{"vulnerability": "CVE-2023-4674", "sightings": [{"uuid": "e0e681e8-66f2-42b0-9e24-a39ea75fe54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/212618", "content": "https://ift.tt/FhflT3i\nBringing Access Back \u2014 Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect", "creation_timestamp": "2024-03-23T05:56:30.000000Z"}, {"uuid": "7ba13130-7e11-4c30-8a4a-b3c5a289d062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "https://t.me/cibsecurity/73014", "content": "\u203c CVE-2023-46748 \u203c\n\nAn authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands.\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T00:18:13.000000Z"}, {"uuid": "0343d11e-ea06-49fe-9009-74813593101c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/cibsecurity/73013", "content": "\u203c CVE-2023-46747 \u203c\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.\u00c2\u00a0\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T00:18:12.000000Z"}, {"uuid": "edb7ea35-725e-4f59-9c79-4aa57d3917f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46749", "type": "seen", "source": "https://t.me/ctinow/178431", "content": "https://ift.tt/2cLtYQB\nCVE-2023-46749 | Apache Shiro up to 1.12.x/2.0.0-alpha-3 path traversal", "creation_timestamp": "2024-02-03T08:41:36.000000Z"}, {"uuid": "48fe9dd7-0e3f-4166-89b2-c399667d65e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46749", "type": "seen", "source": "https://t.me/ctinow/167579", "content": "https://ift.tt/9b1VMLK\nCVE-2023-46749", "creation_timestamp": "2024-01-12T22:41:56.000000Z"}, {"uuid": "3ffdeab7-d6c4-4a0e-954b-8fccabf176a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46740", "type": "seen", "source": "https://t.me/ctinow/172292", "content": "https://ift.tt/6a9gRxO\nCVE-2023-46740 | CubeFS up to 3.3.0 random values", "creation_timestamp": "2024-01-23T21:02:07.000000Z"}, {"uuid": "80ef1c7c-3fc6-4fd6-8186-13621576bce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46741", "type": "seen", "source": "https://t.me/ctinow/172291", "content": "https://ift.tt/27yOaLS\nCVE-2023-46741 | CubeFS up to 3.3.0 Magic Secret Key log file", "creation_timestamp": "2024-01-23T21:02:05.000000Z"}, {"uuid": "da27f2d7-df70-432b-a5f0-7d8844e89213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46742", "type": "seen", "source": "https://t.me/ctinow/172275", "content": "https://ift.tt/SNtCg65\nCVE-2023-46742 | CubeFS up to 3.3.0 log file", "creation_timestamp": "2024-01-23T20:27:01.000000Z"}, {"uuid": "84913c29-ca48-4a41-a514-213a6d5bba0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4674", "type": "seen", "source": "https://t.me/ctinow/160571", "content": "https://ift.tt/ozPjIYm\nCVE-2023-4674", "creation_timestamp": "2023-12-29T16:26:38.000000Z"}, {"uuid": "03c0393f-a5ad-4581-abae-ac891c21e12c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/thehackernews/4084", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-01T10:27:24.000000Z"}, {"uuid": "85fdb15d-d852-4c62-86a3-d668a33e25ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1403", "content": "CVE-2023-46747-POC\n\ncurl -sk -u 'ali:ali' -H 'Content-Type: application/json' -X POST \\\n\n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'  \\\n\nhttps:///$IP:$PORT/mgmt/tm/util/bash\n\n#poc #exploit", "creation_timestamp": "2023-10-31T10:11:17.000000Z"}, {"uuid": "8af0ba89-5af0-48d0-b335-57fedb429ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1413", "content": "https://github.com/W01fh4cker/CVE-2023-46747-RCE\n#github", "creation_timestamp": "2023-11-02T03:56:10.000000Z"}, {"uuid": "08e19690-a79a-4ca5-9ae3-f4d310c408e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1589", "content": "https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747", "creation_timestamp": "2024-08-16T08:43:26.000000Z"}, {"uuid": "7c5252a8-40d2-46ec-acba-13489109d3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/K0f-j-gack7mEbq0v5q9zf3FeKuqj9Z-q5xmBuR-W-zC", "content": "", "creation_timestamp": "2024-11-11T18:25:20.000000Z"}, {"uuid": "bbde1074-0d34-49fc-900c-38a6ba64bc05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1633", "content": "#tools\n#Offensive_security\n1. UAC Bypass program\nhttps://github.com/justhyak/UAC-Bypass-FUD\n2. Python script to test if a F5 BIG-IP is vulnerable for CVE-2023-46747\nhttps://github.com/nvansluis/test_cve-2023-46747\n3. The art of indirect exfiltration\nhttps://thecontractor.io/data-bouncing", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}, {"uuid": "a9640ddb-297d-4384-b426-6bb59e70ea25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971910", "content": "", "creation_timestamp": "2024-12-24T20:35:32.594488Z"}, {"uuid": "c74229f2-d81d-42a6-a806-054d9761e190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971910", "content": "", "creation_timestamp": "2024-12-24T20:35:32.625854Z"}, {"uuid": "0406d7fa-22af-4a12-8db5-200b91c6b5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "2392e09b-c2ee-4aac-8ffa-59334fa5829b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "af1ebf32-e8dd-455b-9e87-e33235418979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "4c23f92e-7d0a-46ac-a5f9-7355eaa77425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures", "content": "", "creation_timestamp": "2025-05-14T05:59:49.116672Z"}, {"uuid": "65fb4a4f-088f-4576-b48d-33d9e798fed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "223e4aee-9a44-4b52-baa4-4c0892d72735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "b7d33876-959a-4a12-941a-0cda287ef4c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5_bigip_tmui_rce_cve_2023_46747.rb", "content": "", "creation_timestamp": "2023-11-02T16:09:41.000000Z"}, {"uuid": "1b2daefc-8360-4932-9a2c-c69ee717f73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-31)", "content": "", "creation_timestamp": "2025-12-31T00:00:00.000000Z"}, {"uuid": "51ce84ed-75fa-46a9-9118-33226e39e700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:31.000000Z"}, {"uuid": "78c06f4c-49bc-4723-9a00-1f6c78c6d35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "d10a13ef-8e38-4953-904b-51878a257b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/wG0cDJgGVfJGwd2Zjdu2U-n25YycOJf4cno9rhYGWoiytkA", "content": "", "creation_timestamp": "2025-12-03T15:00:08.000000Z"}, {"uuid": "724cb03a-b219-4f1f-b6c9-dc586fc91112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5615", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\nURL\uff1ahttps://github.com/AliBrTab/CVE-2023-46747-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T15:53:34.000000Z"}, {"uuid": "b05bbe45-a824-4a9a-93e4-58ec54cd23f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46747\nURL\uff1ahttps://github.com/k0zulzr/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T13:30:06.000000Z"}, {"uuid": "c49ce82e-a103-4f7a-96f2-b167b26da25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5611", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1ametasploit module for CVE-2023-46747 (F5 BIG-IP) RCE and the analyze\nURL\uff1ahttps://github.com/TomArn1/CVE-2023-46747-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-30T13:23:54.000000Z"}, {"uuid": "162d0939-43f7-4597-82b7-7341c813065a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5661", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs\nURL\uff1ahttps://github.com/sanjai-AK47/CVE-2023-46747\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-03T13:38:15.000000Z"}, {"uuid": "274eae09-74dd-4006-936e-b0c9e3536807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/3549", "content": "\u200b\u26a1\ufe0f\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u0432 BIG-IP \u043e\u0442 F5 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\ud83d\udcac \u0422\u0440\u0430\u043d\u0441\u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 \u0443\u0441\u043b\u0443\u0433\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0430\u0439\u0442\u0430\u043c\u0438 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-46747 \u0438 \u0431\u044b\u043b\u0430 \u043e\u0446\u0435\u043d\u0435\u043d\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0432 9,8 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0431\u0430\u043b\u043b\u043e\u0432.