844", "type": "seen", "source": "https://t.me/cibsecurity/51683", "content": "\u203c CVE-2022-35844 \u203c\n\nAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to commands of the certificate import feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:27.000000Z"} {"uuid": "9d7b3a1b-763d-43fd-9717-fc6491af5f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35844", "type": "seen", "source": "https://t.me/cibsecurity/51683", "content": "\u203c CVE-2022-35844 \u203c\n\nAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to commands of the certificate import feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:27.000000Z"} https://db.gcve.eu/sighting/9d7b3a1b-763d-43fd-9717-fc6491af5f13/export Tue, 18 Oct 2022 18:14:27 +0000 5cc6be70-7baa-4aaf-8a7d-1b51b9ad7775 https://db.gcve.eu/sighting/5cc6be70-7baa-4aaf-8a7d-1b51b9ad7775/export {"uuid": "5cc6be70-7baa-4aaf-8a7d-1b51b9ad7775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35843", "type": "seen", "source": "https://t.me/cibsecurity/54081", "content": "\u203c CVE-2022-35843 \u203c\n\nAn authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:41:00.000000Z"} {"uuid": "5cc6be70-7baa-4aaf-8a7d-1b51b9ad7775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35843", "type": "seen", "source": "https://t.me/cibsecurity/54081", "content": "\u203c CVE-2022-35843 \u203c\n\nAn authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:41:00.000000Z"} https://db.gcve.eu/sighting/5cc6be70-7baa-4aaf-8a7d-1b51b9ad7775/export Tue, 06 Dec 2022 20:41:00 +0000 f204e9a4-f459-442e-b160-c7557456a7ea https://db.gcve.eu/sighting/f204e9a4-f459-442e-b160-c7557456a7ea/export {"uuid": "f204e9a4-f459-442e-b160-c7557456a7ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35845", "type": "seen", "source": "https://t.me/cibsecurity/55813", "content": "\u203c CVE-2022-35845 \u203c\n\nMultiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T20:17:21.000000Z"} {"uuid": "f204e9a4-f459-442e-b160-c7557456a7ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35845", "type": "seen", "source": "https://t.me/cibsecurity/55813", "content": "\u203c CVE-2022-35845 \u203c\n\nMultiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T20:17:21.000000Z"} https://db.gcve.eu/sighting/f204e9a4-f459-442e-b160-c7557456a7ea/export Tue, 03 Jan 2023 20:17:21 +0000 7ca466e1-1c13-4fdd-995b-e21e2676cf78 https://db.gcve.eu/sighting/7ca466e1-1c13-4fdd-995b-e21e2676cf78/export {"uuid": "7ca466e1-1c13-4fdd-995b-e21e2676cf78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35845", "type": "seen", "source": "https://t.me/ics_cert/738", "content": "\u0647\u0634\u062f\u0627\u0631\n\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0641\u0648\u0631\u062a\u06cc \u0646\u062a \n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627\u0628\u0637 \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u06af\u0631\u0627\u0641\u06cc\u06a9\u06cc \u0648 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0648 \u0627\u0628\u0632\u0627\u0631 \u0633\u062e\u062a \u0627\u0641\u0632\u0627\u0631\u06cc FortiTester \u0628\u0631\u0627\u06cc \u0639\u06cc\u0628 \u06cc\u0627\u0628\u06cc \u0648 \u0645\u0645\u06cc\u0632\u06cc \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0645\u067e\u06cc\u0648\u062a\u0631\u06cc \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0627\u062a\u062e\u0627\u0630 \u062a\u062f\u0627\u0628\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u062e\u0646\u062b\u06cc \u0633\u0627\u0632\u06cc \u0639\u0646\u0627\u0635\u0631 \u062e\u0627\u0635 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0641\u0631\u0645\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\n\nBDU: 2023-01859\nCVE-2022-35845\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646/\u062d\u0630\u0641 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0634\u062f\u0647\u061b\n- \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0648\u0631\u0648\u062f\u06cc \u06a9\u0627\u0631\u0628\u0631\u060c \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0647\u0627\u06cc \u0641\u06cc\u0644\u062a\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n- \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\nhttps://www.fortiguard.com/psirt/FG-IR-22-274\n\n\u0644\u0637\u0641\u0627 \u0646\u0638\u0631\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0628\u06af\u0630\u0627\u0631\u06cc\u062f. \u0627\u0632 \u0628\u0627\u0632\u062e\u0648\u0631\u062f \u0634\u0645\u0627 \u0627\u0633\u062a\u0642\u0628\u0627\u0644 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-04-11T17:32:36.000000Z"} {"uuid": "7ca466e1-1c13-4fdd-995b-e21e2676cf78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35845", "type": "seen", "source": "https://t.me/ics_cert/738", "content": "\u0647\u0634\u062f\u0627\u0631\n\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0641\u0648\u0631\u062a\u06cc \u0646\u062a \n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627\u0628\u0637 \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u06af\u0631\u0627\u0641\u06cc\u06a9\u06cc \u0648 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0648 \u0627\u0628\u0632\u0627\u0631 \u0633\u062e\u062a \u0627\u0641\u0632\u0627\u0631\u06cc FortiTester \u0628\u0631\u0627\u06cc \u0639\u06cc\u0628 \u06cc\u0627\u0628\u06cc \u0648 \u0645\u0645\u06cc\u0632\u06cc \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0645\u067e\u06cc\u0648\u062a\u0631\u06cc \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0627\u062a\u062e\u0627\u0630 \u062a\u062f\u0627\u0628\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u062e\u0646\u062b\u06cc \u0633\u0627\u0632\u06cc \u0639\u0646\u0627\u0635\u0631 \u062e\u0627\u0635 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0641\u0631\u0645\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\n\nBDU: 2023-01859\nCVE-2022-35845\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646/\u062d\u0630\u0641 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0634\u062f\u0647\u061b\n- \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0648\u0631\u0648\u062f\u06cc \u06a9\u0627\u0631\u0628\u0631\u060c \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0647\u0627\u06cc \u0641\u06cc\u0644\u062a\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n- \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\nhttps://www.fortiguard.com/psirt/FG-IR-22-274\n\n\u0644\u0637\u0641\u0627 \u0646\u0638\u0631\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0628\u06af\u0630\u0627\u0631\u06cc\u062f. \u0627\u0632 \u0628\u0627\u0632\u062e\u0648\u0631\u062f \u0634\u0645\u0627 \u0627\u0633\u062a\u0642\u0628\u0627\u0644 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-04-11T17:32:36.000000Z"} https://db.gcve.eu/sighting/7ca466e1-1c13-4fdd-995b-e21e2676cf78/export Tue, 11 Apr 2023 17:32:36 +0000 46a675ff-3cb9-4dca-81d3-766747a63eb4 https://db.gcve.eu/sighting/46a675ff-3cb9-4dca-81d3-766747a63eb4/export {"uuid": "46a675ff-3cb9-4dca-81d3-766747a63eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35849", "type": "seen", "source": "https://t.me/cibsecurity/70386", "content": "\u203c CVE-2022-35849 \u203c\n\nAn improper neutralization of special elements used in an OS command vulnerability [CWE-78]\u00c2\u00a0in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T16:23:54.000000Z"} {"uuid": "46a675ff-3cb9-4dca-81d3-766747a63eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35849", "type": "seen", "source": "https://t.me/cibsecurity/70386", "content": "\u203c CVE-2022-35849 \u203c\n\nAn improper neutralization of special elements used in an OS command vulnerability [CWE-78]\u00c2\u00a0in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T16:23:54.000000Z"} https://db.gcve.eu/sighting/46a675ff-3cb9-4dca-81d3-766747a63eb4/export Wed, 13 Sep 2023 16:23:54 +0000