{"vulnerability": "cve-2023-2017", "sightings": [{"uuid": "790fe37c-6826-4562-ab0f-0896e36b1895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/kasperskyb2b/737", "content": "\ud83e\ude79\ud83e\ude79\ud83e\ude79\u0421\u0432\u0435\u0436\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 Cisco\n\n\u0412 \u0438\u044e\u043b\u0435 Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 5 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0437\u0430\u043a\u0440\u044b\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 AnyConnect/Security Client Software for Windows, Nexus 9000, WebEx, Duo Auth Proxy \u0438 BroadWorks.\n\nCVE-2023-20185 (CVSS 7.2) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u0441\u0435\u0440\u0438\u0438 Nexus 9000, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f  ACI Multi-Site  \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 CloudSec. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442  \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0442\u044c \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0441\u0430\u0439\u0442\u0430\u043c\u0438. \u0425\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u0451 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c. \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c Cloudsec \u0438 \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430.  \u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e Cisco, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 \u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 ACI \u2014 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435. \n\nCVE-2023-20178 (CVSS 7.8) \u0432 Anyconnect \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e System, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Cisco. \u0420\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u043f\u043e \u0441\u0447\u0430\u0441\u0442\u044c\u044e \u0434\u043b\u044f Anyconnect \u043e\u043d\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u0431\u0435\u0437\u0431\u043e\u043b\u0435\u0437\u043d\u0435\u043d\u043d\u043e \u0438 \u0432 \u0446\u0435\u043b\u043e\u043c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438.\n\n\u041f\u0430\u0440\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Webex (CVE-2023-20133 \u0438 -20180, CVSS 5.4 \u0438 4.3) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c XSS- \u0438 CSRF-\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0431-\u043a\u043b\u0438\u0435\u043d\u0442\u0430 Webex Meetings, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044f \u0435\u0433\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0438 Webex, \u0438 \u0442.\u043f.  \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0438\u0441, \u0432\u0441\u0451 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e.\n\nCVE-2023-20210 (CVSS 6.0) - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 Cisco Broadworks. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u041f\u0430\u0442\u0447\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 Broadworks.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-10T08:41:10.000000Z"}, {"uuid": "031f704c-cc1f-4f34-9c27-0d050e223800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/kasperskyb2b/679", "content": "\u26a1\ufe0fCisco Patch... Wednesday\n\n\u041d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043c\u0435\u0441\u044f\u0446\u0430, Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u0436 7 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cisco Expressway, Telepresence Video Communication Server, UC manager IM, Adaptive security Appliance, Anyconnect \u0438 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 \u0434\u043b\u044f \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f\u00bb  (CVE-2023-20105 \u0438 -20192, CVSS 9.6) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 Cisco Expressway \u0438 Telepresence VCS. \u0414\u0435\u0444\u0435\u043a\u0442 \u043b\u043e\u0433\u0438\u043a\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0435 \u0441\u043c\u0435\u043d\u044b \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c.\n\n\u0412\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Cisco ASA \u0438 FTD (CVE-2023-20006, CVSS 8.6) \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 TLS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a DoS.\n\n\u0412 Anyconnect, \u0438\u043c\u0435\u044e\u0449\u0435\u043c \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0434\u043d\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Cisco Secure Client Software for Windows, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e SYSTEM. (CVE-2023-20178, CVSS 7.8) \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 Unified Communications Manager IM \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (CVE-2023-20108, CVSS 7.5).