{"vulnerability": "CVE-2023-2513", "sightings": [{"uuid": "e4dc4693-230d-4d19-b623-1a60e71604ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "b1566cd1-722a-4f1a-9513-b54e01a9cc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "3c6b8679-f72b-44e8-889e-a63e7d12b02f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "ae2982e1-a9e2-4a54-b776-7b0045bc472c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "fd7019b7-932f-434f-8518-0c4b3c9fbbac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "660eb017-5fec-4aa6-9461-9bb21b027d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "e0a4accc-44f2-4653-800e-98fa32527e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "a6d1d409-c24b-4518-bdc4-d10b0a3d3a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "e9cbc701-ee01-460e-87f7-664dd792c52e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "3067d11c-261b-405a-a829-6fec9c063df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4214", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aOpenSSH Pre-Auth Double Free CVE-2023-25136 POC\nURL\uff1ahttps://github.com/adhikara13/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-18T21:52:09.000000Z"}, {"uuid": "a31015dc-eee1-41bc-ad73-7106d13f5855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4483", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-25136_POC\nURL\uff1ahttps://github.com/axylisdead/CVE-2023-25136_POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-03T12:46:54.000000Z"}, {"uuid": "c2ffbd9b-d450-49aa-a1c5-6d7002ce44fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25134", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6012", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25134\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result in the loading of a malicious payload.\n\ud83d\udccf Published: 2023-03-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:54:05.655Z\n\ud83d\udd17 References:\n1. https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html\n2. https://www.mcafee.com/support/?articleId=TS103398&page=shell&shell=article-view", "creation_timestamp": "2025-02-28T22:27:33.000000Z"}, {"uuid": "10fc4359-7db0-45b5-8dbe-a2adff7d6ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/331", "content": "CVE-2023-25136\n\n\nGithub [ https://github.com/adhikara13/CVE-2023-25136 ]", "creation_timestamp": "2023-06-30T05:04:42.000000Z"}, {"uuid": "67457bb7-8851-460f-850c-b673643dd926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberX5/570", "content": "OpenSSH 9.1 exploit and mass scan\n\nVulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.\n\nJoin us: @CyberX5\n\ndownload exploit and mass scan", "creation_timestamp": "2023-05-27T19:57:35.000000Z"}, {"uuid": "891c44f6-1b3b-42d0-98a9-3c45f3be00bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/249", "content": "Top Security News for 09/02/2023\n\nISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)\nhttps://isc.sans.edu/diary/rss/29532 \n\nISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)\nhttps://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1 \n\nRansomware review: February 2023\nhttps://malware.news/t/ransomware-review-february-2023/67039#post_1 \n\nDota 2 Under Attack: How a V8 Bug Was Exploited in the Game\nhttps://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/ \n\nGrowing number of endpoint security tools overwhelm users, leaving devices unprotected\nhttps://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all \n\nOpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept\nhttps://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/08-02-2023 \n\nCohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery\nhttps://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all \n\nSolving one of NOBELIUM\u2019s most novel attacks: Cyberattack Series\nhttps://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/ \n\nCERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks\nhttps://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-02-09T08:00:05.000000Z"}, {"uuid": "43e9b023-f1a4-4b7d-89cc-7d4ed586f239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/OpenHackChile/1714", "content": "OpenSSH releases update to fix multiple security bugs, including a pre-authentication double free vulnerability (CVE-2023-25136). Upgrade now!