{"vulnerability": "CVE-2024-7029", "sightings": [{"uuid": "3a3b78d5-6ac6-49b9-bd13-c2d6633d1edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11119", "content": "#exploit\n1. CVE-2024-0509:\nWP Plugin - WP 404 Auto Redirect to Similar Post\nhttps://github.com/kodaichodai/CVE-2024-0509\n\n2. CVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\nhttps://github.com/bigherocenter/CVE-2024-7029-EXPLOIT", "creation_timestamp": "2024-09-12T12:12:24.000000Z"}, {"uuid": "e5911a2a-a066-4017-853d-b5aa21d82b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4408", "content": "#exploit\n1. CVE-2024-0509:\nWP Plugin - WP 404 Auto Redirect to Similar Post\nhttps://github.com/kodaichodai/CVE-2024-0509\n\n2. CVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\nhttps://github.com/bigherocenter/CVE-2024-7029-EXPLOIT", "creation_timestamp": "2024-09-12T06:45:06.000000Z"}, {"uuid": "e7ac5452-fd41-44b6-88bd-6f66b84a2ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-91b171af-9612ebc372792696", "content": "", "creation_timestamp": "2025-01-26T08:25:04.006794Z"}, {"uuid": "c2c8e6c7-f001-4176-9518-748c1b2e6aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "6224d260-76cb-4036-97f6-95da9313044a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-7d94594b-ae20c1dc5483d2a2", "content": "", "creation_timestamp": "2025-10-11T06:19:00.645896Z"}, {"uuid": "2d459637-aa19-48f9-8fdf-01d6c4abf76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "MISP/af1fbe07-e10c-40c4-844e-d4419bdf6f80", "content": "", "creation_timestamp": "2025-08-22T13:26:18.000000Z"}, {"uuid": "1124283f-9e3d-4a05-8ed6-5b2618fcf2c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "f2d76b9e-6b2b-4c25-88c4-2a3602cbc808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8698", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a A PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/geniuszlyy/CVE-2024-7029\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-08T10:06:09.000000Z"}, {"uuid": "fb8d3288-b6d6-4972-be90-0f4e34796502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://t.me/cvedetector/2353", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-7029 - Apache Router Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-7029 \nPublished : Aug. 2, 2024, 3:16 p.m. | 42\u00a0minutes ago \nDescription : Commands can be injected over the network and executed without authentication. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T18:11:55.000000Z"}, {"uuid": "9de3f199-d075-45a1-bad8-b622d6bd2d0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/CyberBulletin/502", "content": "\u26a1\ufe0fA severe #vulnerability in AVTECH IP cameras (CVE-2024-7029) is now being weaponized by hackers, creating a botnet. Unpatched & easily exploitable, this flaw poses a massive risk to commercial, financial, and #healthcare sectors.\n\n#CyberBulletin", "creation_timestamp": "2024-08-31T17:35:14.000000Z"}, {"uuid": "992e1d7a-df2c-42cd-a362-76f988d7d0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1905", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-12T14:58:15.000000Z"}, {"uuid": "d1f03110-8200-48a5-9411-8558dd28c7e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/LionBoneSec/23", "content": "The Hacker News\nUnpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks\n\nA years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.\nCVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a \"command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE),\" Akamai researchers Kyle", "creation_timestamp": "2024-08-29T16:02:48.000000Z"}, {"uuid": "f600c770-0540-4a3e-a508-58fdbbe21578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3645", "content": "#exploit\n1. CVE-2024-0509:\nWP Plugin - WP 404 Auto Redirect to Similar Post\nhttps://github.com/kodaichodai/CVE-2024-0509\n\n2. CVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\nhttps://github.com/bigherocenter/CVE-2024-7029-EXPLOIT", "creation_timestamp": "2024-09-13T16:19:31.000000Z"}, {"uuid": "fcf6f4aa-69dc-4bbe-a9f5-f0fe5f00c498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18589", "content": "https://github.com/bigherocenter/CVE-2024-7029-EXPLOIT\n\nCVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\n#github #exploit", "creation_timestamp": "2024-09-13T11:39:49.000000Z"}, {"uuid": "933cf0f4-b96d-4455-96b7-0ec656391dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2216", "content": "https://github.com/geniuszlyy/CVE-2024-7029\n\nA PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)\n#github #exploit", "creation_timestamp": "2024-10-08T16:23:32.000000Z"}, {"uuid": "f067c095-3747-408e-ae4f-62b1eb47655b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/19419", "content": "https://github.com/geniuszlyy/CVE-2024-7029\n\nA PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)\n#github #exploit", "creation_timestamp": "2024-10-08T16:23:32.000000Z"}, {"uuid": "69a584a3-321d-41b5-8cb7-1961a159473d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/19113", "content": "The Hacker News\nUnpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks\n\nA years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.\nCVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a \"command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE),\" Akamai researchers Kyle", "creation_timestamp": "2024-08-29T14:12:21.000000Z"}, {"uuid": "eb0c363a-b11e-435b-a741-818da7738a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/nodejsleaks/1036", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-09T16:53:13.000000Z"}, {"uuid": "329a1579-8d19-4208-a14d-d6f6d7c43a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/KomunitiSiber/2480", "content": "Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks\nhttps://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html\n\nA years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.\nCVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a \"command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE),\" Akamai researchers Kyle", "creation_timestamp": "2024-08-29T14:43:27.000000Z"}, {"uuid": "08b0146e-a2f2-46b6-906a-ca150efffdf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/thehackernews/6200", "content": "\ud83d\udea8 New Murdoc_Botnet Targets IoT Devices Worldwide!\nResearchers have uncovered a massive botnet exploiting security flaws (CVE-2017-17215 & CVE-2024-7029) in AVTECH cameras and Huawei routers.\n\nIt has already infected 1,370+ devices since July 2024.\n\n\ud83d\udc49 Update your firmware, change default passwords, and secure your network now.\n\nFind details here: https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html", "creation_timestamp": "2025-01-21T15:15:37.000000Z"}, {"uuid": "da0fb6b3-07f8-41ae-a5ad-5f5520ccec0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3294", "content": "https://github.com/geniuszlyy/CVE-2024-7029\n\nA PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)\n#github #exploit", "creation_timestamp": "2024-10-08T16:18:03.000000Z"}, {"uuid": "7b82d9e6-a9be-48cb-b8eb-a0e0995e56ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5001", "content": "\u041f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0432\u0441\u0435 \u043a\u0443\u0447\u043d\u043e \u0438 \u043e\u0431\u044a\u0435\u043c\u043d\u043e, \u0432\u043a\u0440\u0430\u0442\u0446\u0435 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Claroty \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c CIP \u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u041f\u041b\u041a Rockwell Automation ControlLogix.\n\n\u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0430\u044f PenTest Partners \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0\u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 KnowBe4 \u0434\u043b\u044f Windows.\n\n\u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nPenTest Partners \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u043e\u043d\u0438\u0437\u0438\u043b\u0430 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0437\u0430\u0442\u0435\u043c \u0443\u0441\u043a\u043e\u0440\u0438\u043b\u0430 \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0441\u0432\u044f\u0437\u0430\u0442\u044c\u0441\u044f \u0441 \u0435\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u043e\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cyllective \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 53 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445 \u0438\u0437 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 Atlassian. \n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043e\u043d\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u043f\u044f\u0442\u0438, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0435\u0449\u0435 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0412\u0430\u043d \u0422\u0438\u043b\u0435\u043d \u0432\u044b\u043a\u0430\u0442\u0438\u043b PoC \u0434\u043b\u044f CVE-2024-27878 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0441\u0435\u0430\u043d\u0441\u043e\u0432 AppleTalk (ASP), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c macOS \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u044f\u0434\u0440\u0430.\n\nRyotaK \u0438\u0437 Flatt Security \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 First Sequence Sync, \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0433\u043e\u043d\u043a\u0438 \u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0434\u043d\u0438\u043c \u043f\u0430\u043a\u0435\u0442\u043e\u043c.\n\n\u041c\u0435\u0442\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043e\u0447\u0435\u043d\u044c \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430 \u043e\u0447\u0435\u043d\u044c \u043a\u043e\u0440\u043e\u0442\u043a\u0438\u0439 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u043a \u0432\u0440\u0435\u043c\u0435\u043d\u0438. RyotaK \u0434\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0430\u0442\u0430\u043a\u0438 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u043f\u0440\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0442\u043e\u043a\u0435\u043d\u0430.\n\nElastic \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445\u00a0APM \u0438 Kibana. \n\n\u0410, Progress Software, \u0441\u043e \u0441\u043b\u043e\u0432 \u0438\u0445 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0430 \u0422\u0438\u043c\u0430 \u0421\u043c\u0438\u0442\u0430, \u043d\u0435 \u0441\u043f\u0438\u0448\u0443\u0442 \u0441 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 DevOps Chef, \u0437\u0430\u0442\u044f\u043d\u0443\u0432 \u043f\u043e\u0447\u0442\u0438 \u043d\u0430 \u0433\u043e\u0434.\n\n\u0422\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0430\u044f AVTech \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0441\u0432\u043e\u0438\u0445 \u043a\u0430\u043c\u0435\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 AVM.\n\nCVE-2024-7029 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Akamai \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u043e\u0439.