{"vulnerability": "CVE-2023-34039", "sightings": [{"uuid": "cb4cd355-dc4a-4200-9e43-6164c16d012e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb", "content": "", "creation_timestamp": "2023-10-24T15:55:19.000000Z"}, {"uuid": "9f70f7ef-a7d3-40d4-9470-c4d22ec13217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:00.000000Z"}, {"uuid": "315f80d5-2143-411f-b396-37977e9f20ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11493", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day exploit code | noCVE-2023-34039: Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight).\n\nhttps://thehackernews.com/2023/09/poc-exploit-released-for-critical.html", "creation_timestamp": "2023-09-03T22:23:43.000000Z"}, {"uuid": "de1a7560-3a9c-46ba-93d4-761dd29627e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-34039\nURL\uff1ahttps://github.com/syedhafiz1234/CVE-2023-34039\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-04T03:32:01.000000Z"}, {"uuid": "f8872cfc-0706-4e7e-a1f0-4c20e84c7a7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/57", "content": "PoC of the latest VMware Aria CVE:\n\nhttps://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-34039/", "creation_timestamp": "2023-09-03T06:28:38.000000Z"}, {"uuid": "cda40da4-d3c2-49eb-8614-6daf37e4f273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/ctinow/134810", "content": "https://ift.tt/PL5uQRY\nVMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039) - Security Boulevard", "creation_timestamp": "2023-09-05T16:52:19.000000Z"}, {"uuid": "71a48c22-3a19-41a1-8a35-7894fac39dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/134513", "content": "https://ift.tt/QRtxXD3\nPoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks", "creation_timestamp": "2023-09-03T19:07:31.000000Z"}, {"uuid": "821f3798-fa4a-45de-b900-b561987c559b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/ctinow/133791", "content": "https://ift.tt/0FsLECw\nVMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)", "creation_timestamp": "2023-08-30T14:33:15.000000Z"}, {"uuid": "d6b6e74a-6678-45a6-bc53-e30cfb2ba0df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/arpsyndicate/48", "content": "#ExploitObserverAlert\n\nCVE-2023-34039\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-34039. Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation.\u00a0A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.\n\nFIRST-EPSS: 0.212410000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-10T20:22:49.000000Z"}, {"uuid": "840f5b03-9972-45f7-af55-f7d65974d2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "Telegram/ccbvQJvXQtQB8LG2096HlSSu4lpAGPiIOa3lJMflv_Ousw", "content": "", "creation_timestamp": "2023-08-30T14:38:20.000000Z"}, {"uuid": "315941d0-e2b0-4feb-8ff4-401223141df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/KomunitiSiber/737", "content": "PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability\nhttps://thehackernews.com/2023/09/poc-exploit-released-for-critical.html\n\nProof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight).\nThe flaw, tracked as\u00a0CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation.\n\u201cA", "creation_timestamp": "2023-09-03T09:20:33.000000Z"}, {"uuid": "4100fe5f-e1fe-49a9-988a-3d53cb3d0f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "Telegram/axcjS-pjejSYiAQFt0jBcD4tylfvrOresV-gsZPupIPzOQ", "content": "", "creation_timestamp": "2023-09-17T05:40:42.000000Z"}, {"uuid": "6176b828-31ed-4ca0-bff9-7e4b85790b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4804", "content": "\u0412\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SSH \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 VMware Aria Operations for Networks (\u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u043a\u0430\u043a vRealize Network Insight).\n\nCVE-2023-34039 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438 \u0438\u0437 ProjectDiscovery Research \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 VMware \u0432 \u043f\u0440\u043e\u0448\u043b\u0443\u044e \u0441\u0440\u0435\u0434\u0443 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 6.11.