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u041c\u0430\u0439\u043a\u043b\u0443 \u0412\u0435\u0431\u0435\u0440\u0443 \u0438 \u0422\u043e\u043c\u0430\u0441\u0443 \u0425\u0435\u043d\u0434\u0440\u0438\u043a\u0441\u043e\u043d\u0443 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Praetorian, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0451\u0442 \u0441 \u043d\u044e\u0430\u043d\u0441\u0430\u043c\u0438 \u0440\u0430\u0431\u043e\u0442\u044b CVE-2023-46747.\n\nF5 \u0443\u0442\u043e\u0447\u043d\u0438\u043b\u0430: \u00ab\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BIG-IP \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 / \u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b\u00bb. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0431\u044b\u043b\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 BIG-IP:\n\n17.1.0 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 17.1.0.3 + Hotfix-BIGIP-17.1.0.3.0.75.4-ENG);\n\n16.1.0 - 16.1.4 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 16.1.4.1 + Hotfix-BIGIP-16.1.4.1.0.50.5-ENG);\n\n15.1.0 - 15.1.10 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 15.1.10.2 + Hotfix-BIGIP-15.1.10.2.0.44.2-ENG);\n\n14.1.0 - 14.1.5 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 14.1.5.6 + Hotfix-BIGIP-14.1.5.6.0.10.6-ENG);\n\n13.1.0 - 13.1.5 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 13.1.5.1 + Hotfix-BIGIP-13.1.5.1.0.20.2-ENG);\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0432 F5 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 , \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 14.1.0. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u0430\u043a\u0446\u0435\u043d\u0442, \u0447\u0442\u043e \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 BIG-IP \u043d\u0438\u0436\u0435 14.1.0 \u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0435\u0449\u0451 \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c\u0438 BIG-IP. \u0421\u0430\u043c \u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0441\u043e\u0432\u0435\u0442\u044b:\n\n\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430 ;\n\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f .\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e CVE-2023-46747 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0436\u0435 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u043f\u043e \u0441\u0447\u0451\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 BIG-IP TMUI \u043f\u043e\u0441\u043b\u0435 CVE-2020-5902 \u0438 CVE-2022-1388 .\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-27T14:49:00.000000Z"}, {"uuid": "f57ec742-93b7-4335-bfd4-e3e5843e10d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/itsec_news/3579", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T10:48:35.000000Z"}, {"uuid": "1961b27c-1366-4055-b282-9d8800131c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://t.me/itsec_news/3579", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T10:48:35.000000Z"}, {"uuid": "57f8cc1f-ebe5-4be9-9aca-3d9079b0afb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/itsec_news/3578", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T09:43:20.000000Z"}, {"uuid": "49469891-8bfd-41fe-9e91-cb054e864646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/18744", "content": "\u200aF5 fixes BIG-IP auth bypass allowing remote code execution attacks\n\nA critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. [...]\n\nhttps://www.bleepingcomputer.com/news/security/f5-fixes-big-ip-auth-bypass-allowing-remote-code-execution-attacks/", "creation_timestamp": "2023-10-27T18:00:34.000000Z"}, {"uuid": "a6b784a0-3f7e-4ea6-9d41-5c7b91326ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/BleepingComputer/18751", "content": "Latest news and stories from BleepingComputer.com\nF5 fixes BIG-IP auth bypass allowing remote code execution attacks\n\nA critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. [...]", "creation_timestamp": "2023-10-27T19:09:29.000000Z"}, {"uuid": "7587e580-ee01-4e09-98d6-db1b3fc486a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/140", "content": "\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u043b\u0438\u0441\u044c F5 Networks, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u0434\u0432\u0443\u043c\u044f \u0431\u0430\u0433\u0430\u043c\u0438: CVE-2023-46747 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=9.8) \u0438 CVE-2023-46748 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=8.8)\n\nF5 BIG-IP - \u044d\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u0445\u043e\u0434\u044f\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\ud83d\ude0e\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46748 \u0432 BIG-IP Configuration utility \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0443\u044e SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.  \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46747 Unauth RCE via AJP Smuggling - \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Request Smuggling \u0432 Apache JServ (AJP).\n\nRequest Smuggling \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 Content-Length/Transfer-Encoding \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043e\u0442 Apache HTTPd \u043a Tomcat \u043f\u043e AJP, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c POST-\u0437\u0430\u043f\u0440\u043e\u0441 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 516 bytes (0x204 bytes) \u043d\u0430 \u0440\u0443\u0447\u043a\u0443 /tmui/Control/form/ \u0441 AJP \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u043e\u043c remote_user = admin \u0438 \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c null \u0434\u043b\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 REMOTEROLE \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\ud83d\udc4d\n\u0414\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 CSRF \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0447\u0442\u043e\u0431\u044b \u043a\u043e\u043d\u043a\u0430\u0442\u0435\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 _bufvalue \u0438 _timenow \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044e base64 SHA1 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 Tmui-Dubbuf \u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0443 516 bytes (0x204 bytes).\n\n\u0414\u0430\u043b\u0435\u0435, \u0441 \u043d\u043e\u0432\u043e\u0439 \u0443\u0447\u0435\u0442\u043a\u043e\u0439 \u0430\u0434\u043c\u0438\u043d\u0430, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 /mgmt/tm/util/bash \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c RCE\ud83d\ude0e\ncurl -sk -u 'USER:PASS' -H 'Content-Type: application/json' -X POST \\ \n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'\nhttps://$IP:8443/mgmt/tm/util/bash\n\n\ud83d\udd0eShodan & Fofa: title=\"BIG-IP®- Redirect\"\n\u2699\ufe0fPOC: https://github.com/W01fh4cker/CVE-2023-46747-RCE\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\nPS: \u0416\u0435\u043b\u0430\u044e \u0432\u0441\u0435\u043c \u0443\u0434\u0430\u0447\u043d\u043e\u0439 \u043f\u044f\u0442\u043d\u0438\u0446\u044b \u0438 \u0445\u043e\u0440\u043e\u0448\u0438\u0445 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445!", "creation_timestamp": "2023-11-03T11:57:25.000000Z"}, {"uuid": "1d611fb9-5273-4c91-9843-3b924e4d8873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/140", "content": "\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u043b\u0438\u0441\u044c F5 Networks, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u0434\u0432\u0443\u043c\u044f \u0431\u0430\u0433\u0430\u043c\u0438: CVE-2023-46747 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=9.8) \u0438 CVE-2023-46748 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=8.8)\n\nF5 BIG-IP - \u044d\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u0445\u043e\u0434\u044f\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\ud83d\ude0e\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46748 \u0432 BIG-IP Configuration utility \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0443\u044e SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.  \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46747 Unauth RCE via AJP Smuggling - \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Request Smuggling \u0432 Apache JServ (AJP).