{"vulnerability": "CVE-2023-46604", "sightings": [{"uuid": "d6fb12fa-298f-4062-9b30-18e9c2a4c0b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:38:27.000000Z"}, {"uuid": "5d520b7b-5ec1-45c8-9cba-65069dd8126f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/f9c19fe0-d99a-4345-8423-5635b5d8bf1f", "content": "", "creation_timestamp": "2023-11-01T20:42:27.000000Z"}, {"uuid": "caa3345f-4163-4fcd-8e51-be24e017e2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-02T18:10:02.000000Z"}, {"uuid": "ac266326-2d62-49b7-88f1-e59d7b6d90c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/df7b7020-9f17-4a3c-9824-1baa4ff67cb1", "content": "", "creation_timestamp": "2023-11-22T15:35:26.000000Z"}, {"uuid": "cdeee833-383a-490a-820b-968f9dfcdbeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "5f7956fd-fdd1-49f2-be9d-64948ed8fe44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113625512128034806", "content": "", "creation_timestamp": "2024-12-09T23:42:02.020231Z"}, {"uuid": "3a900e42-25b9-43bb-bb9b-e4c253d0bae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971911", "content": "", "creation_timestamp": "2024-12-24T20:35:32.844833Z"}, {"uuid": "d092f13b-e258-4618-87c9-7c7243c1fe43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "36f67344-774f-40d1-8764-65a50ab87b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "be3f9683-efb8-440f-8f7a-946bbacc7e43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-14", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "c59e7962-9ae4-4a34-8258-abd007e84d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "0dce2cf2-9d97-4aca-b426-3217d5c06dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "ce6458dd-7726-4120-aa44-6c8c980ad32b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/vivek-gopal/7c15a28070e3b6b75c8127f632686585", "content": "", "creation_timestamp": "2025-09-11T08:37:25.000000Z"}, {"uuid": "f609efb1-461f-4380-aa93-8dd5249261ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/vivek-gopal/3ea5712720c8371a1075b15a27628fc7", "content": "", "creation_timestamp": "2025-09-11T09:20:51.000000Z"}, {"uuid": "e42f3999-d55b-4635-98f6-62d4c6f10715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m4p6en3vwv2i", "content": "", "creation_timestamp": "2025-11-03T04:23:53.863456Z"}, {"uuid": "f8accf45-e523-4b0c-88c2-a42d184f4780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2023-46604", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4pcnddwi4e2", "content": "", "creation_timestamp": "2025-11-03T05:41:04.380520Z"}, {"uuid": "f0b1b462-cc99-47a5-b1ec-0eb0d6926df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-34f40802-640c8f06861ca21f", "content": "", "creation_timestamp": "2025-08-20T09:25:27.869166Z"}, {"uuid": "4c36b6c9-fdd5-4a34-9577-53f3c0455de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lwt5qswy2mg2", "content": "", "creation_timestamp": "2025-08-20T09:52:32.957697Z"}, {"uuid": "1d172c7f-e738-4081-a05b-047bded7c1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lwtbvy64gh2m", "content": "", "creation_timestamp": "2025-08-20T11:06:45.997719Z"}, {"uuid": "ece54dfc-9f67-4633-8a45-b0f2299d71e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/115060796380277759", "content": "", "creation_timestamp": "2025-08-20T11:13:43.773609Z"}, {"uuid": "45e624d3-d2f0-46f9-9f68-f737eec0affc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/theitnerd.ca/post/3lwtgu6hk3w2k", "content": "", "creation_timestamp": "2025-08-20T12:35:14.281196Z"}, {"uuid": "174ea819-057c-48fe-aa85-070ce8a3a851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lwtls2o6fs2y", "content": "", "creation_timestamp": "2025-08-20T14:03:32.750593Z"}, {"uuid": "63272c1b-6a3f-4ac6-a75a-5e20cee0bb6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lwtuzyxlkk24", "content": "", "creation_timestamp": "2025-08-20T16:49:06.759023Z"}, {"uuid": "d71c2e5b-f65f-48a5-815a-d7d4f172118d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lwubwihyzu26", "content": "", "creation_timestamp": "2025-08-20T20:39:42.719908Z"}, {"uuid": "ee490ecd-b29c-4c5a-b4dd-08455358aca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/kpwn.bsky.social/post/3lwuep3pnik2b", "content": "", "creation_timestamp": "2025-08-20T21:29:16.348690Z"}, {"uuid": "07176288-9b45-4f89-a2d3-aa506d131fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/kpwn.bsky.social/post/3lwufb4hxzs2b", "content": "", "creation_timestamp": "2025-08-20T21:39:20.782919Z"}, {"uuid": "4d8178cd-d04b-4fef-8ce9-74bd37956ca7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lwwgbbfhqhi2", "content": "", "creation_timestamp": "2025-08-21T17:03:03.658278Z"}, {"uuid": "4202631e-ed8c-4157-a3a8-e88a8a510a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/4ad9ed67-5cc3-5de2-849d-1a1910431785", "content": "", "creation_timestamp": "2025-09-09T11:33:07.000000Z"}, {"uuid": "fad902d7-3732-4314-b193-5656d2996567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lx7jiyqjxk2e", "content": "", "creation_timestamp": "2025-08-25T07:54:44.125789Z"}, {"uuid": "ffadccef-4bd5-46db-bb0a-fcbfeb6d7d33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:57.000000Z"}, {"uuid": "db3dd172-d6a3-4d1e-9d13-23848988616b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/techwithellyson.bsky.social/post/3lxsfdx55ww2w", "content": "", "creation_timestamp": "2025-09-01T20:00:48.839357Z"}, {"uuid": "c29fa324-740d-47e8-91b3-fe856a9f1a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/apache_activemq_rce_cve_2023_46604.rb", "content": "", "creation_timestamp": "2023-11-06T15:51:49.000000Z"}, {"uuid": "90340260-f66a-4f70-9a42-ab7ad685faa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:30.000000Z"}, {"uuid": "df303bac-5190-4e00-9a90-9fa53a19faf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/83d4f3af-eb31-483b-8893-5114f7d170fe", "content": "", "creation_timestamp": "2026-02-02T12:25:27.480574Z"}, {"uuid": "3369658a-1227-4db0-abcd-7f8eaed8cc58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/eafa255c-065f-41f9-a401-581d793dafd1", "content": "", "creation_timestamp": "2026-02-02T12:26:47.651400Z"}, {"uuid": "37c59b3c-f1f8-466b-b029-b1b17a2ae9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3mflzukjcwc2b", "content": "", "creation_timestamp": "2026-02-24T11:12:09.736439Z"}, {"uuid": "21ce3c94-7bd3-4159-aca3-a274f180bf1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://infosec.exchange/users/VirusBulletin/statuses/116125304066872153", "content": "", "creation_timestamp": "2026-02-24T11:12:08.978492Z"}, {"uuid": "11bff85c-ec16-40c3-8635-698414ca9d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mfonschmcw2f", "content": "", "creation_timestamp": "2026-02-25T12:14:03.205146Z"}, {"uuid": "0eda1023-2246-4ea1-ba28-3714f8043d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/alon710/259ba4448555bfe0e3eb2f75dd2e8a14", "content": "", "creation_timestamp": "2026-02-26T05:00:19.000000Z"}, {"uuid": "235f4024-dc7b-484d-a1bd-6ea907854989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mfrtdlqksq2m", "content": "", "creation_timestamp": "2026-02-26T18:31:11.962774Z"}, {"uuid": "45b436a4-e18c-4cc2-a2bd-4192925943b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1153", "content": "", "creation_timestamp": "2023-11-03T04:00:00.000000Z"}, {"uuid": "673910b3-db96-48d7-a11f-946596ba4ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/83d4f3af-eb31-483b-8893-5114f7d170fe", "content": "", "creation_timestamp": "2026-02-02T12:25:27.480574Z"}, {"uuid": "25515669-1851-4348-9c06-33030f56899b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/eafa255c-065f-41f9-a401-581d793dafd1", "content": "", "creation_timestamp": "2026-02-02T12:26:47.651400Z"}, {"uuid": "5035868e-9615-44c6-97b8-824b5632bbf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3mj3vrjxzxe27", "content": "", "creation_timestamp": "2026-04-09T22:56:58.925106Z"}, {"uuid": "bd718241-efd4-4410-88d9-380cb9e21d9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/71sICJ2qduNa9p7sy7EcgNRQvBtb-VPS3HuJRrErM7o1_Kg", "content": "", "creation_timestamp": "2026-01-04T21:00:04.000000Z"}, {"uuid": "45fb7c12-8c76-4b0a-a5f9-1cb90f72f9a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/199", "content": "\u2604\ufe0fCVE-2023-46604: Apache ActiveMQ RCE\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0448\u0435\u043b\u043b-\u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0442\u0438\u043f\u044b \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire\ud83d\udc7a\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/sule01u/CVE-2023-46604\n\n#cve #rce #exploit", "creation_timestamp": "2023-11-09T13:29:46.000000Z"}, {"uuid": "b3fb2193-56d5-4171-b344-5a0436fe11b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/GithubRedTeam/81019", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ActiveMQ-EXPtools\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Catherines77\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Java\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-20 03:28:09\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u652f\u6301\u68c0\u6d4b\u548c\u5229\u7528ActiveMQ\u6f0f\u6d1e\uff0cCVE-2015-5254\uff0cCVE-2016-3088\uff0cCVE-2022-41678\uff0cCVE-2023-46604\uff0cCVE-2024-32114\uff0cCVE-2026-34197\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-20T04:00:04.000000Z"}, {"uuid": "7bc7049e-85b0-4418-af99-dca21ac9f925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/apache_activemq_cve_2023_46604", "content": "", "creation_timestamp": "2024-01-14T16:41:59.000000Z"}, {"uuid": "8a156191-df94-4787-acc0-0cf651df2023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/50778", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aVulnerability