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SSH \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0438\u0437-\u0437\u0430 \u00ab\u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430\u00bb.\n\nVMware \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 CVE-2023-34039 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0430\u0433\u0438.\n\nPoC \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Aria Operations for Networks \u0441 6.0 \u043f\u043e 6.10. \u041e\u043d \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Summoning Team \u0421\u0438\u043d\u043e\u0439 \u0425\u0435\u0439\u0440\u043a\u0445\u043e\u0439.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u043d \u043d\u0430\u0437\u0432\u0430\u043b - \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 SSH, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a VMware \u0437\u0430\u0431\u044b\u043b\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 SSH, \u0438 \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0435\u043c\u0443 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0432\u0441\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044d\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430.\n\n\u041d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 VMware \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 (CVE-2023-20890), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 (PoC CVE-2023-34039 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0430\u0442\u0430\u043a\u0438).\n\n\u0412 \u0441\u0432\u0435\u0442\u0435 \u044d\u0442\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Aria Operations for Networks \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0435\u0432\u0435\u043d\u0442\u0438\u0432\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-09-04T18:30:06.000000Z"}, {"uuid": "a0dbbace-a923-47ac-9f34-49bd5f875b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "Telegram/HN9hPbaAIC-EMsKpuBEKpt_lBAGKgR9MPj6X-aKfaNotSQg", "content": "", "creation_timestamp": "2023-09-04T08:55:45.000000Z"}, {"uuid": "105e892e-60ca-49f0-ba90-06d3e6c8d4fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/3819", "content": "Exploit code now available for critical SSH authentication bypass flaw in VMware Aria Operations for Networks. Discover how CVE-2023-34039 could lead to unauthorized access. \n \nRead detais: https://thehackernews.com/2023/09/poc-exploit-released-for-critical.html", "creation_timestamp": "2023-09-03T06:45:21.000000Z"}, {"uuid": "9b15e924-31b1-43a4-b755-0e1126c0a455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8961", "content": "#exploit\n1. CVE-2023-34039:\nVMWare Aria Operations for Networks Static SSH key RCE\nhttps://github.com/sinsinology/CVE-2023-34039\n\n2. CVE-2023-34039:\nCritical Authentication Bypass Vulnerability in VMware Aria Operations for Networks\nhttps://github.com/Cyb3rEnthusiast/CVE-2023-34039", "creation_timestamp": "2023-09-03T22:06:03.000000Z"}, {"uuid": "7f1f9e54-a75c-4bfb-90e5-f3983eaac6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5582", "content": "VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)\n\n#CVE #RCE \n \u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-10-14T13:45:42.000000Z"}, {"uuid": "ece3df08-51ea-4e38-beb0-38a292d26097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "bfc71349-1377-4edf-864b-8463a54022f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3284", "content": "VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)\n\n#CVE #RCE", "creation_timestamp": "2023-10-14T12:49:22.000000Z"}, {"uuid": "447be894-f41c-407a-8198-aa546e8daf60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/xxexm/1190", "content": "#tools\n\nCVE-2023-34039\n\n\u0641\u0643\u0631\u0629 \u0627\u0644 CVE :\n\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0628\u0631\u0648\u062a\u0643\u0648\u0644 SSH \u0648 \u0627\u062e\u062a\u0631\u0627\u0642\u0629 \n\u064a\u0633\u062a\u063a\u0644 \u0627\u0644\u0623\u0635\u062f\u0631\u0627\u062a \u0645\u0646 \n6.0 \u0627\u0644\u0649 6.10\n\nhttps://github.com/sinsinology/CVE-2023-34039", "creation_timestamp": "2023-09-07T20:46:42.000000Z"}, {"uuid": "8de6f96e-708c-41a8-b55a-847486384b70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3182", "content": "Hackers Factory \n\nTrack down GitHub users.