{"vulnerability": "CVE-2016-2001", "sightings": [{"uuid": "c16a04b1-186d-4f42-8a8e-b9762a7f19bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/79b8a9d5-853c-44c0-a6cf-c586efd1aa66", "content": "", "creation_timestamp": "2026-02-02T12:26:43.408017Z"}, {"uuid": "41c7ca4e-3395-4ba0-9cd5-68fac78f28fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/15745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2016-20016\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the \"JAWS webserver RCE\" because of the easily identifying HTTP response server field. Other firmware versions, at least from 2014 through 2019, can be affected. This was exploited in the wild in 2017 through 2022.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:57:36.966Z\n\ud83d\udd17 References:\n1. https://www.pentestpartners.com/security-blog/pwning-cctv-cameras/\n2. https://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/\n3. https://www.exploit-db.com/exploits/41471", "creation_timestamp": "2025-05-09T15:25:35.000000Z"}, {"uuid": "ee67e1d7-449c-4a82-9840-49e392693d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "https://t.me/ctinow/109578", "content": "Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)\n\nhttps://ift.tt/Q9WUkm3", "creation_timestamp": "2023-05-03T17:02:14.000000Z"}, {"uuid": "4b2dfc01-c1b0-4c86-81c8-fe96a7446013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "exploited", "source": "Telegram/JnNnilEYMUSh-Zu51neb6kHqGke6sMvBJm_GJssev0Bvng", "content": "", "creation_timestamp": "2024-03-01T07:47:44.000000Z"}, {"uuid": "37ad20a7-0ffa-4abe-bbb9-9e828e1cff7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/10575", "content": "CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | SSH_ENUM 5.0 https://vulners.com/canvas/SSH_ENUM *EXPLOIT* | PACKETSTORM:150621 5.0 https://vulners.com/packetstorm/PACKETSTORM:150621 *EXPLOIT* | EXPLOITPACK:F957D7E8A0CC1E23C3C649B764E13FB0 5.0 https://vulners.com/exploitpack/EXPLOITPACK:F957D7E8A0CC1E23C3C649B764E13FB0 *EXPLOIT* | EXPLOITPACK:EBDBC5685E3276D648B4D14B75563283 5.0 https://vulners.com/exploitpack/EXPLOITPACK:EBDBC5685E3276D648B4D14B75563283 *EXPLOIT* | 1337DAY-ID-31730 5.0 https://vulners.com/zdt/1337DAY-ID-31730*EXPLOIT* | EXPLOITPACK:802AF3229492E147A5F09C7F2B27C6DF 4.3 https://vulners.com/exploitpack/EXPLOITPACK:802AF3229492E147A5F09C7F2B27C6DF *EXPLOIT* | EXPLOITPACK:5652DDAA7FE452E19AC0DC1CD97BA3EF 4.3 https://vulners.com/exploitpack/EXPLOITPACK:5652DDAA7FE452E19AC0DC1CD97BA3EF *EXPLOIT* | 1337DAY-ID-25440 4.3 https://vulners.com/zdt/1337DAY-ID-25440*EXPLOIT* | 1337DAY-ID-25438 4.3 https://vulners.com/zdt/1337DAY-ID-25438*EXPLOIT* | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 | SSV:92581 2.1 https://vulners.com/seebug/SSV:92581 *EXPLOIT* | PACKETSTORM:151227 0.0 https://vulners.com/packetstorm/PACKETSTORM:151227 *EXPLOIT* | PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* | PACKETSTORM:138006 0.0 https://vulners.com/packetstorm/PACKETSTORM:138006 *EXPLOIT* | PACKETSTORM:137942 0.0 https://vulners.com/packetstorm/PACKETSTORM:137942 *EXPLOIT* | 1337DAY-ID-30937 0.0 https://vulners.com/zdt/1337DAY-ID-30937*EXPLOIT* | 1337DAY-ID-26468 0.0 https://vulners.com/zdt/1337DAY-ID-26468*EXPLOIT* |_ 1337DAY-ID-25391 0.0 https://vulners.com/zdt/1337DAY-ID-25391*EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 215437 rttvar: 215437 to: 300000 Nmap scan report for static.241.140.201.138.clients.your-server.de (138.201.140.241) Host is up, received user-set. Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for ingrid.bonkersmedia.com (138.201.140.242) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.11 (Ubuntu Linux; protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.9p1: | 2C119FFA-ECE0-5E14-A4A4-354A2C38071A 10.0 https://vulners.com/githubexploit/2C119FFA-ECE0-5E14-A4A4-354A2C38071A *EXPLOIT* | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | CVE-2023-28531 9.8 https://vulners.com/cve/CVE-2023-28531 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "701659cd-7c50-4b7b-bb8c-2d61dd1ac058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/10586", "content": "Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for