\n\nRequest Smuggling \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 Content-Length/Transfer-Encoding \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043e\u0442 Apache HTTPd \u043a Tomcat \u043f\u043e AJP, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c POST-\u0437\u0430\u043f\u0440\u043e\u0441 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 516 bytes (0x204 bytes) \u043d\u0430 \u0440\u0443\u0447\u043a\u0443 /tmui/Control/form/ \u0441 AJP \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u043e\u043c remote_user = admin \u0438 \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c null \u0434\u043b\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 REMOTEROLE \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\ud83d\udc4d\n\u0414\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 CSRF \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0447\u0442\u043e\u0431\u044b \u043a\u043e\u043d\u043a\u0430\u0442\u0435\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 _bufvalue \u0438 _timenow \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044e base64 SHA1 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 Tmui-Dubbuf \u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0443 516 bytes (0x204 bytes).\n\n\u0414\u0430\u043b\u0435\u0435, \u0441 \u043d\u043e\u0432\u043e\u0439 \u0443\u0447\u0435\u0442\u043a\u043e\u0439 \u0430\u0434\u043c\u0438\u043d\u0430, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 /mgmt/tm/util/bash \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c RCE\ud83d\ude0e\ncurl -sk -u 'USER:PASS' -H 'Content-Type: application/json' -X POST \\ \n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'\nhttps://$IP:8443/mgmt/tm/util/bash\n\n\ud83d\udd0eShodan & Fofa: title=\"BIG-IP®- Redirect\"\n\u2699\ufe0fPOC: https://github.com/W01fh4cker/CVE-2023-46747-RCE\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\nPS: \u0416\u0435\u043b\u0430\u044e \u0432\u0441\u0435\u043c \u0443\u0434\u0430\u0447\u043d\u043e\u0439 \u043f\u044f\u0442\u043d\u0438\u0446\u044b \u0438 \u0445\u043e\u0440\u043e\u0448\u0438\u0445 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445!", "creation_timestamp": "2023-11-03T11:57:25.000000Z"}, {"uuid": "7ee7a947-459d-499c-b2a7-50362a37a209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/kasperskyb2b/976", "content": "\u26a1\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Citrix NetScaler \u0438 F5 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438\n\n\u0422\u044f\u0436\u0451\u043b\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u2014 \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0440\u0430\u0441\u043a\u0430\u0447\u043a\u0443. \u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u044b\u0440\u0430\u043c\u0438 \u0432 Netscaler ADC \u0438 BIG-IP \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0433\u0440\u0443\u043f\u043f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 ransomware.\n\nCVE-2023-4966 (CitrixBleed, CVSS 9.4) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0443\u0442\u0430\u0449\u0438\u0442\u044c \u0441\u0435\u0441\u0441\u0438\u043e\u043d\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u043b\u0435\u0434\u043e\u0432 \u0432 \u043b\u043e\u0433\u0430\u0445, \u0438, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0438\u043c\u0438, \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0442\u044c \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u043e\u0431\u0445\u043e\u0434 MFA. \u0412 \u043e\u0431\u0449\u0435\u043c, \u0431\u044b\u0441\u0442\u0440\u043e \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438. \n \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0435\u044e \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u0432\u0441\u0435, \u043a\u043e\u043c\u0443 \u043d\u0435 \u043b\u0435\u043d\u044c \u0434\u0430\u0436\u0435 \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b. \n\u0412\u0430\u0436\u043d\u043e, \u0447\u0442\u043e \u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0443\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430, \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b. \u041d\u0443\u0436\u043d\u043e \u0438\u0441\u043a\u0430\u0442\u044c \u0441\u043b\u0435\u0434\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0441\u043b\u0435\u0434\u043e\u0432 \u2014 \u0437\u0434\u0435\u0441\u044c \u0438 \u0437\u0434\u0435\u0441\u044c (\u0441\u043f\u043e\u0439\u043b\u0435\u0440 \u2014 \u0432\u0430\u043c \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u043c\u043e\u0436\u0435\u0442 SIEM). \n\n\u0420\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u044b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a \u0434\u044b\u0440\u044b \u0432 F5 BIG-IP (CVE-2023-46747 \u0438 -46748, CVSS 9.8, 8.8) \u0442\u043e\u0436\u0435 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0438\u0441\u044c \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\u043c \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u0435\u0440\u0432\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0439 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439.  \n\u041b\u044e\u0431\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0430 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438, \u043f\u0435\u0441\u0441\u0438\u043c\u0438\u0441\u0442\u0438\u0447\u043d\u043e \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 F5 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0441\u043b\u0435\u0434\u043e\u0432 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0438\u0441\u0442\u0435\u043c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-11-02T10:58:10.000000Z"}, {"uuid": "db9deea0-b110-4fa3-a4df-95ee1e066560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/223OFSMmLUdP7f4yTdbWxDK9P9UYsPDh697eB18UtwZouQ", "content": "", "creation_timestamp": "2023-11-01T16:34:19.000000Z"}, {"uuid": "b1bf931f-6d01-4fcb-b2ce-f4bcd263f762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46741", "type": "seen", "source": "https://t.me/cibsecurity/74331", "content": "\u203c\ufe0fCVE-2023-46741\u203c\ufe0f\n\nCubeFS is an opensource cloudnative file storage system. A vulnerability was found in CubeFS prior to version 3.3.1 that could allow users to read sensitive data from the logs which could allow them escalate privileges. CubeFS leaks configuration keys in plaintext format in the logs. These keys could allow anyone to carry out operations on blobs that they otherwise do not have permissions for. For example, an attacker that has succesfully retrieved a secret key from the logs can delete blogs from the blob store. The attacker can either be an internal user with limited privileges to read the log, or they can be an external user who has escalated privileges sufficiently to access the logs. The vulnerability has been patched in v3.3.1. There is no other mitigation than upgrading. \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:36:48.000000Z"}, {"uuid": "fa198a49-67c4-4df0-8358-1daf7e481a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "Telegram/cDnMH4YbZFfIIqtTxoOirX-XeJzHKYG1rqqgjWGd4IpzHg", "content": "", "creation_timestamp": "2023-11-01T11:43:00.000000Z"}, {"uuid": "d1e70a31-8b97-4ab2-bb79-b79f8ce3d539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/UvfOaXPYVyIIcBkplEjtKRimhd7owHzf0Znm1nXbcyV1iQ", "content": "", "creation_timestamp": "2023-11-01T11:36:55.000000Z"}, {"uuid": "31e0d7c4-fb45-49d6-b207-fd644aedc808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46742", "type": "seen", "source": "https://t.me/arpsyndicate/2471", "content": "#ExploitObserverAlert\n\nCVE-2023-46742\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46742. CubeFS is an open-source cloud-native file storage system. CubeFS prior to version 3.3.1 was found to leak users secret keys and access keys in the logs in multiple components. When CubeCS creates new users, it leaks the users secret key. This could allow a lower-privileged user with access to the logs to retrieve sensitive information and impersonate other users with higher privileges than themselves. The issue has been patched in v3.3.1. There is no other mitigation than upgrading