{"vulnerability": "CVE-2022-4393", "sightings": [{"uuid": "f6b3a801-8b5c-40da-9ffe-1e91b70116ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43931", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2232", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "99e1cf4c-d467-4a53-b69c-0fb908f58c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43937", "type": "seen", "source": "https://t.me/ctinow/197028", "content": "https://ift.tt/TGaJ0r6\nCVE-2022-43937 Brocade SANnav Information Disclosure Vulnerability", "creation_timestamp": "2024-02-29T21:31:35.000000Z"}, {"uuid": "d2424918-fad5-4cba-9469-2fa26e5b00bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43935", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518482943277599", "content": "", "creation_timestamp": "2024-11-21T02:03:06.563473Z"}, {"uuid": "c81a11b1-b043-4da5-bb34-baac25dbb78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43933", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518482914506059", "content": "", "creation_timestamp": "2024-11-21T02:03:06.739009Z"}, {"uuid": "5a0293fc-f74d-4ffc-be23-cb1848f94623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43934", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518482928916065", "content": "", "creation_timestamp": "2024-11-21T02:03:06.224314Z"}, {"uuid": "1519b24f-ff3f-44d1-bcd3-9fa5af96f9c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "915f429a-da63-4377-aa4e-f29a1371dbae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-16)", "content": "", "creation_timestamp": "2024-11-16T00:00:00.000000Z"}, {"uuid": "5ce337d3-9918-450d-8e98-1794ee6740b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3ljkgtkwswk26", "content": "", "creation_timestamp": "2025-03-04T12:13:24.808976Z"}, {"uuid": "56c004cd-8bff-44c0-a4f2-48a8cc5e584c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3472165", "content": "", "creation_timestamp": "2025-03-03T15:58:07.460697Z"}, {"uuid": "73bd5eb0-45f5-4203-bb0f-9d350f8208bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "49d50b38-acd7-405b-a84a-215b4371449c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "3c7d3e37-5863-417f-bef3-6f17d5bb6922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-17)", "content": "", "creation_timestamp": "2025-02-17T00:00:00.000000Z"}, {"uuid": "a8bc0814-eb2d-4752-b815-18106c6959d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "e666a490-1fd4-4594-b093-3654dd8af721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "3697ae6f-4c97-472a-87eb-44762b7fe2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "35bb5b6c-d03f-4198-96f6-ef0923920305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-03)", "content": "", "creation_timestamp": "2025-11-03T00:00:00.000000Z"}, {"uuid": "2da85ab2-2ab6-48c0-bae3-17d703d0ca1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-13)", "content": "", "creation_timestamp": "2025-09-13T00:00:00.000000Z"}, {"uuid": "e09f84a8-4a40-4e32-a225-eca40e24f1fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-28)", "content": "", "creation_timestamp": "2025-10-28T00:00:00.000000Z"}, {"uuid": "54fb024e-ea98-4153-a008-5d2cda639ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "83e515a8-2b7a-4b32-a96b-bd4481518111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-08)", "content": "", "creation_timestamp": "2025-09-08T00:00:00.000000Z"}, {"uuid": "2dec36dd-b8b6-479f-b4ba-7445f98317ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "88d4177c-ab74-4dab-8c7b-1b7b9fed4a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-24)", "content": "", "creation_timestamp": "2025-11-24T00:00:00.000000Z"}, {"uuid": "4d73559b-74fc-4a68-892c-90464cf6c40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/pentaho_business_server_authbypass_and_ssti.rb", "content": "", "creation_timestamp": "2023-05-11T14:42:41.000000Z"}, {"uuid": "371bf14b-e111-4664-b075-0bfec2c63d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-04)", "content": "", "creation_timestamp": "2025-12-04T00:00:00.000000Z"}, {"uuid": "94eed58f-b171-4e6d-b88a-d135e55a951d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "05425be5-750b-46b0-9052-c54aa5a86a0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "044b25d6-bb7f-4696-9ab9-94aac7edf283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-27)", "content": "", "creation_timestamp": "2025-12-27T00:00:00.000000Z"}, {"uuid": "e2148836-4223-497c-a0b8-db6d5b241ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-31)", "content": "", "creation_timestamp": "2025-12-31T00:00:00.000000Z"}, {"uuid": "348f928b-8035-4279-a427-2935ff213601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "05b9f6a4-d33f-4593-ae1e-2e577f0b4bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2a849a17-b15c-490a-a389-40aad317cc05", "content": "", "creation_timestamp": "2026-02-02T12:26:10.979403Z"}, {"uuid": "472a5672-0d5a-4dc4-a4ad-d77aeec36b9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43931", "type": "seen", "source": "https://t.me/true_secator/3912", "content": "\u0422\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c NAS Synology \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 (10/10) \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 VPN-\u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Pwn2Own.\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0434\u0432\u0430 \u043d\u043e\u0432\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043d\u0438\u0445 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Synology VPN Plus, \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0447\u0430\u0441\u0442\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-43931 \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Synology PSIRT. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0443 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 \u0432 Synology VPN Plus Server \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b, \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c, \u0442\u0430\u043a\u0438\u043c \u043a\u0430\u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445, \u0441\u0431\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438.\n\nSynology \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c VPN Plus Server \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c\u00a0\u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u00a0\u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 Synology Router Manager (SRM) \u2014 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434, \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0438 \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u0425\u043e\u0442\u044f Synology \u0438 \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b CVE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0434\u0432\u043e\u0435 \u0438\u0437 \u043d\u0438\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Gaurav Baruah \u0438 Computest, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440 Synology RT6600ax, \u0432 \u043f\u0435\u0440\u0432\u044b\u0439 \u0434\u0435\u043d\u044c\u00a0Pwn2Own 2022 \u0432 \u0422\u043e\u0440\u043e\u043d\u0442\u043e.", "creation_timestamp": "2023-01-09T14:01:05.000000Z"}, {"uuid": "7cbe6abf-c779-45ae-a779-6171246502e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-13)", "content": "", "creation_timestamp": "2024-11-13T00:00:00.000000Z"}, {"uuid": "ac7d8c32-2004-4a2c-b3c6-3f4551677aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "09e5051b-efa7-4a73-a00a-f87ba8070bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "57b8bd5a-d81c-45cc-bc64-75b9511f7d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:49.000000Z"}, {"uuid": "4014f191-b341-4fb4-babc-4d6703bcdaaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-03T18:10:04.000000Z"}, {"uuid": "8ecef32a-d047-43a4-a2bb-c14a7f39cd0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-17)", "content": "", "creation_timestamp": "2025-02-17T00:00:00.000000Z"}, {"uuid": "530af0d0-52b1-44b8-93b7-621438d02b06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljjij3a2vc2j", "content": "", "creation_timestamp": "2025-03-04T03:10:41.349937Z"}, {"uuid": "99b37b4e-b9ec-440d-9d2f-77d0dae89037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleeqzi5g2v", "content": "", "creation_timestamp": "2025-03-04T21:02:03.164185Z"}, {"uuid": "b2c659f6-4afa-42ff-8448-a60e1d6a6fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "325477ad-01a1-4e0a-bbc3-776f3c492291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-29)", "content": "", "creation_timestamp": "2025-10-29T00:00:00.000000Z"}, {"uuid": "a276e65f-6c63-4265-a52b-3c9700b2747b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-11)", "content": "", "creation_timestamp": "2025-08-11T00:00:00.000000Z"}, {"uuid": "3d4f8940-d659-4d75-ab68-ac7424d80902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "eadcc1a7-a96f-4360-8ac4-157d5cd8ea88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "d76326a7-5023-4cb5-8700-23814689f6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-26)", "content": "", "creation_timestamp": "2025-09-26T00:00:00.000000Z"}, {"uuid": "b02fd2be-cb40-498d-af06-d514370dc1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-05)", "content": "", "creation_timestamp": "2025-12-05T00:00:00.000000Z"}, {"uuid": "2195f037-3d55-4b4c-b4a5-2b6942cff7f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-06)", "content": "", "creation_timestamp": "2025-12-06T00:00:00.000000Z"}, {"uuid": "6467a649-34fb-4c34-94f1-ece371bbb9aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "67935e97-b840-4fb4-afaa-969cda478c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "94d3bbcf-da5d-44c5-9d44-ed91f19793af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "c51aeb01-a555-4a0c-80f5-5a4fd2945c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6281", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43939\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.\n\ud83d\udccf Published: 2023-04-03T18:10:32.141Z\n\ud83d\udccf Modified: 2025-03-03T20:14:14.212Z\n\ud83d\udd17 References:\n1. https://support.pentaho.com/hc/en-us/articles/14455394120333--Resolved-Pentaho-BA-Server-Use-of-Non-Canonical-URL-Paths-for-Authorization-Decisions-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43939-\n2. http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html", "creation_timestamp": "2025-03-03T20:30:48.000000Z"}, {"uuid": "a272edc6-820b-428e-92b8-64bdba242a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7387", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43930\n\ud83d\udd25 CVSS Score: 6.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file.  IBM X-Force ID:  241677.\n\ud83d\udccf Published: 2023-02-17T17:04:18.736Z\n\ud83d\udccf Modified: 2025-03-12T20:06:59.641Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6953755\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/241677", "creation_timestamp": "2025-03-12T20:42:52.000000Z"}, {"uuid": "8d571b07-e8b8-4fce-aba6-0288ae97769a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43931", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/349", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "e7f0581f-9acd-4165-828b-c7d42ef61374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43931", "type": "seen", "source": "https://t.me/jokerplstaeen/11776", "content": "Synology has released security updates to address a critical RCE vulnerability (CVE-2022-43931) impacting VPN Plus Server that could be exploited to take over affected systems.\n\nRead: https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html", "creation_timestamp": "2023-01-04T11:50:39.000000Z"}, {"uuid": "af6bb733-fe96-46c5-8899-2deee1d57e9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43938", "type": "seen", "source": "https://t.me/cibsecurity/61356", "content": "\u203c CVE-2022-43938 \u203c\n\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports (*.prpt) through the JVM script manager.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T22:25:07.000000Z"}, {"uuid": "e6ddd814-f4df-487a-ad78-ace1983f79d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://t.me/cibsecurity/61345", "content": "\u203c CVE-2022-43939 \u203c\n\nHitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T22:24:51.000000Z"}, {"uuid": "4b02643a-357f-4cbd-b421-82d074d4f5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4393", "type": "seen", "source": "https://t.me/cibsecurity/56190", "content": "\u203c CVE-2022-4393 \u203c\n\nThe ImageLinks Interactive Image Builder for WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:27:59.000000Z"}, {"uuid": "45dfd8de-2a1c-4978-841c-256b9cf2130e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43931", "type": "seen", "source": "https://t.me/thehackernews/2919", "content": "Synology has released security updates to address a critical RCE vulnerability (CVE-2022-43931) impacting VPN Plus Server that could be exploited to take over affected systems.