Detection and Mitigation Apache ActiveMQ | Security Architectures and Systems Administration - on - Apache ActiveMQ Deserialization Remote Code Execution (RCE) \u2013 CVE-2023-46604\nURL\uff1ahttps://github.com/vaishnavucv/Project-Vuln-Detection-N-Mitigation_101\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-09-08T21:11:41.000000Z"}, {"uuid": "652e8844-345e-4379-a4ef-4a69ca0fc671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/50777", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aVulnerability Detection and Mitigation Apache ActiveMQ | Security Architectures and Systems Administration - on - Apache ActiveMQ Deserialization Remote Code Execution (RCE) \u2013 CVE-2023-46604\nURL\uff1ahttps://github.com/vaishnavucv/Project-Vuln-Detection-N-Mitigation_101\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-09-08T21:05:27.000000Z"}, {"uuid": "5f048346-2d77-42ad-a8d3-dd73ac75459f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/sqAkt-abxgQKI93sbGf7iG59__fxfGGzH9B3O7fITix-uxg", "content": "", "creation_timestamp": "2025-11-16T03:00:06.000000Z"}, {"uuid": "c2b82f1e-f36b-4348-9341-7b33d033f186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6009", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository to exploit CVE-2023-46604 reported for ActiveMQ\nURL\uff1ahttps://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-29T18:38:26.000000Z"}, {"uuid": "c68f2d9a-d2d0-4ef4-bb28-734b134cabd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5771", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aThis script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.\nURL\uff1ahttps://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-11-12T12:18:06.000000Z"}, {"uuid": "fab783f3-eff7-45bf-b339-0832c7643d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5770", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a CVE-2023-46604 ActiveMQ RCE vulnerability verification/exploitation tool\nURL\uff1ahttps://github.com/sule01u/CVE-2023-46604\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-11-12T10:42:46.000000Z"}, {"uuid": "b662fdd2-d221-47ff-abe9-e91fe2604751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5815", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC repo for CVE-2023-46604\nURL\uff1ahttps://github.com/vjayant93/CVE-2023-46604-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-15T19:23:04.000000Z"}, {"uuid": "60ac37e8-2f34-49a8-b0d9-8d2d04aa1772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5663", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46604\nURL\uff1ahttps://github.com/JaneMandy/ActiveMQ_RCE_Pro_Max\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-03T14:30:55.000000Z"}, {"uuid": "e01c99e8-09dd-48f6-a4b1-3a2d4b5d51f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5720", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46604 Apache ActiveMQ RCE exp\nURL\uff1ahttps://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-08T07:52:51.000000Z"}, {"uuid": "b301ef9f-b01a-4f62-815d-6152bc6c4006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6275", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability  Machine: Broker\nURL\uff1ahttps://github.com/Mudoleto/Broker_ApacheMQ\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-23T08:43:25.000000Z"}, {"uuid": "9278b566-e740-4ccc-98cd-4756839096c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5778", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46604\u73af\u5883\u590d\u73b0\u5305\nURL\uff1ahttps://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-13T02:40:58.000000Z"}, {"uuid": "b32bdd4f-86cb-48ae-a001-5d7cb0cc853d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6125", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploit for CVE-2023-46604\nURL\uff1ahttps://github.com/mrpentst/CVE-2023-46604\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-09T19:28:42.000000Z"}, {"uuid": "d534131e-9388-48bd-90d8-4c797e5ff051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6266", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aInstructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604\nURL\uff1ahttps://github.com/dcm2406/CVE-Lab\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-21T18:27:16.000000Z"}, {"uuid": "e4fe2c77-e075-4cbc-a85c-e32bf62f3de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6204", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aResearch on CVE-2021-44228 and CVE-2023-46604\nURL\uff1ahttps://github.com/dcm2406/CVELab\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-16T12:06:44.000000Z"}, {"uuid": "653ce06d-1c34-4206-831a-e95e158cfce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/jW6gAEx0X-7rlKDcpeYmlHPMlF_kfSwPpGXtV0Ykb6N88uc", "content": "", "creation_timestamp": "2026-03-31T03:00:07.000000Z"}, {"uuid": "3a02d1e6-66f2-460f-81b4-47c241450691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/itsec_news/3587", "content": "\u200b\u26a1\ufe0fHelloKitty \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c: \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache ActiveMQ \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u043e\u0432\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043e\u0431\u043c\u0435\u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 Apache ActiveMQ. \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Rapid7, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u044b\u0442\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0442\u0435\u043c \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c \u0432\u044b\u043a\u0443\u043f \u0437\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439-\u0436\u0435\u0440\u0442\u0432. \u0418\u0437\u0443\u0447\u0438\u0432 \u0437\u0430\u043c\u0435\u0442\u043a\u0443 \u043e \u0432\u044b\u043a\u0443\u043f\u0435 \u0438 \u0438\u043c\u0435\u044e\u0449\u0438\u0435\u0441\u044f \u0434\u0430\u043d\u043d\u044b\u0435, \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e HelloKitty, \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0443\u0442\u0435\u043a \u0432 \u0441\u0435\u0442\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0437\u043b\u043e\u043c\u044b \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-46604 (CVSS 10.0), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Apache ActiveMQ. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 ActiveMQ \u0432\u0435\u0440\u0441\u0438\u0439 5.15.16, 5.16.7, 5.17.6, \u0438\u043b\u0438 5.18.3, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u043a\u043e\u043d\u0446\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\n\nApache ActiveMQ 5.18.0 \u0434\u043e 5.18.3;\nApache ActiveMQ 5.17.0 \u0434\u043e 5.17.6;\nApache ActiveMQ 5.16.0 \u0434\u043e 5.16.7;\nApache ActiveMQ \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.15.16;\nApache ActiveMQ Legacy OpenWire Module \u0441 5.18.0 \u0434\u043e 5.18.3;\nApache ActiveMQ Legacy OpenWire Module \u0441 5.17.0 \u0434\u043e 5.17.6;\nApache ActiveMQ Legacy OpenWire Module \u0441 5.16.0 \u0434\u043e 5.16.7;\nApache ActiveMQ Legacy OpenWire Module \u0441 5.8.0 \u0434\u043e 5.15.16.\n\u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, PoC-\u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b \u0432 \u0441\u0435\u0442\u0438. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Rapid7, \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 \u0441\u0435\u0442\u044f\u0445 \u00ab\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46604\u00bb.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0444\u0430\u0439\u043b\u044b \u0441 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f\u043c\u0438 M2.png \u0438 M4.png \u0447\u0435\u0440\u0435\u0437 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a Windows (msiexec). \u041e\u0431\u0430 MSI \u0444\u0430\u0439\u043b\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 32-\u0431\u0438\u0442\u043d\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 .NET-\u0444\u0430\u0439\u043b \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c dllloader, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c EncDLL, \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 Base64 \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u044e\u0449\u0443\u044e \u043a\u0430\u043a \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u041f\u041e. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0449\u0435\u0442 \u0438 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043a \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u00ab.locked\u00bb.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shadowserver Foundation, \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 1 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 3326 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 ActiveMQ, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u041a\u0438\u0442\u0430\u0435, \u0421\u0428\u0410, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ActiveMQ \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0435\u0442\u0438 \u043d\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-02T07:33:20.000000Z"}, {"uuid": "2aa88858-b588-4c8b-a60c-61bf42b45694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7452", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.