CubeFS.", "creation_timestamp": "2024-01-05T12:16:29.000000Z"}, {"uuid": "b585283d-4d08-43fe-a04d-9693e3bf110b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46749", "type": "seen", "source": "https://t.me/ctinow/168283", "content": "https://ift.tt/1OqsINS\nCVE-2023-46749", "creation_timestamp": "2024-01-15T11:26:43.000000Z"}, {"uuid": "c694c0a6-30b6-40b0-be3e-4643ab27a3e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46742", "type": "seen", "source": "https://t.me/ctinow/162521", "content": "https://ift.tt/m9GNMzy\nCVE-2023-46742", "creation_timestamp": "2024-01-03T18:31:50.000000Z"}, {"uuid": "4d6dd8c0-9224-4223-a09c-fbd455757b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46741", "type": "seen", "source": "https://t.me/ctinow/162520", "content": "https://ift.tt/1nGKJc2\nCVE-2023-46741", "creation_timestamp": "2024-01-03T18:31:49.000000Z"}, {"uuid": "c64ce66a-cc60-482e-9b34-cc27b43ff32c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46740", "type": "seen", "source": "https://t.me/ctinow/162519", "content": "https://ift.tt/lLBNrkC\nCVE-2023-46740", "creation_timestamp": "2024-01-03T18:31:47.000000Z"}, {"uuid": "f54d9f63-d4bb-4505-b415-7c000528eaf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46746", "type": "seen", "source": "https://t.me/ctinow/158244", "content": "https://ift.tt/qAGKriB\nCVE-2023-46746 | posthog up to 1.43.1 POST Request server-side request forgery (GHSA-wqqw-r8c5-j67c)", "creation_timestamp": "2023-12-22T08:51:31.000000Z"}, {"uuid": "f378e18b-c68e-47e0-8c5a-d10f6dd00251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/information_security_channel/50909", "content": "F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP\nhttps://www.securityweek.com/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/\n\nA critical-severity vulnerability in F5 BIG-IP CVE-2023-46747 allows unauthenticated attackers to execute code remotely.\nThe post F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP (https://www.securityweek.com/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-27T17:19:52.000000Z"}, {"uuid": "894b9565-6242-4668-ac95-c98bc0bba275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7935", "content": "Compromising F5 BIGIP with Request Smuggling -\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-26T23:26:24.000000Z"}, {"uuid": "2ea607ae-244e-43a7-9d67-97808ac2b060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7966", "content": "F5 BIG-IP Unauth RCE via AJP Smuggling (CVE-2023-46747) - Technical Analysis\n\nhttps://blog.projectdiscovery.io/cve-2023-46747-5-big-ip-unauthenticated-rce-via-ajp-smuggling/", "creation_timestamp": "2023-11-03T09:30:49.000000Z"}, {"uuid": "e64f703c-d0e2-494e-99e4-4e3a41c1baee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1389", "content": "https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747", "creation_timestamp": "2023-11-03T14:36:19.000000Z"}, {"uuid": "585107e2-a63a-4379-b8a8-a27641fbe014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9295", "content": "#exploit\n1. Wyze Cam v3 RCE Exploit\nhttps://github.com/blasty/unwyze\n\n2. CVE-2023-5044:\nKubernetes ingress-nginx <1.9.0 - API command injection\nhttps://raesene.github.io/blog/2023/10/29/exploiting-CVE-2023-5044\n]-> https://github.com/r0binak/CVE-2023-5044\n\n3. CVE-2023-46747:\nF5 BIG-IP Unauthenticated RCE/Authentication bypass\nhttps://github.com/AliBrTab/CVE-2023-46747-POC\n]-> https://github.com/fu2x2000/CVE-2023-46747", "creation_timestamp": "2023-11-08T12:37:14.000000Z"}, {"uuid": "025b038d-31db-442b-bee2-a62220e9e8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9325", "content": "#tools\n#Offensive_security\n1. UAC Bypass program\nhttps://github.com/justhyak/UAC-Bypass-FUD\n2. Python script to test if a F5 BIG-IP is vulnerable for CVE-2023-46747\nhttps://github.com/nvansluis/test_cve-2023-46747\n3. The art of indirect exfiltration\nhttps://thecontractor.io/data-bouncing", "creation_timestamp": "2023-11-04T18:42:05.000000Z"}, {"uuid": "a85eefe4-5f5c-4459-81fd-3eb5ab7cf581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-31T21:10:02.000000Z"}, {"uuid": "9df4834b-ea9e-4e6c-b875-028961969b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:38:46.000000Z"}, {"uuid": "8f21967d-dcfc-48b6-bd56-c3b51ac58b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-31T21:10:02.000000Z"}, {"uuid": "669325d9-d702-4aa7-a253-5637c28a96fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971909", "content": "", "creation_timestamp": "2024-12-24T20:35:31.670970Z"}, {"uuid": "7266b0f8-887b-4390-9272-6def029efbce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971909", "content": "", "creation_timestamp": "2024-12-24T20:35:31.703322Z"}, {"uuid": "24dcade0-d651-4f3e-8e3c-27f632ba0e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "097a7a1f-716c-459f-a4ee-608081983323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-22)", "content": "", "creation_timestamp": "2025-04-22T00:00:00.000000Z"}, {"uuid": "e3ab7dc5-bf7f-49e5-a3f6-ecbe28f5e139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-10)", "content": "", "creation_timestamp": "2025-07-10T00:00:00.000000Z"}, {"uuid": "2420b463-579f-435f-8716-b7593eb7d98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-30)", "content": "", "creation_timestamp": "2025-04-30T00:00:00.000000Z"}, {"uuid": "97ee06aa-1a43-4e7d-a63b-336e42a0bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "245e8edf-eee9-4b74-935b-1ef5a91c8938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-08)", "content": "", "creation_timestamp": "2025-07-08T00:00:00.000000Z"}, {"uuid": "38a0ed39-8a82-4e5d-a0f4-72f5ac36387b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "598357ea-d6b0-44de-81c0-f4b80dd6c34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "16fbaef6-cee5-493b-afee-5b3fa43ac41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "d0819ccb-5599-4328-b57f-1ab3fb4748c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lwdhd3hs7mh2", "content": "", "creation_timestamp": "2025-08-14T04:01:13.661413Z"}, {"uuid": "c4500f48-9d15-404d-9efe-38e860dcd5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"}, {"uuid": "4d7647d3-48cb-465f-98f9-811b0cf0d981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/27727c35-f389-4626-aa10-c80dcedac9a5", "content": "", "creation_timestamp": "2025-09-01T18:42:49.000000Z"}, {"uuid": "cf4b0e62-2039-4f36-9b2f-89ce47cd7208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "ca598809-ad7b-4c2f-ae6d-810485134c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "18ef3029-8515-49d6-b417-1aa6f1a7199c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "40bb8fa1-7b96-4004-9fed-0c44c6d42836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "25ead2f0-c854-41a2-8b97-9da6999ad2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-17)", "content": "", "creation_timestamp": "2026-03-17T00:00:00.000000Z"}, {"uuid": "aa13ab2e-cf87-40aa-9089-bdc7625d222e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f3947f08-c4c3-414a-9487-00f64564c00e", "content": "", "creation_timestamp": "2026-02-02T12:25:27.726540Z"}, {"uuid": "cd612972-05ae-4bf9-8731-9be6ac49ccc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f6086f88-03ef-4527-91b5-462904d2ace1", "content": "", "creation_timestamp": "2026-02-02T12:26:47.873064Z"}, {"uuid": "1f65ea7c-8c6a-4d67-9452-466266e7202d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11843", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-27T19:33:18.000000Z"}, {"uuid": "d759b70e-b6fe-4b1a-913e-3e2e53218c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11854", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Critical Vulnerability in F5 BIG-IP Configuration Utility Allows Request Smuggling, Leads to RCE: CVE-2023-46747.