{"vulnerability": "CVE-2024-37081", "sightings": [{"uuid": "7282fc6a-5273-4523-ae38-eb67049f0dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/7TmeLhBEwGZ4R6H7RLJZ_TUPR9TuN_dX3tdoe0qvNiQQVg", "content": "", "creation_timestamp": "2024-06-20T18:49:32.000000Z"}, {"uuid": "e564cd10-48c8-4fe1-a86c-463d04ede18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/4053", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:39:20.000000Z"}, {"uuid": "608ff86e-f59e-4463-9e88-f94b74adddef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1123", "content": "VMware vCenter Server RCE + PrivEsc\n\n\u2014 CVE-2024-37079\n\u2014 CVE-2024-37080\n\u2014 CVE-2024-37081\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2025-03-06T01:35:41.000000Z"}, {"uuid": "0c755d80-d86c-4321-b164-27f597b8122e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/RDeyg-FQrZfaj0SSJGqmtH-VEEWXqOFSVXNSHmynkr7cI_k", "content": "", "creation_timestamp": "2024-08-09T14:42:09.000000Z"}, {"uuid": "ea08a5f5-9175-4607-be24-a8ea5cee92a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/396", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T02:46:52.000000Z"}, {"uuid": "1e25d9dd-3690-4c28-92cf-06d130376628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "Telegram/InC9ykp30kkGfhiYdl0JO-8FjhrnZj9ZHpQO0myY9Q5Qr4I", "content": "", "creation_timestamp": "2024-07-19T00:41:28.000000Z"}, {"uuid": "b956223c-cc05-49da-9495-d86ccd118f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/tiZuomN0bxbgk-d5QMLq9OZ6vPtC2T8f4lT-xXEWGZBsW-k", "content": "", "creation_timestamp": "2024-07-19T00:41:28.000000Z"}, {"uuid": "2ef7d47b-13ca-4a9e-88e4-48c1a7793b21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/zer0day1ab/31", "content": "CVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T20:50:43.000000Z"}, {"uuid": "0da1c87f-9fe6-4eae-90b1-0bce85b3b041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/true_secator/5867", "content": "VMware\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Cloud Foundation, vCenter Server \u0438 vSphere ESXi, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0414\u0432\u0435 \u0438\u0437 \u043d\u0438\u0445 CVE-2024-37079 \u0438 CVE-2024-37080\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8) \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u00a0DCE/RPC.\n\n\u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0425\u0430\u043e \u0427\u0436\u044d\u043d\u0443 \u0438 \u0426\u0437\u044b\u0431\u043e \u041b\u0438 \u0438\u0437 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 QiAnXin.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 vCenter \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430.\n\n\u041c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f CVE-2024-37081\u00a0(CVSS: 7,8) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 EoP \u0432 VMware vCenter, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0438\u043c\u0438 \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 sudo. \u0410\u0432\u0442\u043e\u0440\u0441\u0442\u0432\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u041c\u0430\u0442\u0435\u044e \u0411\u0430\u0434\u0430\u043d\u043e\u044e \u0438\u0437 Deloitte \u0432 \u0420\u0443\u043c\u044b\u043d\u0438\u0438.\n\n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u043f\u0440\u0430\u0432.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 vCenter Server 7.0 \u0438 8.0, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.0 U3r, 8.0 U1e \u0438 8.0 U2d.\n\n\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439\u00a0\u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e (\u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043f\u043e\u043a\u0430).", "creation_timestamp": "2024-06-18T13:10:05.000000Z"}, {"uuid": "e4b543eb-9c4a-4f64-87f6-faa8bf73ec0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/thehackernews/5132", "content": "VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation. \n \nLearn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081\u2014and secure your infrastructure now. \n \nhttps://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html", "creation_timestamp": "2024-06-18T10:56:22.000000Z"}, {"uuid": "9564054c-28e3-4687-a183-caf73fe04f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2771", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept\n#github #poc", "creation_timestamp": "2024-07-16T15:54:20.000000Z"}, {"uuid": "a799e1ad-a636-4aeb-a837-b9e72d1425e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "183d793f-5b14-4ac4-98f5-e550069a123f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://gist.github.com/emadshanab/34522c81b12208711193e3838a7ca04d", "content": "", "creation_timestamp": "2025-10-12T00:45:20.000000Z"}, {"uuid": "dbfb670a-7945-4685-96b2-579577bfdd20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vcenter_sudo_lpe.rb", "content": "", "creation_timestamp": "2024-12-05T02:32:04.000000Z"}, {"uuid": "daae1ac6-d916-406f-8c57-8b68f19a2307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "cve-2024-37081", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116129911417527349", "content": "", "creation_timestamp": "2026-02-25T06:43:43.275487Z"}, {"uuid": "e7bd16df-40b0-4f43-95b4-1a43ad925a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1313", "content": "", "creation_timestamp": "2024-06-19T04:00:00.000000Z"}, {"uuid": "b2090b43-068c-4a79-a43a-73f7d23bb893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/kasperskyb2b/1308", "content": "\ud83d\udd14 \u0422\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 VMWare: \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0439\u0442\u0435 \u043f\u0430\u0442\u0447\u0438\n\n\u041d\u043e\u0432\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c VMWare VMSA-2024-0012 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 vCenter Server (CVE-2024-37079 \u0438  -37080, CVSS 9.8), \u0438 \u043e\u0434\u0438\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root \u0432 vCenter Server (CVE-2024-37081, CVSS 7.8). \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043f\u043b\u0430\u043d\u043e\u0432\u043e, \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 \u0432 FAQ.  \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043d\u0443\u0436\u043d\u043e \u0438 VMware Cloud Foundation, \u0430 \u0432\u043e\u0442 \u0445\u043e\u0441\u0442\u044b ESXi \u0442\u0440\u043e\u0433\u0430\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f.\n\u041d\u043e \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u043e\u043f\u044b\u0442\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 vCenter, \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043d\u0435\u043b\u044c\u0437\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-06-19T16:47:35.000000Z"}, {"uuid": "1f8150d8-2c6c-4e9c-bf47-002394b4c9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/1036", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T14:26:37.000000Z"}, {"uuid": "a6f49ead-780f-416e-8fcd-5527005b161c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/309", "content": "\ud83d\udd25 VMware vCenter Server RCE + PrivEsc\n\nMultiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet.\n\n\u2014 CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 \"critical\");\n\n\u2014 CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 \"high\").\n\nNuclei Template (PoC):\n\ud83d\udd17 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a\n\nNmap Script (PoC):\n\ud83d\udd17 https://github.com/nmap/nmap/blob/4b28defac6e3eb8b8eb4704f506949806d784f73/scripts/vmware-version.nse\n\nShodan\nproduct:\"VMware vCenter Server\"\nFOFA\napp=\"vmware-vCenter\"\n\n#vmware #vcenter #rce #lpe #cve", "creation_timestamp": "2024-06-20T12:00:07.000000Z"}, {"uuid": "d25d0fa2-bee1-4054-9cc2-61d646633f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/zUsRWt3Wq7-Ohylg0lIat3q_zhXnMZf3Ssuf6Q7NZ3JiF_o", "content": "", "creation_timestamp": "2024-08-28T15:37:05.000000Z"}, {"uuid": "a0cd716d-6c43-4bd0-806b-dd6580873ca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8212", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "fd49c555-1114-4a64-854f-a268b13496ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/30", "content": "", "creation_timestamp": "2024-07-07T20:50:42.000000Z"}, {"uuid": "0ebc64c6-c1df-4f14-832b-b5dcaa7f558d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25267", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:50.000000Z"}, {"uuid": "5b201301-a0f0-4901-a5ac-53e09ce52293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "832f07c9-ac89-44b6-bfc7-2d7075af55ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "eac4c7a3-d9f6-4711-917f-99a8d02d5456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mdddudnt4k23", "content": "", "creation_timestamp": "2026-01-26T13:26:36.231732Z"}, {"uuid": "bc3791a4-9e5b-49dd-aba5-11fca82065a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/12344", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept", "creation_timestamp": "2024-07-10T15:43:09.000000Z"}, {"uuid": "9a50a53c-6284-4ea2-a11f-f6875063347f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/YW9EaYTF9L2sm1nyLBoDji7AvQgIe7AAwPTmb0-n18moCg", "content": "", "creation_timestamp": "2024-07-11T01:34:00.000000Z"}, {"uuid": "4d4808b7-b585-445a-8f08-0c4f39ed636f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5826", "content": "\u200aVMware