{"vulnerability": "CVE-2024-50379", "sightings": [{"uuid": "f4f520d2-f6b7-482d-a546-43a6c1683e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9539", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRCE through a race condition in Apache Tomcat\nURL\uff1ahttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-21T05:58:03.000000Z"}, {"uuid": "66ade846-9db4-4cb5-989c-0820780cc280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8170", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50379\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.\n\nUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.\n\ud83d\udccf Published: 2024-12-17T12:34:54.827Z\n\ud83d\udccf Modified: 2025-03-20T03:55:50.524Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r", "creation_timestamp": "2025-03-20T04:18:31.000000Z"}, {"uuid": "b242f222-5191-49ab-b23c-48bf17869e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/CyberBulletin/1776", "content": "\u26a1\ufe0fRCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677.\n\n#CyberBulletin", "creation_timestamp": "2024-12-18T12:14:46.000000Z"}, {"uuid": "730e3b73-dd8c-4cba-a221-cd778adf2826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/cvedetector/13091", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50379 - Apache Tomcat TOCTOU Race Condition RCE on Case Insensitive File Systems\", \n  \"Content\": \"CVE ID : CVE-2024-50379 \nPublished : Dec. 17, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.  \n  \nUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.08, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T15:06:15.000000Z"}, {"uuid": "26f8f7fd-b291-4d08-a0d3-84d736209902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/QaDCHeyCTQEDx9YMMCpkZWSmm-dNNJ2lC0YJEGLd_C3RP10", "content": "", "creation_timestamp": "2025-03-31T21:00:07.000000Z"}, {"uuid": "9f63fedd-ad46-442e-ad1e-ee1ef3392ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/Oxq5SO8-21GQipP6NIDCbdDkAA225btYdW6eEU8zypkEJg0", "content": "", "creation_timestamp": "2025-03-15T22:00:06.000000Z"}, {"uuid": "0bcad018-7637-4376-ae6f-338d8fe9e58d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/Y_xPY5an29zAjBEjsanjtpLbpBVw7mFfDR_wSaO-iTXPUi8", "content": "", "creation_timestamp": "2025-03-11T00:00:12.000000Z"}, {"uuid": "ad850c46-fb51-4ab7-8f9c-bb8068043e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9207", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "795a92dc-677c-4ccb-b798-81225b3cc461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9224", "content": "#Github #Tools\n\nTool for reverse engineering macOS/OS X.\n\nhttps://github.com/steven-michaud/HookCase\n\nCVE-2024-50379: RCE through a race condition in Apache Tomcat\n\nPoC\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc?tab=readme-ov-file\n\nawesome-linux-attack-forensics-purplelabs : Hands-on research around advanced Linux attacks, detection and forensics techniques and tools \n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nA tool for automating cracking methodologies through Hashcat from the TrustedSec team.\n\nhttps://github.com/trustedsec/hate_crack\n\nCrystalDump : Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!) : \n\nhttps://github.com/ricardojoserf/NativeDump/tree/crystal-flavour  \n\n#HackersForum", "creation_timestamp": "2024-12-30T05:01:52.000000Z"}, {"uuid": "083a0ec3-58d9-409f-a58d-6f23773069eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4128", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-29T08:06:35.000000Z"}, {"uuid": "6e3fa79d-9507-4d40-a095-a5ba4c6ddcd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4051", "content": "#Github #Tools\n\nTool for reverse engineering macOS/OS X.\n\nhttps://github.com/steven-michaud/HookCase\n\nCVE-2024-50379: RCE through a race condition in Apache Tomcat\n\nPoC\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc?tab=readme-ov-file\n\nawesome-linux-attack-forensics-purplelabs : Hands-on research around advanced Linux attacks, detection and forensics techniques and tools \n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nA tool for automating cracking methodologies through Hashcat from the TrustedSec team.\n\nhttps://github.com/trustedsec/hate_crack\n\nCrystalDump : Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!) : \n\nhttps://github.com/ricardojoserf/NativeDump/tree/crystal-flavour  \n\n#HackersForum", "creation_timestamp": "2024-12-30T05:01:43.000000Z"}, {"uuid": "d6c4a118-d7e4-45d5-9cbb-d998b249b09a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/dilagrafie/4036", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:32.000000Z"}, {"uuid": "875d9fbf-df10-4749-9970-26d18d787a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/GrayHatsHack/7788", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "f7e8174a-63e6-4dd2-bd91-bebd0b4c34c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/thehackernews/6084", "content": "\u26a1 A new remote code execution flaw in Apache Tomcat (CVE-2024-56337) exposes organizations to serious risk.