\nURL\uff1ahttps://github.com/mranv/honeypot.rs\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-29T15:20:18.000000Z"}, {"uuid": "784e06b4-aa3b-4100-8495-12b00c045aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/8h8Hof7StAZ6aRznwRxa4merJrUBQ8lRPVMkNJUc9vM2lk4", "content": "", "creation_timestamp": "2025-09-09T03:00:06.000000Z"}, {"uuid": "e3162a7d-f2f2-4389-bc3e-cc09b96d00d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/BleepingComputer/18917", "content": "\u200aKinsing malware exploits Apache ActiveMQ RCE to plant rootkits\n\nThe Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]\n\nhttps://www.bleepingcomputer.com/news/security/kinsing-malware-exploits-apache-activemq-rce-to-plant-rootkits/", "creation_timestamp": "2023-11-20T20:30:48.000000Z"}, {"uuid": "2e398a14-08fb-4c72-82d8-5a4dc5520c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/177", "content": "https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/", "creation_timestamp": "2023-11-02T06:01:02.000000Z"}, {"uuid": "713b0cd9-ec6e-4d25-8c7d-6bc6bf2b0ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/hackyourmom/12429", "content": "\ud83d\udc7e \u0425\u0430\u043a\u0435\u0440\u0438 \u043c\u0430\u0441\u043e\u0432\u043e \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u044c\u0442\u044c Apache ActiveMQ (CVE-2023-46604) \u0456 \u0437\u0430\u043b\u0438\u0432\u0430\u044e\u0442\u044c DripDropper. \u0412\u0456\u043d \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0439, \u0445\u043e\u0432\u0430\u0454\u0442\u044c\u0441\u044f \u0437\u0430 Dropbox, \u043b\u0456\u0437\u0435 \u0432 cron \u0456 \u043c\u0456\u043d\u044f\u0454 SSH. \u041d\u0430\u0439\u0446\u0456\u043a\u0430\u0432\u0456\u0448\u0435 \u2014 \u043f\u0456\u0441\u043b\u044f \u0437\u043b\u043e\u043c\u0443 \u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043e\u0444\u0456\u0446\u0456\u0439\u043d\u0438\u0439 \u043f\u0430\u0442\u0447, \u0449\u043e\u0431 \u0437\u0430\u043a\u0440\u0438\u0442\u0438 \u0434\u0456\u0440\u0443 \u0432\u0456\u0434 \u0456\u043d\u0448\u0438\u0445. \u0421\u0435\u0440\u0432\u0435\u0440 \u0432\u0438\u0433\u043b\u044f\u0434\u0430\u0454 \u0447\u0438\u0441\u0442\u0438\u043c, \u0430\u043b\u0435 \u0432\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0456 \u0432\u0436\u0435 \u0441\u0438\u0434\u0438\u0442\u044c \u0447\u0443\u0436\u0438\u0439 \u043a\u043e\u0434 \u2139\ufe0f #cybernews", "creation_timestamp": "2025-08-20T10:13:16.000000Z"}, {"uuid": "5ee05965-8dab-4062-a682-1e322be61f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/403", "content": "Top Security News for 16/11/2023\n\nNovel espionage tool leveraged by pro-Palestinian hacking operation\nhttps://malware.news/t/novel-espionage-tool-leveraged-by-pro-palestinian-hacking-operation/75720#post_1 \n\nExecuting from Memory Using ActiveMQ CVE-2023-46604\nhttps://www.reddit.com/r/netsec/comments/17vv5rq/executing_from_memory_using_activemq_cve202346604/ \n\nRansomware review: November 2023\nhttps://www.malwarebytes.com/blog/threat-intelligence/2023/11/ransomware-review-november-2023 \n\nISC Stormcast For Thursday, November 16th, 2023 https://isc.sans.edu/podcastdetail/8748, (Thu, Nov 16th)\nhttps://isc.sans.edu/diary/rss/30406 \n\nUpload Additional Files into Active Tasks in ANY.RUN\nhttps://malware.news/t/upload-additional-files-into-active-tasks-in-any-run/75725#post_1 \n\nBolstering economic security.\nhttps://thecyberwire.com/podcasts/caveat/195/notes \n\nNew hospital cyber rules mulled in New York\nhttps://malware.news/t/new-hospital-cyber-rules-mulled-in-new-york/75723#post_1 \n\nMicrosoft unveils expansion of AI for security and security for AI at Microsoft Ignite\nhttps://www.microsoft.com/en-us/security/blog/2023/11/15/microsoft-unveils-expansion-of-ai-for-security-and-security-for-ai-at-microsoft-ignite/ \n\nA Simple Python Redirection Container for Red Team Operations\nhttps://www.reddit.com/r/netsec/comments/17vwpes/a_simple_python_redirection_container_for_red/ \n\nSentinelOne acquires Krebs Stamos Group. Radiant Security raises $15 million. RADICL secures an additional $9 million.\nhttps://thecyberwire.com/newsletters/business-briefing/5/46 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-11-16T08:00:06.000000Z"}, {"uuid": "059f503d-ae7a-4497-bfb8-d656b04d4a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/250", "content": "\u2604\ufe0fCVE-2023-46604: Apache ActiveMQ RCE\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0448\u0435\u043b\u043b-\u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0442\u0438\u043f\u044b \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire\ud83d\udc7a\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/sule01u/CVE-2023-46604\n\n#cve #rce #exploit", "creation_timestamp": "2023-11-09T13:29:46.000000Z"}, {"uuid": "3672687c-0bfb-4770-8b22-eb7035f28b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/188", "content": "\ud83d\udcd5 \u041f\u043e\u0434\u0431\u043e\u0440\u043e\u0447\u043a\u0430 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u042d\u0442\u043e \u043f\u0440\u043e\u0431\u043d\u0438\u043a.\n\n\ud83d\udca1 F5 BIG-IP Unauth RCE via AJP Smuggling\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46747\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BIG-IP \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438/\u0438\u043b\u0438 \u0441\u0430\u043c\u043e\u043f\u0438\u0441\u043d\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\n\ud83d\udca1 ActiveMQ Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46604\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: \n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0440\u043e\u043a\u0435\u0440\u0443, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u0438\u043f\u0430\u043c\u0438 \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440 \u0438\u043d\u0441\u0442\u0430\u043d\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441 \u0432 \u043f\u0443\u0442\u0438 \u043a\u043b\u0430\u0441\u0441\u0430.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 \u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 UI Cisco IOS XE\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\n- CVE-2023-20198\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x: \n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 15.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Microsoft Exchange Server Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-36745\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u044e \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\n#poc", "creation_timestamp": "2023-11-10T10:57:44.000000Z"}, {"uuid": "618af9e3-77df-473c-b046-7ce2e6115d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6723", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aActiveMQ RCE (CVE-2023-46604) \u56de\u663e\u5229\u7528\u5de5\u5177\nURL\uff1ahttps://github.com/Arlenhiack/ActiveMQ-RCE-Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-03-05T08:31:17.000000Z"}, {"uuid": "b8dfaed2-b293-4cfb-8fb8-70a0d576d98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/CyberBulletin/1718", "content": "\u26a1\ufe0fMauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604).\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:14:22.000000Z"}, {"uuid": "66f7eb26-2f74-47eb-8a4b-ea15ce434d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/kasperskyb2b/978", "content": "\u2699\ufe0f \u0420\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u0438 \u0432\u0437\u044f\u043b\u0438\u0441\u044c \u0437\u0430 Apache ActiveMQ\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0431\u0440\u043e\u043a\u0435\u0440\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 Apache ActiveMQ (CVE-2023-46604, CVSS 10), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0431\u044b\u043b\u0430 \u0432\u0437\u044f\u0442\u0430 \u043d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435 ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 HelloKitty. \u041f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Java.exe, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0430\u044f ActiveMQ, \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 PNG-\u0444\u0430\u0439\u043b\u044b. \n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430 HelloKitty \u044f\u0432\u043d\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0434\u0440\u0443\u0433\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u2014 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u0443\u044e \u0441\u0435\u0442\u044c \u0437\u0430\u0447\u0435\u043c-\u0442\u043e \u0441\u043c\u043e\u0442\u0440\u044f\u0442 \u0442\u044b\u0441\u044f\u0447\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ActiveMQ. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 ActiveMQ \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u0440\u043e\u0447\u043d\u043e, \u0430 \u0432 \u0431\u043e\u043b\u0435\u0435 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e\u0439 \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u2014 \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0438 \u0432\u043e\u043f\u043b\u043e\u0442\u0438\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Apache \u043f\u043e \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044e \u0437\u0430\u0449\u0438\u0442\u044b ActiveMQ, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0432 \u0447\u0430\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-11-03T11:51:24.000000Z"}, {"uuid": "9c7a3f43-85bb-407b-a92f-2886999e03fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ctinow/146981", "content": "https://ift.tt/MKBP7mi\nSuspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware", "creation_timestamp": "2023-11-02T15:19:46.000000Z"}, {"uuid": "1e407f1f-6b50-4844-8111-08aeb89190ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/Blackhat_Officials/831", "content": "https://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html\n\nCVE-2023-46604(Apache ActiveMQ)\u88ab\u5229\u7528\u6765\u611f\u67d3\u5bc6\u7801\u5668\u548cRootkit\u7cfb\u7edf\n#\u65b0\u95fb", "creation_timestamp": "2023-11-23T11:23:59.000000Z"}, {"uuid": "e11baa6b-875d-4b0c-9a7a-659ae068a484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ctinow/150442", "content": "https://ift.tt/Gmbod9z\nCVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits", "creation_timestamp": "2023-11-20T10:18:22.000000Z"}, {"uuid": "88159f18-f7dd-442b-be6b-c7613eb10392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ctinow/150438", "content": "https://ift.tt/Gmbod9z\nCVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits", "creation_timestamp": "2023-11-20T09:42:16.000000Z"}, {"uuid": "3beeece8-667d-44c6-8e27-7ce6b871c913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/cyberwarehouse/141", "content": "", "creation_timestamp": "2026-07-17T11:00:07.724521Z"}, {"uuid": "168ed7b9-2c27-40d0-b4c5-73702d3eba3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1030", "content": "\u200b\u200bActiveMQ RCE (CVE-2023-46604)\n\n Apache ActiveMQ \u0639\u0631\u0636\u0629 \u0644\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f. \u0642\u062f \u062a\u0633\u0645\u062d \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0644\u0645\u0647\u0627\u062c\u0645 \u0639\u0646 \u0628\u0639\u062f \u0644\u062f\u064a\u0647 \u0625\u0645\u0643\u0627\u0646\u064a\u0629 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0634\u0628\u0643\u0629 \u0625\u0644\u0649 \u0648\u0633\u064a\u0637 \u0628\u062a\u0634\u063a\u064a\u0644 \u0623\u0648\u0627\u0645\u0631 shell \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0645\u0639\u0627\u0644\u062c\u0629 \u0623\u0646\u0648\u0627\u0639 \u0627\u0644\u0641\u0626\u0627\u062a \u0627\u0644\u0645\u062a\u0633\u0644\u0633\u0644\u0629 \u0641\u064a \u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 OpenWire \u0644\u062c\u0639\u0644 \u0627\u0644\u0648\u0633\u064a\u0637 \u064a\u0642\u0648\u0645 \u0628\u0625\u0646\u0634\u0627\u0621 \u0645\u062b\u064a\u0644 \u0644\u0623\u064a \u0641\u0626\u0629 \u0639\u0644\u0649 \u0645\u0633\u0627\u0631 \u0627\u0644\u0641\u0635\u0644.\n\n https://github.com/X1r0z/ActiveMQ-RCE", "creation_timestamp": "2024-03-29T18:27:12.000000Z"}, {"uuid": "69ca2e59-e3fc-4bf4-8b1b-fba3817a7bc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/eIAKKKujGGX1YtMrhCJdc0NGCUPUvr8Sx3WcOruhN7yC3w", "content": "", "creation_timestamp": "2023-12-14T14:59:58.000000Z"}, {"uuid": "be7db5f7-c8cf-4bca-8a56-248469332753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/CkqWcB2-9bV8ckxbIWhMB5p9N1JH4cVPNSmWsfsHUZk6uQ", "content": "", "creation_timestamp": "2023-11-06T18:48:47.000000Z"}, {"uuid": "f63890e3-23ee-49b5-8a8b-afde3a8ab73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/WkCj478u4G58ojIUL87WPLotrcOV3WzYpuImpssFRSo1Uw", "content": "", "creation_timestamp": "2023-11-02T20:48:31.000000Z"}, {"uuid": "51ac71a2-43fd-46ed-b740-0a9642eb05fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/3257", "content": "Hackers Feast on Unpatched ActiveMQ!  CVE-2023-46604, a critical remote code execution flaw, is back in the spotlight. \n \nLearn more: https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html \n \nUpdate your Apache ASAP or risk ransomware, rootkits, and botnets.", "creation_timestamp": "2024-01-22T16:59:24.000000Z"}, {"uuid": "f1c6bcfc-85dd-46a4-be96-a61d19e98c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/171", "content": "\ud83d\udca3 PoC in GitHub\n\n\ud83d\udcbb \u041e\u0433\u0440\u043e\u043c\u043d\u0430\u044f \u0430\u0432\u0442\u043e-\u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u0430\u044f \u043a\u043e\u043b\u043b\u0435\u043a\u0446\u0438\u044f PoC. \u041f\u043e \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443 \u043e\u0447\u0435\u043d\u044c \u0443\u0434\u043e\u0431\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u0438\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432.\n\n\u041f\u043e\u0438\u0441\u043a \u043f\u043e \u043d\u043e\u043c\u0435\u0440\u0443 CVE:\ncurl 'https://poc-in-github.motikan2010.net/api/v1/?cve_id=CVE-2023-46604' | jq\n\n\u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u0441\u0432\u0435\u0436\u0430\u044f RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache ActiveMQ. \u041f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u0443\u0434\u043e\u0431\u043d\u044b\u0439 JSON \u0432\u044b\u0432\u043e\u0434 \u043d\u0430 \u0432\u0441\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\n\n{\n      \"id\": \"725243332\",\n      \"cve_id\": \"CVE-2023-46604\",\n      \"name\": \"activemq-cve-2023-46604\",\n      \"owner\": \"tomasmussi-mulesoft\",\n      \"full_name\": \"tomasmussi-mulesoft/activemq-cve-2023-46604\",\n      \"html_url\": \"https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604\",\n      \"description\": \"Repository to exploit CVE-2023-46604 reported for ActiveMQ\",\n      \"stargazers_count\": \"0\",\n      \"vuln_description\": \"Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate\u00a0any class on the classpath.\u00a0\\n\\nUsers are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.\",\n      \"created_at\": \"2023-11-30 03:30:02\",\n      \"updated_at\": \"2023-11-30 03:30:02\",\n      \"pushed_at\": \"2023-11-30 03:30:02\",\n      \"inserted_at\": \"2023-11-30 09:37:18\"\n    }\n\n\u041a\u0430\u043a \u0432\u043e\u0434\u0438\u0442\u0441\u044f, \u043f\u0440\u0438\u043a\u0440\u0443\u0442\u0438\u043b \u043a \u0431\u043e\u0442\u0443:\n\n!poc CVE-2023-46604\n\n\ud83d\udcbb GitHub\n\ud83d\udcbb Home\n\n#poc #github #exploit #cve\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2023-12-04T12:23:11.000000Z"}, {"uuid": "246bc288-df13-487f-85f3-15e9de13a4ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/4637", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 154 entries in 17 file formats related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.972480000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-EXPLOITABILITY: 0.7831866", "creation_timestamp": "2024-04-13T02:42:19.000000Z"}, {"uuid": "c34cdaf9-7a83-448e-9bd5-345bdf08c24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/1834", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T15:14:15.000000Z"}, {"uuid": "a9c29888-a606-4642-bd12-075be23c7ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/1788", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T01:39:05.000000Z"}, {"uuid": "d928baf4-ab01-47e2-a9a1-c1d73e1c92eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/874", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-02T01:26:35.000000Z"}, {"uuid": "bfa5b3f8-ae77-411b-8a59-d8bee84bd093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/922", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 96 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T11:35:49.000000Z"}, {"uuid": "152e53f5-7d12-440b-a065-9f0b2a51edef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/790", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 99 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.966470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-30T07:18:49.000000Z"}, {"uuid": "ff34c93e-f59e-4db9-9ae1-b69654e3f975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/839", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 101 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-01T07:46:40.000000Z"}, {"uuid": "fdda3710-1547-46a6-93c5-c0ef76f8bc7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/826", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 100 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.966470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-30T19:35:02.000000Z"}, {"uuid": "bfabca09-a9dc-4de8-932b-c87789a8613e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/645", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 97 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.966470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-28T13:32:56.000000Z"}, {"uuid": "45072c1c-fea1-4011-bc02-97c1a94b019c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/561", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 30 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.966470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-25T02:03:40.000000Z"}, {"uuid": "af8fffb6-ea8c-49b9-9b94-82a16ca227a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/284", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code \nExecution. This vulnerability may allow a remote attacker with network \naccess to either a Java-based OpenWire broker or client to run arbitrary\n shell commands by manipulating serialized class types in the OpenWire \nprotocol to cause either the client or the broker (respectively) to \ninstantiate any class on the classpath.\n\nUsers are recommended to upgrade\n both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 \nwhich fixes this issue.