\n\nRead: https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html", "creation_timestamp": "2023-01-04T05:47:55.000000Z"}, {"uuid": "0d7d63f1-2a1e-457a-b05c-c041429a854e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43938", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8078", "content": "#exploit\n1. CVE-2022-43769, CVE-2022-43939, \nCVE-2022-43773, CVE-2022-43938:\nPentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server\nhttps://research.aurainfosec.io/pentest/pentah0wnage\n\n2. CVE-2022-44675:\nWindows bluetooth vulnerability exploit\nhttps://vul.360.net/archives/690\n\n3. CVE-2023-29017:\nVM2 Sandbox Escape] Vulnerability\nhttps://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d", "creation_timestamp": "2023-04-08T20:04:44.000000Z"}, {"uuid": "df557fc3-d1ef-4bcc-a5fb-5c0ba9d9d97c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8078", "content": "#exploit\n1. CVE-2022-43769, CVE-2022-43939, \nCVE-2022-43773, CVE-2022-43938:\nPentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server\nhttps://research.aurainfosec.io/pentest/pentah0wnage\n\n2. CVE-2022-44675:\nWindows bluetooth vulnerability exploit\nhttps://vul.360.net/archives/690\n\n3. CVE-2023-29017:\nVM2 Sandbox Escape] Vulnerability\nhttps://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d", "creation_timestamp": "2023-04-08T20:04:44.000000Z"}, {"uuid": "5c6a7e24-9a30-4fa1-bfc6-84ed6b3f0279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-11-08)", "content": "", "creation_timestamp": "2024-11-08T00:00:00.000000Z"}, {"uuid": "d931ac43-4b4b-48fc-b4c6-91c67b3f1afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "a290069b-2045-4f2b-9579-30109675a388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "4c907425-80c8-4adb-85ba-4b9093f2ddca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ljnfrdwpgs2i", "content": "", "creation_timestamp": "2025-03-05T16:32:20.141438Z"}, {"uuid": "26ae95aa-916c-4a18-9ee7-f43e9dd78869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-06T04:40:22.000000Z"}, {"uuid": "a5fbad0d-ec02-4a90-9f53-d78980ada663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "8e79dbb3-7f54-4369-aaa5-02d6ff00b705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-04)", "content": "", "creation_timestamp": "2025-04-04T00:00:00.000000Z"}, {"uuid": "80c16604-c98d-4031-b200-c2a04a4adc32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "e7e653f9-8621-4449-ad21-58e6ef40d27f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-14)", "content": "", "creation_timestamp": "2025-06-14T00:00:00.000000Z"}, {"uuid": "f0a2d54a-865c-47eb-bd12-8d87dbd17697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "94298e1c-e069-4ac1-85cd-7a5b57f85a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "58eeb602-88d1-4d17-952d-832fb6cd9d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "44f0fc76-0f9b-4f15-bbe8-c36642693fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "579fc15e-9694-4340-ae35-0db15538d03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "594d4250-28dd-47be-92c9-905aebf79fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "4f981d2b-5ff2-4911-a21d-83f71560a272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "978a75ed-4d62-4609-b12e-1bad5c3a07f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "a14423e2-5d1d-4ce4-be52-bb6144c8d73d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-24)", "content": "", "creation_timestamp": "2025-09-24T00:00:00.000000Z"}, {"uuid": "71ac76ae-02f3-4e63-a59b-6b0e0f1b4c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "bc309e45-ee24-45e4-944c-2dad134119da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "f575e991-7e5d-4dfe-a164-087645fe12a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "d2429409-f5c5-4f18-91fc-44f5519f97ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "a650d4da-e6a3-48d2-925d-4339ce314c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-30)", "content": "", "creation_timestamp": "2025-12-30T00:00:00.000000Z"}, {"uuid": "60ea2507-0762-476c-9371-a0a453b7653a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-30)", "content": "", "creation_timestamp": "2025-12-30T00:00:00.000000Z"}, {"uuid": "7aae5358-d3fd-4b7a-9fff-ad9aa85910d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "fea59231-b114-4440-9713-d7fecad25b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2a849a17-b15c-490a-a389-40aad317cc05", "content": "", "creation_timestamp": "2026-02-02T12:26:10.979403Z"}, {"uuid": "0eac8c47-9f05-4c1e-a054-b840743d56f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43939", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-01)", "content": "", "creation_timestamp": "2026-03-01T00:00:00.000000Z"}]}