{"vulnerability": "cve-2023-3324", "sightings": [{"uuid": "af5f2574-72fd-4b2c-a8c2-490917f22385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/31ef4cd6-0aac-4a34-9e6d-b07df6ae239f", "content": "", "creation_timestamp": "2026-02-02T12:26:51.618333Z"}, {"uuid": "7021661a-2f21-46bd-9a40-fc64f74bb866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "cf25a5f0-32a8-4d3f-8106-e1fb5978b1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "618f0813-c43a-4d52-a495-725f094c7daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "e31c8637-9de4-4480-b987-e1b28987c917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "2342601f-16b0-4679-9118-43a5ad48cfdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/31ef4cd6-0aac-4a34-9e6d-b07df6ae239f", "content": "", "creation_timestamp": "2026-02-02T12:26:51.618333Z"}, {"uuid": "cc361d8a-6e28-49ca-81ba-f8fde8117d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "04c0b789-9e8e-4475-8e09-84a43a8bec2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/doyensec/detectors/rocketmq_rce_cve_2023_33246", "content": "", "creation_timestamp": "2024-10-22T20:23:03.000000Z"}, {"uuid": "4e0fd235-587d-411d-8a30-0c1bede6289b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4515", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRocketMQ RCE (CVE-2023-33246) woodpecker \u5229\u7528\u63d2\u4ef6\nURL\uff1ahttps://github.com/v0ita/rocketMq_RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-08T06:52:41.000000Z"}, {"uuid": "294d2877-409a-4310-9d3e-51abd12e2a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4552", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-33246\nURL\uff1ahttps://github.com/hheeyywweellccoommee/CVE-2023-33246-dgjfd\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-13T04:13:22.000000Z"}, {"uuid": "72950536-cc8e-41b5-92ba-eca4a6ea281e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4466", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache RocketMQ \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e(CVE-2023-33246) Exploit\nURL\uff1ahttps://github.com/Le1a/CVE-2023-33246\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-01T02:21:39.000000Z"}, {"uuid": "8800a3c8-b8d7-4690-b88f-d84710bf44fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4497", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache RocketMQ \u6f0f\u6d1e\u5229\u7528\u5de5\u5177\nURL\uff1ahttps://github.com/Serendipity-Lucky/CVE-2023-33246\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-06T11:28:27.000000Z"}, {"uuid": "747ef844-19a5-4d04-b254-508430a260d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4471", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-33246 RocketMQ RCE Exploit\nURL\uff1ahttps://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-01T14:53:39.000000Z"}, {"uuid": "c5789a3e-e52c-4caf-b9ec-4f8479f1c45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4468", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache RocketMQ \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e(CVE-2023-33246) Exploit\nURL\uff1ahttps://github.com/SuperZero/CVE-2023-33246\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-01T07:27:01.000000Z"}, {"uuid": "c74526e6-beda-45e8-8596-7fcb584d07eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4475", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-33246\uff1aApache RocketMQ \u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u68c0\u6d4b\u5de5\u5177\nURL\uff1ahttps://github.com/CKevens/CVE-2023-33246\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-02T01:44:35.000000Z"}, {"uuid": "e70a8d4f-8344-4dde-a9bf-b6bb0a16288d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4569", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRocketMQ RCE (CVE-2023-33246) woodpecker \u5229\u7528\u63d2\u4ef6\nURL\uff1ahttps://github.com/cr1me0/rocketMq_RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-16T00:40:53.000000Z"}, {"uuid": "eef5794d-a596-473e-a39c-324490033890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4924", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-33242  PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-33242\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-15T13:54:41.000000Z"}, {"uuid": "9ae2b436-4e9b-4177-a899-8ade0f2305a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5087", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA tool to fetch the RocketMQ broker configuration in order to discover indicators of compromise for CVE-2023-33246\nURL\uff1ahttps://github.com/vulncheck-oss/fetch-broker-conf\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-05T11:24:47.000000Z"}, {"uuid": "aaeb48f4-8ca9-4e50-aa4f-d4cc82ee665b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33248", "type": "published-proof-of-concept", "source": "https://t.me/b4ckc0nn3ct/59", "content": "\u041f\u043e\u043a\u0430 \u0432 \u043c\u0438\u0440\u0435 \u0435\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0435 \u043f\u0440\u0435\u043a\u0440\u0430\u0441\u043d\u044b\u0435 \u043a\u0430\u043c\u0440\u0430\u0434\u044b, \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e \u0441\u043f\u0430\u0442\u044c \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0431\u0443\u0434\u0435\u0442. \u0413\u0440\u0443\u043f\u043f\u0430 \u0442\u043e\u0432\u0430\u0440\u0438\u0449\u0435\u0439 \u043a\u0440\u0430\u0439\u043d\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u043e\u0440\u043e\u0447\u0438\u043b\u0430\u0441\u044c \u0438 \u043d\u0430\u043f\u0438\u0441\u0430\u043b\u0430 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0441\u044f\u043a\u0438\u0445 \u0430\u043b\u0435\u043a\u0441, \u0441\u0438\u0440\u0438 \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0433\u0443\u0433\u043b\u0430\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043e\u0432, \u043d\u043e \u0442\u0430\u043a, \u0447\u0442\u043e\u0431\u044b \u043d\u0438\u043a\u0442\u043e \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0441\u043b\u044b\u0448\u0430\u043b.