{"vulnerability": "CVE-2024-2731", "sightings": [{"uuid": "c88c5134-c7ba-4e7f-9443-2f1f777fc228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27316", "type": "published-proof-of-concept", "source": "https://t.me/redfoxsec/27", "content": "\u0414\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u043d\u0435 \u043f\u043e\u0441\u0442\u0438\u043b, \u043d\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043d\u0435 \u0431\u044b\u043b\u043e \u043e\u0441\u043e\u0431\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0432\u0435\u0449\u0435\u0439 \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c (\u0440\u0435\u0441\u0435\u0440\u0447 \u0441 \u0440\u0430\u0431\u043e\u0442\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e \u0441\u043e\u0432\u043c\u0435\u0449\u0430\u0442\u044c). \n\u0412 \u044d\u0442\u043e\u043c \u0436\u0435 \u043f\u043e\u0441\u0442\u0435 \u043f\u043e\u0434\u0435\u043b\u044e\u0441\u044c \u043e\u043f\u044b\u0442\u043e\u043c \u0440\u0430\u0431\u043e\u0442\u044b, \u0447\u0435\u0433\u043e \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0441\u0442\u0438\u0447\u044c \u0438 \u043f\u0440\u043e \u043e\u0434\u043d\u0443 \u043d\u0435\u0434\u0430\u0432\u043d\u044e\u044e \u043d\u0435\u0434\u043e\u043e\u0446\u0435\u043d\u0435\u043d\u043d\u0443\u044e DoS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e \u043c\u043e\u0435\u043c\u0443 \u043c\u043d\u0435\u043d\u0438\u044e \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430, \u043d\u043e \u043e \u043d\u0435\u0439 \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0433\u043e\u0432\u043e\u0440\u0438\u0442. \u041f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043c!\n\n\ud83d\udd37 \u041e \u0440\u0430\u0431\u043e\u0442\u0435 \u0432 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0442\u043e\u0440\u0435\n\u0423\u0436\u0435 \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u043a \u043f\u043e\u043b\u0433\u043e\u0434\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u044e \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043e\u043c \u043f\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 (\u043f\u0440\u043e\u0449\u0435 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0435\u0440\u043e\u043c) \u0432 \u041c\u0435\u0442\u0430\u0441\u043a\u0430\u043d\u0435. \u041e\u0434\u043d\u0438\u043c \u0438\u0437 \u0433\u043b\u0430\u0432\u043d\u044b\u0445 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u044f \u0431\u044b \u0432\u044b\u0434\u0435\u043b\u0438\u043b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441 \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044f\u043c\u0438 \u0438 \u041f\u041e. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043c\u043e\u0439 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u043e\u043f\u044b\u0442 \u0441 \u0431\u0430\u0433 \u0431\u0430\u0443\u043d\u0442\u0438, \u0434\u043b\u044f \u043c\u0435\u043d\u044f \u0442\u0430\u043a\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0430 \u0432 \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0435 \u043f\u043e\u0434\u043e\u0448\u043b\u0430 \u0432 \u0441\u0430\u043c\u044b\u0439 \u0440\u0430\u0437. \u041e\u043f\u044b\u0442 \u043a\u0440\u0430\u0439\u043d\u0435 \u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439, \u0445\u043e\u0442\u044c \u0438 \u043d\u0435 \u0431\u0435\u0437 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 - \u043c\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0442\u044b, \u043c\u0430\u043b\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0440\u0435\u0441\u0435\u0440\u0447 :( \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0443\u0437\u043d\u0430\u044e \u043c\u043d\u043e\u0433\u043e \u043d\u043e\u0432\u043e\u0433\u043e \u0438 \u0434\u0430\u0436\u0435 \u0437\u0430 \u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u0436\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u0439\u0442\u0438 2 zero-day XSS \u0432 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u043c \u041f\u041e (Vinteo \u0438 \u04207-\u041e\u0424\u0418\u0421). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u043e\u043a\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u043b\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0436\u0434\u0451\u043c \u0444\u0438\u043a\u0441\u0430 \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 :) \n\u041f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u043b \u0438\u0445 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0432 \u0411\u0414\u0423, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0442\u0443\u0434\u0430 \u0443\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 (\u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043e\u043b\u0436\u043d\u044b \u043d\u0430\u0447\u0438\u0441\u043b\u0438\u0442\u044c \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0435\u0449\u0435 \u0437\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c): https://bdu.fstec.ru/rating\n\n\ud83d\udd37 \u041e \u043d\u043e\u0432\u043e\u0439 DoS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 HTTP/2 \n(Continuation flood)\n\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u043f\u0438\u0441\u0430\u043b \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - \u044d\u0442\u043e Proxy Bar \u0438 \u0435\u0449\u0451 \u0432\u0438\u0434\u0435\u043b \u0441\u0442\u0430\u0442\u044c\u044e \u043d\u0430 \u0425\u0430\u043a\u0435\u0440. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0432 \u0440\u044f\u0434\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043d\u043e \u0438\u0437 \u043d\u0438\u0445 \u0432\u044b\u0434\u0435\u043b\u0438\u043b \u0431\u044b Apache (CVE-2024-27316). \u0421\u0435\u0439\u0447\u0430\u0441 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u043d\u0435\u043c\u0430\u043b\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043d\u0430 Apache, \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0435\u0442\u0435\u043a\u0442\u043e\u0440\u044b \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0435\u0441\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u0430\u043c \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u0441\u0432\u043e\u044e \u0432\u0435\u0440\u0441\u0438\u044e. \n\n\u0422\u0430\u043a\u0438\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f Apache \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 Cisco Expressway - \u043e\u043d\u0438 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0442\u043e\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b (\u0438 \u043f\u0430\u0442\u0447\u0430 \u043e\u0442 Cisco \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u0441\u0442\u0430, \u043a\u0441\u0442\u0430\u0442\u0438, \u043d\u0435\u0442) \u0438 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0434\u043d\u0438\u043c \u043f\u0440\u043e\u0441\u0442\u044b\u043c \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u043c: https://github.com/lockness-Ko/CVE-2024-27316\n\n\u0421\u043a\u0440\u0438\u043f\u0442 \u0443\u0436\u0435 \u043f\u0440\u043e\u0431\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c - \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043a\u0440\u0430\u0439\u043d\u0435 \u0443\u0434\u0438\u0432\u043b\u044f\u044e\u0442, \u0441\u0435\u0440\u0432\u0435\u0440 \u0432\u044b\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0432 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0430\u0447\u0430\u043b\u0430 \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u043f\u043e\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0435\u0440\u0432\u0430\u043d.\n\n\ud83d\udd38 \u041c\u043e\u0439 \u0441\u043e\u0432\u0435\u0442 - \u0435\u0441\u043b\u0438 \u0438\u043c\u0435\u0435\u0442\u0435 \u0434\u0435\u043b\u043e \u0441 Apache \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438, \u043a\u0440\u0430\u0439\u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0438\u0445 \u043d\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (\u0435\u0441\u043b\u0438 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043a\u0430\u043a\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f), \u043d\u0430 \u043c\u043e\u0439 \u0432\u0437\u0433\u043b\u044f\u0434 \u044d\u0442\u043e \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430\u044f \u0438 \u043d\u0435\u0434\u043e\u043e\u0446\u0435\u043d\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0433\u043e\u0432\u043e\u0440\u0438\u0442. \n\n\ud83d\udc40 \u0412 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u043f\u043e\u0441\u0442\u0435 \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u044e \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0431 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0445, \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f Burp \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e \u0432 \u0440\u0430\u0431\u043e\u0442\u0435, \u0432 \u043e\u0431\u0449\u0435\u043c, \u043f\u043e\u0434\u0435\u043b\u044e\u0441\u044c \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043d\u043e \u043c\u043e\u0435 \"\u0440\u0430\u0431\u043e\u0447\u0435\u0435 \u043c\u0435\u0441\u0442\u043e\" :)\n\n\u0423\u0434\u0430\u0447\u043d\u043e\u0439 \u043e\u0445\u043e\u0442\u044b \u0437\u0430 \u0431\u0430\u0433\u0430\u043c\u0438 \ud83d\udc7e", "creation_timestamp": "2024-04-21T14:48:36.000000Z"}, {"uuid": "6c252f92-f15e-4efd-bd94-8a07c469cc9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27316", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6990", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aProof of concept (PoC) for CVE-2024-27316 (tested), CVE-2024-30255 (untested), CVE-2024-31309 (untested), CVE-2024-28182 (untested), CVE-2024-2653 (untested) and CVE-2024-27919 (untested)\nURL\uff1ahttps://github.com/lockness-Ko/CVE-2024-27316\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-09T08:14:27.000000Z"}, {"uuid": "c0ce0fe3-8415-4c51-b112-0c7ce49aecf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2731", "type": "seen", "source": "https://t.me/arpsyndicate/4584", "content": "#ExploitObserverAlert\n\nCVE-2024-2731\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-2731. Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.5780347", "creation_timestamp": "2024-04-12T10:00:49.000000Z"}, {"uuid": "0a1560dd-636f-42e6-a1c1-7a588bb09edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27317", "type": "seen", "source": "https://t.me/arpsyndicate/4395", "content": "#ExploitObserverAlert\n\nCVE-2024-27317\n\nDESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2024-27317. In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in the zip files, which aren't properly validated, contain special elements like \"..