\n\nRead: https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html", "creation_timestamp": "2023-02-06T13:34:29.000000Z"}, {"uuid": "b4b82195-8d7a-4459-8eae-f13114f72425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/huwbgAbaMEWosXfyrmxxciyHWQADSO7pn6QM2fwvuRZxHT8", "content": "", "creation_timestamp": "2023-02-23T14:13:17.000000Z"}, {"uuid": "bbef4f3a-6469-4902-843d-94288fa38a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/aDDWOWx1lP5nq07BgPScAx5CF-OpLOIbxwE7FkEA6YAzWuw", "content": "", "creation_timestamp": "2023-02-09T07:26:18.000000Z"}, {"uuid": "2c86855e-61c3-450b-8d78-e98afaf56206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/HackingVidhya/389", "content": "https://github.com/Christbowel/CVE-2023-25136", "creation_timestamp": "2023-08-24T15:08:53.000000Z"}, {"uuid": "d208f3e9-f3ce-48ed-8889-edb89d3a4d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/TeBP79ol3RD716nEO-zGLcT4IJDjgH07IpScP1pDSvKw1U0", "content": "", "creation_timestamp": "2025-01-16T10:00:06.000000Z"}, {"uuid": "71ab0ed9-9411-4a76-aafe-f81326eb5bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1399", "content": "OpenSSH 9.1  exploit  and mass scan\n*\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-25136 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SSH. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0433\u043e, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u0440\u0435\u0434\u0438\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\ndownload exploit  and mass scan\n\n\n#ssh #exploit #scanner", "creation_timestamp": "2023-02-24T13:08:59.000000Z"}, {"uuid": "e25cc4ca-c8b2-4d49-8747-8c4a57bf9cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1305", "content": "\u200b\u200bvBulletin Exploits\n\nCVE-2023-25135: Pre-authentication RCE.\n\nhttps://github.com/ambionics/vbulletin-exploits\n\nDetails:\nhttps://www.ambionics.io/blog/vbulletin-unserializable-but-unreachable\n\n#cve #infosec #exploit", "creation_timestamp": "2023-04-17T22:46:51.000000Z"}, {"uuid": "2a1b04fb-1587-4171-8c34-07ec61886073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1201", "content": "#exploit\n1. CVE-2023-25135: \nPre-authentication RCE\nhttps://github.com/ambionics/vbulletin-exploits\n\n2. CVE-2023-29084:\nCommand injection in ManageEngine ADManager Plus\nhttps://hnd3884.github.io/posts/CVE-2023-29084-Command-injection-in-ManageEngine-ADManager-plus", "creation_timestamp": "2023-04-16T12:59:50.000000Z"}, {"uuid": "27a7032d-058e-4b4e-a455-4040db2e88f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/YH4NAcMBod_OvfZLwAx4EkVRlXm7kVZfaFvtRTT2SzsrltI", "content": "", "creation_timestamp": "2023-04-14T14:38:04.000000Z"}, {"uuid": "86e19081-4273-4eda-bc6d-003df994b50a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/true_secator/4037", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u041f\u041e Secure Shell \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 OpenSSH \u0432\u0435\u0440\u0441\u0438\u0438 9.1.\n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u044d\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0430\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenSSH (sshd).\n\n\u0411\u0430\u0433 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-25136 \u0438 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0435\u0433\u043e \u043d\u0435 \u0442\u0430\u043a \u0443\u0436 \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0441\u043b\u043e\u0432\u0438\u044e Write-what-where Condition, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2014 \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438, \u043f\u0440\u0438\u043d\u044f\u0442\u044b\u043c\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 sshd.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e OpenSSH 9.2, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-02-07T19:09:50.000000Z"}, {"uuid": "6df991ee-b26d-4c9c-abd0-7f29a27f981f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2653", "content": "OpenSSH 9.1 exploit and Mass Scan\n\n\n\nVulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.\n\nDownload: https://system32.ink/news-feed/p/258/", "creation_timestamp": "2023-02-24T13:17:21.000000Z"}, {"uuid": "2d1a038d-8a94-47d9-b677-719df2714648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25139", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2576", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25glibc-2.37 - incorrect printf output for integers with thousands separator and width field(CVE-2023-25139, BOF)\nsprintf in the GNU C Library (glibc) 2.37 has a BOF (OOB) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.