{"vulnerability": "CVE-2019-1881", "sightings": [{"uuid": "ef2c6cd9-bcbb-4af4-b354-a7a147a36cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "published-proof-of-concept", "source": "Telegram/lRUCC0BJHYPhHSLUp64yC2-a8BbOW7ihAUJb144dihN1Y0A", "content": "", "creation_timestamp": "2025-02-17T04:00:07.000000Z"}, {"uuid": "2337663d-155d-45ad-80f4-5c7e6f29f791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1881", "type": "published-proof-of-concept", "source": "Telegram/d-2Vv7Yuj4ak2ke5lZBk3wCGjIZb2guLMsm3XK3okzv2Jw", "content": "", "creation_timestamp": "2021-10-14T13:03:45.000000Z"}, {"uuid": "c7ce087b-f442-4a59-a82c-ae41bbd36eeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18816", "type": "seen", "source": "https://t.me/ctinow/179296", "content": "https://ift.tt/VKm9XeI\nCVE-2019-18816 | PopojiCMS 2.0.1 route.php post[1][content] Stored cross site scripting (Issue 21)", "creation_timestamp": "2024-02-05T16:16:28.000000Z"}, {"uuid": "ff5d46db-d8b5-49ac-9786-45d36f2f0229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "MISP/e95bd878-d7d0-432b-98eb-5357f4615dad", "content": "", "creation_timestamp": "2024-11-14T06:10:00.000000Z"}, {"uuid": "25071dbe-a6bf-4f3a-9ee3-2c95180007e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "cd581ff0-4af7-4387-a475-aafd7640453d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:14.000000Z"}, {"uuid": "71071955-1997-4217-ae54-4d3035194f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "25ec0e44-01d5-4e1c-9fbd-323ab50c01dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-26)", "content": "", "creation_timestamp": "2025-02-26T00:00:00.000000Z"}, {"uuid": "efb9b233-6b8c-4a58-bd50-c12acb511ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-20)", "content": "", "creation_timestamp": "2025-02-20T00:00:00.000000Z"}, {"uuid": "1a362675-572e-4ae4-8b08-421d38a7b99c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-05)", "content": "", "creation_timestamp": "2025-07-05T00:00:00.000000Z"}, {"uuid": "a5e96a7b-cb03-40f3-814d-4adb5c7f83cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-07)", "content": "", "creation_timestamp": "2025-12-07T00:00:00.000000Z"}, {"uuid": "ec4f873f-002e-41e3-a51c-e94f18a35a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-04)", "content": "", "creation_timestamp": "2026-01-04T00:00:00.000000Z"}, {"uuid": "e25ab0b0-6ab2-46d8-8128-6cad2362cb73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18815", "type": "seen", "source": "https://t.me/ctinow/179295", "content": "https://ift.tt/BSWbs30\nCVE-2019-18815 | PopojiCMS 2.0.1 refer redirect (Issue 22)", "creation_timestamp": "2024-02-05T16:16:27.000000Z"}, {"uuid": "7082339b-8021-44a6-a679-cd07df779982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18814", "type": "seen", "source": "https://t.me/ctinow/179294", "content": "https://ift.tt/p7Hh3uO\nCVE-2019-18814 | Linux Kernel up to 5.3.9 audit.c aa_label_parse use after free (K21561554)", "creation_timestamp": "2024-02-05T16:16:25.000000Z"}, {"uuid": "ef941bcc-cb4d-46f3-8edb-07a3fbc32f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18813", "type": "seen", "source": "https://t.me/ctinow/179267", "content": "https://ift.tt/oXge41G\nCVE-2019-18813 | Linux Kernel up to 5.3.9 dwc3-pci.c dwc3_pci_probe resource consumption (USN-4225-1)", "creation_timestamp": "2024-02-05T15:46:18.000000Z"}, {"uuid": "7b85159c-77fb-499b-b06d-5dcd38e81f25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18812", "type": "seen", "source": "https://t.me/ctinow/179266", "content": "https://ift.tt/WGyrN1s\nCVE-2019-18812 | Linux Kernel up to 5.3.9 sound/soc/sof/debug.c sof_dfsentry_write resource consumption", "creation_timestamp": "2024-02-05T15:46:17.000000Z"}, {"uuid": "af190a7d-7107-469f-a464-2c056aa9faf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18811", "type": "seen", "source": "https://t.me/ctinow/179265", "content": "https://ift.tt/pKC4VBR\nCVE-2019-18811 | Linux Kernel up to 5.3.9 sound/soc/sof/ipc.c sof_set_get_large_ctrl_data resource consumption", "creation_timestamp": "2024-02-05T15:46:16.000000Z"}, {"uuid": "ef4191d6-ad39-47c3-ba63-b21a11bd366b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18810", "type": "seen", "source": "https://t.me/ctinow/179259", "content": "https://ift.tt/hCYu1wi\nCVE-2019-18810 | Linux Kernel up to 5.3.7 komeda_wb_connector.c komeda_wb_connector_add resource consumption (USN-4208-1)", "creation_timestamp": "2024-02-05T15:21:37.000000Z"}, {"uuid": "a90d94ec-1293-4f96-bac3-475d7601977f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "https://t.me/ctinow/179297", "content": "https://ift.tt/kEX5lvV\nCVE-2019-18818 | strapi up to 3.0.0-beta.17.4 Password Reset Auth.js password recovery (ID 163939)", "creation_timestamp": "2024-02-05T16:16:29.000000Z"}, {"uuid": "435a70c9-97d0-4b45-bcfe-9be136c68be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "e0925a1d-629e-4867-9b5b-90441fa1e88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/strapi_3_password_reset.rb", "content": "", "creation_timestamp": "2024-11-21T12:42:37.000000Z"}, {"uuid": "9cb4d1da-d109-4b4c-8249-456b22e8e0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-25)", "content": "", "creation_timestamp": "2026-02-25T00:00:00.000000Z"}, {"uuid": "ef67133a-7a20-4621-9dd0-9c7822d8e2c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/129", "content": "HackTheBox:\n\n\u2014Easy Machines\u2014\n\nDriver - WinRM (evil-winrm), printnightmare CVE-2021-1675 (https://habr.com/ru/sandbox/156538/)\nhttps://0xdf.gitlab.io/2022/02/26/htb-driver.html\n\nSecret - JWT, Git source (tig), crush-dumps\nhttps://0xdf.gitlab.io/2022/03/26/htb-secret.html\n\nBackDoor - Wordpress eBook Dir Trav (https://www.exploit-db.com/exploits/39575), gdb exploit (https://www.exploit-db.com/exploits/50539, https://www.rapid7.com/db/modules/exploit/multi/gdb/gdb_server_exec/) \nhttps://0xdf.gitlab.io/2022/04/23/htb-backdoor.html\n\nPrevise - Backup, Site Reverse Shell, low-encrypted passwords\nhttps://0xdf.gitlab.io/2022/01/08/htb-previse.html\n\nBountyHunter - XXE, (root) NOPASSWD python code\nhttps://0xdf.gitlab.io/2021/11/20/htb-bountyhunter.html\n\nHorizontal - Strapi CMS 3.0.0 CVE-2019-18818/CVE-2019-19609 (https://www.exploit-db.com/exploits/50239, https://github.com/diego-tella/CVE-2019-19609-EXPLOIT), Laravel v8 (https://www.exploit-db.com/exploits/49424)\nhttps://0xdf.gitlab.io/2022/02/05/htb-horizontall.html\n\nOptimum - Windows 2012 (https://www.rapid7.com/db/modules/exploit/windows/http/rejetto_hfs_exec/, https://www.rapid7.com/db/modules/exploit/windows/local/ms16_032_secondary_logon_handle_privesc/)\nhttps://0xdf.gitlab.io/2021/03/17/htb-optimum.html\n\nLame - FTP Anonymous, SAMBA exploit (https://github.com/amriunix/CVE-2007-2447)\nhttps://0xdf.gitlab.io/2020/04/07/htb-lame.html\n\nJerry - Tomcat Default Cred, shell via .WAR\nhttps://0xdf.gitlab.io/2018/11/17/htb-jerry.html\n\nBlue - Win7 eternalblue (https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue/)\nhttps://0xdf.gitlab.io/2021/05/11/htb-blue.html\n\nDevel - Microsoft IIS httpd 7.5 reverse shell via .ASPX, MS11-046 or ms10_015_kitrap0d (https://github.com/abatchy17/WindowsExploits/tree/master/MS11-046)\nhttps://0xdf.gitlab.io/2019/03/05/htb-devel.html\n\nNetmon - PRTG Network Monitor 18.1.37.13946, Backup credentials, CVE-2018-9276 (https://github.com/A1vinSmith/CVE-2018-9276) / (https://www.exploit-db.com/exploits/46527) + evil-winrm\nhttps://0xdf.gitlab.io/2019/06/29/htb-netmon.html\n\nExplore (Android) - 59777 port CVE-2019-6447 (https://www.exploit-db.com/exploits/50070), SSH Creds on Photo, adb shell\nhttps://0xdf.gitlab.io/2021/10/30/htb-explore.html\n\nAntique - Telnet password via snmpget (https://www.irongeek.com/i.php?page=security/networkprinterhacking#JetDirect%20password%20notes), CUPS 1.6.1 (https://github.com/jpillora/chisel) \nhttps://0xdf.gitlab.io/2022/05/03/htb-antique.html\n\nReturn - evil-winrm, Server Operators in net user svc-printer /domain, sc.exe\nhttps://0xdf.gitlab.io/2022/05/05/htb-return.html\n\nGrandpa - CVE-2017-7269 (https://www.rapid7.com/db/modules/exploit/windows/iis/iis_webdav_scstoragepathfromurl/), SEImpersonalPrivilege Churrasco (https://github.com/Re4son/Churrasco/)\nhttps://0xdf.gitlab.io/2020/05/28/htb-grandpa.html\n\nBeep - ShellShock or Elastix 2.2.0 - 'graph.php' Local File Inclusion, (root) NOPASSWD nmap\nhttps://0xdf.gitlab.io/2021/02/23/htb-beep.html\n\nPandora - snmpwalk creds, CVE-2021-32099, Site Reverse Shell\nhttps://0xdf.gitlab.io/2022/05/21/htb-pandora.html\n\nPaper - WPS 5.2.3 - Cve-2019-17671 (https://www.exploit-db.com/exploits/47690, https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/), Chat Bot Dir Trav, CVE-2021-3560 (https://github.com/Almorabea/Polkit-exploit/blob/main/CVE-2021-3560.py)\nhttps://0xjin.medium.com/paper-hackthebox-write-up-2abca22d3b54\n\n\n#hackthebox #ctf", "creation_timestamp": "2022-06-18T10:22:36.000000Z"}, {"uuid": "75fb5a74-1d2b-4655-8b6b-dccdd9e79833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18817", "type": "seen", "source": "https://t.me/ctinow/182757", "content": "https://ift.tt/hwHq4vY\nCVE-2019-18817 | Istio up to 1.3.4 infinite loop (Issue 18229)", "creation_timestamp": "2024-02-11T12:06:29.000000Z"}, {"uuid": "e4979525-3c82-437f-b839-cd9dbd18ef81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "2c436215-dd10-47df-8ac3-7ab1c73be613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "dc2c6377-e09b-4655-ad64-fa75864cddd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "54b2784f-9f18-4c75-9cdb-90e020371293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-26)", "content": "", "creation_timestamp": "2025-05-26T00:00:00.000000Z"}, {"uuid": "9084feb5-9621-463b-bdde-9a6d3ea81818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-28)", "content": "", "creation_timestamp": "2025-06-28T00:00:00.000000Z"}, {"uuid": "07aead12-e422-4111-9b7c-b2dbab08a8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-08)", "content": "", "creation_timestamp": "2025-06-08T00:00:00.000000Z"}, {"uuid": "7a1c1d8e-1100-4a6e-be86-0b99f455ec1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-07)", "content": "", "creation_timestamp": "2025-11-07T00:00:00.000000Z"}, {"uuid": "b8c0b46c-8711-4097-8895-6defbcba28ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18818", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}]}