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u043a\u0430\u043c\u0435\u0440\u044b AVTech AVM \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438 \u043f\u0440\u043e\u0441\u0442\u044b \u0432 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b (NVR) AVTech \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b.", "creation_timestamp": "2024-08-05T14:55:24.000000Z"}, {"uuid": "8687d351-80c2-43ee-b873-25ba4de773ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lh7dtqzm3y2d", "content": "", "creation_timestamp": "2025-02-02T15:30:09.580062Z"}, {"uuid": "a2c4a5c6-b0f5-455f-ad5d-0f5f9b633e5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "2c5168fd-6007-4ac7-81f8-7612304a669c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "MISP/a41d8549-5384-5e1a-8c33-bf88e35b5a0a", "content": "", "creation_timestamp": "2025-10-14T10:31:50.000000Z"}, {"uuid": "022fe0f4-cd9a-4c6e-90c5-86e7c1b1656a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-29)", "content": "", "creation_timestamp": "2025-11-29T00:00:00.000000Z"}, {"uuid": "355d22c8-720b-426b-ad92-f0e02da77ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/itsec_news/5188", "content": "\u200b\u26a1\ufe0fMurdoc Botnet: \u043a\u0430\u043a \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Linux \u0441\u0442\u0430\u043b\u0438 \u043e\u0440\u0443\u0436\u0438\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Qualys \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u0443\u044e Murdoc Botnet. \u0412 \u0445\u043e\u0434\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 AVTECH \u0438 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 Huawei HG532 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043e\u0431\u0448\u0438\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u0430. \u042d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u0432\u044b\u0434\u0435\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f Murdoc Botnet \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 2024 \u0433\u043e\u0434\u0430. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 ELF-\u0444\u0430\u0439\u043b \u0438 Shell-\u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u041f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0443\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u0432 2024 \u0433\u043e\u0434\u0443 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 1300 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044b\u0448\u0435 100 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u044e\u0449\u0438\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e. \u042d\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e.\n\nMurdoc Botnet \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 ( CVE-2024-7029, CVE-2017-17215 ). \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a IP-\u043a\u0430\u043c\u0435\u0440\u044b \u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Linux \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0431\u043e\u043b\u0435\u0435 500 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0445 ELF-\u0444\u0430\u0439\u043b\u044b \u0438 Shell-\u0441\u043a\u0440\u0438\u043f\u0442\u044b. \u041e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Mirai \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0430\u0442\u0430\u043a\u0438.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0432\u044b\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u044f, \u0422\u0430\u0438\u043b\u0430\u043d\u0434, \u041c\u0435\u043a\u0441\u0438\u043a\u0430 \u0438 \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u044f. \u042d\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c, \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438\u0437 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0421\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u043e\u0442 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-22T09:56:11.000000Z"}, {"uuid": "c67bb14a-03de-48c2-ac79-6964d2c62a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1958", "content": "https://github.com/bigherocenter/CVE-2024-7029-EXPLOIT\n\nCVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\n#github #exploit", "creation_timestamp": "2024-09-12T08:54:51.000000Z"}, {"uuid": "d55580fe-8a3b-4572-a3d1-c0f1b693f9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/5518", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-12T14:58:15.000000Z"}, {"uuid": "db7389c3-bb9b-4158-9989-dfd8ab553870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/5390", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-09T16:55:11.000000Z"}, {"uuid": "0dbcc499-8664-4a80-873a-7b128dc33319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1853", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-09T16:55:11.000000Z"}, {"uuid": "35014fa3-5cbb-4ca3-aad4-130c049d35e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/2867", "content": "\ud83d\udea8PoC Tool for Exploiting CVE-2024-7029 in AvTech Devices: Enabling RCE, Vulnerability Scanning, and Interactive Shell\n\nhttps://darkwebinformer.com/poc-tool-for-exploiting-cve-2024-7029-in-avtech-devices-enabling-rce-vulnerability-scanning-and-interactive-shell/", "creation_timestamp": "2024-09-02T19:14:40.000000Z"}, {"uuid": "960357d5-840d-4cd4-811e-1cf23ced00cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/leaksmain/296", "content": "#script PoC CVE-2024-7029 ( Corona botnet using this )\n$\u2014AVTECH devices.\n$\u2014x86_64 ARCH\n$\u2014Linux\n\n[install]:\n18 line change payload.