\n\nFIRST-EPSS: 0.965740000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-19T16:28:56.000000Z"}, {"uuid": "4c5343da-3f58-433e-a48a-82559ba138dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "Telegram/KWy9x43_m_4oS4p8sjBIZiJ2agceiLXJ74W7PzvhYs8QAQ", "content": "", "creation_timestamp": "2023-11-29T06:37:12.000000Z"}, {"uuid": "2b5229ab-61fa-44fd-ba99-6e52cea1a6dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/296", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.965740000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-20T15:55:09.000000Z"}, {"uuid": "2706cd6a-cedf-4a73-a149-285b01039a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/1660", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 102 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.968050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T16:58:02.000000Z"}, {"uuid": "8696900f-f214-470e-b5f2-c7bc337587ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/arpsyndicate/729", "content": "#ExploitObserverAlert\n\nCVE-2023-46604\n\nDESCRIPTION: Exploit Observer has 98 entries related to CVE-2023-46604. The Java OpenWire protocol marshaller is vulnerable to Remote Code  Execution. This vulnerability may allow a remote attacker with network  access to either a Java-based OpenWire broker or client to run arbitrary  shell commands by manipulating serialized class types in the OpenWire  protocol to cause either the client or the broker (respectively) to  instantiate any class on the classpath.  Users are recommended to upgrade  both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3  which fixes this issue.\n\nFIRST-EPSS: 0.966470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T11:59:53.000000Z"}, {"uuid": "802cad46-2cb5-468b-abc6-c7c5c25f6141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/9_hSQ5H_XCdMIWoxBCsN5onf45I8pzWT1rnfQOk1J6gzkg", "content": "", "creation_timestamp": "2023-11-15T18:25:32.000000Z"}, {"uuid": "ec3d9964-96dc-4c52-be95-ebdc09818457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/314", "content": "Hackers Feast on Unpatched ActiveMQ!  CVE-2023-46604, a critical remote code execution flaw, is back in the spotlight. \n \nLearn more: https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html \n \nUpdate your Apache ASAP or risk ransomware, rootkits, and botnets.", "creation_timestamp": "2024-01-22T16:59:24.000000Z"}, {"uuid": "45306d84-42f0-4469-b20f-548f2b3880fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/KomunitiSiber/1077", "content": "New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar\nhttps://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html\n\nCybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.\nTracked as\u00a0CVE-2023-46604\u00a0(CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands.\nIt was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,", "creation_timestamp": "2023-11-15T15:58:54.000000Z"}, {"uuid": "229facb1-36f5-4634-921c-65b3134e7013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/KomunitiSiber/1136", "content": "GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability\nhttps://thehackernews.com/2023/11/gotitan-botnet-spotted-exploiting.html\n\nThe recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called\u00a0GoTitan\u00a0as well as a .NET program known as\u00a0PrCtrl Rat\u00a0that's capable of remotely commandeering the infected hosts.\nThe attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0) that has been\u00a0", "creation_timestamp": "2023-11-29T06:24:16.000000Z"}, {"uuid": "812fd797-6317-4515-b3f2-8653216deb31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/uT9sUuLzJ7mljLMv83o-xR7L3rBffmKTpZTwj9jnFA3DQA", "content": "", "creation_timestamp": "2023-11-05T03:43:59.000000Z"}, {"uuid": "04798a89-cc81-46b2-9b1c-62eca34f4adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1818", "content": "CVE-2023-46604 ActiveMQ RCE\nexploit + xml\n\n#activemq", "creation_timestamp": "2023-11-08T10:50:29.000000Z"}, {"uuid": "1fe36503-66f4-4c06-a5f8-ddc3b5dcbf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/lG6pt5UtBUCzn-IF2Ytstw8S3_g1FpOFh4eJ9RqNUd8P9lg", "content": "", "creation_timestamp": "2023-11-29T19:53:49.000000Z"}, {"uuid": "ef3e280e-82d5-41fd-a819-349da1914410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "Telegram/7koUXiQYjANVreQRymdkTng-drcHtTeg6KyrU5xTB_ps-oE", "content": "", "creation_timestamp": "2023-11-22T22:32:00.000000Z"}, {"uuid": "f3af79c6-8e3f-49c0-9bcc-435864361c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/breachdetector/491278", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is CVE-2023-46604 Apache ActiveMQ ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"09 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-09T11:09:38.000000Z"}, {"uuid": "2f9b78bb-ae7f-4803-8fed-9910fcb5cd8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/breachdetector/491262", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-46604 Apache ActiveMQ Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"09 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-09T10:44:14.000000Z"}, {"uuid": "c7c133fd-11dc-4393-b6c8-1987fc389d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/AactUrH-EIy6JdXWM4VPE9pcjyt1yqOYuT7uQixSUbYBJC0", "content": "", "creation_timestamp": "2023-11-08T03:49:03.000000Z"}, {"uuid": "e02cb43c-aff8-475e-8da2-1bcf8d588c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/cybersecs/2770", "content": "Invicti Professional v24.3.0 - 12 Mar 2024\n\nDownload: https://ponies.cloud/scanner_web/invicti/Invicti-Professional-v24.3.0-Pwn3rzs-CyberArsenal.rar\nPassword: Pwn3rzs\n\nChangelog:\n\nNEW FEATURES\n\nAdded the ability to force authentication verifier agents to use incognito mode by default on Chromium browsers\n\nNEW SECURITY CHECKS\n\nAdded detection for ActiveMQ RCE to the OOB RCE Attack Pattern (CVE-2023-46604)\n\nFIXES\n\nAdded a Cookie Source field to the Knowledge Base Cookies screen", "creation_timestamp": "2024-03-17T20:51:21.000000Z"}, {"uuid": "2d1f5020-76e4-402b-9d03-d42411b205a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/true_secator/5145", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AhnLab \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e\u00a0\u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0430\u044f \u0410\u0420\u0422 Andariel \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0430\u0441\u044c \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Apache ActiveMQ \u0447\u0435\u0440\u0435\u0437 CVE-2023-46604 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 NukeSped \u0438 TigerRat.\n\n\u042f\u0432\u043b\u044f\u044f\u0441\u044c \u043f\u043e\u0434\u0433\u0440\u0443\u043f\u043f\u043e\u0439 Lazarus, \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e \u0441 2008 \u0433\u043e\u0434\u0430, \u0430 \u0432 \u0447\u0438\u0441\u043b\u0435 \u0438\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439 - \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043e\u0431\u043e\u0440\u043e\u043d\u044b, \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438, \u0441\u0443\u0434\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f, \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u043b\u043e\u0433\u0438\u0441\u0442\u0438\u043a\u0438 \u0438 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0443\u0447\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0438 IT-\u0441\u0435\u043a\u0442\u043e\u0440.\n\nAndariel \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0444\u0438\u0448\u0438\u043d\u0433, \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0432\u043e\u0434\u043e\u043f\u043e\u0438 \u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a, \u0430 \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445 \u0433\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 Log4Shell \u0438 TeamCity, \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b MS-SQL \u0438\u043b\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u043b\u0430 \u0437\u0430\u043a\u043e\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b Andariel, AhnLab \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u043b\u0435\u0434\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 NukeSped \u0432 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0438\u0441\u0442\u0435\u043c. \u0414\u043e \u043a\u043e\u043d\u0446\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e CVE-2023-46604 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0435\u043a\u0442\u043e\u0440\u0430, \u0442\u0430\u043a \u0438 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c, \u0430 \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u0431\u044b\u043b\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u0430 HelloKitty.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043a\u043b\u0430\u0441\u0441\u0430 Java, \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c\u044b\u0439 \u0432 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 Huntress, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 Windows \u0438\u043b\u0438 Linux. \u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Stager CobaltStrike \u0438 Metasploit Meterpreter.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Huntress \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u043e\u0441\u044c \u043a\u0430\u043a\u043e\u0435-\u043b\u0438\u0431\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u0432 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u0441 hxxp://27.102.128[.]152:8098/bit[.]ico, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b URL-\u0430\u0434\u0440\u0435\u0441\u0443, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d TigerRat.