static.252.140.201.138.clients.your-server.de (138.201.140.252) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.0 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.0: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | CVE-2019-16905 7.8 https://vulners.com/cve/CVE-2019-16905 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5 https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Final times for host: srtt: 227656 rttvar: 227656 to: 300000 Nmap scan report for static.253.140.201.138.clients.your-server.de (138.201.140.253) Host is up, received user-set", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "85148b46-a19f-4b8e-a54c-e18ed2453e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "Telegram/r7zNt-NyIIDYDFXZkz-JXaDoo7r_klFjTG16wAUo3BrZ2To", "content": "", "creation_timestamp": "2023-05-06T10:48:35.000000Z"}, {"uuid": "a35b3c39-2783-46ca-abaa-0109093695a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/g4YVNsl8VVhm8hCc75QWhNv5PFRAQjIgSB1n0jxM2tiTPh-tRQ", "content": "", "creation_timestamp": "2025-02-01T09:42:01.000000Z"}, {"uuid": "85afca8c-494f-4c0e-a036-3b33803f8a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "Telegram/poS_ZG5aVKSKt_LXha-pFLWHU67v-9VfxvSO9FqtinvTebM", "content": "", "creation_timestamp": "2023-10-12T23:19:46.000000Z"}, {"uuid": "aac66845-4a78-435d-a2af-ff05438a348c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/u5l-ZaeBoa4rQ-jCnAd-RyTkmBiEwVQkA95tqksDWv2Ihl4", "content": "", "creation_timestamp": "2024-08-26T12:45:39.000000Z"}, {"uuid": "137858ce-7289-4b94-af79-54261d949700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4508", "content": "https://redhat-satellite.si.uvsq.fr/users/login\n\nhttps://193.51.33.54/users/login\n\nCVE-2008-3844, CVE-2020-14145, CVE-2023-48795, CVE-2007-2768, CVE-2021-36368, CVE-2021-41617, CVE-2019-16905, CVE-2023-51385, CVE-2016-20012, CVE-2023-51767, CVE-2020-15778, CVE-2023-38408", "creation_timestamp": "2024-08-25T08:59:44.000000Z"}, {"uuid": "c8aa2859-dbc8-4950-abd7-114c174b0c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "Telegram/0T2mRQjPbxfagt_KULjNMSImpGgUw0PutX0rRmEphKviBA", "content": "", "creation_timestamp": "2022-09-12T09:43:08.000000Z"}, {"uuid": "398bc629-abce-4481-816e-5de505584379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/w0w9iKcyXi70OnNrtP96yLy6sw-7f3qLcDmBnN0l3DtxqHg", "content": "", "creation_timestamp": "2024-07-01T14:33:02.000000Z"}, {"uuid": "bfe10d22-9e44-46b0-8a4a-870247cd9c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/2G0LL9YDDO0dQKSo5p4zQWAL-pbipATIxiBPSKqKsYKP6RG0", "content": "", "creation_timestamp": "2024-07-01T14:30:24.000000Z"}, {"uuid": "3107a583-8c22-4d46-b9ee-b6f3c3cc6332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "exploited", "source": "https://t.me/true_secator/4343", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 FortiGard Labs \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 TBK DVR \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u044f\u0442\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\u041a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b TBK Vision \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0435\u043e\u0442\u044a\u0435\u043c\u043b\u0435\u043c\u043e\u0439 \u0447\u0430\u0441\u0442\u044c\u044e \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f, \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0431\u0430\u043d\u043a\u0430\u0445, \u0433\u043e\u0441\u043e\u0440\u0433\u0430\u043d\u0430\u0445, \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u043e\u0439 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438 \u0438 \u0442.\u0434.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0441\u0435\u0442\u044f\u0445, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0435\u0442\u044f\u043c \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0418\u043c\u0435\u044e\u0449\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3: 9,8 CVE-2018-9995 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 TBK DVR4104 \u0438 TBK DVR4216, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043e\u0434 \u0431\u0440\u0435\u043d\u0434\u0430\u043c\u0438 Novo, CeNova, QSee, Pulnix, XVR 5 \u0432 1, Securus, Night OWL, DVR Login, HVR Login \u0438 MDVR.