\n\nAn uploaded file could turn into malicious JSP code\u2014resulting in remote code execution.\n\n\u00bb Affected Versions: Tomcat 9.0.0-M1 to 11.0.1\n\u00bb Java users: Incorrect configurations = higher risk.\n\u00bb Severity? CVE-2024-50379 scored a 9.8 on CVSS!\n\nDetails here \ud83d\udc49 https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "creation_timestamp": "2024-12-24T07:10:43.000000Z"}, {"uuid": "9184acca-ae5c-41d1-8946-681e02ebbd5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/CyberBulletin/26846", "content": "\u26a1\ufe0fRCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677.\n\n#CyberBulletin", "creation_timestamp": "2024-12-18T12:14:46.000000Z"}, {"uuid": "dca9cf2f-313f-4ba6-98e9-180026680ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113685883850360893", "content": "", "creation_timestamp": "2024-12-20T15:35:21.591878Z"}, {"uuid": "e15068c7-eac6-40a9-a0aa-64b109229e5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ldp7etjohw2w", "content": "", "creation_timestamp": "2024-12-20T01:12:03.467054Z"}, {"uuid": "8489752c-7b72-495b-85e3-25aaf8a52865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/areyou1or0.bsky.social/post/3leanozdtms2k", "content": "", "creation_timestamp": "2024-12-26T23:43:34.315596Z"}, {"uuid": "fffb7625-0a81-4ce8-beff-0f0318ee3473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfyuf3prwd25", "content": "", "creation_timestamp": "2025-01-18T08:12:22.684863Z"}, {"uuid": "0fba92b2-93e3-4490-b321-c3ed3b19ee74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lg4euebvis2i", "content": "", "creation_timestamp": "2025-01-19T17:45:13.818500Z"}, {"uuid": "bf0ee9b4-9475-4571-96a4-1f9be8b57ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lswu4akkvs2p", "content": "", "creation_timestamp": "2025-07-01T23:29:38.153226Z"}, {"uuid": "513bd60b-36f5-449b-9beb-c93529876b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1447", "content": "", "creation_timestamp": "2024-12-18T04:00:00.000000Z"}, {"uuid": "32236de8-7bec-408e-9e65-17379f4b1a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/G1YIpqTouZZ7RGRq-g0EK5R-A4RVmquYDNGd4eb7udpn90Y", "content": "", "creation_timestamp": "2025-06-14T15:00:07.000000Z"}, {"uuid": "433d2e86-e7ef-42a2-ade8-dd03442b9467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9605", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aTesting the latset Apache Tomcat CVE-2024-50379 Vuln\nURL\uff1ahttps://github.com/bigb0x/CVE-2024-50379\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-25T21:51:35.000000Z"}, {"uuid": "567123f7-1272-4ffa-9799-3d58e26dc5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/cvedetector/13444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56337 - Apache Tomcat CaseInsensitive TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56337 \nPublished : Dec. 20, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.  \n  \nThe mitigation for CVE-2024-50379 was incomplete.  \n  \nUsers running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation   \nparameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat:  \n- running on Java 8 or Java 11: the system property\u00a0sun.io.useCanonCaches must be explicitly set to false (it defaults to true)  \n- running on Java 17: the\u00a0system property sun.io.useCanonCaches, if set, must be set to false\u00a0(it defaults to false)  \n- running on Java 21 onwards: no further configuration is required\u00a0(the system property and the problematic cache have been removed)  \n  \nTomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that\u00a0sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set\u00a0sun.io.useCanonCaches to false by default where it can. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T18:25:23.000000Z"}, {"uuid": "e6b20fa5-55ae-4dc1-b824-01024c4d6d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/2404", "content": "\ud83d\ude08CVE-2024-50379 Apache Tomcat\n*\nExiste un problema con una condici\u00f3n de carrera de verificaci\u00f3n de tiempo de uso ( TOCTOU ) que puede conducir a la ejecuci\u00f3n remota de c\u00f3digo ( RCE ), especialmente en sistemas de archivos que no distinguen entre may\u00fasculas y min\u00fasculas, como Windows .\n\nExplotaci\u00f3n y POC", "creation_timestamp": "2024-12-26T02:02:14.000000Z"}, {"uuid": "59846575-35f8-4d40-aa01-4e966a8330b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/2391", "content": "#exploit\n1. CVE-2024-50379:\nApache Tomcat RCE\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc\n\n2. CVE-2024-48990:\nQualys needrestart <3.8 - Uncontrolled Search Path Element\nhttps://github.com/makuga01/CVE-2024-48990-PoC", "creation_timestamp": "2024-12-25T20:08:04.000000Z"}, {"uuid": "974c1658-57cd-49ca-a8de-4bb1371bf4de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/cacBQ5bN-vmwnt3DR7dLi1PlBkYQLfgr4qnQira8PDCN7qo", "content": "", "creation_timestamp": "2025-01-23T20:00:07.000000Z"}, {"uuid": "bf78cd2e-6c3b-4cd7-922f-59ea5ed3ece7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/LP1aIPk-AqT4UlTzgS4QSA_6Iy4XQeN8b-9YQBsDnSHrbTw", "content": "", "creation_timestamp": "2025-01-23T16:00:09.000000Z"}, {"uuid": "05c8abcd-cf79-4c26-ad1f-702364e51923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/proxy_bar/2445", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-24T19:45:29.000000Z"}, {"uuid": "7190bb4f-1ecf-4efc-9a25-6a071ed8dd9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7803", "content": "#Github #Tools\n\nTool for reverse engineering macOS/OS X.