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 NukeSped \u2014 \u044d\u0442\u043e \u0431\u044d\u043a\u0434\u043e\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u043e\u0442 \u04212, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Andariel, \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043e\u0431\u0440\u0430\u0437\u0435\u0446 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b: \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0444\u0430\u0439\u043b\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445  \u0432\u0435\u0440\u0441\u0438\u0439, \u0438\u043c\u0435\u044e\u0449\u0438\u0445 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u043d\u0430\u0431\u043e\u0440 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041a\u0430\u043a \u0438 \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u0442\u0438\u043f\u0438\u0447\u043d\u044b\u0445 \u0442\u0438\u043f\u0430\u0445 NukeSped, \u0432\u0441\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 API \u0438 \u0441\u0442\u0440\u043e\u043a\u0438 \u0448\u0438\u0444\u0440\u0443\u044e\u0442\u0441\u044f, \u0437\u0430\u0442\u0435\u043c \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\u00a0\u041c\u0435\u0442\u043e\u0434 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 1-\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c XOR \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c \u043a\u043b\u044e\u0447\u0430 0xA1.\u00a0\u041f\u043e\u043c\u0438\u043c\u043e 0xA1, \u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0430\u0442\u0430\u043a \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439 0x97 \u0438 0xAB.\n\n\u0412\u0441\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0410\u0420\u0422 - \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0430 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0438\u0445 \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u043e\u0442\u044f \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e CVE-2023-46604 \u043f\u0440\u043e\u0448\u043b\u043e \u043d\u0435 \u0442\u0430\u043a \u043c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0441\u0442\u043e\u043b\u044c \u043a\u043e\u0440\u043e\u0442\u043a\u0439\u0438 \u0441\u0440\u043e\u043a \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u0430\u0442\u0430\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u043d\u0441\u043f\u0438\u0440\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0410\u0420\u0422.", "creation_timestamp": "2023-11-30T09:31:26.000000Z"}, {"uuid": "150a322d-5fe9-463a-93bc-324f861748e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/true_secator/5118", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Trend Micro \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Apache ActiveMQ \u043f\u043e\u043c\u0438\u043c\u043e \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 HelloKitty\u00a0\u0438\u00a0TellYouThePass \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Kinsing.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 CVE-2023-46604 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 ActiveMQ \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c Linux \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b\u00a0Kinsing\u00a0\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0447\u0430\u0441\u0442\u043e \u0443\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u0438\u0437 \u0432\u0438\u0434\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b, \u043a\u0430\u043a \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 Log4Shell\u00a0\u0438\u043b\u0438\u00a0Atlassian Confluence RCE.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043c\u0435\u0442\u043e\u0434 ProcessBuilder \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f bash-\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0437 \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u041f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u043e \u043c\u0435\u0442\u043e\u0434\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u041f\u041e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0433\u0438\u0431\u043a\u043e\u0441\u0442\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u044b, Kinsing \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 Monero, \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0430\u044f \u0432\u0441\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, crontab \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e  \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u0441\u0442\u0432\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e cronjob, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0440\u0443\u0442\u043a\u0438\u0442 \u0432 /etc/ld.so.preload.\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0440\u0443\u0442\u043a\u0438\u0442\u0430 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0435\u0433\u043e \u043a\u043e\u0434 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u0441\u044f \u043f\u0440\u0438 \u043a\u0430\u0436\u0434\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043d \u043e\u0441\u0442\u0430\u043d\u0435\u0442\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u0440\u044b\u0442\u044b\u043c \u0438 \u0442\u0440\u0443\u0434\u043d\u043e\u0443\u0434\u0430\u043b\u044f\u0435\u043c\u044b\u043c.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0447\u0438\u0441\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 CVE-2023-46604, \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0438\u0445 \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u0432 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043b\u0438  \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2023-11-22T17:59:33.000000Z"}, {"uuid": "85fdfca0-6c85-49bc-be60-9e5fd83a0b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/true_secator/5091", "content": "\u041f\u043e\u044f\u0432\u0438\u0432\u0448\u0438\u0439\u0441\u044f \u043d\u043e\u0432\u044b\u0439 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Apache ActiveMQ \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2023-46604\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 10,0) \u0432 Apache ActiveMQ \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 Apache \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.15.16, 5.16.7, 5.17.6 \u0438\u043b\u0438 5.18.3, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0435\u0449\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u00a0\u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0442\u0430\u043a\u0438\u0445 ransomware \u043a\u0430\u043a HelloKitty \u0438 TellYouThePass, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f SparkRAT.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u043d\u043e\u0432\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c\u00a0VulnCheck, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f\u00a0\u043d\u0430 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f ClassPathXmlApplicationContext, \u0441\u0440\u0435\u0434\u044b Spring \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u0432 ActiveMQ, \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 XML-\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u00a0\u0447\u0435\u0440\u0435\u0437 HTTP \u0438 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, VulnCheck \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0441\u043a\u0440\u044b\u0442\u043d\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0434\u0430\u0436\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0438\u0440\u0430\u0435\u0442\u0441\u044f \u043d\u0430\u00a0FileSystemXmlApplicationContext\u00a0\u0438 \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0435 SpEL\u00a0\u0432\u043c\u0435\u0441\u0442\u043e \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0430 init-method, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0441\u0431\u0440\u043e\u0441\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u0434\u0438\u0441\u043a.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0444\u0430\u0439\u043b\u0435 activemq.log \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438, \u0447\u0442\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0442\u0430\u043a\u0436\u0435 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0441\u043b\u0435\u0434\u0430.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-46604, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ActiveMQ \u0438\u043c\u0435\u0435\u0442 \u043e\u0441\u043e\u0431\u044b\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442.", "creation_timestamp": "2023-11-16T11:53:57.000000Z"}, {"uuid": "4ea3849f-069a-438b-8b61-3699d856d73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/true_secator/5054", "content": "\u041f\u043e\u043c\u0438\u043c\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0430\u0433\u0438 Atlassian Confluence \u0432 \u0430\u043a\u0442\u0438\u0432\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache ActiveMQ RCE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 ArcticWolf \u0438 Huntress Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 CVE-2023-46604 \u0430\u0442\u0430\u043a\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e SparkRAT \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 ActiveMQ \u0435\u0449\u0435 10 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Apache \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f. \n\n\u0410 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432 \u0441\u0435\u0442\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u043e\u0441\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u00a0\u0431\u043e\u043b\u0435\u0435 9200\u00a0\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Apache ActiveMQ, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445\u00a0\u0431\u043e\u043b\u0435\u0435 4770\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 CVE-2023-46604 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430, \u043a \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0438\u0441\u044c \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043a\u0430\u043a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Huntress Labs \u0438 Rapid7, \u0431\u044b\u043b\u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e HelloKitty, \u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043a \u043d\u0438\u043c \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438\u0441\u044c TellYouThePass.