\n\nConsider the following C program:\n\n#include \n#include \n\nint main (void)\n{\n  if (setlocale (LC_ALL, \"\"))\n    {\n      printf (\"1234567890123:\\n\");\n      printf (\"%0+ -'13ld:\\n\", 1234567L);\n    }\n  return 0;\n}\n\nand try it with a locale that has a thousands separator, such as \"LC_ALL=en_US.utf8\".\n\nWith glibc up to 2.36,  Vincent get as expected:\n1234567890123:\n+1,234,567   :\n\nConfirmed that this could potentially cause a buffer overflow with sprintf, something like below.  This will occur in the corner case where an application computes the size of buffer to be exactly enough to fit the digits in question, but sprintf ends up writing a couple of extra bytes, hence going beyond bounds.\n\n#include \n#include \n#include \n\nint main (void)\n{\n  char buf[strlen (\"1234567890123:\") + 1];\n  __builtin_memset (buf, 'x', sizeof (buf));\n  if (setlocale (LC_ALL, \"\"))\n    {\n      printf (\"1234567890123:\\n\");\n      printf (\"%0+ -'13ld:\\n\", 1234567L);\n      sprintf (buf, \"%0+ -'13ld:\", 1234567L);\n      for (size_t i = 0; i < strlen (\"1234567890123:\") + 1; i++)\n  {\n    printf (\"%c\", buf[i]);\n  }\n      printf (\"\\n\");\n    }\n  return 0;\n}\n\nTo finish, building with _FORTIFY_SOURCE should catch this problem immediately:\n\n\ud83d\udcbe$ gcc -D_FORTIFY_SOURCE=1 -O -o sprintf-test sprintf-test.c\n\nAnd run:\n\ud83d\udcbe$ LOCPATH=$PWD/localedata LC_ALL=en_US.UTF-8 ./elf/ld-linux-x86-64.so.2 --library-path .:./math:./elf:./dlfcn:./nss:./nis:./rt:./resolv:./mathvec:./support:./crypt:./nptl ../sprintf-test\n1234567890123:\n+1,234,567     :\n*** buffer overflow detected ***: terminated\nAborted (core dumped)\n\n\ud83d\udee1Fixed here( github mirror, backport to release/2.37/master ): \"Account for grouping in printf width\".", "creation_timestamp": "2023-02-25T17:01:11.000000Z"}, {"uuid": "21ac75a4-30f1-45f3-bc8e-a449789bb00b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2515", "content": "CVE-2023-25135\nvBulletin - RCE + exploit\n\nLink:- https://system32.ink/news-feed/p/217/", "creation_timestamp": "2023-02-05T17:11:01.000000Z"}, {"uuid": "09bb1689-f987-460f-b5eb-ef4e25a6f238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25133", "type": "seen", "source": "https://t.me/cibsecurity/62681", "content": "\u203c CVE-2023-25133 \u203c\n\nImproper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T14:14:21.000000Z"}, {"uuid": "5e66ac14-7d94-4eb3-b85f-24ae2388e42e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25132", "type": "seen", "source": "https://t.me/cibsecurity/62680", "content": "\u203c CVE-2023-25132 \u203c\n\nUnrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T14:14:20.000000Z"}, {"uuid": "566bec20-e519-4d75-a1a2-cef38f391f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25131", "type": "seen", "source": "https://t.me/cibsecurity/62679", "content": "\u203c CVE-2023-25131 \u203c\n\nUse of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the 'admin' password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T14:14:19.000000Z"}, {"uuid": "9666fc45-c86d-4ef3-afd7-b8df8d044d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/cibsecurity/57445", "content": "\u203c CVE-2023-25136 \u203c\n\nOpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that \"exploiting this vulnerability will not be easy.\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T12:20:36.000000Z"}, {"uuid": "54d3e8a0-4b38-4443-a5c4-1ff881aff8a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25139", "type": "seen", "source": "https://t.me/cibsecurity/57443", "content": "\u203c CVE-2023-25139 \u203c\n\nsprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T12:20:34.000000Z"}, {"uuid": "f31abbdf-3d58-46a9-8a46-de78a631cd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "seen", "source": "https://t.me/cibsecurity/57440", "content": "\u203c CVE-2023-25135 \u203c\n\nvBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions are 5.6.7 PL1, 5.6.8 PL1, and 5.6.9 PL1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T07:25:33.000000Z"}, {"uuid": "d016227a-fb0c-4e7c-8d1a-54f81e540821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8149", "content": "#exploit\n1. CVE-2022-22956, CVE-2022-22957:\nVMware Workspace ONE RCE\nhttps://packetstormsecurity.com/files/171918\n\n2. CVE-2023-25136:\nOpenSSH