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-06-08T10:30:23.000000Z"}, {"uuid": "0910fcff-04d5-42a0-82c0-6e9965a610c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/ctinow/120056", "content": "https://ift.tt/vZY6Ibn\nPoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)", "creation_timestamp": "2023-06-23T16:22:46.000000Z"}, {"uuid": "faff29cd-279d-4a0d-9ee5-1061d336036f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/119797", "content": "https://ift.tt/XNgzIRh\nResearchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect Secure", "creation_timestamp": "2023-06-22T17:52:30.000000Z"}, {"uuid": "ad8cda57-e731-4783-bb2d-466da3e19c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20177", "type": "seen", "source": "https://t.me/cibsecurity/73358", "content": "\u203c CVE-2023-20177 \u203c\n\nA vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T19:39:02.000000Z"}, {"uuid": "946d475d-6d2c-4a89-bc86-b9daea3c0f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3088", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - HackersFactory\n\n\u200b\u200bCVE-2023-25610\n\nRCE vulnerability in FortiOS\n\nhttps://github.com/qi4L/CVE-2023-25610\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-29343\n\nThis is PoC for arbitrary file write bug in Sysmon version 14.14\n\nhttps://github.com/Wh04m1001/CVE-2023-29343\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bBufferOverflowAttack\n\n\ud83d\udd10 Explores techniques to exploit and manipulate buffer overflow vulnerabilities in a program.\n\nhttps://github.com/minsooerickim/BufferOverflowAttack\n\n#infosec #pentesting #redteam\n\n\u200b\u200bScanners-Box\n\nA powerful and open-source toolkit for hackers and security automation.\n\nhttps://github.com/We5ter/Scanners-Box\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-20178\n\nThis is PoC for Arbitrary File Delete vulnerability in Cisco Secure Client (tested on 5.0.01242) and Cisco AnyConnect (tested on 4.10.06079).\n\nhttps://github.com/Wh04m1001/CVE-2023-20178\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bActive Directory Advanced Threat Hunting\n\nIdentify vulnerabilities before others do!\n\nhttps://github.com/tomwechsler/Active_Directory_Advanced_Threat_Hunting\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bbug-bounty-standards\n\nA list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.\n\nhttps://github.com/hakluke/bug-bounty-standards\n\n#cybersecurity #infosec #bugbounty\n\n\u200b\u200bWeb3Bugs\n\nDemystifying Exploitable Bugs in Smart Contracts.\n\nhttps://github.com/ZhangZhuoSJTU/Web3Bugs\n\n#cybersecurity #infosec\n\n\u200b\u200b\ud83d\udd11 Mantra\n\nA tool used to hunt down API key leaks in JS files and pages.\n\nhttps://github.com/MrEmpy/Mantra\n\n#infosec #pentesting #redteam\n\n\u200b\u200biOS Penetration Testing Cheat Sheet\n\nThis is more of a checklist for myself. May contain useful tips and tricks.\n\nhttps://github.com/ivan-sincek/ios-penetration-testing-cheat-sheet\n\nhttps://t.me/dilagrafie\n\n#cybersecurity #infosec #pentesting", "creation_timestamp": "2023-06-20T05:09:47.000000Z"}, {"uuid": "405c0913-5745-4503-bd08-1598d83c91bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/JerusalemElectronicArmy/358", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631 \n\n\u0634\u0631\u0643\u0629 \u0633\u064a\u0633\u0643\u0648 \u062a\u0639\u0644\u0646 \u0639\u0646 \u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a Cisco Secure Client\u060c \u0648\u0627\u0644\u062a\u064a \u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0648\u0627\u0644\u062a\u062d\u0643\u0645 \u0628\u062c\u0647\u0627\u0632 \u0627\u0644\u0636\u062d\u064a\u0629 (CVE-2023-20178 CVSS Score 7.8).\n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-06-10T08:33:18.000000Z"}, {"uuid": "9d1399e2-1f0d-497c-adf1-092441cb29d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/50148", "content": "PoC Exploit Published for Cisco AnyConnect Secure Vulnerability\nhttps://www.securityweek.com/poc-exploit-published-for-cisco-anyconnect-secure-vulnerability/\n\nA security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure.\nThe post PoC Exploit Published for Cisco AnyConnect Secure Vulnerability (https://www.securityweek.com/poc-exploit-published-for-cisco-anyconnect-secure-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-06-22T16:42:52.000000Z"}, {"uuid": "4234d70a-88a6-4879-aebb-08ff1f423e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1039", "content": "", "creation_timestamp": "2023-06-08T04:00:00.000000Z"}, {"uuid": "df6dddf8-35eb-4aee-a0f8-a99b10b8a443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "Telegram/Z42dUL5SlpUKhzaB8z2JtVDGF4e8DZjU4NsnyrTR2CVbxw", "content": "", "creation_timestamp": "2023-06-27T08:09:48.000000Z"}, {"uuid": "2ffdd5e5-8324-4323-ae57-694969949983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/true_secator/4479", "content": "Cisco \u0438 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nVMware\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430\u00a0\u0442\u0440\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Aria Operations for Networks, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 RCE.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2023-20887\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434.\n\n\u0422\u0430\u043a\u0436\u0435 VMware \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0443\u044e\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438\u00a0(CVE-2023-20888) \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,1. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a Aria Operations for Networks \u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0440\u043e\u043b\u0438 \u00ab\u0447\u043b\u0435\u043d\u00bb \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a RCE.\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u2014 \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CVE-2023-20889\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 8,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 VMware Aria Operations Networks \u0432\u0435\u0440\u0441\u0438\u0438 6.x, \u0431\u044b\u043b\u0438\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b\u00a0\u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445: 6.2 - 6.10, \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442.\n\nCisco\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Expressway \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0432\u0438\u0434\u0435\u043e\u0441\u0432\u044f\u0437\u0438 TelePresence (VCS).\n\nCVE-2023-20105 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,6) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u0435\u043d\u0438\u0435\u00bb \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u00ab\u0447\u0442\u0435\u043d\u0438\u044f-\u0437\u0430\u043f\u0438\u0441\u0438\u00bb. \n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-20192 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 8,4 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0434\u043b\u044f CVE-2023-20192 Cisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f CLI \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f.\u00a0\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0440\u0435\u0448\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 14.2.1 \u0438 14.3.0 VCS \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Cisco Secure Client (\u0440\u0430\u043d\u0435\u0435 AnyConnect Secure Mobility Client), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20178) \u0432 \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 AnyConnect Secure Mobility Client \u0434\u043b\u044f Windows 4.10MR7 \u0438 Cisco Secure Client \u0434\u043b\u044f Windows 5.0MR2.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u0430\u044f-\u043b\u0438\u0431\u043e \u0438\u0437 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0438 \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.", "creation_timestamp": "2023-06-08T13:51:47.000000Z"}, {"uuid": "35bfc573-b5db-4b1b-afe7-80dcf0c3d62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20179", "type": "seen", "source": "https://t.me/cibsecurity/71140", "content": "\u203c CVE-2023-20179 \u203c\n\nA vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T22:36:04.000000Z"}, {"uuid": "67b2d19e-499b-449c-91ba-203ece2872d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2017", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8162", "content": "#exploit\n1. CVE-2023-21036,\u00a0CVE-2023-28303:\naCropalypse Vulnerability and Restoration of GIF Images\nhttps://zenn.dev/heriet/articles/acropalypse-gif\n]-&gt; https://github.com/heriet/acropalypse-gif\n\n2. CVE-2023-2017:\nShopware 6 Server-side Template Injection (SSTI) via Twig Security Extension\nhttps://starlabs.sg/advisories/23/23-2017", "creation_timestamp": "2023-04-22T12:47:01.000000Z"}, {"uuid": "fb429deb-7aff-4113-88ad-c42c4a6b300c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8517", "content": "#exploit\n1. CVE-2023-20178:\nArbitrary File Delete vulnerability in Cisco Secure Client/Cisco