\n\n\u0427\u0442\u043e \u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0432\u0435\u0434\u044c Apache ActiveMQ \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445. \n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043e\u0431\u043d\u043e\u0432\u0438\u0432 ActiveMQ \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0439 5.15.16, 5.16.7, 5.17.6 \u0438 5.18.3.", "creation_timestamp": "2023-11-07T14:50:21.000000Z"}, {"uuid": "d17c4593-4cfc-4507-a60a-09c6243ca82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/true_secator/5041", "content": "\u0411\u043e\u043b\u0435\u0435 3000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Apache ActiveMQ \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\nApache ActiveMQ \u2014 \u044d\u0442\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0431\u0440\u043e\u043a\u0435\u0440 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 Java \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0436\u044a\u044f\u0437\u044b\u043a\u043e\u0432\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f AMQP, MQTT, OpenWire \u0438 STOMP.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043e\u043d \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445, \u0433\u0434\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0431\u0435\u0437 \u043f\u0440\u044f\u043c\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f CVE-2023-46604 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3: 10,0 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0442\u0438\u043f\u044b \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e Apache\u00a0\u043e\u0442 27 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Apache Active MQ \u0438 Legacy OpenWire Module \u0432\u0435\u0440\u0441\u0438\u0438 5.18.x \u0434\u043e 5.18.3, 5.17.x \u0434\u043e 5.17.6, 5.16.x \u0434\u043e 5.16.7 \u0438 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 5.15.16.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0439 5.15.16, 5.16.7, 5.17.6 \u0438 5.18.3.\n\n\u041d\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 ShadowServer\u00a0\u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0438 7249 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 ActiveMQ, \u0438\u0437 \u043d\u0438\u0445 3329 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u044e ActiveMQ, \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0434\u043b\u044f CVE-2023-4660, \u043f\u0440\u0438\u0447\u0435\u043c \u0432\u0441\u0435 \u044d\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f RCE.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 (1400) \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u041a\u0438\u0442\u0430\u0435, \u0437\u0430\u0442\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0421\u0428\u0410 \u0441 530, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442 \u0442\u0440\u0435\u0442\u044c\u0435 \u0441 153, \u0430 \u0418\u043d\u0434\u0438\u044f, \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u044b, \u0420\u043e\u0441\u0441\u0438\u044f, \u0424\u0440\u0430\u043d\u0446\u0438\u044f \u0438 \u042e\u0436\u043d\u0430\u044f \u041a\u043e\u0440\u0435\u044f \u0438\u043c\u0435\u044e\u0442 \u043f\u043e 100 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043a\u0430\u0436\u0434\u0430\u044f.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0440\u043e\u043b\u044c Apache ActiveMQ \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-46604 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0432 \u0441\u0435\u0442\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CVE-2023-46604 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u0431\u0435\u0437\u043e\u0442\u043b\u0430\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0438 \u043a\u0440\u0430\u043d\u0435 \u0441\u0440\u043e\u0447\u043d\u0443\u044e \u043c\u0435\u0440\u0443.", "creation_timestamp": "2023-11-02T14:24:42.000000Z"}, {"uuid": "dc2212c4-9c03-40bf-a78a-593becf7b1ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4585", "content": "https://system32.ink/apache-activemq-rce-cve-2023-46604-exploit/", "creation_timestamp": "2023-11-05T03:42:35.000000Z"}, {"uuid": "d3d0efef-69c8-46e6-b4fb-91598c910dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/214463", "content": "https://ift.tt/Wu5jSmd\nThe Threat That Can\u2019t Be Ignored: CVE-2023-46604 in Apache ActiveMQ", "creation_timestamp": "2024-04-09T13:56:57.000000Z"}, {"uuid": "c27a9813-29a1-41b3-84cd-8234a36cc20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/cibsecurity/73057", "content": "\u203c CVE-2023-46604 \u203c\n\nApache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate\u00c2\u00a0any class on the classpath.\u00c2\u00a0Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T18:17:07.000000Z"}, {"uuid": "b657f4ba-5927-4497-86a3-9f908a03ce4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/180720", "content": "https://ift.tt/yqInvtf\nCVE-2023-46604 | Oracle Communications Element Manager up to 9.0.2.0.1 Security deserialization", "creation_timestamp": "2024-02-07T14:46:53.000000Z"}, {"uuid": "1f44a1dc-5609-489a-a95f-f5d4530d1876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/180722", "content": "https://ift.tt/B6V9hWQ\nCVE-2023-46604 | Oracle Communications Session Report Manager up to 9.0.2.0.1 Security deserialization", "creation_timestamp": "2024-02-07T14:46:55.000000Z"}, {"uuid": "c3987506-6929-4411-9af4-9d53b17b58af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/181257", "content": "https://ift.tt/rkIvRzL\nCVE-2023-46604 | Oracle Banking Digital Experience 22.1.0/22.2.0 UI General deserialization", "creation_timestamp": "2024-02-08T10:11:44.000000Z"}, {"uuid": "ebd621f0-df15-4d9c-9b06-5ef869bd391f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/181755", "content": "https://ift.tt/AtR0dJ9\nCVE-2023-46604 | Oracle Enterprise Data Quality 12.2.1.4.0 General deserialization", "creation_timestamp": "2024-02-09T01:46:29.000000Z"}, {"uuid": "4549408c-b790-4249-bc86-86921d3cd96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/181254", "content": "https://ift.tt/smBXJHQ\nCVE-2023-46604 | Oracle Banking APIs 22.1.0/22.2.0 IDM - Authentication deserialization", "creation_timestamp": "2024-02-08T10:11:38.000000Z"}, {"uuid": "4abdd6ec-0842-4dfe-be81-4cf9914d59a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ctinow/181280", "content": "https://ift.tt/8my7WFI\nCVE-2023-46604 | Oracle Financial Services Analytical Applications Infrastructure deserialization", "creation_timestamp": "2024-02-08T11:07:10.000000Z"}, {"uuid": "78d17fbb-8ebc-4a0c-a227-9856a539e61e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ZerodayAlert/91", "content": "", "creation_timestamp": "2026-07-06T11:00:15.043457Z"}, {"uuid": "3a2f9196-b4d9-4a7f-87e1-e20142dea393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ZerodayAlert/96", "content": "", "creation_timestamp": "2026-07-06T11:00:15.024193Z"}, {"uuid": "72552591-1f61-48ee-8d1b-017b661a2cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/thehackernews/4206", "content": "\ud83d\udea8 Apache ActiveMQ's CVE-2023-46604 flaw is under active exploitation by  hackers to distribute two dangerous programs: GoTitan, a Go-based botnet, and PrCtrl Rat, a .NET threat. \n \nRead details: https://thehackernews.com/2023/11/gotitan-botnet-spotted-exploiting.html", "creation_timestamp": "2023-11-29T06:11:47.000000Z"}, {"uuid": "ad062c47-902d-41be-a6ad-466c0ed3bd82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/thehackernews/4088", "content": "\ud83d\udea8 Urgent: Thousands of internet-accessible ActiveMQ instances are at risk. \n \nHelloKitty ransomware group is actively exploiting a critical Remote Code Execution (RCE) flaw, CVE-2023-46604, in Apache ActiveMQ. \n \nFind details here \u27a1\ufe0f https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html", "creation_timestamp": "2023-11-02T05:37:58.000000Z"}, {"uuid": "acabf689-21f6-417b-bb7e-82870f0c5309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/4152", "content": "\u26a0\ufe0f New PoC exploit for CVE-2023-46604 flaw in Apache ActiveMQ could let attackers stealthily execute malicious code. \n \nCVSS score: 10.0! Are your servers secure? \n \nLearn more about this critical vulnerability: https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html", "creation_timestamp": "2023-11-15T14:51:30.000000Z"}, {"uuid": "2c235cef-762d-49b4-8533-ec8869fe33a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/thehackernews/4434", "content": "Hackers Feast on Unpatched ActiveMQ!  