\n\nhttps://socradar.io/critical-vulnerability-in-f5-big-ip-configuration-utility-allows-request-smuggling-leads-to-rce-cve-2023-46747/", "creation_timestamp": "2023-10-28T17:32:52.000000Z"}, {"uuid": "a949d540-7404-48c7-b70c-d9bdb357354a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/237", "content": "\u2604\ufe0fCVE-2023-46747 RCE: PoC\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\ud83d\udd13\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n#poc #exploit #cve", "creation_timestamp": "2023-11-04T17:10:02.000000Z"}, {"uuid": "099ba2b8-72bf-464a-8210-75c1b022d891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8833", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/AMELYA13/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-24T20:52:40.000000Z"}, {"uuid": "b75795cb-e65e-463f-8bd8-fd97e5293dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8841", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/MacTavish2/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-25T17:05:03.000000Z"}, {"uuid": "2d6bd1b9-d02d-4daf-8c06-518f56aa8fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6805", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aexploit for f5-big-ip RCE cve-2023-46747\nURL\uff1ahttps://github.com/rainbowhatrkn/CVE-2023-46747-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-03-15T22:49:01.000000Z"}, {"uuid": "895b4890-840d-4250-88fe-b89a05df4ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6102", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aexploit for f5-big-ip RCE cve-2023-46747\nURL\uff1ahttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-12-07T03:12:04.000000Z"}, {"uuid": "a91c89e4-2ca6-48dd-a652-f8d230740d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8813", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Rizzler4562/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-22T13:56:30.000000Z"}, {"uuid": "56340630-55e4-48dc-9dbc-28084f9dc518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8821", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Xanexs/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-23T13:29:54.000000Z"}, {"uuid": "77a6bf0c-4fd2-4a2e-b0ee-4e26920622f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://t.me/itsec_news/3578", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T09:43:20.000000Z"}, {"uuid": "0e59dace-2ae3-47a1-b171-5e12e8e502ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11842", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2023-46747 (Score 9.8); an unauthenticated remote code execution vulnerability via a side-channel from the management interface (Traffic Management User Interface (TMUI) and is closely related to CVE-2022-26377 which is a HTTP request smuggling vulnerability).\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution by running arbitrary commands. This only affects the control plane and not the data plane.\n\nApparently, at the management console; sending requests to the \u201cbackend\u201d service that assumes the \u201cfrontend\u201d handled authentication is leading to this issue using HRS.\n\nTrack this issue at: http://ckure.esy.es/archives/13495\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/\n\nhttps://my.f5.com/manage/s/article/K000137353\n\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T19:50:20.000000Z"}, {"uuid": "51ee1a81-d123-4ea4-8fdc-49b726accd80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/188", "content": "\ud83d\udcd5 \u041f\u043e\u0434\u0431\u043e\u0440\u043e\u0447\u043a\u0430 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u042d\u0442\u043e \u043f\u0440\u043e\u0431\u043d\u0438\u043a.\n\n\ud83d\udca1 F5 BIG-IP Unauth RCE via AJP Smuggling\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46747\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BIG-IP \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438/\u0438\u043b\u0438 \u0441\u0430\u043c\u043e\u043f\u0438\u0441\u043d\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\n\ud83d\udca1 ActiveMQ Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46604\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: \n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0440\u043e\u043a\u0435\u0440\u0443, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u0438\u043f\u0430\u043c\u0438 \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440 \u0438\u043d\u0441\u0442\u0430\u043d\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441 \u0432 \u043f\u0443\u0442\u0438 \u043a\u043b\u0430\u0441\u0441\u0430.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 \u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 UI Cisco IOS XE\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\n- CVE-2023-20198\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x: \n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 15.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Microsoft Exchange Server Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-36745\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u044e \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\n#poc", "creation_timestamp": "2023-11-10T10:57:44.000000Z"}, {"uuid": "b31a0f47-ad82-4591-83be-275d65741efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/bmWIY_GqWw71T7V6bxvZDT0JRVgiLfgI8QZx449as8Diug", "content": "", "creation_timestamp": "2023-11-06T19:03:15.000000Z"}, {"uuid": "3c70488b-def3-415a-8e9b-4b29d2dedbba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://t.me/ctinow/146805", "content": "https://ift.tt/alR0eTU\nThreat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748", "creation_timestamp": "2023-11-01T19:19:56.000000Z"}, {"uuid": "9988d7f8-7df6-44a6-8356-79c36e9b5718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/ctinow/146805", "content": "https://ift.tt/alR0eTU\nThreat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748", "creation_timestamp": "2023-11-01T19:19:56.000000Z"}, {"uuid": "92ad4db8-34bb-4de5-8be7-14356bfd278b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/146644", "content": "https://ift.tt/aEKtoBN\nF5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification - Security Boulevard", "creation_timestamp": "2023-11-01T07:02:10.000000Z"}, {"uuid": "077c61fb-7242-42c8-ae52-cd941088280d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46740", "type": "seen", "source": "https://t.me/cibsecurity/74330", "content": "\u203c\ufe0fCVE-2023-46740\u203c\ufe0f\n\nCubeFS is an opensource cloudnative file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate userspecific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict andor guess the generated string and impersonate a user thereby obtaining higher privileges. When CubeFS creates new users, it creates a piece of sensitive information for the user called the accessKey. To create the \"accesKey\", CubeFS uses an insecure string generator which makes it easy to guess and thereby impersonate the created user. An attacker could leverage the predictable random string generator and guess a users access key and impersonate the user to obtain higher privileges. The issue has been fixed in v3.3.1. There is no other mitigation than to upgrade.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:36:43.000000Z"}, {"uuid": "68393fae-c5d4-4b9e-9b6b-1f3a7438cad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1031", "content": "\u200b\u200bCVE-2023-46747-RCE\n\n F5 BIG-IP \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0627\u062f\u0642 \u0639\u0644\u064a\u0647\u0627 (RCE) \u0648\u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0644\u062a\u062c\u0627\u0648\u0632 \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629.\n\n https://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2024-03-29T18:27:12.000000Z"}, {"uuid": "5bec89b7-02f8-4726-a631-4957cbc9a6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46740", "type": "seen", "source": "https://t.me/arpsyndicate/2525", "content": "#ExploitObserverAlert\n\nCVE-2023-46740\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46740. CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges. When CubeFS creates new users, it creates a piece of sensitive information for the user called the \u201caccessKey\u201d. To create the \"accesKey\", CubeFS uses an insecure string generator which makes it easy to guess and thereby impersonate the created user. An attacker could leverage the predictable random string generator and guess a users access key and impersonate the user to obtain higher privileges. The issue has been fixed in v3.3.1. There is no other mitigation than to upgrade.", "creation_timestamp": "2024-01-05T21:11:48.000000Z"}, {"uuid": "43f060d8-a40c-4b23-a209-028ff656a449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46741", "type": "seen", "source": "https://t.me/arpsyndicate/2480", "content": "#ExploitObserverAlert\n\nCVE-2023-46741\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46741. CubeFS is an open-source cloud-native file storage system. A vulnerability was found in