\n$ pip install requests\n$ pip install prompt_toolkit\n$ pip install alive_progress\n\nroot@nodejsleaks~: python3 PoC-7029.py  -f list.txt -t 1000", "creation_timestamp": "2024-10-09T16:53:32.000000Z"}, {"uuid": "6fcb889b-0742-4023-b27f-09eb319ad6d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "Telegram/XfPscdCq83pEdS9IZfzKTcUQJad21Usre4MtPszRGPqnRBk", "content": "", "creation_timestamp": "2024-08-30T06:59:55.000000Z"}, {"uuid": "492957cb-9195-44ea-bab5-fcaa66c09c4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1236", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc #\u062a\u0632\u0631\u06cc\u0642_\u0641\u0631\u0645\u0627\u0646 \u062f\u0631 #\u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc_IP #AVTECH\n\n\u0645\u0631\u06a9\u0632 #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc \u0648 #\u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc_\u0645\u0647\u0645 \u0622\u0645\u0631\u06cc\u06a9\u0627 (CISA) \u062f\u0631 \u06af\u0632\u0627\u0631\u0634 \u0627\u062e\u06cc\u0631 \u062e\u0648\u062f (ICSA-24-214-07) \u0628\u0647 \u06cc\u06a9 #\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0633\u06cc\u0627\u0631 \u062c\u062f\u06cc \u062f\u0631 \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc IP \u0634\u0631\u06a9\u062a AVTECH \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 #\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u062e\u0648\u062f \u0631\u0627 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \u0648 #\u06a9\u0646\u062a\u0631\u0644_\u06a9\u0627\u0645\u0644 \u062f\u0633\u062a\u06af\u0627\u0647 \u0631\u0627 \u062f\u0631 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u0646\u062f.\n\n\u0634\u0631\u062d \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc:\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc #\u062a\u0632\u0631\u06cc\u0642_\u0641\u0631\u0645\u0627\u0646 (CVE-2024-7029) \u062f\u0631 \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc IP AVTECH \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 #\u0627\u062d\u0631\u0627\u0632_\u0647\u0648\u06cc\u062a\u060c \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0632\u0631\u06cc\u0642 \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0648\u06cc\u0698\u0647 \u062f\u0631 \u0645\u062f\u0644 AVM1203 \u0628\u0627 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc #\u0641\u0631\u06cc\u0645\u0648\u0631 \u0642\u062f\u06cc\u0645\u06cc\u200c\u062a\u0631 \u0627\u0632 FullImg-1023-1007-1011-1009 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u067e\u06cc\u0627\u0645\u062f\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc:\n\u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f:\n\n#\u0627\u062c\u0631\u0627\u06cc_\u06a9\u062f_\u062f\u0644\u062e\u0648\u0627\u0647: \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u062c\u0631\u0627 \u06a9\u0631\u062f\u0647 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0622\u0646 \u0631\u0627 \u062f\u0631 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u0646\u062f.\n#\u0631\u062f\u06cc\u0627\u0628\u06cc_\u0648_\u0646\u0638\u0627\u0631\u062a: \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0632 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0628\u0631\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0645\u062d\u06cc\u0637 \u0648 \u062c\u0645\u0639\u200c\u0622\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u0646\u062f.\n#\u0627\u0646\u06a9\u0627\u0631_\u0633\u0631\u0648\u06cc\u0633: \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc \u0632\u06cc\u0627\u062f \u0628\u0647 \u062f\u0648\u0631\u0628\u06cc\u0646\u060c \u0622\u0646 \u0631\u0627 \u0627\u0632 \u06a9\u0627\u0631 \u0628\u06cc\u0627\u0646\u062f\u0627\u0632\u0646\u062f.\n\n\u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc:\n\u0633\u0627\u0632\u0645\u0627\u0646 CISA \u0628\u0647 \u0634\u062f\u062a \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0627\u06cc\u0646 \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u060c \u0628\u0647 \u0633\u0631\u0639\u062a \u0628\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f\u062a\u0631 \u0648 \u0627\u06cc\u0645\u0646\u200c\u062a\u0631 \u0641\u0631\u06cc\u0645\u0648\u0631 \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u0646\u062f. \u062f\u0631 \u0635\u0648\u0631\u062a \u0639\u062f\u0645 \u0627\u0631\u0627\u0626\u0647 #\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u062a\u0648\u0633\u0637 \u0634\u0631\u06a9\u062a AVTECH\u060c \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0632\u06cc\u0631 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f:\n\n#\u062c\u062f\u0627_\u06a9\u0631\u062f\u0646_\u0627\u0632_\u0634\u0628\u06a9\u0647: \u062a\u0627 \u062d\u062f \u0627\u0645\u06a9\u0627\u0646 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0631\u0627 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0627\u0635\u0644\u06cc \u062c\u062f\u0627 \u06a9\u0631\u062f\u0647 \u0648 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0627\u06cc\u0632\u0648\u0644\u0647 \u0628\u0647 \u0622\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u06cc\u062f.\n#\u062a\u063a\u06cc\u06cc\u0631_\u0631\u0645\u0632_\u0639\u0628\u0648\u0631: \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0627\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0645\u0632\u0647\u0627\u06cc \u0639\u0628\u0648\u0631 \u0642\u0648\u06cc \u0648 \u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.\n#\u0628\u0633\u062a\u0646_\u067e\u0648\u0631\u062a\u200c\u0647\u0627\u06cc_\u063a\u06cc\u0631\u0636\u0631\u0648\u0631\u06cc: \u067e\u0648\u0631\u062a\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0636\u0631\u0648\u0631\u06cc \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u062f\u0648\u0631\u0628\u06cc\u0646 \u0628\u0628\u0646\u062f\u06cc\u062f.