\n\nhttps://github.com/steven-michaud/HookCase\n\nCVE-2024-50379: RCE through a race condition in Apache Tomcat\n\nPoC\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc?tab=readme-ov-file\n\nawesome-linux-attack-forensics-purplelabs : Hands-on research around advanced Linux attacks, detection and forensics techniques and tools \n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nA tool for automating cracking methodologies through Hashcat from the TrustedSec team.\n\nhttps://github.com/trustedsec/hate_crack\n\nCrystalDump : Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!) : \n\nhttps://github.com/ricardojoserf/NativeDump/tree/crystal-flavour  \n\n#HackersForum", "creation_timestamp": "2024-12-30T05:01:52.000000Z"}, {"uuid": "c6a90dcc-3147-41d6-8067-b842fb496931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6582", "content": "Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-56337 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0443\u0434\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2024-50379 (CVSS: 9,8), \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u0441 Tomcat \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\u00bb \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043d\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u043e\u0442\u043b\u0438\u0447\u043d\u043e\u0435 \u043e\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e), \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-50379 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f Java \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 Tomcat.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u044b \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f (TOCTOU), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0438 \u0442\u043e\u0433\u043e \u0436\u0435 \u0444\u0430\u0439\u043b\u0430 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 Tomcat \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE.\n\nCVE-2024-56337 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat: \n- 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 9.0.0.M1 \u2013 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n- Java 8 \u0438\u043b\u0438 Java 11: \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430\u0434\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u043c\u0443 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u0443 sun.io.useCanonCaches \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e true);\n\n- Java 17: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e false);\n\n- Java 21 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438: \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\n\nASF \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 KnownSec 404 \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 CVE-2024-56337 \u0441 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c PoC.", "creation_timestamp": "2024-12-25T15:20:25.000000Z"}, {"uuid": "e98ecdff-906b-43a3-a992-40dd5c3dc2e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/26924", "content": "\u26a1\ufe0fDeep Dive & POC of CVE-2024-50379 Exploit Tomcat Vulnerability (9.8 Severity).\n\n#CyberBulletin", "creation_timestamp": "2024-12-27T01:03:13.000000Z"}, {"uuid": "c8e006e4-9338-4dc6-9034-7d15fc1fa8ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11595", "content": "#exploit\n1. CVE-2024-50379:\nApache Tomcat RCE\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc\n\n2. CVE-2024-48990:\nQualys needrestart <3.8 - Uncontrolled Search Path Element\nhttps://github.com/makuga01/CVE-2024-48990-PoC", "creation_timestamp": "2024-12-23T15:32:22.000000Z"}, {"uuid": "3170c060-a4cf-4861-bdbd-a9b481e85e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfoba6mzmw2k", "content": "", "creation_timestamp": "2025-01-14T03:02:58.821528Z"}, {"uuid": "8918857d-78d1-4659-806f-3a903f75c0a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljym4xw6lc2b", "content": "", "creation_timestamp": "2025-03-10T03:25:27.300189Z"}, {"uuid": "e0dde01c-d101-49f3-9f4c-b3c4401f4ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "133ff4b6-4528-4dbf-84de-4b8ac0d63faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9520", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aApache Tomcat\uff08CVE-2024-50379\uff09\u6761\u4ef6\u7ade\u4e89\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u6279\u91cf\u68c0\u6d4b\u811a\u672c\nURL\uff1ahttps://github.com/iSee857/CVE-2024-50379-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-20T05:27:35.000000Z"}, {"uuid": "8174cfd9-1bb7-48d8-9476-8f1f4685fbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/hackingbra/215", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-26T02:57:28.000000Z"}, {"uuid": "ac5f7664-5b26-4d48-a371-0cba470a59d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/1832", "content": "\u26a1\ufe0fDeep Dive & POC of CVE-2024-50379 Exploit Tomcat Vulnerability (9.8 Severity).