\n\u0421\u0443\u0442\u044c \u0432 \u0447\u0451\u043c: \u043c\u043e\u0436\u043d\u043e \u043d\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044f\u0441\u044c \u0434\u0430\u0432\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0447\u0435\u0440\u0435\u0437 \u0430\u0443\u0434\u0438\u043e \u0432 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0435 16-22 kHz, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u044b\u0448\u0438\u0442 \u0436\u0430\u043b\u043a\u0438\u0439 \u043f\u0440\u043e\u0446\u0435\u043d\u0442 \u043b\u044e\u0434\u0435\u0439. \u0410 \u0432\u043e\u0442 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u044b \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u043e\u0432 \u0435\u0433\u043e \u043e\u0442\u043b\u0438\u0447\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0438 \u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u043b\u044e\u0431\u043e\u0435 \u043d\u0443\u0436\u043d\u043e\u0435 \u0442\u0435\u0431\u0435 \"\u043f\u0440\u0438\u0432\u0435\u0442, \u0410\u043b\u0438\u0441\u0430\". \u0412 \u044d\u0442\u043e\u043c, \u0432\u0440\u043e\u0434\u0435 \u0431\u044b, \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043d\u0435\u0442, \u043a\u0440\u043e\u043c\u0435 \u043c\u0430\u043b\u044e-\u044e-\u044e\u0441\u0435\u043d\u044c\u043a\u043e\u0433\u043e \u043d\u044e\u0430\u043d\u0441\u0430. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043d\u0435 \u043d\u0430\u0434\u043e \u0441\u0442\u043e\u044f\u0442\u044c \u0440\u044f\u0434\u043e\u043c \u0441 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u044b.\nhttps://www.usenix.org/system/files/sec23fall-prepub-261-xia-qi.pdf\n\u0412\u0441\u0451 \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043a\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u044d\u0442\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0438 \u0432\u044b\u0434\u0430\u043b\u0438 \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u044b\u0439 CVE. https://nvd.nist.gov/vuln/detail/CVE-2023-33248", "creation_timestamp": "2023-06-02T15:29:07.000000Z"}, {"uuid": "43f8b249-3072-4b5b-a415-a1823d4ccfaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://t.me/itsec_news/3173", "content": "\u200b\u26a1\ufe0f\u0421\u043a\u0440\u044b\u0442\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430: Apache RocketMQ \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0435 \u0432\u0438\u0434\u0438\u0442 \u0434\u0430\u0436\u0435 Shodan\n\n\ud83d\udcac CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u043e \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0435\u043b\u044c\u0437\u044f \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-33246 (CVSS: 9.8), \u0432\u043b\u0438\u044f\u044e\u0449\u0430\u044f \u043d\u0430 Apache RocketMQ, \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b Apache RocketMQ, \u0432\u043a\u043b\u044e\u0447\u0430\u044f NameServer, Broker \u0438 Controller, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u044d\u043a\u0441\u0442\u0440\u0430\u0441\u0435\u0442\u0438 \u0438 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 RocketMQ. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0432 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 RocketMQ.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Apache RocketMQ 5.1.0 \u0438 \u043d\u0438\u0436\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.1.1 \u0438 \u0432\u044b\u0448\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f RocketMQ 5.x \u0438\u043b\u0438 4.9.6 \u0438 \u0432\u044b\u0448\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f RocketMQ 4.x.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Apache \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043c\u0430\u0435 , \u043d\u043e CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 KEV \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f VulnCheck \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0451\u0442\u0443 VulnCheck, \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a CVE-2023-33246 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0431\u0440\u043e\u043a\u0435\u0440\u0430 RocketMQ, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434. \u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f \u0441 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u0440\u0442\u0430\u043c\u0438 \u0431\u0440\u043e\u043a\u0435\u0440\u0430 RocketMQ (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e 10909 \u0438 10911). \u041d\u0438 Shodan, \u043d\u0438 Censys \u043d\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b, \u0447\u0442\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e CVE-2023-33246 \u0441\u0432\u044f\u0437\u0430\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u043e\u0434\u043d\u0438\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043d\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440 RocketMQ \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u0422\u0430\u043a\u0436\u0435 CISA \u043f\u043e\u0440\u0443\u0447\u0438\u043b\u043e \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a 27 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-09-11T07:37:58.000000Z"}, {"uuid": "5b0a90e6-ba08-4bd2-a8a3-4a095e70dbb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://t.me/itsec_news/3192", "content": "\u200b\u26a1\ufe0f\u041a\u0430\u0440\u0442\u0438\u043d\u043a\u0438 WebP \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043e\u0440\u0443\u0436\u0438\u0435\u043c: Mozilla \u0438 Google \u0431\u043e\u0440\u044e\u0442\u0441\u044f \u0441 0day \u0432 \u0441\u0432\u043e\u0438\u0445 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445.\n\n\ud83d\udcac Mozilla \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Firefox \u0438 Thunderbird, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 CVE-2023-4863 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f WebP. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0430\u043c\u044f\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443.\n\n\u041e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Apple Security Engineering and Architecture (SEAR) \u0438 Citizen Lab \u0432 \u0448\u043a\u043e\u043b\u0435 \u041c\u0443\u043d\u043a\u0430 \u043f\u0440\u0438 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0435 \u0422\u043e\u0440\u043e\u043d\u0442\u043e. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u0432 Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1 \u0438 Thunderbird 115.2.2.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-33246 (CVSS: 9.8), \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 Apache RocketMQ, \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 RocketMQ. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0432 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 RocketMQ.\n\n\u0422\u0430\u043a\u0436\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u043d\u0430 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0435 Reddit \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0435 AtlasVPN \u0434\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0436\u0435\u043b\u0430\u0432\u0448\u0438\u0439 \u043e\u0441\u0442\u0430\u0442\u044c\u0441\u044f \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u043c, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b \u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442, \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0432 \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043d\u0430 \u0441\u0432\u043e\u0451\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c\u0443 IP-\u0430\u0434\u0440\u0435\u0441\u0443 \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f Linux-\u0432\u0435\u0440\u0441\u0438\u0438 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-09-13T07:40:04.000000Z"}, {"uuid": "db60593a-81d9-4a9b-8c3a-9e2c6981c377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4551", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-33246\nURL\uff1ahttps://github.com/Devil0ll/CVE-2023-33246\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-13T03:28:03.000000Z"}, {"uuid": "18bd96cd-d59a-479f-bc5d-981d275f4465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3403", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33246\n\ud83d\udd25 CVSS Score: 9.8 (CVSS_V3)\n\ud83d\udd39 Description: For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.\u00a0\n\nSeveral components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.\u00a0\n\nTo prevent these attacks, users are recommended to upgrade to version 5.1.1 or above\u00a0for using RocketMQ 5.x\u00a0or 4.9.6 or above for using RocketMQ 4.x .\n\ud83d\udccf Published: 2023-07-06T21:15:04Z\n\ud83d\udccf Modified: 2025-01-29T22:00:17Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2023-33246\n2. https://github.com/apache/rocketmq/commit/9d411cf04a695e7a3f41036e8377b0aa544d754d\n3. https://github.com/apache/rocketmq/commit/c3ada731405c5990c36bf58d50b3e61965300703\n4. https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT\n5. https://github.com/apache/rocketmq\n6. https://github.com/jakabakos/CVE-2023-33246_Apache_RocketMQ_RCE\n7. https://lists.apache.org/thread/1s8j2c8kogthtpv3060yddk03zq0pxyp\n8. https://www.vicarius.io/vsociety/posts/rocketmq-rce-cve-2023-33246-33247\n9. http://packetstormsecurity.com/files/173339/Apache-RocketMQ-5.1.0-Arbitrary-Code-Injection.html\n10. http://www.openwall.com/lists/oss-security/2023/07/12/1", "creation_timestamp": "2025-01-29T22:10:53.000000Z"}, {"uuid": "c64ca8f3-80a4-42d6-8515-f0f99f4a4cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4333", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37582\n\ud83d\udd25 CVSS Score: 9.8 (CVSS_V3)\n\ud83d\udd39 Description: The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n\ud83d\udccf Published: 2023-07-12T12:31:36Z\n\ud83d\udccf Modified: 2025-02-13T19:00:52Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2023-37582\n2. https://github.com/apache/rocketmq\n3. https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\n4. http://www.openwall.com/lists/oss-security/2023/07/12/1", "creation_timestamp": "2025-02-13T19:21:34.000000Z"}, {"uuid": "ed3adcbe-b1e5-4579-9dba-0b2aea639e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/BleepingComputer/18098", "content": "Latest news and stories from BleepingComputer.com\nCISA warns of critical Apache RocketMQ bug exploited in attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical-severity issue tracked as CVE-2023-33246 that affects Apache's RocketMQ distributed messaging and streaming platform. [...]", "creation_timestamp": "2023-09-08T00:14:24.000000Z"}, {"uuid": "42827c64-9ad1-4a0c-bf80-1a3ebc9317f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://t.me/BleepingComputer/18095", "content": "\u200aCISA warns of critical Apache RocketMQ bug exploited in attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical-severity issue tracked as CVE-2023-33246 that affects Apache's RocketMQ distributed messaging and streaming platform. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-apache-rocketmq-bug-exploited-in-attacks/", "creation_timestamp": "2023-09-07T23:48:22.000000Z"}, {"uuid": "de8593ec-f704-45e6-b105-69b1325a8469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://t.me/BleepingComputer/19173", "content": "\u200aHackers target Apache RocketMQ servers vulnerable to RCE attacks\n\nSecurity researchers are detecting hundreds of IP addresses on a daily basis that scan\u00a0or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as\u00a0CVE-2023-33246 and\u00a0CVE-2023-37582. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-target-apache-rocketmq-servers-vulnerable-to-rce-attacks/", "creation_timestamp": "2024-01-05T18:42:26.000000Z"}, {"uuid": "387e727d-3a95-4b85-b38c-72457056c2ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/65", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043e\u0431 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 CVE-2023-37582 \u0432 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NameServer \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 Apache RocketMQ.\n\nApache RocketMQ - \u044d\u0442\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u043f\u043e\u0442\u043e\u043a\u043e\u0432\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043e\u0442 Alibaba \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043d\u0438\u0437\u043a\u0443\u044e \u0437\u0430\u0434\u0435\u0440\u0436\u043a\u0443, \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0438 \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0435\u043c\u043a\u043e\u0441\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442, \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-33246 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 NameServer, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 tcp/9876 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Broker.