\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 #\u0641\u0627\u06cc\u0631\u0648\u0627\u0644: \u0627\u0632 \u06cc\u06a9 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u062f\u0648\u0631\u0628\u06cc\u0646 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062d\u0645\u0644\u0627\u062a \u062e\u0627\u0631\u062c\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07\n\n\ud83d\udccd #Critical #CommandInjection #Vulnerability in #AVTECH #IP_Cameras\n\nThe #Cybersecurity and #Infrastructure_Security_Agency (#CISA) has reported a highly critical vulnerability in AVTECH IP cameras in its recent advisory (ICSA-24-214-07). This vulnerability allows #attackers to execute arbitrary commands on the system and gain full control of the device.\n\nVulnerability Description:\nThe command injection vulnerability (CVE-2024-7029) exists in the capabilities of AVTECH IP cameras, allowing attackers to inject malicious commands into the system without #authentication. This vulnerability is particularly observed in the AVM1203 model with #firmware versions older than FullImg-1023-1007-1011-1009.\n\nSecurity Implications:\nBy exploiting this vulnerability, attackers can:\n\n- Execute Arbitrary Code: Run malicious code on the device and gain complete control.\n- Surveillance and Monitoring: Use the camera for monitoring the environment and collecting information.\n- Denial of Service (DoS): Overload the camera with numerous requests, rendering it inoperative.\n\nSecurity Recommendations:\nCISA strongly advises users of these cameras to promptly upgrade to newer and more secure firmware versions. If updates are not provided by AVTECH, the following actions are recommended:\n\n- Network Isolation: Disconnect the camera from the main network and access it through an isolated network whenever possible.\n- Change Default Passwords: Update the default camera passwords to strong, unique passwords.\n- Close Unnecessary Ports: Close any unnecessary ports on the camera.\n- Use a Firewall: Implement a firewall to protect the camera from external attacks.\n\n\ud83d\udd17 To read the full article, visit:\n\n\ud83c\udf10 https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07", "creation_timestamp": "2024-08-06T15:41:06.000000Z"}, {"uuid": "7e1a3621-12ed-46de-bd96-e7c4e429f666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "Telegram/ATKwyLO_33S5FzEhV3FXjWks5VUDk6QHaV1a2eChCFd7z4Au", "content": "", "creation_timestamp": "2024-09-12T08:54:31.000000Z"}, {"uuid": "a97bede3-789a-4eea-b045-ff327c1c0843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgb4vioodc2k", "content": "", "creation_timestamp": "2025-01-21T15:05:59.779304Z"}, {"uuid": "7f6652a6-2f96-487f-81bf-e1c40e70c0ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lgbnrn4qrc2k", "content": "", "creation_timestamp": "2025-01-21T20:08:03.996209Z"}, {"uuid": "e12262b0-7018-4abb-b525-f39e16466ba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113868177472784350", "content": "", "creation_timestamp": "2025-01-21T20:15:01.783364Z"}, {"uuid": "21cab479-93a1-42c0-815c-02dc9ec17574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-04)", "content": "", "creation_timestamp": "2025-04-04T00:00:00.000000Z"}, {"uuid": "2dde0639-c084-401e-830c-fae79533aa1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-17)", "content": "", "creation_timestamp": "2025-04-17T00:00:00.000000Z"}, {"uuid": "65d82c5d-09e1-45cd-8aa9-50bf6cfc26dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "67e9f322-d753-43ee-b6af-ee7e7e174e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://gist.github.com/ichintu/a3cb3ad81c570ea7101a4805dbe477f8", "content": "", "creation_timestamp": "2026-02-28T17:00:31.000000Z"}, {"uuid": "76c211c7-1ee1-4d61-a4eb-6cae117cd27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA PoC tool for exploiting CVE-2024-7029 in AvTech devices, enabling RCE, vulnerability scanning, and an interactive shell.\nURL\uff1ahttps://github.com/ebrasha/CVE-2024-7029\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-02T10:25:33.000000Z"}, {"uuid": "61210abe-ae21-403f-933e-a4024f5f1c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/765", "content": "#exploit\n1. CVE-2024-0509:\nWP Plugin - WP 404 Auto Redirect to Similar Post\nhttps://github.com/kodaichodai/CVE-2024-0509\n\n2. CVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\nhttps://github.com/bigherocenter/CVE-2024-7029-EXPLOIT", "creation_timestamp": "2024-09-13T16:19:32.000000Z"}, {"uuid": "6bb6f175-e46f-49e6-8ae0-737fd2412405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "Telegram/PcC0zlG0v6Hw0jX-ai6bqmIbsUxBQR2MGEz4Kw_cSRZLDg", "content": "", "creation_timestamp": "2024-08-29T14:12:24.000000Z"}, {"uuid": "757df325-fe27-40d5-9c4e-6f2ec775e9d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/ViralCyber/10447", "content": "\ud83d\udd34 \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a\u06cc AVTECH \u0648 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc \u0647\u0648\u0622\u0648\u06cc\u060c \u0642\u0631\u0628\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0628\u0627\u062a\u200c\u0646\u062a Murdoc\n\n\u0645\u062d\u0642\u0642\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u062f\u0631\u0628\u0627\u0631\u0647 \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062c\u062f\u06cc\u062f \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc \u0622\u06cc\u200c\u067e\u06cc AVTECH \u0648 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc Huawei HG532 \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0646\u0648\u0639 \u0628\u0627\u062a\u200c\u0646\u062a Mirai \u0628\u0647 \u0646\u0627\u0645 Murdoc Botnet \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n\u0645\u062d\u0642\u0642 \u0627\u0645\u0646\u06cc\u062a\u06cc Qualys\u060c \u06af\u0641\u062a: \u00ab\u0641\u0639\u0627\u0644\u06cc\u062a \u062f\u0631 \u062d\u0627\u0644 \u0627\u0646\u062c\u0627\u0645 \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647\u200c\u0627\u06cc \u0631\u0627 \u062f\u0631\u0628\u0631\u0645\u06cc\u200c\u06af\u06cc\u0631\u062f \u0648 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0628\u0647 \u062e\u0637\u0631 \u0627\u0646\u062f\u0627\u062e\u062a\u0646 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627 \u0648 \u0627\u06cc\u062c\u0627\u062f \u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u0628\u0627\u062a \u0646\u062a \u06af\u0633\u062a\u0631\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f\u00bb.