vCenter : CVE-2024-37081 Proof Of Concept\n\nhttps://kalilinuxtutorials.com/vmware-vcenter/", "creation_timestamp": "2024-07-12T13:28:16.000000Z"}, {"uuid": "499c52ad-875f-4a93-90a7-fc6dcfc4c55c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/8239", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-21T02:31:47.000000Z"}, {"uuid": "8e542c21-f0e3-4dbf-b305-a2e5c0123df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1220", "content": "https://github.com/Mr-r00t11/CVE-2024-37081\n\nVMware vCenter - CVE-2024-37081 Proof of Concept", "creation_timestamp": "2024-07-10T15:43:09.000000Z"}, {"uuid": "98988d2a-f045-42d6-888f-9d2c9fd61b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "Telegram/T0L2qoE3g7bZ7uebznwh8TeJ-spc6YzSi52rzunmaddsJ1rv", "content": "", "creation_timestamp": "2024-08-31T12:47:17.000000Z"}, {"uuid": "b08660f2-6eab-46b5-8a17-4a77adfedd9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3405", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:42.000000Z"}, {"uuid": "213b0b26-e1d1-4f5f-867a-b58336490c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6918", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "c567fee1-97d9-4bbd-b591-85c2585b69f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://t.me/MrVGunz/1189", "content": "\u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062d\u06cc\u0627\u062a\u06cc \u062f\u0631 VMware vCenter Server \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u062e\u06cc\u0631 \u0642\u0627\u0628\u0644 \u0628\u0631\u0637\u0631\u0641\u06cc \u0647\u0633\u062a\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0634\u0627\u0645\u0644 heap overflow \u0648 privilege escalation \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-37079\u060c CVE-2024-37080 \u0648 CVE-2024-37081 \u0647\u0633\u062a\u0646\u062f \u0648 \u0646\u0645\u0631\u0647 CVSSv3 \u0622\u0646\u200c\u0647\u0627 \u0628\u06cc\u0646 7.8 \u062a\u0627 9.8 \u0627\u0633\u062a. \u0628\u0631\u0627\u06cc \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u0646\u0635\u0628 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0644\u0627\u0632\u0645\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0647 \u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83d\udd17 \u0644\u06cc\u0646\u06a9 \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\n\nA series of critical vulnerabilities has been identified in VMware vCenter Server, which can be mitigated by installing recent security updates. These vulnerabilities include heap overflow and privilege escalation identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, with CVSSv3 scores ranging from 7.8 to 9.8. For more details and to install the necessary updates, please visit the following link:\n\n\ud83d\udd17 Link to More Information", "creation_timestamp": "2024-07-03T08:32:23.000000Z"}, {"uuid": "1eb0aeb3-ba13-4c88-9a2f-2d2a9e7f7a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1508", "content": "\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\n\nCVE-2024-37081: VMware vCenter Server Multiple LPE\n\nCVE-2024-22274: VMware vCenter Server RCE\n\n#exploit #pentest #redteam", "creation_timestamp": "2024-07-07T00:00:38.000000Z"}, {"uuid": "865cc3b7-838a-4dd1-82fd-1a11019dd9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37081", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10710", "content": "#exploit\n1. CVE-2024-28397:\njs2py sandbox escape, bypass pyimport restriction\nhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape\n\n2. Bringing process injection into view(s): exploiting all macOS apps using nib files\nhttps://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files\n\n3. CVE-2024-37079,\nCVE-2024-37080,\nCVE-2024-37081:\nVMware vCenter Server heap-overflow (RCE)\nhttps://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a", "creation_timestamp": "2024-06-20T19:11:41.000000Z"}, {"uuid": "70c27cdd-df7c-44e2-919e-be5325953ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-37081", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mfjo6asd322e", "content": "", "creation_timestamp": "2026-02-23T12:37:25.912650Z"}]}