CubeFS prior to version 3.3.1 that could allow users to read sensitive data from the logs which could allow them escalate privileges. CubeFS leaks configuration keys in plaintext format in the logs. These keys could allow anyone to carry out operations on blobs that they otherwise do not have permissions for. For example, an attacker that has succesfully retrieved a secret key from the logs can delete blogs from the blob store. The attacker can either be an internal user with limited privileges to read the log, or they can be an external user who has escalated privileges sufficiently to access the logs. The vulnerability has been patched in v3.3.1. There is no other mitigation than upgrading.", "creation_timestamp": "2024-01-05T14:03:50.000000Z"}, {"uuid": "c4e2a40c-c366-499d-a8cf-e5b6bc298652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "Telegram/g6bw7nvLSQI4Xs7_7rVjc9Q806-zTo6NekpA9NHKfFdivg", "content": "", "creation_timestamp": "2023-11-01T07:25:30.000000Z"}, {"uuid": "e18c533c-24e1-4d11-9387-c7c009418ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/wSIaHz15J2XvqH3VYVco9LhsFVSPcgPHfmG8rsQwPqyP9w", "content": "", "creation_timestamp": "2023-10-27T08:28:40.000000Z"}, {"uuid": "7ca35ef7-ec80-42fb-9af0-a90006349314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/221", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-02T17:24:04.000000Z"}, {"uuid": "fe7271a2-e3eb-4f10-b702-46df25b1bb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/195", "content": "\u26a1 Urgent \u2014 F5 warns of a critical vulnerability (CVE-2023-46747) in BIG-IP, allowing unauthenticated remote code execution. \n \nLearn more: https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-12-07T05:20:16.000000Z"}, {"uuid": "6f4383bb-de0e-4b80-8ed8-5bde056727c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/KomunitiSiber/1010", "content": "Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability\nhttps://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html\n\nF5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain.\nTracked as\u00a0CVE-2023-46747\u00a0(CVSS score: 9.8), the\u00a0vulnerability\u00a0allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution", "creation_timestamp": "2023-11-01T07:33:03.000000Z"}, {"uuid": "560a3684-1017-49d6-b879-0a4b2de166e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3502", "content": "CVE-2023-46747-POC\n\ncurl -sk -u 'ali:ali' -H 'Content-Type: application/json' -X POST \\\n\n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'  \\\n\nhttps:///$IP:$PORT/mgmt/tm/util/bash", "creation_timestamp": "2023-10-31T10:12:16.000000Z"}, {"uuid": "0b4abffa-d78f-48ae-ae0a-1bd3612b5186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/7SbUVmPARfahi-4FimIWn71gUMTBHRPYbIdVGXNMI6h-3K0", "content": "", "creation_timestamp": "2023-10-30T16:56:06.000000Z"}, {"uuid": "b377b542-46d3-40cf-bc62-c7ae56ac15ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://t.me/true_secator/5033", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 F5 BIG-IP \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\nCVE-2023-46747\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c BIG-IP \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n26 \u043e\u043a\u0442\u044f\u0431\u0440\u044f F5 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f BIG-IP \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 13.x \u043f\u043e 17.x, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0445 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\u00a0\u043e\u0442 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044f \u0435\u0435 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u043e\u0432\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 BIG-IP,\u00a0CVE-2023-46748\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8,8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL-\u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f BIG-IP \u0438/\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 IoC \u0434\u043b\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430  \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0421\u0430\u043c PoC, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2023-46747, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 Project Discovery, \u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Praetorian Security, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0431\u043b\u043e\u0433, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u044b\u0441\u044f\u0447\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 BIG-IP \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u0430\u0442\u0430\u043a\u0430\u043c, \u043f\u0440\u0438\u0447\u0435\u043c \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c\u0443 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0443.", "creation_timestamp": "2023-11-01T12:01:02.000000Z"}, {"uuid": "52680a6f-9203-44f4-bf6a-849a3cb6aef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/true_secator/5033", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 F5 BIG-IP \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\nCVE-2023-46747\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c BIG-IP \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n26 \u043e\u043a\u0442\u044f\u0431\u0440\u044f F5 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f BIG-IP \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 13.x \u043f\u043e 17.x, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0445 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\u00a0\u043e\u0442 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044f \u0435\u0435 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u043e\u0432\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 BIG-IP,\u00a0CVE-2023-46748\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8,8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL-\u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f BIG-IP \u0438/\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 IoC \u0434\u043b\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430  \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0421\u0430\u043c PoC, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2023-46747, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 Project Discovery, \u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Praetorian Security, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0431\u043b\u043e\u0433, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u044b\u0441\u044f\u0447\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 BIG-IP \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u0430\u0442\u0430\u043a\u0430\u043c, \u043f\u0440\u0438\u0447\u0435\u043c \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c\u0443 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0443.", "creation_timestamp": "2023-11-01T12:01:02.000000Z"}, {"uuid": "1292e223-4583-43f5-a9df-24585bf0de37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/INDb5cqMLavLbTSmj78o79O7AUDKsjdh5BFSIUF1_h7XSA", "content": "", "creation_timestamp": "2024-04-19T21:24:10.000000Z"}, {"uuid": "436733b4-2ca0-4cc4-b316-7d53f832515e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/LsZq0JqGAyHoIWFAVUN6Osha41-oM1qq9XNS_wmhKmhg7A", "content": "", "creation_timestamp": "2023-11-02T20:51:48.000000Z"}, {"uuid": "8ead009c-c731-4654-bde5-e25cf1f1de4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/arpsyndicate/147", "content": "#ExploitObserverAlert\n\nCVE-2023-46747\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-46747. \n\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\nFIRST-EPSS: 0.969840000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T02:31:48.000000Z"}, {"uuid": "50af8bcd-010e-4503-8dae-8942f6fd24c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/KomunitiSiber/993", "content": "F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution.\nThe issue, rooted in the configuration utility component, has been assigned the CVE identifier\u00a0CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10.