Pre-Auth Double Free\nhttps://github.com/adhikara13/CVE-2023-25136\n\n3. CVE-2023-21931:\nWebLogic After-Deserialization\nhttps://github.com/gobysec/Weblogic/blob/main/Research%20on%20WebLogic%20After-Deserialization.md", "creation_timestamp": "2023-04-21T02:07:48.000000Z"}, {"uuid": "09cd53b1-03ab-4c10-84f2-9b13454c194c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8127", "content": "#exploit\n1. CVE-2023-25135: \nPre-authentication RCE\nhttps://github.com/ambionics/vbulletin-exploits\n\n2. CVE-2023-29084:\nCommand injection in ManageEngine ADManager Plus\nhttps://hnd3884.github.io/posts/CVE-2023-29084-Command-injection-in-ManageEngine-ADManager-plus", "creation_timestamp": "2023-04-16T16:39:36.000000Z"}, {"uuid": "f1f068ae-ebb3-4a58-bdb8-8658d2d4cc86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4945", "content": "CVE-2023-25136 ( OpenSSH Pre-Auth Double Free CVE-2023-25136 POC )\n\nGithub\n\n#CVE #POC \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"}, {"uuid": "fc7fa4b7-5e6d-4a65-8f1d-6419035ab2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5180", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aOpenSSH Pre-Auth Double Free CVE-2023-25136 \u2013 Writeup and Proof-of-Concept\nURL\uff1ahttps://github.com/malvika-thakur/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-21T12:18:49.000000Z"}, {"uuid": "00b3ab09-acfc-447d-afdd-f96f2d28d0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "54e12f3d-0677-4bfc-b0b3-44e81160872d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/3P39skWV0CuYdCFc1CDff3RNSl_3uD4Vk_8TbrIFWkWzUe8", "content": "", "creation_timestamp": "2023-03-09T14:58:18.000000Z"}, {"uuid": "0b376808-db8d-400b-9038-18e17f05b6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/thehackernews/3022", "content": "OpenSSH releases update to fix multiple security bugs, including a pre-authentication double free vulnerability (CVE-2023-25136). Upgrade now!\n\nRead: https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html", "creation_timestamp": "2023-02-06T10:58:51.000000Z"}, {"uuid": "e4aeb2d5-9984-4eb4-bfc9-ab7bdc98452f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/463", "content": "https://github.com/Christbowel/CVE-2023-25136\n\u6279\u91cf\u626b\u63cf\u548c\u653b\u51fb\n#github", "creation_timestamp": "2023-02-24T13:09:23.000000Z"}, {"uuid": "17dab561-53b1-47a7-9264-ce88e201402d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7711", "content": "#exploit\n1. CVE-2023-25136:\nPre-Auth Double Free Vulnerability in OpenSSH Server 9.1\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/02/03/cve-2023-25136-pre-auth-double-free-vulnerability-in-openssh-server-9-1\n\n2. CVE-2023-20928:\nAndroid - Binder VMA management security issues\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2374\n\n3. GoAnywhere MFT Bug\nhttps://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html", "creation_timestamp": "2023-02-08T11:03:01.000000Z"}, {"uuid": "7ee3d259-c44b-4040-a0b4-81a67177ca1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10509", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aAutomatic thesauri backups from RCE PoolParty\nURL\uff1ahttps://github.com/mrmtwoj/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-16T06:13:03.000000Z"}, {"uuid": "236ebdfd-e164-46c4-834d-f06c4daeae67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/26", "content": "https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free", "creation_timestamp": "2023-02-12T09:03:30.000000Z"}, {"uuid": "dbc807d6-6107-437c-8e3f-bbe6dcef85cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "Telegram/0pasSqnGOfKqCpTYCrLgZ4rVNoUD4Cnroygw7lNecDo", "content": "", "creation_timestamp": "2023-02-26T07:46:42.000000Z"}, {"uuid": "82f295ff-241f-4f34-8332-f9f92fd5f091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "Telegram/fbj12fmifrJ2WYgfdQTgqkNjA94W70h8k-uUXDd6ZbY", "content": "", "creation_timestamp": "2023-02-26T07:50:51.000000Z"}, {"uuid": "27e5fbe1-b5af-4027-9302-d9ef35c79768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/ctinow/91254", "content": "CVE-2023-25136: Pre-Auth Double Free Vulnerability in OpenSSH Server 