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0432 \u0432\u0438\u0434\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 cookie HTTP, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 TBK DVR \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432 \u0432\u0438\u0434\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 JSON.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e Fortinet, \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2023 \u0433\u043e\u0434\u0430 \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 50 000 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 TBK DVR \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0435 Fortinet \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0440\u0443\u0433\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2016-20016\u00a0(CVSS v3: 9.8) \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MVPower TV-7104HE \u0438 TV-7108HE.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u041e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441 2017 \u0433\u043e\u0434\u0430, \u043d\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0440\u043e\u0441\u0442\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043c\u043e\u0434\u0435\u0440\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u043d\u043e\u0432\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0438\u043b\u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u043e\u0442 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2023-05-03T13:03:44.000000Z"}, {"uuid": "fdcbaeee-a69e-4d0d-b05f-34c17bddd134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "exploited", "source": "https://t.me/cibsecurity/51744", "content": "\u203c CVE-2016-20016 \u203c\n\nMVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the \"JAWS webserver RCE\" because of the easily identifying HTTP response server field. Other firmware versions, at least from 2014 through 2019, can be affected. This was exploited in the wild in 2017 through 2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T12:14:58.000000Z"}, {"uuid": "4dc9bdce-5b1c-408a-94ee-9ea3dfe4a2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "exploited", "source": "https://t.me/cibsecurity/51748", "content": "\u203c CVE-2016-20017 \u203c\n\nD-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T12:15:03.000000Z"}, {"uuid": "cf315bdf-1404-41ec-a789-2b180b2fb0a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20013", "type": "seen", "source": "https://t.me/cibsecurity/37818", "content": "\u203c CVE-2016-20013 \u203c\n\nsha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-19T07:38:48.000000Z"}, {"uuid": "56620326-a5e6-439a-98f3-fbbdacea8be0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "https://t.me/thehackernews/4375", "content": "\ud83d\udea8 CISA warns of 6 actively exploited security flaws \n \n\u2570\u2508\u27a4 CVE-2023-27524 in Apache Superset. \n\u2570\u2508\u27a4 CVE-2023-38203 & CVE-2023-29300 in Adobe ColdFusion. \n\u2570\u2508\u27a4 CVE-2023-41990 in Apple products. \n\u2570\u2508\u27a4 CVE-2016-20017 in D-Link devices. \n\u2570\u2508\u27a4 CVE-2023-23752 in Joomla! \n \nRead: https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html", "creation_timestamp": "2024-01-10T06:02:02.000000Z"}, {"uuid": "f99146c1-5e8e-477b-84e4-a398737a880c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "MISP/28347c8a-8fa9-4d49-bd73-98a955d83c02", "content": "", "creation_timestamp": "2025-03-03T10:15:45.000000Z"}, {"uuid": "a89d66fd-c258-4082-a5b7-d677bb650acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:50.000000Z"}, {"uuid": "fbad6510-ee55-4449-a1d0-ef8216f882a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "https://dailydrop.hrbrmstr.dev/?p=139505316", "content": "", "creation_timestamp": "2025-04-17T14:18:40.463034Z"}, {"uuid": "6f547e17-caf5-4c37-97d8-5240fec70b0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "8a031901-f7ab-4182-91cd-dd19c4ad1cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "0d98a032-3f1b-495b-81c1-43aa579003b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlink_dsl2750b_exec_noauth.