\n\n\u0627\u06cc\u0646 \u06a9\u0645\u067e\u06cc\u0646 \u062c\u0648\u0644\u0627\u06cc \u0662\u0660\u0662\u0664 \u0641\u0639\u0627\u0644 \u0628\u0648\u062f\u0647 \u0648 \u062a\u0627 \u0628\u0647 \u0627\u0645\u0631\u0648\u0632 \u0628\u06cc\u0634 \u0627\u0632 \u0661\u0663\u0667\u0660 \u0633\u06cc\u0633\u062a\u0645 \u0622\u0644\u0648\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06a9\u062b\u0631 \u0645\u0648\u0627\u0631\u062f \u0622\u0644\u0648\u062f\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0645\u0627\u0644\u0632\u06cc\u060c \u0645\u06a9\u0632\u06cc\u06a9\u060c \u062a\u0627\u06cc\u0644\u0646\u062f\u060c \u0627\u0646\u062f\u0648\u0646\u0632\u06cc\u060c \u0627\u06cc\u0631\u0627\u0646 \u0648 \u0648\u06cc\u062a\u0646\u0627\u0645 \u0628\u0648\u062f\u0647 \u0627\u0633\u062a.\n\n\u0637\u0628\u0642 \u0634\u0648\u0627\u0647\u062f\u060c \u0628\u0627\u062a\u200c\u0646\u062a \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0634\u0646\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0645\u0627\u0646\u0646\u062f CVE-2017-17215 \u0648 CVE-2024-7029 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0627\u0634\u06cc\u0627 (IoT) \u0648 \u062f\u0627\u0646\u0644\u0648\u062f payload \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 shell script \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n#Cybersecurity #Cyber_Attack #AVTECH #Huawei #IP_Camera #BotNet #Mirai #Murdoc #Malware #Router #DDoS #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0647\u0648\u0622\u0648\u06cc #\u0631\u0648\u062a\u0631 #\u0628\u062f\u0627\u0641\u0632\u0627\u0631 #\u0628\u0627\u062a_\u0646\u062a\n\n\u0645\u0637\u0627\u0644\u0639\u0647 \u06a9\u0627\u0645\u0644 \u062e\u0628\u0631 \ud83d\udc49\n\n\ud83c\udd94 @Takianco\n\ud83c\uddee\ud83c\uddf7", "creation_timestamp": "2025-01-25T17:33:07.000000Z"}, {"uuid": "89efe714-bdc4-4a01-beea-b0717c48ceda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/HackingInsights/11533", "content": "\u200aMirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras\n\nhttps://securityonline.info/mirai-botnet-exploits-zero-day-vulnerability-cve-2024-7029-in-avtech-ip-cameras/", "creation_timestamp": "2024-08-29T09:08:14.000000Z"}, {"uuid": "7e4a2d51-9e96-409a-8513-a92747197bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "Telegram/ZH6nMETV1d2vCX5UWiUW_N_yU4k4WOQBN5aSo88ODC93JkcT", "content": "", "creation_timestamp": "2024-08-07T01:12:01.000000Z"}, {"uuid": "3db803a5-3e6a-4021-a92f-b34c67a374fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "Telegram/gEVlUjXdJxCFBcHorvs5mrVFG1HdNjroko8PatA5H9lWhw", "content": "", "creation_timestamp": "2024-08-29T13:58:42.000000Z"}, {"uuid": "611f292c-4c03-40fb-aeb7-53e2fdb8603e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3839", "content": "The Hacker News\nUnpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks\n\nA years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.\nCVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a \"command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE),\" Akamai researchers Kyle", "creation_timestamp": "2024-08-29T14:12:21.000000Z"}, {"uuid": "9cf0e8a8-b201-4a2a-b23a-30263521900a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6057", "content": "\u041f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0432\u0441\u0435 \u043a\u0443\u0447\u043d\u043e \u0438 \u043e\u0431\u044a\u0435\u043c\u043d\u043e, \u0432\u043a\u0440\u0430\u0442\u0446\u0435 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Claroty \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c CIP \u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u041f\u041b\u041a Rockwell Automation ControlLogix.\n\n\u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0430\u044f PenTest Partners \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0\u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 KnowBe4 \u0434\u043b\u044f Windows.\n\n\u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nPenTest Partners \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u043e\u043d\u0438\u0437\u0438\u043b\u0430 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0437\u0430\u0442\u0435\u043c \u0443\u0441\u043a\u043e\u0440\u0438\u043b\u0430 \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0441\u0432\u044f\u0437\u0430\u0442\u044c\u0441\u044f \u0441 \u0435\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u043e\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cyllective \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 53 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445 \u0438\u0437 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 Atlassian. \n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043e\u043d\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u043f\u044f\u0442\u0438, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0435\u0449\u0435 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0412\u0430\u043d \u0422\u0438\u043b\u0435\u043d \u0432\u044b\u043a\u0430\u0442\u0438\u043b PoC \u0434\u043b\u044f CVE-2024-27878 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0441\u0435\u0430\u043d\u0441\u043e\u0432 AppleTalk (ASP), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c macOS \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u044f\u0434\u0440\u0430.