\", altering the directory path. This could allow an attacker to create or modify files outside of the designated extraction directory, potentially influencing system behavior. This vulnerability also applies to the Pulsar Broker when it is configured with \"functionsWorkerEnabled=true\".  This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0.   2.10 Pulsar Function Worker users should upgrade to at least 2.10.6. 2.11 Pulsar Function Worker users should upgrade to at least 2.11.4. 3.0 Pulsar Function Worker users should upgrade to at least 3.0.3. 3.1 Pulsar Function Worker users should upgrade to at least 3.1.3. 3.2 Pulsar Function Worker users should upgrade to at least 3.2.1.  Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-04-09T18:43:51.000000Z"}, {"uuid": "93e725b4-304e-47fc-b908-3b9f252bc387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27315", "type": "seen", "source": "https://t.me/ctinow/195347", "content": "https://ift.tt/h6u948J\nCVE-2024-27315", "creation_timestamp": "2024-02-28T11:31:38.000000Z"}, {"uuid": "902b1b79-ec20-4b23-bfb2-18cbfd5f06c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27315", "type": "seen", "source": "https://t.me/ctinow/195343", "content": "https://ift.tt/h6u948J\nCVE-2024-27315", "creation_timestamp": "2024-02-28T11:31:34.000000Z"}, {"uuid": "101e7191-d0a6-4855-bb78-621fa8ac2a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27319", "type": "seen", "source": "https://t.me/ctinow/192081", "content": "https://ift.tt/VW7fmo4\nCVE-2024-27319", "creation_timestamp": "2024-02-23T19:21:56.000000Z"}, {"uuid": "7d8043b8-2162-4460-9425-c914d254203c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27318", "type": "seen", "source": "https://t.me/ctinow/192080", "content": "https://ift.tt/AwmtUaL\nCVE-2024-27318", "creation_timestamp": "2024-02-23T19:21:55.000000Z"}, {"uuid": "17ead36b-0b42-438e-80cf-0280730af5db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27319", "type": "seen", "source": "https://t.me/ctinow/192086", "content": "https://ift.tt/VW7fmo4\nCVE-2024-27319", "creation_timestamp": "2024-02-23T19:26:31.000000Z"}, {"uuid": "606546cf-6ba3-4497-8960-03be2632c853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27318", "type": "seen", "source": "https://t.me/ctinow/192085", "content": "https://ift.tt/AwmtUaL\nCVE-2024-27318", "creation_timestamp": "2024-02-23T19:26:30.000000Z"}, {"uuid": "0102b687-02ac-4be2-83f3-14e6bfd9bb33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27316", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-04", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "4a7a4d55-5b6d-4735-a5a6-cc884f216421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27311", "type": "seen", "source": "https://t.me/cvedetector/1078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-27311 - Zohocorp ManageEngine DDI Central Directory Traversal File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-27311 \nPublished : July 17, 2024, 11:15 a.m. | 45\u00a0minutes ago \nDescription : Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T14:02:34.000000Z"}, {"uuid": "6edc0e58-0938-4aa3-8a03-f1638d9f963d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27316", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "13fdd3b3-f6f9-4eb8-a403-cccef98089b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27316", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1998", "content": "CVE-2024-27316 \u0410\u0442\u0430\u043a\u0430 \u043d\u0430 http/2\n*\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n*\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e CVE-2024-27316  \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 CVE:\nCVE-2024-30255 (untested)\nCVE-2024-31309 (untested)\nCVE-2024-28182 (untested) \nCVE-2024-2653 (untested)\nCVE-2024-27919 (untested)\n*\nUsage:\ngo build\n./cve-2024-27316 -t 127.0.0.1:80 -p http -i 8192\n./cve-2024-27316 -t 127.0.0.1:443 -p https -i 8192\n*\nPOC exploit", "creation_timestamp": "2024-04-09T15:41:27.000000Z"}, {"uuid": "75d9a6bd-772b-466a-aff5-83f0fb148fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27317", "type": "seen", "source": "https://t.me/ctinow/206192", "content": "https://ift.tt/19uMKH6\nCVE-2024-27317", "creation_timestamp": "2024-03-12T21:46:26.000000Z"}, {"uuid": "3752aaaf-ecc4-44ec-9ea4-0364ac2b20a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27317", "type": "seen", "source": "https://t.me/ctinow/206102", "content": "https://ift.tt/RGJcKyD\nCVE-2024-27317", "creation_timestamp": "2024-03-12T20:26:31.000000Z"}, {"uuid": "9509c33e-07e7-42a3-ae03-75590ea3dca5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27318", "type": "seen", "source": "https://t.me/ctinow/207350", "content": "https://ift.tt/iDNbfVU\nCVE-2024-27318 | onnx up to 1.15.0 external_data path traversal", "creation_timestamp": "2024-03-14T01:46:34.000000Z"}, {"uuid": "ccfbc163-2c06-4096-a35f-b59557f6cb48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27319", "type": "seen", "source": "https://t.me/ctinow/207351", "content": "https://ift.tt/szPqN5u\nCVE-2024-27319 | onnx up to 1.15.0 ONNX_ASSERT/ONNX_ASSERTM out-of-bounds", "creation_timestamp": "2024-03-14T01:46:35.000000Z"}, {"uuid": "30d2648b-1082-4663-b4b8-757d0632416c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27317", "type": "seen", "source": "https://t.me/ctinow/206108", "content": "https://ift.tt/RGJcKyD\nCVE-2024-27317", "creation_timestamp": "2024-03-12T20:26:37.000000Z"}]}