\n\nPOC \u043d\u0438\u0436\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b\u0438\u043a \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0434\u043b\u044f \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0439 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438: \nbody = 'configStorePath=/tmp/pwned\\nproductEnvName=test/path\\\\ntest\\\\ntest'.encode('utf-8') \n\u0414\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0431\u043e\u0435\u0432\u043e\u0433\u043e RCE \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c payload \u0438 \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0437\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0439 ssh-\u043a\u043b\u044e\u0447 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u0430\u043f\u0443\u0449\u0435\u043d RocketMQ \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\ud83e\udeb2\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e: Apache RocketMQ \u0434\u043e 4.9.6, 5.0.0-5.1.1\n\u2699\ufe0fPOC: https://github.com/Malayke/CVE-2023-37582_EXPLOIT\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.1.11\n\n#CVE-2023-37582 #RCE #RocketMQ", "creation_timestamp": "2023-07-18T09:39:03.000000Z"}, {"uuid": "4ebea9ca-d5a1-45e0-8bef-5d6970048fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/kasperskyb2b/858", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u0418\u0411-\u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u2755 \u041e\u0431\u0449\u0438\u0439 \u043e\u0431\u0437\u043e\u0440 \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u0432\u043e II \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2023 \u0433 \u043e\u0442 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u043e\u0432 \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb:\n\u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u044f,  \n\u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0434\u043b\u044f \u041f\u041a, \n\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b.  \n\u0421\u0440\u0435\u0434\u0438 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 APT \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a 3CX \u0441 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u0412\u041f\u041e GoPuram, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e \u0422\u0440\u0438\u0430\u043d\u0433\u0443\u043b\u044f\u0446\u0438\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e Lazarus DeathNote, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 CloudWizard, \u0438 GoldenJackal.\n\u041c\u0435\u043d\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0438 \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043f\u0440\u043e\u0446\u0432\u0435\u0442\u0430\u0442\u044c: \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 15 \u043d\u043e\u0432\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0438 1917 \u0441\u0432\u0435\u0436\u0438\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439.\n\n\ud83c\udf10 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 RocketMQ (CVE-2023-33246, CVSS 9.8) \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Dreambus \u0438  \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 Monero. \u0412\u041f\u041e \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u0444\u0443\u0441\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0438 \u043e\u0441\u043d\u0430\u0449\u0435\u043d\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u2014 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438  ansible, knife, salt \u0438  pssh.\n\n\ud83c\udf10 \u041d\u043e\u0432\u0430\u044f APT Earth Estries, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0441\u0435\u043a\u0430\u044e\u0449\u0430\u044f\u0441\u044f \u0441 FamousSparrow, \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438, \u042e\u0410\u0420, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0438 \u0421\u0428\u0410. \u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0433\u0440\u0443\u043f\u043f\u044b \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436, \u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043c\u0430\u043b\u043e\u0437\u0430\u043c\u0435\u0442\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Cobalt Strike, Powershell \u0441 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u044b\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u044b Zingdoor, TrillClient \u0438 HemiGate. \u0427\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0443\u0434\u0430\u043b\u044f\u044e\u0442\u0441\u044f, \u0430 \u043b\u043e\u0433\u0438 \u0447\u0438\u0441\u0442\u044f\u0442\u0441\u044f. \u041d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \ud83d\ude2e.  \n\n\ud83d\udcac \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a Brute Ratel C4, \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u043a\u043e\u043d\u043a\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0435\u0433\u043e \u0441 Cobalt Strike.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u041f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0442\u0440\u0430\u043d \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e \u043f\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044e \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Qbot/Qakbot. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044f \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0444\u043e\u0440\u043c\u0430\u0445 \u0430\u0436 \u0441 2007 \u0433\u043e\u0434\u0430, \u044d\u0442\u0430 \u0437\u0430\u0440\u0430\u0437\u0430 \u043f\u0440\u043e\u0448\u043b\u0430 \u043f\u0443\u0442\u044c \u043e\u0442 \u0431\u0430\u043d\u043a\u0435\u0440\u0430 \u0434\u043e \u043c\u043d\u043e\u0433\u043e\u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u043e\u044f\u043d\u0430, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0447\u0430\u0441\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0430\u0442\u0430\u043a ransomware. Qbot \u0443\u0434\u0430\u043b\u0438\u043b\u0438 \u0441 700 000 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \ud83d\ude31\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u043d\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u0435\u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0442\u043e\u0440\u0430 \ud83d\ude0a\n\n\u0420\u0430\u0437\u0431\u043e\u0440 open source \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u0430 Sapphire stealer, \u0441 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c\u0438 \u043a\u0430\u043a \u0432 \u043d\u0435\u0438\u0437\u043c\u0435\u043d\u043d\u043e\u043c \u0432\u0438\u0434\u0435, \u0442\u0430\u043a \u0438 \u0441 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u0430\u043c\u0438. \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u043e SMTP, \u0430 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0431\u0443\u0447\u0438\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 Discord \u0438 Telegram.