\n\nRyotaK \u0438\u0437 Flatt Security \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 First Sequence Sync, \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0433\u043e\u043d\u043a\u0438 \u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0434\u043d\u0438\u043c \u043f\u0430\u043a\u0435\u0442\u043e\u043c.\n\n\u041c\u0435\u0442\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043e\u0447\u0435\u043d\u044c \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0437\u0430 \u043e\u0447\u0435\u043d\u044c \u043a\u043e\u0440\u043e\u0442\u043a\u0438\u0439 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u043a \u0432\u0440\u0435\u043c\u0435\u043d\u0438. RyotaK \u0434\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0430\u0442\u0430\u043a\u0438 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u043f\u0440\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0442\u043e\u043a\u0435\u043d\u0430.\n\nElastic \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445\u00a0APM \u0438 Kibana. \n\n\u0410, Progress Software, \u0441\u043e \u0441\u043b\u043e\u0432 \u0438\u0445 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0430 \u0422\u0438\u043c\u0430 \u0421\u043c\u0438\u0442\u0430, \u043d\u0435 \u0441\u043f\u0438\u0448\u0443\u0442 \u0441 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 DevOps Chef, \u0437\u0430\u0442\u044f\u043d\u0443\u0432 \u043f\u043e\u0447\u0442\u0438 \u043d\u0430 \u0433\u043e\u0434.\n\n\u0422\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0430\u044f AVTech \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0441\u0432\u043e\u0438\u0445 \u043a\u0430\u043c\u0435\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 AVM.\n\nCVE-2024-7029 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Akamai \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u043e\u0439.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u043a\u0430\u043c\u0435\u0440\u044b AVTech AVM \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438 \u043f\u0440\u043e\u0441\u0442\u044b \u0432 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b (NVR) AVTech \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b.", "creation_timestamp": "2024-08-05T14:50:05.000000Z"}, {"uuid": "7a5c0da8-c986-4f34-834e-aba2e401c5af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/true_secator/6153", "content": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 IP-\u043a\u0430\u043c\u0435\u0440\u044b AVTECH - \u043e\u0448\u0438\u0431\u043a\u0430, \u043d\u0435 \u0441\u043b\u044b\u0448\u0430\u043b\u0438 \u043f\u0440\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 IoT-\u0431\u043e\u0442\u043d\u0435\u0442 Corona - \u0444\u0430\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 IoT-\u0431\u043e\u0442\u043d\u0435\u0442\u0430\u043c\u0438 \u043d\u0443\u043b\u044f \u0432 \u043a\u0430\u043c\u0435\u0440\u0430\u0445 \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f AVTECH, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438.\n\n0-day \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 (CVE-2024-7029, \u043e\u0446\u0435\u043d\u043a\u0430 CVSS v4: 8,7) \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u043e\u0432\u043a\u0438 \u044f\u0440\u043a\u043e\u0441\u0442\u0438 \u043a\u0430\u043c\u0435\u0440\u044b AVTECH.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u043e \u0441\u0435\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 IP-\u043a\u0430\u043c\u0435\u0440\u044b AVTECH AVM1203, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e Fullmg-1023-1007-1011-1009.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u0443\u0436\u0435 \u0441 2019 \u0433\u043e\u0434\u0430, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-7029 \u043d\u0435\u0442, \u0438 \u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a \u043d\u0435 \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c PoC \u0434\u043b\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2019 \u0433\u043e\u0434\u0430, \u043d\u043e CVE \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0432\u0435\u0434\u044c \u0440\u0430\u043d\u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0439 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0431\u043e\u0442\u043d\u0435\u0442 Corona, \u0432\u0430\u0440\u0438\u0430\u043d\u0442 Mirai, \u0442\u0435\u043f\u0435\u0440\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u043f\u044f\u0442\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438 \u0432 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 EoL.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c 18 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430, \u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u0447\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0435\u0449\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 Corona \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-7029 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u041f\u043e\u0441\u043b\u0435 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u0441\u0432\u043e\u0438\u043c C2 \u0438 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u043f\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DDoS.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f Corona:\n\n- CVE-2017-17215: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Huawei, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 UPnP.\n\n- CVE-2014-8361: RCE \u0432 Realtek SDK, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043b\u0443\u0436\u0431\u0443 HTTP.