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "49c1aba5-8c62-40b9-8d97-2524dcbfcdfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/79b8a9d5-853c-44c0-a6cf-c586efd1aa66", "content": "", "creation_timestamp": "2026-02-02T12:26:43.408017Z"}, {"uuid": "349bbaa0-a2ad-4158-a2f8-f7a08c0cb835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/10581", "content": "https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | CVE-2020-12062 7.5 https://vulners.com/cve/CVE-2020-12062 | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-28041 7.1 https://vulners.com/cve/CVE-2021-28041 | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 214350 rttvar: 214350 to: 300000 Nmap scan report for static.246.140.201.138.clients.your-server.de (138.201.140.246) Host is up, received user-set (0.22s latency). Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp closed ssh conn-refused Final times for host: srtt: 224679 rttvar: 224679 to: 300000 Nmap scan report for static.247.140.201.138.clients.your-server.de (138.201.140.247) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 9.2p1 Debian 2+deb12u3 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:9.2p1: | 2C119FFA-ECE0-5E14-A4A4-354A2C38071A 10.0 https://vulners.com/githubexploit/2C119FFA-ECE0-5E14-A4A4-354A2C38071A *EXPLOIT* | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | CVE-2023-28531 9.8 https://vulners.com/cve/CVE-2023-28531 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* |", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "4133cdfe-5d31-4a0f-a2c5-79c5f307d2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "exploited", "source": "https://t.me/true_secator/6651", "content": "QiAnXin XLab \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 0-day \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 cnPilot \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Cambium Networks \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0448\u0442\u0430\u043c\u043c\u0430 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 AISURU \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c AIRASHI \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0432 DDoS-\u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0441 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u043f\u043e\u043a\u0430 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0439.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 AIRASHI: CVE-2013-3307, CVE-2016-20016, CVE-2017-5259, CVE-2018-14558, CVE-2020-25499, CVE-2020-8515, CVE-2022-3573, CVE-2022-40005, CVE-2022-44149, CVE-2023-28771, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445 AVTECH, \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u0445 LILIN \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Shenzhen TVT.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u0441\u0432\u043e\u0438\u0445 \u0442\u0435\u0441\u0442\u043e\u0432, DDoS-\u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c AIRASHI \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0430 \u0443\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 1\u20133 \u0422\u0431\u0438\u0442/\u0441.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0420\u043e\u0441\u0441\u0438\u0438, \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438, \u0412\u044c\u0435\u0442\u043d\u0430\u043c\u0435 \u0438 \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u0438, \u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0430\u043b\u0438 \u041a\u0438\u0442\u0430\u0439, \u0421\u0428\u0410, \u041f\u043e\u043b\u044c\u0448\u0430 \u0438 \u0420\u043e\u0441\u0441\u0438\u044f.\n\nAIRASHI - \u044d\u0442\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 AISURU (\u043e\u043d \u0436\u0435 NAKOTNE), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u043d\u0435\u0435 \u0431\u044b\u043b \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2024 \u0433\u043e\u0434\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f DDoS-\u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 Steam, \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0438\u0433\u0440\u044b\u00a0Black Myth: Wukong.