9.1\u00a0\n\nhttps://ift.tt/rwixemd", "creation_timestamp": "2023-02-03T20:46:29.000000Z"}, {"uuid": "b55381e1-400d-4937-9de5-388aec00ad95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/epgzXho1aWpP3mrf_Xi3_TsRFZGopalQxi88swzQGmp5IQ4", "content": "", "creation_timestamp": "2023-02-26T08:34:57.000000Z"}, {"uuid": "6073a498-0225-4ccf-891d-b667612a0998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/D35YRl860vg2vrLB9ThouoHApc7bdyCMVranv9YfbXcbDpQ", "content": "", "creation_timestamp": "2023-02-09T07:24:45.000000Z"}, {"uuid": "b6bd2151-51c5-4b15-9ec9-f953d3b4133b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "Telegram/AqbQcSruHn_WkutfE8evxRkyLJKRGDqBk7h61RFWxZdE1Lg", "content": "", "creation_timestamp": "2023-02-04T17:08:41.000000Z"}, {"uuid": "afdf24c7-9ed6-4275-81ef-d78060115f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2886", "content": "Tools - Hackers Factory\n\n\u200b\u200bMobSF\n\nMobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF\n\n\u200b\u200bvBulletin Exploits\n\nCVE-2023-25135: Pre-authentication RCE.\n\nhttps://github.com/ambionics/vbulletin-exploits\n\nDetails:\nhttps://www.ambionics.io/blog/vbulletin-unserializable-but-unreachable\n\n\u200b\u200bInternet of Vulnerable Things\n\nThe results of my small term paper on the topic of the Internet of Vulnerable Things and the exploit for CVE-2022-48194.\n\nhttps://github.com/otsmr/internet-of-vulnerable-things\n\n\u200b\u200bOSTIF\n\nSecurity Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF\n\nhttps://github.com/ostif-org/OSTIF\n\n\u200b\u200bSocial Media #OSINT\n\nhttps://github.com/cqcore/Social-Media-OSINT\n\n\u200b\u200bWhatWaf\n\nWhatWaf is an advanced firewall detection tool who's goal is to give you the idea of \"There's a WAF?\". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target.\n\nhttps://github.com/Ekultek/WhatWaf\n\n\u200b\u200bESP32Marauder\n\nA suite of WiFi/Bluetooth offensive and defensive tools for the #ESP32\n\nhttps://github.com/justcallmekoko/ESP32Marauder\n\n\u200b\u200bWarpgate\n\nA smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps.\n\n\u2022 Set it up in your DMZ, add user accounts and easily assign them to specific hosts and URLs within the network.\n\u2022 Warpgate will record every session for you to view (live) and replay later through a built-in admin web UI.\n\u2022 Written in 100% safe Rust.\n\nhttps://github.com/warp-tech/warpgate\n\n\u200b\u200bWAFW00F\n\nAllows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.\n\nhttps://github.com/EnableSecurity/wafw00f\n\n\u200b\u200bTiny-XSS-Payloads\n\nA collection of tiny XSS Payloads that can be used in different contexts.\n\nhttps://github.com/terjanq/Tiny-XSS-Payloads\n\nWeb:\nhttps://tinyxss.terjanq.me\n\n\u200b\u200bD/Invoke\n\nDynamically invoke arbitrary unmanaged code from managed code without P/Invoke.\n\nhttps://github.com/rasta-mouse/DInvoke\n\nDetails:\nhttps://offensivedefence.co.uk/posts/dinvoke-105\n\n\u200b\u200bCloudGPT\n\nVulnerability scanner for AWS customer managed policies using #ChatGPT\n\nhttps://github.com/ustayready/cloudgpt\n\n\u200b\u200bVX-API\n\nCollection of various malicious functionality to aid in malware development.\n\nhttps://github.com/vxunderground/VX-API\n\n\u200b\u200bBitdrain \n\nRemote p2p bandwidth/cpu overage attack against bitcoin, dogecoin, etc.\n\nhttps://github.com/visualbasic6/drain\n\n\u200b\u200bMaltego Web2Screenshot Transforms\n\nThe #Maltego Web2Screenshot Transforms allow you to capture screenshots from both websites and URLs in a secure and anonymous manner.\n\nI developed these transforms to enhance my operational security (OPSEC) by avoiding exposing my public or VPN's IP address. With these Transforms, you can generate high-quality screenshots while keeping your identity and location hidden.\n\nhttps://github.com/TURROKS/Maltego_Web2Screenshot\n\n\u200b\u200bGEF \n\nGDB Enhanced Features a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux.\n\nhttps://github.com/hugsy/gef\n\n\u200b\u200bCortex XDR Config Extractor\n\nWith this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions.\n\nhttps://github.com/Laokoon-SecurITy/Cortex-XDR-Config-Extractor\n\n\u200b\u200bBounty Meter\n\nCommand-line utility tool designed for bug bounty hunters to define their bounty target for a year, maintain and keep record of their bounties on a monthly basis, and track their progress throughout the year. With Bounty Meter, you can add and subtract bounties, view your total bounties earned this year, and display an interactive stats card to visualize your progress.