\n\nhttps://github.com/mxrch/GitFive\n\nHere it is, the VMware newest exploit\n\nhttps://github.com/Cyb3rEnthusiast/CVE-2023-34039\n\nA shellcode injection tool capable of bypassing AMSI. Features the QueueUserAPC() injection technique and supports XOR encryption\n\nhttps://github.com/trevorsaudi/Mshikaki\n\nan exploit of Server-side request forgery (SSRF)\n\nhttps://github.com/errorfiathck/ssrf-exploit\n\nUnauthenticated-RCE-FUXA-CVE-2023-33831\n\nhttps://github.com/rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831\n\nCVE-2023-28229\n\nhttps://github.com/Y3A/CVE-2023-28229\n\nIntroductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the white paper Certified Pre-Owned.\n\nhttps://github.com/arth0sz/Practice-AD-CS-Domain-Escalation\n\nEternalHush - new free advanced open-source c2 framework\n\nhttps://github.com/APT64/EternalHushFramework\n\nPerforms OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. \n\nhttps://github.com/SharadKumar97/OSINT-SPY\n\nGitHub - wvanderp/awesome-dutch-osint\n\nhttps://github.com/wvanderp/awesome-dutch-osint\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-07T08:00:59.000000Z"}, {"uuid": "539d069d-612c-4352-94b6-96eeae4a36d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/5204", "content": "\ud83d\udcdfXavier Marks Indonesian Data Leak : Download\n\n\ud83d\udc7eCVE-2023-34039 Exploit : Download\n\n\ud83d\udc32Craxs Rat V6.7 : Download\n\n\ud83d\udd78Invicti Standard V23.9.0.42095 Crack : Download\n\n\ud83e\ude85Telegram Bot For Remote Access To Computer Files : Download\n\n\ud83d\udcefGet IP Address On Other Side Audio Call In Telegram : Download", "creation_timestamp": "2024-02-05T08:19:00.000000Z"}, {"uuid": "8b148924-e5a3-4a55-9b98-3522695b9f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/cibsecurity/69376", "content": "\u203c CVE-2023-34039 \u203c\n\nAria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation.\u00c2\u00a0A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T22:17:36.000000Z"}, {"uuid": "964ffe25-a497-4df9-8a01-24d2937971e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/thehackernews/3803", "content": "\ud83d\udea8 Critical Security Alert!  \n \nNew authentication bypass and file write vulnerabilities found in VMware's Aria Operations Networks that could lead to remote code execution attacks. \n \nKnow more about CVE-2023-34039 and CVE-2023-20890: https://thehackernews.com/2023/08/critical-vulnerability-alert-vmware.html", "creation_timestamp": "2023-08-30T09:18:18.000000Z"}, {"uuid": "9ba1f771-ce99-496c-80ad-725a2aa94b66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "ae6fe42f-fa4f-45e2-9e07-928e2238b9b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_15/2023", "content": "", "creation_timestamp": "2023-08-30T09:43:07.000000Z"}, {"uuid": "39c97566-7e47-4819-b4ae-65a0976e11e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/26", "content": "#exploit\n#CVE-2023-34039:\nCritical Authentication Bypass Vulnerability in VMware Aria Operations for Networks\nhttps://github.com/Cyb3rEnthusiast/CVE-2023-34039", "creation_timestamp": "2023-09-03T15:44:26.000000Z"}, {"uuid": "4962694c-9c68-47b8-8805-35acb8133092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/25", "content": "#exploit\n#CVE-2023-34039:\nVMWare Aria Operations for Networks Static SSH key RCE\nhttps://github.com/sinsinology/CVE-2023-34039", "creation_timestamp": "2023-09-03T15:44:02.000000Z"}, {"uuid": "63c69abe-90a4-41ed-afab-d47558c8ffad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "https://t.me/kasperskyb2b/844", "content": "\ud83d\udd04 VMWare \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Aria Operations for Networks.  \u041e\u0434\u043d\u0430 (CVE-2023-34039, CVSS 9.8) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f (CLI) \u0431\u0435\u0437 \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u0439 SSH-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.  \u0412\u0442\u043e\u0440\u0430\u044f (CVE-2023-20890, CVSS 7.2) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a RCE.\n\n\u0412\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Aria Operations for Networks (\u0432 \u0434\u0435\u0432\u0438\u0447\u0435\u0441\u0442\u0432\u0435 vRealize Network Insight) \u0440\u0430\u043d\u0435\u0435 6.11 \u0443\u044f\u0437\u0432\u0438\u043c\u044b, \u043c\u0435\u0440 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u2014 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f.  \u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 (\u043f\u043e\u043a\u0430) \u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043e.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-31T10:38:02.000000Z"}, {"uuid": "2c46b17e-5207-45cc-bfe8-0343f0ae73c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "Telegram/Y5lRb5s2N7Y_QSvEvEyWrSx2lCXHgn5HSFsrR-o2cggJ", "content": "", "creation_timestamp": "2023-10-23T00:32:37.000000Z"}, {"uuid": "71777943-3ee5-4024-8c48-e68ac5302578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3176", "content": "Hackers Factory \n\nSocial engineering tool [Access Webcam &amp; Microphone &amp; Location Finder] With Python\n\nhttps://github.com/ultrasecurity/Storm-Breaker\n\nEternalHush - new free advanced open-source c2 framework\n\nhttps://github.com/APT64/EternalHushFramework\n\nVMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)\n\nhttps://github.com/sinsinology/CVE-2023-34039\n\nCSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record.\n\nhttps://github.com/BrunoTeixeira1996/CVE-2023-36250\n\nA collection of tools for security research on Starlink's User Terminal\n\nhttps://github.com/quarkslab/starlink-tools\n\nSession Hijacking Visual Exploitation\n\nhttps://github.com/doyensec/Session-Hijacking-Visual-Exploitation\n\nPwn2Own Vancouver 2023 Ubuntu LPE exploit\n\nhttps://github.com/synacktiv/CVE-2023-35001\n\nMaking Favicon.ico based Recon Great again \n\nhttps://github.com/devanshbatham/FavFreak\n\nA modern tool written in Python that automates your xss findings.\n\nhttps://github.com/faiyazahmad07/xss_vibes\n\nGet PROXY List that gets updated everyday\n\nhttps://github.com/TheSpeedX/PROXY-List\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-04T16:29:39.000000Z"}, {"uuid": "86b130ef-a743-4059-8823-4b5d88d57749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4311", "content": "\ud83d\udcdfXavier Marks Indonesian Data Leak : Download\n\n\ud83d\udc7eCVE-2023-34039 Exploit : Download\n\n\ud83d\udc32Craxs Rat V6.7 : Download\n\n\ud83d\udd78Invicti Standard V23.9.0.42095 Crack : Download\n\n\ud83e\ude85Telegram Bot For Remote Access To Computer Files : Download\n\n\ud83d\udcefGet IP Address On Other Side Audio Call In Telegram : Download", "creation_timestamp": "2023-09-17T05:42:28.000000Z"}, {"uuid": "4570c5fd-f1eb-40b4-a938-8a883df26baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4260", "content": "\ud83d\udcccEmpower Insurance Data Leak : Download\n\n\ud83e\ude85Xavier Marks Indonesian Data Leak : Download\n\n\ud83d\udcdfCVE-2023-34039 Exploit Poc : Download\n\n\ud83d\udc32Shodan Dorks 2023 : Download\n\n\ud83d\udcefNOVI PAZAR \u2013 PUT Data Leak : Download\n\n\ud83d\udd78CVE-2023-4596 Forminator WordPress Plugin Exploit : Download\n\n\ud83e\udeacChatGPT Next Web : Download\n\n\ud83d\udc00XWorm v5.0 RAT Cracked : Download", "creation_timestamp": "2023-09-04T20:31:02.000000Z"}, {"uuid": "7ea09de4-2f07-4aed-86ac-ba0e5278d1bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34039", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}]}