\n\n\ud83d\ude80 \u0412 Google Play \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0442\u0440\u043e\u044f\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043f\u043e\u0434 Signal \u0438 Telegram.  \u041f\u043e\u0434 \u043a\u0430\u043f\u043e\u0442\u043e\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Signal Plus \u0438 Flygram \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0412\u041f\u041e BadBazaar, \u0441\u0440\u0435\u0434\u0438 \u0436\u0435\u0440\u0442\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0415\u0432\u0440\u043e\u043f\u044b, \u0421\u0428\u0410 \u0438 \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0430.\n\n\u23e9 \u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, 4 \u0443\u044f\u0432\u0437\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Junos \u0441\u0442\u0430\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0436\u0435\u043b\u0435\u0437\u043a\u0438 Juniper \u043f\u0440\u044f\u043c\u043e \u0432 \u0434\u0435\u043d\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2023-09-04T08:59:36.000000Z"}, {"uuid": "ff800236-bd41-4be1-ae70-fd0fdc88a38c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "seen", "source": "https://t.me/arpsyndicate/2944", "content": "#ExploitObserverAlert\n\nCVE-2023-33242\n\nDESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2023-33242. Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature.\n\nFIRST-EPSS: 0.000970000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2024-01-19T17:27:02.000000Z"}, {"uuid": "6ec421a7-2684-4a8f-b1e3-72b86b3015cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/arpsyndicate/1420", "content": "#ExploitObserverAlert\n\nCVE-2023-33246\n\nDESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-33246. For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.\u00a0  Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.\u00a0  To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above\u00a0for using RocketMQ 5.x\u00a0or 4.9.6 or above for using RocketMQ 4.x .\n\nFIRST-EPSS: 0.971220000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T07:22:32.000000Z"}, {"uuid": "fee2e117-dad3-4e12-86e1-16fc6ea7c9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/arpsyndicate/704", "content": "#ExploitObserverAlert\n\nCVE-2023-33246\n\nDESCRIPTION: Exploit Observer has 39 entries related to CVE-2023-33246. For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.\u00a0  Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.\u00a0  To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above\u00a0for using RocketMQ 5.x\u00a0or 4.9.6 or above for using RocketMQ 4.x .\n\nFIRST-EPSS: 0.970860000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T08:54:41.000000Z"}, {"uuid": "d5c556f9-cda5-4bcc-8a50-634de267fcd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "Telegram/iajzRjTDM2_zBsbJStMJpJYpGwENHpA0J4uVKAUR55g-E_c", "content": "", "creation_timestamp": "2025-05-08T11:00:06.000000Z"}, {"uuid": "cb1883b9-4fee-437c-bb43-b9a6b71d18ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3076", "content": "Tools - Hackers Factory \n\nCVE-2023-33733\n\nThis write-up details how an RCE in Reportlab - was found and exploited. Due to the prevalence of Reportlab in HTML to PDF processing, this vulnerability may be reachable in many applications that process PDF files, making this an important one to patch and look out for.\n\nhttps://github.com/c53elyas/CVE-2023-33733\n\n#cve #cybersecurity #infosec\n\nLoki\n\nA Little Web Honeypot.\n\nhttps://github.com/TheKingOfDuck/Loki\n\n#cybersecurity #infosec\n\nPyrai - Mirai python variant\n\nThis is a working variant of the Mirai IOT botnet, this is fully written in Python3. In this paper I'm going to show you how to configure each script in order to setup your PyRai.\n\nhttps://github.com/readloud/PyRai\n\n#cybersecurity #infosec #redteam\n\nCVE-2023-33781\n\nD-Link DIR-842V2 v1.0.3 was discovered to allow a user to run an arbitrary binary when connecting to telnet. This vulnerability can be triggered using backup/restore functionality.\n\nhttps://github.com/s0tr/CVE-2023-33781\n\n#cve #cybersecurity #infosec\n\nCVE-2023-33782\n\nD-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability in the iperf3 diagnostics functionality.\n\nhttps://github.com/s0tr/CVE-2023-33782\n\n#cve #cybersecurity #infosec\n\nHackBrowserData \n\nCommand-line tool for decrypting and exporting browser data ( passwords, history, cookies, bookmarks, credit cards, download records, localStorage and extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux.\n\nhttps://github.com/moonD4rk/HackBrowserData\n\n#infosec #pentesting #redteam\n\nVMClarity \n\nOpen source tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations and leaked secrets.\n\nhttps://github.com/openclarity/vmclarity\n\n#cybersecurity #infosec #pentesting\n\nCVE-2023-33246 \n\nRocketMQ Remote Code Execution #Exploit.\n\nhttps://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT\n\n#cve #cybersecurity #infosec\n\n2023-33381\n\nOS command injection on MitraStar GPT-2741GNAC.\n\nhttps://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC\n\n#cve #cybersecurity #infosec\n\nEyeballer\n\nEyeballer is meant for large-scope network penetration tests where you need to find \"interesting\" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal (EyeWitness or GoWitness) and then run them through Eyeballer to tell you what's likely to contain vulnerabilities, and what isn't.