AnyConnect\nhttps://github.com/Wh04m1001/CVE-2023-20178\n\n2. CVE-2023-29343:\nArbitrary file write bug in Sysmon v.14.14\nhttps://github.com/Wh04m1001/CVE-2023-29343", "creation_timestamp": "2023-06-19T11:00:37.000000Z"}, {"uuid": "be1f4acf-f0a9-4ebf-947b-65a6c215f25b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20170", "type": "seen", "source": "https://t.me/cibsecurity/73371", "content": "\u203c CVE-2023-20170 \u203c\n\nA vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T21:22:05.000000Z"}, {"uuid": "bb1473c9-df9d-4313-ab07-d1b637d1471c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20170", "type": "seen", "source": "Telegram/oGEMDKv06EBepO_piFKcqtS6oaG85zjqW9aG0eYTREhtZAI", "content": "", "creation_timestamp": "2023-11-07T16:30:36.000000Z"}, {"uuid": "94a06bbf-39bf-4ee6-91b6-49b141734834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20175", "type": "seen", "source": "Telegram/oGEMDKv06EBepO_piFKcqtS6oaG85zjqW9aG0eYTREhtZAI", "content": "", "creation_timestamp": "2023-11-07T16:30:36.000000Z"}, {"uuid": "42d7336f-6f30-4efa-97dd-c2a4ab1ad07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3710", "content": "\ud83d\udda5Dataleak:\n\n\ud83d\udd31DataLeak uprint_id : https://www.system32.ink/2023/06/DataLeak-uprint.id.html\n\n\ud83d\udd31Leak RaidForums  : https://www.system32.ink/2023/06/leak-raidforums-database-by-exposedvc.html\n\n\ud83d\udd31Leak Santander bank Mexico : https://www.system32.ink/2023/06/leak-santander-bank-mexico.html\n\n\ud83d\udd31Leak Tour Partner Group (tourpartnergroup.com) : https://www.system32.ink/2023/06/leak-tour-partner-group.html\n\n\ud83d\udda5Exploits:\n\n\ud83d\udd31MiniDLNA &lt;=1.3.2 (CVE-2023-33476) Exploits : https://www.system32.ink/2023/06/minidlna-132-cve-2023-33476-exploits.html\n\n\ud83d\udd31CVE-2023-20178 PoC for Arbitrary File Delete vulnerability in Cisco Secure Client : https://www.system32.ink/2023/06/cve-2023-20178-poc-for-arbitrary-file.html\n\n\ud83d\udd31CVE-2023-25610  RCE vulnerability in FortiOS : https://www.system32.ink/2023/06/cve-2023-25610-rce-vulnerability-in.html\n\n\ud83d\udd31CVE-2023-30777 Exploit Reflected XSS vulnerability in the Advanced Custom Fields WordPress plugin : https://www.system32.ink/2023/06/cve-2023-30777-exploit-reflected-xss.html\n\n\ud83d\udda5Rat:\n\n\ud83d\udd31GCR-Google-Calendar-RAT : https://www.system32.ink/2023/06/gcr-google-calendar-rat.html\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31Mantra - A tool used to hunt down API key leaks in JS files and pages : https://www.system32.ink/2023/06/mantra-tool-used-to-hunt-down-api-key.html\n\n\ud83d\udd31IIS Short Name Scanner - 2012-2023 : https://www.system32.ink/2023/06/iis-short-name-scanner-2012-2023.html\n\n@crackcodes | crackcodes.in | system32.ink", "creation_timestamp": "2023-06-21T14:59:33.000000Z"}, {"uuid": "0ffe585f-cfad-4ca2-a414-8994cab3bee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20173", "type": "seen", "source": "https://t.me/cibsecurity/64375", "content": "\u203c CVE-2023-20173 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:17.000000Z"}, {"uuid": "6eef611e-1355-41de-8649-e7b5cfe5f46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20172", "type": "seen", "source": "https://t.me/cibsecurity/64373", "content": "\u203c CVE-2023-20172 \u203c\n\nMultiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:15.000000Z"}, {"uuid": "29e3f66d-1c0a-4eb0-8c73-4d87109824ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20171", "type": "seen", "source": "https://t.me/cibsecurity/64370", "content": "\u203c CVE-2023-20171 \u203c\n\nMultiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:09.000000Z"}, {"uuid": "64b43799-107c-47c5-b157-35cea97b0739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20174", "type": "seen", "source": "https://t.me/cibsecurity/64359", "content": "\u203c CVE-2023-20174 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:31:53.000000Z"}, {"uuid": "d8eccd04-4f68-474a-b769-6430d3a42e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/cibsecurity/65611", "content": "\u203c CVE-2023-20178 \u203c\n\nA vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-28T18:13:01.000000Z"}, {"uuid": "f88b9c62-7135-466f-bfbc-b46dc9fa53aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2017", "type": "seen", "source": "https://t.me/cibsecurity/62268", "content": "\u203c CVE-2023-2017 \u203c\n\nServer-side Template Injection (SSTI) in Shopware 6 (&lt;= v6.4.20.0, v6.5.0.0-rc1 &lt;= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\\Core\\Framework\\Adapter\\Twig\\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-17T14:29:22.000000Z"}]}