CVE-2023-46604, a critical remote code execution flaw, is back in the spotlight. \n \nLearn more: https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html \n \nUpdate your Apache ASAP or risk ransomware, rootkits, and botnets.", "creation_timestamp": "2024-01-22T16:55:39.000000Z"}, {"uuid": "18acb2aa-4a91-4b7c-9785-d4837854428a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/xakep_ru/15019", "content": "\u041c\u0430\u043b\u0432\u0430\u0440\u044c Kinsing \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache ActiveMQ \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0440\u0443\u0442\u043a\u0438\u0442\u0430\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u0430\u043b\u0432\u0430\u0440\u0438 Kinsing \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46604 \u0432 Apache ActiveMQ \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 Linux-\u0441\u0438\u0441\u0442\u0435\u043c. \u041a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\nhttps://xakep.ru/2023/11/22/kinsing-apache-activemq/", "creation_timestamp": "2023-11-22T17:05:26.000000Z"}, {"uuid": "b2bde30e-c053-4ab1-bc8c-ba6048cd4b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/xakep_ru/14940", "content": "\u0412\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache ActiveMQ\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 3000 \u0442\u044b\u0441\u044f\u0447 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Apache ActiveMQ, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0435\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e (CVE-2023-46604). \u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0430\u0433 \u0443\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0430\u043c. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 HelloKitty.\n\nhttps://xakep.ru/2023/11/03/apache-activemq-rce/", "creation_timestamp": "2023-11-03T18:35:37.000000Z"}, {"uuid": "2b237a2b-2259-41a9-b61d-c5a1bb879ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/CyberBulletin/26743", "content": "\u26a1\ufe0fMauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604).\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:14:22.000000Z"}, {"uuid": "f8130e7f-ba1c-466b-91e4-d48248ca3b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1462", "content": "https://github.com/sule01u/CVE-2023-46604\n#github #exploit", "creation_timestamp": "2023-11-08T14:05:09.000000Z"}, {"uuid": "942273fc-45a2-44bb-b4a7-87791c34f244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/CNArsenal/1569", "content": "https://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html\n\nCVE-2023-46604(Apache ActiveMQ)\u88ab\u5229\u7528\u6765\u611f\u67d3\u5bc6\u7801\u5668\u548cRootkit\u7cfb\u7edf\n#\u65b0\u95fb", "creation_timestamp": "2023-11-23T05:01:48.000000Z"}, {"uuid": "1a564445-e9b4-4b26-a39d-039fb5ca8640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/9449", "content": "#Malware_analysis\n1. Diamond Sleet supply chain compromise distributes a modified CyberLink installer\nhttps://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer\n2. HrServ - malware web shell DLL\nhttps://securelist.com/hrserv-apt-web-shell/111119\n3. CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits\nhttps://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html", "creation_timestamp": "2023-11-23T10:58:01.000000Z"}, {"uuid": "cb2b30d8-02cd-437b-9feb-6bef20e8c4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9351", "content": "#tools\n#Blue_Team_Techniques\n1. ActiveMQ RCE vulnerability (CVE-2023-46604) verification/exploitation tool\nhttps://github.com/sule01u/CVE-2023-46604\n2. A comprehensive tool that provides an insightful analysis of MS monthly security updates\nhttps://github.com/xaitax/PatchaPalooza", "creation_timestamp": "2023-11-08T10:59:01.000000Z"}, {"uuid": "53f70451-93af-44a9-b766-89cbf1c23921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9336", "content": "#exploit\n1. CVE-2023-22518:\nAn Exploitation tool to exploit the confluence server (Improper Authorization)\nhttps://github.com/sanjai-AK47/CVE-2023-22518\n\n2. CVE-2023-46604:\nAchieving a Reverse Shell Exploit for Apache ActiveMQ\nhttps://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ\n\n3. CVE-2023-37903:\nvm2 Sandbox Escape vulnerability\nhttps://github.com/7h3h4ckv157/CVE-2023-37903", "creation_timestamp": "2025-02-04T15:50:46.000000Z"}, {"uuid": "ace32a34-1c8c-4edd-9897-71e73eba87de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/Rootsec_2/2000", "content": "#Malware_analysis\n1. Diamond Sleet supply chain compromise distributes a modified CyberLink installer\nhttps://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer\n2. HrServ - malware web shell DLL\nhttps://securelist.com/hrserv-apt-web-shell/111119\n3. CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits\nhttps://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html", "creation_timestamp": "2024-08-16T08:51:05.000000Z"}, {"uuid": "d4cb2bd1-3c98-44a8-b728-7098bf54e5b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/Rootsec_2/2005", "content": "https://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html\n\nCVE-2023-46604(Apache ActiveMQ)\u88ab\u5229\u7528\u6765\u611f\u67d3\u5bc6\u7801\u5668\u548cRootkit\u7cfb\u7edf\n#\u65b0\u95fb", "creation_timestamp": "2024-08-16T08:51:06.000000Z"}, {"uuid": "785265e4-d5a3-4afd-b33f-fb75a4db8dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/Rootsec_2/2053", "content": "#Malware_analysis\n1. Diamond Sleet supply chain compromise distributes a modified CyberLink installer\nhttps://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer\n2. HrServ - malware web shell DLL\nhttps://securelist.com/hrserv-apt-web-shell/111119\n3. CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits\nhttps://www.trendmicro.com/en_us/research/23/k/cve-2023-46604-exploited-by-kinsing.html", "creation_timestamp": "2024-08-16T08:51:14.000000Z"}, {"uuid": "eb8addc4-2708-49f8-a13c-bf9e634a82bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1642", "content": "#exploit\n1. CVE-2023-22518:\nAn Exploitation tool to exploit the confluence server (Improper Authorization)\nhttps://github.com/sanjai-AK47/CVE-2023-22518\n\n2. CVE-2023-46604:\nAchieving a Reverse Shell Exploit for Apache ActiveMQ\nhttps://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ\n\n3. CVE-2023-37903:\nvm2 Sandbox Escape vulnerability\nhttps://github.com/7h3h4ckv157/CVE-2023-37903", "creation_timestamp": "2024-08-16T08:43:34.000000Z"}, {"uuid": "47029d1b-07f7-4903-aa10-960d3e1e664f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1662", "content": "#tools\n#Blue_Team_Techniques\n1. ActiveMQ RCE vulnerability (CVE-2023-46604) verification/exploitation tool\nhttps://github.com/sule01u/CVE-2023-46604\n2. A comprehensive tool that provides an insightful analysis of MS monthly security updates\nhttps://github.com/xaitax/PatchaPalooza", "creation_timestamp": "2024-08-16T08:43:35.000000Z"}, {"uuid": "57122be3-4547-45cb-9c48-a709fa6f0da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "Telegram/kcBXGeNIBmGVCv-daF2D_otXD8QiKxFj_3wywFGQYSfa", "content": "", "creation_timestamp": "2024-11-11T18:25:20.000000Z"}, {"uuid": "ea81e2b9-cf42-44c4-a509-1109ecf9e4fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e8c8129d-b09e02c4de9c4f4a", "content": "", "creation_timestamp": "2026-05-07T10:52:25.889083Z"}, {"uuid": "56e239d2-7ccc-4ae2-b5fa-8fab6a32acd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/GithubRedTeam/87519", "content": "", "creation_timestamp": "2026-06-06T06:00:35.000000Z"}, {"uuid": "62244544-b891-4a57-8b04-7344ec078ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/ShaiOnionGod/bb378bb47a2626f2a0b85bb402724549", "content": "", "creation_timestamp": "2026-06-23T09:25:09.000000Z"}, {"uuid": "2617e6b2-a5d7-4e62-a294-d0a054be5e76", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://db.gcve.eu/known-exploited-vulnerabilities-catalog/77892e63-7df0-4c8a-9040-bcbcc1411475", "content": "", "creation_timestamp": "2026-06-23T11:14:11.951793Z"}, {"uuid": "80574d1d-e5c3-4eed-9bb9-085343a305b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/ShaiOnionGod/a2470d5624f426a312bf6d47e9b8a91c", "content": "", "creation_timestamp": "2026-06-23T12:21:01.000000Z"}, {"uuid": "a1857fc8-8e1f-4280-ba15-39a53869153e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://gist.github.com/ShaiOnionGod/698e64623dff9eabc7bcf40ecdbc049d", "content": "", "creation_timestamp": "2026-06-29T18:55:06.069538Z"}, {"uuid": "402d497b-9724-4f8e-a2d2-b191e921d085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ZerodayAlert/91", "content": "", "creation_timestamp": "2026-07-07T00:00:23.346202Z"}, {"uuid": "b29502aa-ab1c-4aee-83fe-27bae7cd2cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "seen", "source": "https://t.me/ZerodayAlert/96", "content": "", "creation_timestamp": "2026-07-07T00:00:23.319361Z"}, {"uuid": "1d1b8db6-9700-4774-b723-e0c5a5638771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ZerodayAlert/96", "content": "", "creation_timestamp": "2026-07-12T04:00:04.416625Z"}, {"uuid": "c320bc38-0ece-45a9-aa1f-803f85725108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ZerodayAlert/91", "content": "", "creation_timestamp": "2026-07-12T04:00:04.376400Z"}, {"uuid": "2f15653f-18b1-4f3b-894e-df1cf82cdc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ZerodayAlert/96", "content": "", "creation_timestamp": "2026-07-13T00:00:52.829638Z"}, {"uuid": "556df23c-9bf4-403d-9b40-0f00e58ce0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "exploited", "source": "https://t.me/ZerodayAlert/91", "content": "", "creation_timestamp": "2026-07-13T00:00:52.802488Z"}, {"uuid": "ff60ede4-9445-4dfb-ae01-32fef989e70c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "cve-2023-46604", "type": "seen", "source": "https://gist.github.com/tu-trinh-scale/3053ccc08fc80fb58f05fd189f0cd010", "content": "", "creation_timestamp": "2026-07-14T13:34:50.464627Z"}, {"uuid": "221a8a1e-6c6e-4b48-9716-5ba93ee5a2cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-46604", "type": "published-proof-of-concept", "source": "https://t.me/cyberwarehouse/141", "content": "", "creation_timestamp": "2026-07-18T00:00:27.963412Z"}]}