\n\nhttps://github.com/720922/bountymeter\n\n#infosec #cybersec", "creation_timestamp": "2023-04-17T20:56:38.000000Z"}, {"uuid": "768ffb8a-6610-4375-b6fb-ec664003d47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1376", "content": "CVE-2023-25136 - OpenSSH - Pre-Auth Double Free\nWriteup\nPoC - \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 DOS \u0441\u0435\u0440\u0432\u0430\u043d\u0442\u0430", "creation_timestamp": "2023-02-09T05:53:28.000000Z"}, {"uuid": "52960fcf-6c2f-494d-b44c-76f0cd4e0a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1362", "content": "CVE-2023-25135\nvBulletin - RCE + exploit\nman+exploit\n\n#exploit #vBulletin", "creation_timestamp": "2023-02-04T18:01:24.000000Z"}, {"uuid": "747ab7d0-35a5-4a5c-92d6-c289158c2123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/208429", "content": "{\n  \"Source\": \"documentors\",\n  \"Content\": \"https://github.com/Christbowel/CVE-2023-25136 GitHubGitHub - Christbowel/CVE-2023-25136: OpenSSH 9.1 vulnerability mass scan and exploit OpenSSH 9.1 vulnerability mass scan and exploit. Contribute to Christbowel/CVE-2023-25136 development by creating an account on GitHub.\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"27 Feb 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-27T00:19:10.000000Z"}, {"uuid": "e651b164-fdbc-452c-a782-a11093e21eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/e3bpyNkZgrHshiotOT-A7e7Z2RbicSoKqqUpz_UwsdlIf84", "content": "", "creation_timestamp": "2023-02-17T16:26:05.000000Z"}, {"uuid": "f0746a78-7aef-444d-8844-bcb32ec9a4f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1450", "content": "Linux Bluetooth: Unauthorized management command execution (CVE-2023-2002)\nhttps://github.com/lrh2000/CVE-2023-2002\nCVE-2023-25135: vBulletin Pre-authentication RCE \nhttps://github.com/ambionics/vbulletin-exploits", "creation_timestamp": "2023-04-19T17:44:57.000000Z"}, {"uuid": "c6795751-175e-4f1f-bb7b-0999cc78ad35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2513", "type": "seen", "source": "https://t.me/cibsecurity/63476", "content": "\u203c CVE-2023-2513 \u203c\n\nA use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:38:19.000000Z"}, {"uuid": "6053bf31-b838-454d-a022-119afd04a757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25134", "type": "seen", "source": "https://t.me/cibsecurity/60399", "content": "\u203c CVE-2023-25134 \u203c\n\nMcAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result in the loading of a malicious payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-21T21:34:59.000000Z"}, {"uuid": "263478ed-38a9-4e8c-8aea-1d216a0912d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/S_E_Reborn/3429", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u041f\u041e Secure Shell \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 OpenSSH \u0432\u0435\u0440\u0441\u0438\u0438 9.1.\n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u044d\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0430\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenSSH (sshd).\n\n\u0411\u0430\u0433 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-25136 \u0438 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0435\u0433\u043e \u043d\u0435 \u0442\u0430\u043a \u0443\u0436 \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0441\u043b\u043e\u0432\u0438\u044e Write-what-where Condition, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2014 \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438, \u043f\u0440\u0438\u043d\u044f\u0442\u044b\u043c\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 sshd.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e OpenSSH 9.2, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-02-08T02:46:38.000000Z"}, {"uuid": "ef62c884-d36c-47b4-acc3-fe1f2f048f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4933", "content": "CVE-2023-25135: Pre-authentication RCE\n\nGithub\n\n#CVE #RCE #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"}, {"uuid": "43506a31-e2ff-47e6-9f28-839cc80444e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25136", "type": "exploited", "source": "https://t.me/LearnExploit/4730", "content": "CVE-2023-25136\n\nOpenSSH 9.1 vulnerability mass scan and exploit\n\nGithub\n\n#CVE #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:06.000000Z"}, {"uuid": "8cbf4d1e-e42a-4d3f-92ec-7a09693c5f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-21)", "content": "", "creation_timestamp": "2024-12-21T00:00:00.000000Z"}]}