\n\n#CyberBulletin", "creation_timestamp": "2024-12-27T01:03:13.000000Z"}, {"uuid": "9065f9ab-bf4c-45f7-ad49-d4f169ff3539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/kasperskyb2b/1574", "content": "\u2b50\ufe0f \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411\n\n\ud83d\ude11 \u0423\u0433\u0440\u043e\u0437\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0410\u0421\u0423 \u0432 3 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430: \u043e\u0431\u0437\u043e\u0440 \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430. \u0422\u043e\u043f \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u043b\u0438 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \n\n\ud83d\uddff \u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Masque, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 2024 \u0433\u043e\u0434\u0443 \u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0439 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0432\u044b\u0433\u043e\u0434\u044b.  \u0417\u0430\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u0442\u0451\u043a\u0448\u0438\u0435 \u0431\u0438\u043b\u0434\u0435\u0440\u044b Lockbit \u0438 Babuk.\n\n\ud83d\ude80 \u0412 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430\u0445 Palo Alto, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 CVE-2024-9474, \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 Littlelamb.Wooltea. \u041e\u0447\u0435\u043d\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e \u043d\u0451\u043c \u0445\u043e\u0440\u043e\u0448\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u043a\u0430\u043a \u043e\u043f\u044b\u0442\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\ud83d\udfe3\u0421\u043f\u0438\u0441\u043e\u043a \u0438\u0437 2,5 \u0442\u044b\u0441\u044f\u0447 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 Astrill VPN, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0447\u0435\u043d\u044c \u043b\u044e\u0431\u044f\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 APT.\n\n\u2764\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0444\u0438\u0448\u0438\u043d\u0433-\u043a\u0438\u0442\u0430 WikiKit, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0433\u043e \u0441\u0432\u043e\u0451 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0443\u0435\u0442 \u043d\u0435\u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0412\u0438\u043a\u0438\u043f\u0435\u0434\u0438\u044e.\n\n\ud83d\ude35\u200d\ud83d\udcab \u041f\u044f\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Chrome, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043e\u0442 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Cyberhaven, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u043c\u0430\u0433\u0430\u0437\u0438\u043d Chrome. \u0415\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0434 \u043f\u043e\u0434\u0447\u0438\u043d\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 \u0432 \u0425\u0440\u043e\u043c \u0441\u0442\u0440\u043e\u0433\u0438\u043c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c.\n\n\ud83d\udfe2\u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u043d\u044c \u2014 \u043d\u043e\u0432\u043e\u0435 \u0412\u041f\u041e \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 open source. \u0422\u0435\u043f\u0435\u0440\u044c \u0447\u0435\u0440\u0435\u0437 PyPi \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0441\u0442\u0438\u043b\u0435\u0440\u044b Cometlogger \u0438 Zebo.\n\n\ud83d\udfe3\u0410 Lockbit \u0441\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c \u043e\u0442\u043f\u0440\u0430\u0437\u0434\u043d\u043e\u0432\u0430\u0442\u044c \u0433\u043e\u0434\u043e\u0432\u0449\u0438\u043d\u0443 \u0440\u0430\u0437\u0433\u043e\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Lockbit 4.0.\n\n\ud83d\ude35 \u0426\u0435\u043b\u0430\u044f \u043f\u0430\u0447\u043a\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0418\u0422-\u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043e\u043c\u0440\u0430\u0447\u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u0437\u043e\u043d. \u041e\u0442\u043c\u0435\u0442\u0438\u043c CVE-2024-52046 \u0432 Apache MINA (CVSS 10), CVE-2024-45387 \u0432 Apache Traffic Ops (CVSS 9.9) \u0438 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e CVE-2024-43441 \u0432 OpenGraph. \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0434\u0432\u0430 \u0432\u044b\u0434\u043e\u0445\u043d\u0443\u043b, \u0437\u0430\u043b\u0430\u0442\u0430\u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50379 \u0432 Apache Tomcat, \u0442\u043e\u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u2014 \u0444\u0438\u043a\u0441 \u0431\u044b\u043b \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435 CVE-2024-56337 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0439\u0442\u0435 \u0441\u043d\u0430\u0447\u0430\u043b\u0430. \u0414\u0430, \u0438 CVE-2024-53677 \u0432 Struts \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435.