\n\n- Hadoop YARN RCE: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438 Hadoop YARN (Yet Another Resource Negotiator), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430\u0445 Hadoop.\n\nAkamai \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 AVTECH \u043e \u043d\u0443\u043b\u0435 \u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043d\u0435 \u043e\u0442\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b \u0438 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c IP-\u043a\u0430\u043c\u0435\u0440 AVTECH AVM1203 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u043c\u0438 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u043c\u043e\u0434\u0435\u043b\u044f\u043c\u0438.", "creation_timestamp": "2024-08-30T17:45:29.000000Z"}, {"uuid": "180fdd16-08f8-41e7-9cd3-2146213d8205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6173", "content": "\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.\n\nGoogle \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Chrome 128 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f 8 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 6 \u0448\u0435\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 Chrome CVE-2024-7971 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a \u043d\u0443\u043b\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 Citrine Sleet, \u0447\u0442\u043e \u0434\u043b\u044f \u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0441\u0442\u0430\u043b\u043e \u0443\u0436\u0435 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0435\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, PixiePoint \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 CVE-2024-38106, \u043d\u0443\u043b\u0435 \u0432 \u044f\u0434\u0440\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c Citrine Sleet \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e.\n\nSecureLayer7 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 CVE-2024-37084 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Skipper Spring Cloud Data Flow, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0438\u044e\u043b\u0435.\n\nRCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u043e\u0440\u0430 Yaml, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0447\u0442\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 YAML.\n\nVMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Fusion, \u0430 \u0434\u043b\u044f \u043a\u0430\u043c\u0435\u0440 AVTech \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 PoC\u00a0(\u0441\u0442\u0430\u0440\u044b\u0439 \u0437\u0434\u0435\u0441\u044c), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e 0-day CVE-2024-7029, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Fudgedotdotdot \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043e\u0431\u0437\u043e\u0440 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u043e\u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421\u0430\u0439\u0431\u0435\u0440\u041e\u041a \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0427\u0435\u0440\u043d\u0435\u043d\u044c\u043a\u043e\u0432 \u0438 \u0421\u0435\u0440\u0433\u0435\u0439 \u0413\u043e\u0440\u0434\u0435\u0439\u0447\u0438\u043a, \u043e\u043a\u0430\u0437\u0430\u0432\u0448\u0438\u0435 \u043f\u043e\u043c\u043e\u0449\u044c \u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Webmin, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 Loop DoS (CVE-2024-2169). \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Webmin - \u044d\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1 000 000 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \n\nWebmin/Virtualmin \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 UDP, \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0435 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 UDP/10000.\n\n\u042d\u0442\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 UDP IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0438 \u043f\u043e\u0440\u0442\u043e\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u0422\u0430\u043a\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 Loop DoS \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 UDP \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c ip-\u043f\u043e\u0440\u0442\u043e\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430 Webmin, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c\u0443 \u043e\u0431\u043c\u0435\u043d\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0445\u043e\u0441\u0442\u0430\u043c\u0438, \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DOS) \u0438/\u0438\u043b\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438.", "creation_timestamp": "2024-09-05T19:00:06.000000Z"}, {"uuid": "ab35fe63-da85-4ef6-97fc-5ffdc826b9f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/thehackernews/5491", "content": "\ud83d\udea8 A severe vulnerability in AVTECH IP cameras (CVE-2024-7029) is now being weaponized by hackers, creating a botnet. Unpatched & easily exploitable, this flaw poses a massive risk to commercial, financial, and healthcare sectors. \n \nRead: https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html", "creation_timestamp": "2024-08-29T13:06:15.000000Z"}, {"uuid": "2e9d0330-c48e-41c4-b4aa-60a5df9b745d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7029", "type": "exploited", "source": "https://t.me/CNArsenal/3157", "content": "https://github.com/bigherocenter/CVE-2024-7029-EXPLOIT\n\nCVE-2024-7029:\nAVTECH CCTV Camera Command Injection\n(Mirai Botnet is back in the game...)\n#github #exploit", "creation_timestamp": "2024-09-12T09:47:20.000000Z"}]}