\n\"This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP", "creation_timestamp": "2023-10-27T06:51:15.000000Z"}, {"uuid": "1703e7c8-a11d-4179-993e-7212d1111e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3219", "content": "Hackers Factory \n\ncheck_cve_2023_22518.py\n\nhttps://github.com/RootUp/PersonalStuff/blob/master/check_cve_2023_22518.py\n\nVitogate300_RCE.md\n\nhttps://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md\n\nunwyze - a Wyze Cam v3 RCE Exploit\n\nhttps://github.com/blasty/unwyze\n\nPoC CVE-2023-5044\n\nhttps://github.com/r0binak/CVE-2023-5044\n\nExploit for CVE-2023-36802 targeting MSKSSRV.SYS driver\n\nhttps://github.com/Nero22k/cve-2023-36802\n\nexploit for cve-2023-46747\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\nRCE Exploit For Maltrail-v0.53\n\nhttps://github.com/spookier/Maltrail-v0.53-Exploit\n\nAdded CVE-2023-46747 (5 BIG-IP - Unauthenticated RCE via AJP Smuggling\n\nhttps://github.com/projectdiscovery/nuclei-templates/pull/8496\n\ncisco-webui-detection.yaml\n\nhttps://github.com/xscorp/Notes/blob/master/PublicTemplates/cisco-webui-detection.yaml\n\nF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\n\nhttps://github.com/AliBrTab/CVE-2023-46747-POC\n\nCVE-2023-22515: Confluence Broken Access Control Exploit\n\nhttps://github.com/Chocapikk/CVE-2023-22515\n\nImage horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode\n\nhttps://github.com/RandomRobbieBF/CVE-2023-5412\n\nCVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC\n\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\nBoltWire v6.03 vulnerable to \"Improper Access Control\"\n\nhttps://github.com/Cyber-Wo0dy/CVE-2023-46501\n\nhttps://www.kitploit.com/2023/10/looneypwner-exploit-tool-for-cve-2023.html?m=1\n\n#HackersFactory \ud83d\ude0f#GHOSTS\ud83d\ude0f", "creation_timestamp": "2023-11-09T05:43:54.000000Z"}, {"uuid": "d2c482ef-10c9-4390-8043-ef232fafdb7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4674", "type": "seen", "source": "https://t.me/cibsecurity/73992", "content": "\u203c\ufe0fCVE-2023-4674\u203c\ufe0f\n\nImproper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yaztek Software Technologies and Computer Systems ECommerce Software allows SQL Injection.This issue affects ECommerce Software through 20231229.\u00a0  NOTE The vendor was contacted early about this disclosure but did not respond in any way.    \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:42:13.000000Z"}, {"uuid": "475af837-063e-4bba-b069-482427541023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/theninjaway1337/1475", "content": "Bringing Access Back \u2014 Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect\n\nDuring the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, we observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed with moderate confidence to be unique to a People's Republic of China (PRC) threat actor, UNC5174.\n\nMandiant assesses UNC5174 (believed to use the persona \"Uteus\") is a former member of Chinese hacktivist collectives that has since shown indications of acting as a contractor for China's Ministry of State Security (MSS) focused on executing access operations. UNC5174 has been observed attempting to sell access to U.S. defense contractor appliances, UK government entities, and institutions in Asia in late 2023 following CVE-2023-46747 exploitation. In February 2024, UNC5174 was observed exploiting ConnectWise ScreenConnect vulnerability (CVE-2024-1709) to compromise hundreds of institutions primarily in the U.S. and Canada.\n\nhttps://www.mandiant.com/resources/blog/initial-access-brokers-exploit-f5-screenconnect", "creation_timestamp": "2024-03-22T17:55:44.000000Z"}, {"uuid": "0f5ebd4c-2d13-4156-a90d-6daeb9c5865e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/information_security_channel/50922", "content": "Attackers Exploiting Critical F5 BIG-IP Vulnerability\nhttps://www.securityweek.com/attackers-exploiting-critical-f5-big-ip-vulnerability/\n\nExploitation of a critical vulnerability (CVE-2023-46747) in F5\u2019s\u00a0 BIG-IP product started less than five days after public disclosure and PoC exploit code was published.\nThe post Attackers Exploiting Critical F5 BIG-IP Vulnerability (https://www.securityweek.com/attackers-exploiting-critical-f5-big-ip-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-31T17:29:08.000000Z"}, {"uuid": "c6ab0055-41e3-43c7-b124-923782b58f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/xakep_ru/14911", "content": "F5 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 BIG-IP\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP (CVE-2023-46747), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 UI Traffic Management \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 9,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVSS.\n\nhttps://xakep.ru/2023/10/30/f5-big-ip-new-rce/", "creation_timestamp": "2023-10-30T15:44:50.000000Z"}, {"uuid": "2452e5b5-8459-495a-87ac-f1a6aa56b579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1595", "content": "#exploit\n1. Wyze Cam v3 RCE Exploit\nhttps://github.com/blasty/unwyze\n\n2. CVE-2023-5044:\nKubernetes ingress-nginx <1.9.0 - API command injection\nhttps://raesene.github.io/blog/2023/10/29/exploiting-CVE-2023-5044\n]-> https://github.com/r0binak/CVE-2023-5044\n\n3. CVE-2023-46747:\nF5 BIG-IP unauthenticated RCE and authentication bypass\nhttps://github.com/AliBrTab/CVE-2023-46747-POC", "creation_timestamp": "2024-08-16T08:43:26.000000Z"}, {"uuid": "ed8a9d4e-264b-4727-aacd-cf6574813508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "23d00634-fa2e-4601-80be-cabd9d196dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "6e1d7e30-1fae-43ea-96c2-f5deef4087f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "239f7d63-b6c7-4a5a-9b7d-b7939ffee591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3496d16f-84bf-489c-9bc1-95635a9afd36", "content": "", "creation_timestamp": "2025-10-16T12:58:47.000000Z"}, {"uuid": "447e1ab5-3a23-400d-ab85-a93f0e1d75ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lwgvnskk6c2v", "content": "", "creation_timestamp": "2025-08-15T12:55:32.576762Z"}, {"uuid": "aad7509f-07ab-4147-8c8b-5da6ba46fba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-29)", "content": "", "creation_timestamp": "2025-11-29T00:00:00.000000Z"}, {"uuid": "96169bb4-33fa-4bab-bd55-b43e8f1e822c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuvgtjs2b", "content": "", "creation_timestamp": "2025-12-09T07:00:03.032473Z"}, {"uuid": "40c5ae30-541a-439e-ba73-f3f6849f5186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxljrk2b", "content": "", "creation_timestamp": "2025-12-09T07:00:04.145473Z"}, {"uuid": "b32494b0-cd3f-4e3f-8e12-f50d401bf79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxllq22b", "content": "", "creation_timestamp": "2025-12-09T07:00:05.295017Z"}, {"uuid": "98b35f34-4b2e-40c5-8341-e63514a8a4ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlnok2b", "content": "", "creation_timestamp": "2025-12-09T07:00:06.465225Z"}, {"uuid": "1e583aab-38ff-44b1-9cbc-cfe3964aa1b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlons2b", "content": "", "creation_timestamp": "2025-12-09T07:00:07.591105Z"}, {"uuid": "3a18db6d-70e0-4fd3-b3bf-458272d26ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlpn22b", "content": "", "creation_timestamp": "2025-12-09T07:00:09.065316Z"}, {"uuid": "9567b2e5-2f1e-43a2-afda-d2647a70d17b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlqmc2b", "content": "", "creation_timestamp": "2025-12-09T07:00:10.203538Z"}, {"uuid": "04764557-289f-4e39-8438-de9fb88597ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4137da82-781b-429c-836b-b4d741146c07", "content": "", "creation_timestamp": "2026-02-02T12:26:47.761908Z"}, {"uuid": "4a416221-2395-46da-b0a7-d9906f470b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f3947f08-c4c3-414a-9487-00f64564c00e", "content": "", "creation_timestamp": "2026-02-02T12:25:27.726540Z"}, {"uuid": "480a838a-32ff-4466-a5ea-c1d28ff7e6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f6086f88-03ef-4527-91b5-462904d2ace1", "content": "", "creation_timestamp": "2026-02-02T12:26:47.873064Z"}, {"uuid": "bf550c9b-1150-4989-bb8b-6c1df18e255c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1150", "content": "", "creation_timestamp": "2023-10-31T04:00:00.000000Z"}, {"uuid": "6b2cff0f-f976-40af-9a32-e1f4df348e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_24/2023", "content": "", "creation_timestamp": "2023-11-03T10:05:46.000000Z"}, {"uuid": "22f88413-154a-4fc4-b5f8-5894243e3c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_24/2023", "content": "", "creation_timestamp": "2023-11-03T10:05:46.000000Z"}, {"uuid": "9544513f-c0fe-48b3-a71c-bcd581e417eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46748", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4137da82-781b-429c-836b-b4d741146c07", "content": "", "creation_timestamp": "2026-02-02T12:26:47.761908Z"}, {"uuid": "27de255b-8ae4-4bbd-90d9-a994b303b90d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/179", "content": "\u2604\ufe0fCVE-2023-46747 RCE: PoC\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\ud83d\udd13\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n#poc #exploit #cve", "creation_timestamp": "2023-11-04T17:10:02.000000Z"}, {"uuid": "55d30778-c707-488c-bb35-b1805af174a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11913", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2023-46747 RCE: F5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability.\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-02T10:26:17.000000Z"}, {"uuid": "bb133a5d-626a-4509-8f56-b7e4d709d5c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5587", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\nURL\uff1ahttps://github.com/r4pG0r/CVE-2023-46747-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-27T18:29:37.000000Z"}, {"uuid": "1d64e959-0417-4d1d-81f4-5cd6c6b5103a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5637", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46747 Criticle Auth Bypass\nURL\uff1ahttps://github.com/fu2x2000/CVE-2023-46747\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-01T13:22:09.000000Z"}, {"uuid": "4ae0ee99-78ab-4817-bdcb-0f74b9bc0b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8802", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Jumeyros/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-21T13:11:25.000000Z"}, {"uuid": "efbe92d6-6700-419e-84b2-c646e809fa52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/51", "content": "#CVE-2023-46747-#RCE\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-01T15:44:22.000000Z"}, {"uuid": "53756336-a3eb-400a-9453-057d89b06caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/383", "content": "Top Security News for 27/10/2023\n\nWhy cybersecurity training isn\u2019t working (and how to fix it)\nhttps://securityintelligence.com/articles/why-cybersecurity-training-isnt-working-and-how-to-fix-it/ \n\n6 steps to accelerate cybersecurity incident response\nhttps://malware.news/t/6-steps-to-accelerate-cybersecurity-incident-response/75002#post_1 \n\nF5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html \n\nCVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling\nhttps://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/ \n\nA cascade of compromise: unveiling Lazarus\u2019 new campaign\nhttps://malware.news/t/a-cascade-of-compromise-unveiling-lazarus-new-campaign/75004#post_1 \n\nA cascade of compromise: unveiling Lazarus\u2019 new campaign\nhttps://securelist.com/unveiling-lazarus-new-campaign/110888/ \n\nWorkflow of a zkSync Era transaction: from generation to finalization\nhttp://blog.quarkslab.com/zksync-transaction-workflow.html \n\nCritical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data\nhttps://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html \n\nCVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling\nhttps://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/ \n\nStripedFly reclassified from petty larceny to APT.\nhttps://thecyberwire.com/stories/e41efe29905a42dc86888a014624baf9/stripedfly-reclassified-from-petty-larceny-to-apt \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-10-27T07:00:06.000000Z"}, {"uuid": "a24b0d60-77ea-4e24-b137-898a0c935f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/192", "content": "Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747\n\n\ud83d\udc64 by Michael Weber and Thomas Hendrickson\n\nAs a result of the research researchers were able to identify an authentication bypass issue that led to complete compromise of an F5 system with the Traffic Management User Interface (TMUI) exposed. The bypass was assigned CVE-2023-46747, and is closely related to CVE-2022-26377. Like they recently reported Qlik RCE, the F5 vulnerability was also a request smuggling issue. In this blog authors will discuss their methodology for identifying the vulnerability, walk through the underlying issues that caused the bug, and explain the steps they took to turn the request smuggling into a critical risk issue. They will conclude with remediation steps and their thoughts on the overall process.\n\n\ud83d\udcdd Contents:\n\u25cf Overview\n\u25cf Mapping out the F5 BIG-IP Attack Surface\n\u25cf F5 Traffic Management User Interface (TMUI) Overview\n\u25cf Verifying AJP Smuggling\n\u25cf AJP Smuggling and Server Interpretation\n\u25cf But What To Do With the Smuggling?\n\u25cf Remediation\n\u25cf Conclusion\n\u25cf Disclosure Timeline\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-27T05:50:12.000000Z"}, {"uuid": "f2ef3082-ae02-4c16-887f-a90dca54b8de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/Teamx1945x/3642", "content": "https://nvd.nist.gov/vuln/detail/CVE-2023-46747", "creation_timestamp": "2024-04-20T16:31:36.000000Z"}, {"uuid": "9c6f223d-6366-4dc4-9a83-b6bbeb8b66ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/146275", "content": "https://ift.tt/A9h1H8R\nF5 fixes critical BIG-IP vulnerability (CVE-2023-46747)", "creation_timestamp": "2023-10-30T17:12:49.000000Z"}, {"uuid": "9ca426d6-bc95-43f0-8671-5ee33a3475e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/rn2U4Qh8Rvq9YZvL_mMenCW-EdpDwkxJoElVzVUJSV8lUg", "content": "", "creation_timestamp": "2023-10-30T23:55:07.000000Z"}, {"uuid": "8afe82a2-1fca-4f72-8d66-42fc8208559b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46742", "type": "seen", "source": "https://t.me/cibsecurity/74332", "content": "\u203c\ufe0fCVE-2023-46742\u203c\ufe0f\n\nCubeFS is an opensource cloudnative file storage system. CubeFS prior to version 3.3.1 was found to leak users secret keys and access keys in the logs in multiple components. When CubeCS creates new users, it leaks the users secret key. This could allow a lowerprivileged user with access to the logs to retrieve sensitive information and impersonate other users with higher privileges than themselves. The issue has been patched in v3.3.1. There is no other mitigation than upgrading CubeFS.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:36:53.000000Z"}, {"uuid": "9f59a962-582f-4a78-9782-569d61ebede7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2190", "content": "\u26a1 Urgent \u2014 F5 warns of a critical vulnerability (CVE-2023-46747) in BIG-IP, allowing unauthenticated remote code execution. \n \nLearn more: https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T12:49:19.000000Z"}, {"uuid": "4fcba0cb-e954-45a5-b949-577ede997f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2663", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-02T17:24:04.000000Z"}, {"uuid": "a4686ac6-8396-47a4-84cd-d56a345f5e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3507", "content": "https://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-02T04:09:37.000000Z"}, {"uuid": "45fc573d-48b1-4142-aaa5-cc7050906f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1807", "content": "exploit for cve-2023-46747 \nF5 BIG-IP unauthenticated remote code execution \n*\nexploit", "creation_timestamp": "2023-11-02T10:32:54.000000Z"}, {"uuid": "05474dd1-9191-44de-a33c-a34d743e97be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/375332", "content": "{\n  \"Source\": \"https://demonforums.net/\",\n  \"Content\": \"exploit for cve-2023-46747 | Bypass Vulnerability in F5 BIG-IP\", \n  \"author\": \"Herleifr\",\n  \"Detection Date\": \"10 Nov 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-11-10T20:32:32.000000Z"}, {"uuid": "f30746f7-e0bd-4e40-bcf9-0e0058235219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1294", "content": "if you exploited any, the user:codeb0ss / pass:codeb0ss", "creation_timestamp": "2024-11-17T03:13:55.000000Z"}]}