\n\u0421\u043d\u043e\u0432\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c \u0438 Palo Alto \u0441 DoS \u0432 PAN-OS (CVE-2024-3393, CVSS 8.7).\n\n\ud83d\udc4b \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0447\u0442\u0438\u0432\u043e \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435: \u043a\u0430\u043a \u043b\u044e\u0431\u0438\u043c\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u0430\u043f\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0441\u0430\u0434\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-12-28T08:57:19.000000Z"}, {"uuid": "f4e1e9d6-9695-41ff-8112-631d8dfb49d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/eVIPFGRhkq3YCk2O8BWYITIBkjx0dvNLYbcNpq7wmBtPfw", "content": "", "creation_timestamp": "2024-12-24T11:23:07.000000Z"}, {"uuid": "49ff5ce7-a361-43d5-b3b8-b8f7940d8e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1392", "content": "#Github #Tools\n\nTool for reverse engineering macOS/OS X.\n\nhttps://github.com/steven-michaud/HookCase\n\nCVE-2024-50379: RCE through a race condition in Apache Tomcat\n\nPoC\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc?tab=readme-ov-file\n\nawesome-linux-attack-forensics-purplelabs : Hands-on research around advanced Linux attacks, detection and forensics techniques and tools \n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nA tool for automating cracking methodologies through Hashcat from the TrustedSec team.\n\nhttps://github.com/trustedsec/hate_crack\n\nCrystalDump : Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!) : \n\nhttps://github.com/ricardojoserf/NativeDump/tree/crystal-flavour  \n\n#HackersForum", "creation_timestamp": "2024-12-30T05:01:48.000000Z"}, {"uuid": "8aee7265-c14e-4cbc-8a56-a4b3ee40d74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/CyberDilara/1370", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:43.000000Z"}, {"uuid": "6ab7c22b-1d1c-4715-a412-d66b4ae51ac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/kVJLfrzqzFDzMEQqpoUmUp6GwO_SK6INlXOcFg_lbdv1buw", "content": "", "creation_timestamp": "2025-03-04T04:00:14.000000Z"}, {"uuid": "acb4b756-26a5-445b-9d48-6986d87da163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "Telegram/QJNKafZ39RPUBf0W2FOX1OlC1JbKcylQtoMgEZm-Z-wGay4", "content": "", "creation_timestamp": "2025-03-04T04:00:07.000000Z"}, {"uuid": "aa6ade9e-0e01-4695-ad80-56676759813c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "Telegram/82a2CCv2PPefBAywwzeR-yS_ueYglGvjGZeFL5Nia0p4qd8", "content": "", "creation_timestamp": "2025-03-22T08:00:11.000000Z"}, {"uuid": "e9a82ad8-5ad5-4793-a85d-aa7051ab39f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7946", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-31T11:35:51.000000Z"}, {"uuid": "3d8f7cb7-47f0-4935-90f5-348e33807614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/3497", "content": "https://github.com/SleepingBag945/CVE-2024-50379", "creation_timestamp": "2024-12-25T16:19:23.000000Z"}, {"uuid": "2c2cd329-2b46-49da-90f8-796e499f4df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/232", "content": "https://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc\n\nRCE through a race condition in Apache Tomcat\n#github #poc", "creation_timestamp": "2024-12-22T03:43:00.000000Z"}, {"uuid": "543e062f-6005-432c-817f-7a79e4e54356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://t.me/suboxone_chatroom/941", "content": "\u26a1\ufe0fCVE-2024-50379/CVE-2024-56337 : Apache Tomcat Patches Critical RCE Vulnerability\n\n\ud83d\udd25Exploit : https://github.com/SleepingBag945/CVE-2024-50379\n\n\ud83d\udc47Dorks:\nHUNTER :/product.name=\"Apache Tomcat\"\nFOFA : product=\"Apache-Tomcat\"\nSHODAN : product:\"Apache-Tomcat\"", "creation_timestamp": "2025-01-13T11:04:46.000000Z"}, {"uuid": "434b7a3e-8248-48f2-b5cd-3e002107b143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/1572", "content": "#exploit\n1. CVE-2024-50379:\nApache Tomcat RCE\nhttps://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc\n\n2. CVE-2024-48990:\nQualys needrestart <3.8 - Uncontrolled Search Path