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0447\u0430\u0441\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0438 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u0446\u0438\u0438 AIRASHI, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0432 \u0441\u0435\u0431\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u044b \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b DDoS.\n\nAISURU \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u0441\u0432\u043e\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430, \u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u0431\u043e\u0442\u043d\u0435\u0442 \u0432\u0435\u0440\u043d\u0443\u043b\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c (\u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Kitty) \u0438 \u0437\u0430\u0442\u0435\u043c \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043b \u0432\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0437 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043d\u043e\u044f\u0431\u0440\u044f (\u043e\u043d\u0430 \u0436\u0435 AIRASHI).\n\n\u041e\u0431\u0440\u0430\u0437\u0435\u0446 kitty \u043d\u0430\u0447\u0430\u043b \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c\u0438 \u043e\u0431\u0440\u0430\u0437\u0446\u0430\u043c\u0438 AISURU \u043e\u043d \u0443\u043f\u0440\u043e\u0441\u0442\u0438\u043b \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0438 \u043a \u043a\u043e\u043d\u0446\u0443 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0441\u0442\u0430\u043b \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u044b SOCKS5 \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c C2.\n\n\u0421 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, AIRASHI \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0432 \u0434\u0432\u0443\u0445 \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u0445:\n\n- AIRASHI-DDoS (\u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u043a\u043e\u043d\u0446\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 DDoS-\u0430\u0442\u0430\u043a\u0438, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n- AIRASHI-Proxy (\u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u043e\u0431\u043e\u0439 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e AIRASHI-DDoS \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043a\u0441\u0438.\n\n\u0411\u043e\u0442\u043d\u0435\u0442, \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u0441\u0432\u043e\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 C2 \u0447\u0435\u0440\u0435\u0437 DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 HMAC-SHA256 \u0438 CHACHA20 \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, AIRASHI-DDoS \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 13 \u0442\u0438\u043f\u043e\u0432 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a AIRASHI-Proxy \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u044f\u0442\u044c \u0442\u0438\u043f\u043e\u0432 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439.\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u0430\u043a \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043c\u043e\u0449\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.", "creation_timestamp": "2025-01-23T18:41:16.000000Z"}, {"uuid": "18167f0c-ba45-44c8-9d8a-624febf8a075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "https://t.me/cibsecurity/28954", "content": "\u203c CVE-2016-20012 \u203c\n\nOpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T00:22:08.000000Z"}, {"uuid": "a1c1334b-9a1b-40dd-8b17-dc3a05ed2d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20011", "type": "seen", "source": "https://t.me/cibsecurity/27670", "content": "\u203c CVE-2021-39358 \u203c\n\nIn GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-22T22:21:59.000000Z"}, {"uuid": "e2e18ca8-1744-405e-9ff0-d62334495e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20011", "type": "seen", "source": "https://t.me/cibsecurity/27669", "content": "\u203c CVE-2021-39359 \u203c\n\nIn GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-22T22:21:57.000000Z"}, {"uuid": "e00d4ebc-d073-4a48-b590-61af454250c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20011", "type": "seen", "source": "https://t.me/cibsecurity/27668", "content": "\u203c CVE-2021-39360 \u203c\n\nIn GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-22T22:21:56.000000Z"}, {"uuid": "e758edd0-745d-4af6-be43-1b4a0189735d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20011", "type": "seen", "source": "https://t.me/cibsecurity/27667", "content": "\u203c CVE-2021-39361 \u203c\n\nIn GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-22T22:21:55.000000Z"}, {"uuid": "bec8cf6d-e366-45b3-8d29-45d23e1d9917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "MISP/28347c8a-8fa9-4d49-bd73-98a955d83c02", "content": "", "creation_timestamp": "2025-03-04T04:19:35.000000Z"}, {"uuid": "1313b1fa-226d-4f12-94ca-84d970e56e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/mvpower_dvr_shell_exec.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "8a15bc90-18ed-4af4-9ba5-b5dcf95865ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:12.000000Z"}, {"uuid": "329b9f16-b5c4-4f23-9433-eff070d641c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:58.000000Z"}, {"uuid": "46b42016-5a97-4837-8e53-4e285a7d40b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2016-20016", "type": "seen", "source": "MISP/a7fb943f-00ef-43d8-87ca-c9ef19928d19", "content": "", "creation_timestamp": "2026-04-14T12:01:24.000000Z"}, {"uuid": "bfe849bc-8cf0-4df4-a27b-980deb786684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/qXF8Cjz6knmlpu3SrYMoQxCiBvWret7nWYdUS1mAXBP11v98Zw", "content": "", "creation_timestamp": "2025-08-17T02:42:33.000000Z"}, {"uuid": "4e6fb94d-2bb2-4c09-b4f4-9c1d1a59a636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/10580", "content": "CVE-2021-28041 7.1 https://vulners.com/cve/CVE-2021-28041 | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 216453 rttvar: 216453 to: 300000 Nmap scan report for solidboukas.mynewserver.com (138.201.140.244) Host is up, received user-set (0.22s latency). Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp closed ssh conn-refused Final times for host: srtt: 219505 rttvar: 219505 to: 300000 Nmap scan report for static.245.140.201.138.clients.your-server.de (138.201.140.245) Host is up, received user-set (0.21s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.12 (Ubuntu Linux; protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.2p1: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "0d114b0d-f6b8-423b-addc-d4879365c5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2973", "content": "Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for static.252.140.201.138.clients.your-server.de (138.201.140.252) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.0 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.0: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | CVE-2019-16905 7.8 https://vulners.com/cve/CVE-2019-16905 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5 https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Final times for host: srtt: 227656 rttvar: 227656 to: 300000 Nmap scan report for static.253.140.201.138.clients.your-server.de (138.201.140.253) Host is up, received user-set", "creation_timestamp": "2025-04-01T08:49:51.000000Z"}, {"uuid": "048c3ac6-9409-4550-982f-6aa32bf12782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2968", "content": "https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | CVE-2020-12062 7.5 https://vulners.com/cve/CVE-2020-12062 | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-28041 7.1 https://vulners.com/cve/CVE-2021-28041 | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 214350 rttvar: 214350 to: 300000 Nmap scan report for static.246.140.201.138.clients.your-server.de (138.201.140.246) Host is up, received user-set (0.22s latency). Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp closed ssh conn-refused Final times for host: srtt: 224679 rttvar: 224679 to: 300000 Nmap scan report for static.247.140.201.138.clients.your-server.de (138.201.140.247) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 9.2p1 Debian 2+deb12u3 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:9.2p1: | 2C119FFA-ECE0-5E14-A4A4-354A2C38071A 10.0 https://vulners.com/githubexploit/2C119FFA-ECE0-5E14-A4A4-354A2C38071A *EXPLOIT* | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | CVE-2023-28531 9.8 https://vulners.com/cve/CVE-2023-28531 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* |", "creation_timestamp": "2025-04-01T08:49:51.000000Z"}, {"uuid": "1c92eb12-fee8-4f4e-bdc6-4be2feda09b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2967", "content": "CVE-2021-28041 7.1 https://vulners.com/cve/CVE-2021-28041 | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 216453 rttvar: 216453 to: 300000 Nmap scan report for solidboukas.mynewserver.com (138.201.140.244) Host is up, received user-set (0.22s latency). Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp closed ssh conn-refused Final times for host: srtt: 219505 rttvar: 219505 to: 300000 Nmap scan report for static.245.140.201.138.clients.your-server.de (138.201.140.245) Host is up, received user-set (0.21s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.12 (Ubuntu Linux; protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.2p1: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5", "creation_timestamp": "2025-04-01T08:49:51.000000Z"}, {"uuid": "22f6ced9-1240-47f0-ad01-9cabd0810db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2962", "content": "CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | SSH_ENUM 5.0 https://vulners.com/canvas/SSH_ENUM *EXPLOIT* | PACKETSTORM:150621 5.0 https://vulners.com/packetstorm/PACKETSTORM:150621 *EXPLOIT* | EXPLOITPACK:F957D7E8A0CC1E23C3C649B764E13FB0 5.0 https://vulners.com/exploitpack/EXPLOITPACK:F957D7E8A0CC1E23C3C649B764E13FB0 *EXPLOIT* | EXPLOITPACK:EBDBC5685E3276D648B4D14B75563283 5.0 https://vulners.com/exploitpack/EXPLOITPACK:EBDBC5685E3276D648B4D14B75563283 *EXPLOIT* | 1337DAY-ID-31730 5.0 https://vulners.com/zdt/1337DAY-ID-31730*EXPLOIT* | EXPLOITPACK:802AF3229492E147A5F09C7F2B27C6DF 4.3 https://vulners.com/exploitpack/EXPLOITPACK:802AF3229492E147A5F09C7F2B27C6DF *EXPLOIT* | EXPLOITPACK:5652DDAA7FE452E19AC0DC1CD97BA3EF 4.3 https://vulners.com/exploitpack/EXPLOITPACK:5652DDAA7FE452E19AC0DC1CD97BA3EF *EXPLOIT* | 1337DAY-ID-25440 4.3 https://vulners.com/zdt/1337DAY-ID-25440*EXPLOIT* | 1337DAY-ID-25438 4.3 https://vulners.com/zdt/1337DAY-ID-25438*EXPLOIT* | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 | SSV:92581 2.1 https://vulners.com/seebug/SSV:92581 *EXPLOIT* | PACKETSTORM:151227 0.0 https://vulners.com/packetstorm/PACKETSTORM:151227 *EXPLOIT* | PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* | PACKETSTORM:138006 0.0 https://vulners.com/packetstorm/PACKETSTORM:138006 *EXPLOIT* | PACKETSTORM:137942 0.0 https://vulners.com/packetstorm/PACKETSTORM:137942 *EXPLOIT* | 1337DAY-ID-30937 0.0 https://vulners.com/zdt/1337DAY-ID-30937*EXPLOIT* | 1337DAY-ID-26468 0.0 https://vulners.com/zdt/1337DAY-ID-26468*EXPLOIT* |_ 1337DAY-ID-25391 0.0 https://vulners.com/zdt/1337DAY-ID-25391*EXPLOIT* Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Final times for host: srtt: 215437 rttvar: 215437 to: 300000 Nmap scan report for static.241.140.201.138.clients.your-server.de (138.201.140.241) Host is up, received user-set. Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for ingrid.bonkersmedia.com (138.201.140.242) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.11 (Ubuntu Linux; protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.9p1: | 2C119FFA-ECE0-5E14-A4A4-354A2C38071A 10.0 https://vulners.com/githubexploit/2C119FFA-ECE0-5E14-A4A4-354A2C38071A *EXPLOIT* | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | CVE-2023-28531 9.8 https://vulners.com/cve/CVE-2023-28531 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "0669a151-1b50-4ba8-9a39-cb4d6f8f4cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "Telegram/xGsLy8z3fANiCroIRCfALnNfiha1hqkEaeyvq7MCrScixms", "content": "", "creation_timestamp": "2024-07-01T14:34:42.000000Z"}, {"uuid": "1f6322bd-aae5-4867-a7bb-994136fd56ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20015", "type": "seen", "source": "https://t.me/cibsecurity/50151", "content": "\u203c CVE-2016-20015 \u203c\n\nIn the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T22:39:31.000000Z"}, {"uuid": "30b07389-fed3-4bd4-9fe5-78e58ebf83e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20017", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-01-08T18:10:02.000000Z"}]}