Element\nhttps://github.com/makuga01/CVE-2024-48990-PoC", "creation_timestamp": "2025-01-27T07:07:37.000000Z"}, {"uuid": "1d315889-c671-43b2-b502-7d6df7d2b1f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ldqsi62and25", "content": "", "creation_timestamp": "2024-12-20T16:26:35.753102Z"}, {"uuid": "2c9806aa-b408-441f-a549-5d8e1c4bfb9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113668199636879118", "content": "", "creation_timestamp": "2024-12-17T12:38:01.836867Z"}, {"uuid": "50aca213-f5b4-48b3-8c03-0c4277ce6974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113680586153598714", "content": "", "creation_timestamp": "2024-12-19T17:08:05.227273Z"}, {"uuid": "0be4c6ab-bf6f-47cf-ba69-62bc912d109d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "content": "", "creation_timestamp": "2024-12-24T05:06:00.000000Z"}, {"uuid": "1f9b421d-2539-4e41-9b75-1634f700a366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113708106021039311", "content": "", "creation_timestamp": "2024-12-24T13:46:44.846263Z"}, {"uuid": "1866d71a-e919-4faa-81db-d72560eb41a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3le2skx52sc2x", "content": "", "creation_timestamp": "2024-12-24T15:54:47.874479Z"}, {"uuid": "286d9f48-df82-44c7-a4d2-da71a73fe8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/113803734953935843", "content": "", "creation_timestamp": "2025-01-10T11:06:26.650824Z"}, {"uuid": "848e99a8-6264-40d3-a7e5-0b5e4d891148", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3lq63lxwbu52n", "content": "", "creation_timestamp": "2025-05-27T16:16:43.466544Z"}, {"uuid": "5c0c1fff-f8ee-4239-8424-7bc0aca5c5eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114779416038120432", "content": "", "creation_timestamp": "2025-07-01T18:34:58.800443Z"}, {"uuid": "f4792670-d12c-4c6c-899f-0c0ea77e9701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9567", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1atomcat CVE-2024-50379 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\nURL\uff1ahttps://github.com/SleepingBag945/CVE-2024-50379\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-23T07:26:21.000000Z"}, {"uuid": "591bad1d-bdbd-4718-9542-a8bced5478e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9595", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-50379-exp\nURL\uff1ahttps://github.com/lizhianyuguangming/CVE-2024-50379-exp\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-25T02:46:52.000000Z"}, {"uuid": "b04a9415-decf-4c10-a2e0-5b14a3910ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-50379\u5229\u7528\nURL\uff1ahttps://github.com/dear-cell/CVE-2024-50379\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-23T14:14:32.000000Z"}, {"uuid": "85f07171-ef6e-4a66-8b17-61e9024bc51d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/5047", "content": "\u200b\u26a1\ufe0fCVE-2024-56337: \u043d\u043e\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 Tomcat\n\n\ud83d\udcac\u0424\u043e\u043d\u0434 Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u043c \u041f\u041e Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-56337, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2024-50379 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0441 Tomcat \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u0432\u043a\u043b\u044e\u0447\u0451\u043d\u043d\u044b\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 readonly \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0432 false), \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u043d\u0435\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0442\u0438\u043f\u0430 (Race Condition) Time-of-check Time-of-use (TOCTOU). \u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c \u0447\u0442\u0435\u043d\u0438\u0438 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-56337 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat:\n\nApache Tomcat 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 9.0.0.M1 \u0434\u043e 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438 \u0432\u044b\u0448\u0435).\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n\u0414\u043b\u044f Java 8 \u0438 Java 11: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u2014 true).\n\u0414\u043b\u044f Java 17: \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u043d\u043e \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e).\n\u0414\u043b\u044f Java 21 \u0438 \u043d\u043e\u0432\u0435\u0435: \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0436\u0435 \u0431\u044b\u043b\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\nASF \u043f\u043e\u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u0438\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 KnownSec 404 Team \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 CVE-2024-56337 \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-24T06:43:49.000000Z"}, {"uuid": "33cdcc73-1d1b-4809-a698-77d610096a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50379", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRepositorio para alojar un template de Nuclei para probar el CVE-2024-50379 (en fase de prueba)\nURL\uff1ahttps://github.com/JFOZ1010/Nuclei-Template-CVE-2024-50379\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-20T03:44:57.000000Z"}]}