\n\nhttps://github.com/BishopFox/eyeballer\n\n#cybersecurity #infosec #pentesting\n\nMultichain Auditor\n\nObservations and tips for auditing protocols on multiple chains \ud83e\uddd0\n\nhttps://github.com/0xJuancito/multichain-auditor\n\n#cybersecurity #infosec\n\nCoraza - Web Application Firewall\n\nCoraza is an open source, enterprise-grade, high performance Web Application Firewall (WAF) ready to protect your beloved applications. It written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set.\n\nhttps://github.com/corazawaf/coraza\n\n#cybersecurity #infosec\n\nCVE-2020-35489\n\nCVE-2020-35489 Vulnerability Scanner in #Wordpress Websites.\n\nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_checker\n\n#cybersecurity #infosec\n\nRegStrike\n\nA .reg payload generator.\n\nhttps://github.com/itaymigdal/RegStrike\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-05T06:48:53.000000Z"}, {"uuid": "108205fd-57ce-4fd2-b01c-de0c65cdb317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "Telegram/ZPdhmxqpmsLVeUlcxkh-hzb6RIKpHEAokSR4hUiWLio6Rw", "content": "", "creation_timestamp": "2023-06-04T16:08:55.000000Z"}, {"uuid": "b367b3da-f156-4d1c-9a90-a7116037cfd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3071", "content": "Tools - Hackers Factory \n\nRuy-Lopez\n\nThis repository contains the Proof-of-Concept(PoC) for a new approach to completely prevent DLLs from being loaded into a newly spawned process. The initial use-case idea was to block AV/EDR vendor DLLs from being loaded, so that userland hooking based detections are bypassed.\n\nhttps://github.com/S3cur3Th1sSh1t/Ruy-Lopez\n\n#infosec #pentesting #redteam\n\nCymulate Framework\n\nA framework to help #redteam construct fully customizable and automated APT attacks easily.\n\nhttps://github.com/opabravo/cymulate-framework\n\n#cybersecurity #infosec #pentesting\n\nAttacking WPA3\n\nNew Vulnerabilities & Exploit Framework!\n\nhttps://github.com/domienschepers/wifi-framework\n\nDetails:\nhttps://conference.hitb.org/hitbsecconf2022sin/session/attacking-wpa3-new-vulnerabilities-and-exploit-framework/\n\n#cybersecurity #infosec #pentesting\n\nSshimpanzee\n\nA reverse shell based on sshd supporting DNS and ICMP Tunnelling as well as HTTP and Socks Proxies.\n\nhttps://github.com/lexfo/sshimpanzee\n\n#infosec #pentesting #redteam\n\nMihari\n\nA tool for #OSINT based threat hunting.\n\nhttps://github.com/ninoseki/mihari\n\nCVE-2023-33246\n\nApache rocketmq remote code execution vulnerability.\n\nhttps://github.com/I5N0rth/CVE-2023-33246\n\n#cve #cybersecurity #infosec\n\nRISC-V: Emoji Shellcoding\n\nThis tool \u2692 helps design RISC-V (both 32-bit and 64-bit) shellcodes capable of running arbitrary code, whose ASCII binary representation use only Unicode UTF-8 emojis \ud83e\udd2f.\n\nhttps://github.com/RischardV/emoji-shellcoding\n\n#cybersecurity #infosec #redteam\n\nCQ\n\nCode Query, a universal code security scanning tool.\n\nhttps://github.com/nccgroup/cq\n\n#cybersecurity #infosec\n\nCVE-2020-0796\n\nWindows Protocol TestSuites is to trigger BSoD (full #exploit).\n\nhttps://github.com/Ajomix/CVE-2020-0796\n\n#cve #cybersecurity #infosec\n\nRed Teaming & Pentesting checklists for various engagements\n\nEven though, a penetration test is a creative process most people maintain private checklists to ensure that they will not forget to test networks, systems and applications against various scenarios and maintain the overall quality of the assessment.\n\nhttps://github.com/netbiosX/Checklists\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-30T15:17:54.000000Z"}, {"uuid": "66bc225f-bc5d-4f48-8c44-693ae709e5f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3159", "content": "Hackers Factory \n\n#exploit\n\n1. WPS Office RCE\n\ngithub.com/ba0gu0/wps-rce\n\n2. CVE-2023-33242:\nLindell17 ECDSA Private Key information disclosure\n\nhttps://github.com/d0rb/CVE-2023-33242\n\nGoogle Calendar RAT is a PoC of Command&Control over Google Calendar Events\n\nhttps://github.com/MrSaighnal/GCR-Google-Calendar-RAT\n\nAn OSINT Metadata analyzing tool that filters through tags and creates reports\n\nhttps://github.com/chriswmorris/Metaforge\n\nSpoof emails from any of the +2 Million domains using MailChannels (DEFCON 31 Talk)\n\nhttps://github.com/byt3bl33d3r/SpamChannel\n\nTrace Labs #OSINT Field Manual\n\n(detailed guide for beginners)\n\n- Getting started\n- Ethics\n- Safety\n- Planning and Preparation\n- Techniques\n- Resources\n\ngithub.com/tracelabs/tofm/\n\nExtract web archive data using Wayback Machine and Common Crawl\n\nhttps://github.com/karust/gogetcrawl\n\nsimple script to extract all web resources by means of .SVN folder exposed over network.\n\nhttps://github.com/anantshri/svn-extractor\n\nSandbox for automated Linux malware analysis.\n\nhttps://github.com/danieluhricek/LiSa\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-18T06:25:59.000000Z"}, {"uuid": "5a2c9197-36a8-4667-b93b-25e6dcb1c043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1551", "content": "CVE-2023-33246\n*\nApache RocketMQ\n*\nread\n\nPOC", "creation_timestamp": "2023-05-30T15:54:33.000000Z"}, {"uuid": "8027ff89-fe40-4c98-9e70-060afcb8989e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "Telegram/pjFvQ--YdqLd-OW-B3L3cwtqx2iIKB3vb_BXLrgeheVa02k", "content": "", "creation_timestamp": "2023-07-25T05:28:06.000000Z"}, {"uuid": "344c3570-27cf-4ec2-9814-bb7d02181f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/802", "content": "CVE-2023-33246 : Apache RocketMQ\u00a0 > 5.1.0 - Remote Command Execution\nVerified : N/A\nPOC : https://github.com/SuperZero/CVE-2023-33246\nPOC : https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT", "creation_timestamp": "2023-08-09T06:30:35.000000Z"}, {"uuid": "cfc503aa-a70f-4364-89bf-8b4a150336a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "https://t.me/true_secator/4524", "content": "\u0412 VMware \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u043f\u0430\u043d\u0438\u043a\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 Aria Operations for Networks (\u0440\u0430\u043d\u0435\u0435 vRealize Network Insight) \u0441\u0442\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041a\u0430\u043a \u043c\u044b \u043f\u043e\u043c\u043d\u0438\u043c, \u0431\u0430\u0433\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20887 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0435\u0441\u043b\u0438 \u0442\u043e\u0433\u0434\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443, \u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043f\u043e\u043b\u043d\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0443, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 VMware Aria Operations Networks \u0432\u0435\u0440\u0441\u0438\u0439 6.x, \u0438 \u0435\u0441\u043b\u0438 \u0432\u044b \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b\u0438, \u0442\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430, \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u043f\u0430\u0442\u0447\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0443\u0436\u0435 \u043f\u043e\u0437\u0434\u043d\u043e, \u0442\u0430\u043a \u043a\u0430\u043a \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0443\u0441\u043b\u0443\u0433 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u0438\u043c\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041a\u043e\u0433\u0434\u0430, \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u0433\u043e \u0438 \u043a\u0430\u043a\u0438\u0435 \u0431\u044b\u043b\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0432\u0441\u0435 \u043f\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u043a\u0435 \u0436\u0430\u043d\u0440\u0430 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC \u043d\u0430 GitHub.\n\n\u041f\u043e \u0442\u043e\u043c\u0443 \u0436\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044e \u0414\u0430\u043c\u043e\u043a\u043b\u043e\u0432 \u043c\u0435\u0447 \u043f\u043e\u0432\u0438\u0441 \u043d\u0430\u0434 Apache Software Foundation, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0434 RocketMQ, \u0433\u0434\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u0430\u043a CVE-2023-33246, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 RocketMQ \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0435\u0449\u0435 \u0432 \u043c\u0430\u0435, \u043d\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 GitHub \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b ZoomEye IoT, \u0431\u044b\u043b\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 6000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u041a\u0438\u0442\u0430\u0435.\n\n\u041e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u043e\u0432\u044c\u044e, \u0430 \u0442\u0430\u043a \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u0435\u0441\u0442\u044c \u043e\u043a\u043e\u043b\u043e 48 \u0447\u0430\u0441\u043e\u0432, \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440 \u043f\u043e\u043a\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u0443\u044e\u0442 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u0431\u043e\u0435\u0432\u043e\u0439 \u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0448\u0442\u0443\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u044c.", "creation_timestamp": "2023-06-21T16:15:23.000000Z"}, {"uuid": "5bd9c8b6-9672-4534-b704-78c1cede96c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4720", "content": "\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u0443\u0442\u0440\u043e, \u043a\u043e\u0433\u0434\u0430 \u0434\u0435\u0440\u0436\u0430\u0442\u0435\u043b\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0430\u043a\u0442\u0438\u0432\u043e\u0432 \u043f\u0440\u043e\u0441\u043d\u0443\u043b\u0438\u0441\u044c \u0432 \u043c\u043e\u043a\u0440\u043e\u043c \u043f\u043e\u0442\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 0-day, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Coinbase, ZenGo \u0438 Binance.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Fireblocks \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043d\u0430\u0440\u0431\u043e\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043f\u043e\u0434 \u043e\u0431\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BitForge, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 (MPC).\n\n\u041f\u0440\u043e\u0437\u0432\u0443\u0447\u0438\u0442 \u0433\u0440\u043e\u043c\u043a\u043e, \u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043a\u0440\u0430\u0441\u0442\u044c \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u044b, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u0445 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434, \u043f\u0440\u0438\u0447\u0435\u043c \u043d\u0435 \u0437\u043d\u0430\u044f \u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043d\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430. \u041d\u043e \u043f\u043e\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.\n\n\u0422\u0440\u0438 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 MPC \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u2014 \u044d\u0442\u043e GG-18, GG-20 \u0438 Lindell 17.\n\n\u041f\u043e\u043a\u0430 \u0432\u0441\u0435 \u0436\u0435 \u0441\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c - \u043a\u0430\u043a \u0442\u0430\u0439\u043d\u0430 \u0437\u0430 \u0441\u0435\u043c\u044c\u044e \u043f\u0435\u0447\u0430\u0442\u044f\u043c\u0438 \u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0440\u0435\u0448\u0435\u043d\u044b, \u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u044b\u0445 \u0438 \u0438\u043d\u0441\u0442\u0438\u0442\u0443\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u041f\u0440\u0430\u0432\u0434\u0430 PoC \u043d\u0430 GitHub \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0431\u043b\u043e\u043a\u043e\u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0442\u043e \u0434\u0435\u0440\u0436\u0430\u0442\u0435\u043b\u044f\u043c \u043a\u0440\u0438\u043f\u0442\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0435\u0441\u0442\u044c, \u043e \u0447\u0435\u043c \u043f\u0435\u0440\u0435\u0436\u0438\u0432\u0430\u0442\u044c. \n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-33241), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u043e\u0433\u043e\u0432\u044b\u0435 \u0441\u0445\u0435\u043c\u044b \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (TSS) GG18 \u0438 GG20, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u0442\u043e\u0440\u0441\u043a\u0438\u043c\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0441\u043d\u043e\u0432\u043e\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u043c\u0438 \u0434\u043b\u044f \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432 MPC, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u0430\u043c \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043b\u044e\u0447\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0442\u0440\u0430\u043d\u0437\u0430\u043a\u0446\u0438\u0438. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 Lindell17 2PC (CVE-2023-33242), \u0438\u043c\u0435\u0435\u0442 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0443\u044e \u043f\u0440\u0438\u0440\u043e\u0434\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0432\u0435\u0441\u044c \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043b\u044e\u0447 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043f\u043e\u0441\u043b\u0435 200 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0435\u0433\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439. \u041e\u043f\u044f\u0442\u044c \u0436\u0435, \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f 256 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0415\u0441\u043b\u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0431\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0441\u044f, \u0442\u043e \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0435 \u043c\u0435\u0441\u0442\u043e \u0432 \u0440\u0430\u044e.", "creation_timestamp": "2023-08-11T09:53:05.000000Z"}, {"uuid": "87c1c4a5-c61b-4d57-8459-9e6e9a1b806e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33241", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4720", "content": "\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u0443\u0442\u0440\u043e, \u043a\u043e\u0433\u0434\u0430 \u0434\u0435\u0440\u0436\u0430\u0442\u0435\u043b\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0430\u043a\u0442\u0438\u0432\u043e\u0432 \u043f\u0440\u043e\u0441\u043d\u0443\u043b\u0438\u0441\u044c \u0432 \u043c\u043e\u043a\u0440\u043e\u043c \u043f\u043e\u0442\u0443 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 0-day, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Coinbase, ZenGo \u0438 Binance.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Fireblocks \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043d\u0430\u0440\u0431\u043e\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043f\u043e\u0434 \u043e\u0431\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BitForge, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 (MPC).\n\n\u041f\u0440\u043e\u0437\u0432\u0443\u0447\u0438\u0442 \u0433\u0440\u043e\u043c\u043a\u043e, \u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043a\u0440\u0430\u0441\u0442\u044c \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u044b, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u0445 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434, \u043f\u0440\u0438\u0447\u0435\u043c \u043d\u0435 \u0437\u043d\u0430\u044f \u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043d\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430. \u041d\u043e \u043f\u043e\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.\n\n\u0422\u0440\u0438 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 MPC \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u2014 \u044d\u0442\u043e GG-18, GG-20 \u0438 Lindell 17.\n\n\u041f\u043e\u043a\u0430 \u0432\u0441\u0435 \u0436\u0435 \u0441\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c - \u043a\u0430\u043a \u0442\u0430\u0439\u043d\u0430 \u0437\u0430 \u0441\u0435\u043c\u044c\u044e \u043f\u0435\u0447\u0430\u0442\u044f\u043c\u0438 \u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0440\u0435\u0448\u0435\u043d\u044b, \u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0440\u043e\u0437\u043d\u0438\u0447\u043d\u044b\u0445 \u0438 \u0438\u043d\u0441\u0442\u0438\u0442\u0443\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u041f\u0440\u0430\u0432\u0434\u0430 PoC \u043d\u0430 GitHub \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0431\u043b\u043e\u043a\u043e\u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0442\u043e \u0434\u0435\u0440\u0436\u0430\u0442\u0435\u043b\u044f\u043c \u043a\u0440\u0438\u043f\u0442\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0435\u0441\u0442\u044c, \u043e \u0447\u0435\u043c \u043f\u0435\u0440\u0435\u0436\u0438\u0432\u0430\u0442\u044c. \n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-33241), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u043e\u0433\u043e\u0432\u044b\u0435 \u0441\u0445\u0435\u043c\u044b \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (TSS) GG18 \u0438 GG20, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u0442\u043e\u0440\u0441\u043a\u0438\u043c\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0441\u043d\u043e\u0432\u043e\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u043c\u0438 \u0434\u043b\u044f \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432 MPC, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u0430\u043c \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043b\u044e\u0447\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0442\u0440\u0430\u043d\u0437\u0430\u043a\u0446\u0438\u0438. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 Lindell17 2PC (CVE-2023-33242), \u0438\u043c\u0435\u0435\u0442 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0443\u044e \u043f\u0440\u0438\u0440\u043e\u0434\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0432\u0435\u0441\u044c \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043b\u044e\u0447 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043f\u043e\u0441\u043b\u0435 200 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0435\u0433\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439. \u041e\u043f\u044f\u0442\u044c \u0436\u0435, \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f 256 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0415\u0441\u043b\u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0431\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0441\u044f, \u0442\u043e \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0435 \u043c\u0435\u0441\u0442\u043e \u0432 \u0440\u0430\u044e.", "creation_timestamp": "2023-08-11T09:53:05.000000Z"}, {"uuid": "be80982c-f8f6-4fe3-bc8f-b027bc5ce245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3614", "content": "DataLeak:\n\n\ud83d\udc49\ud83c\udffbLeak haztutienda com : https://system32.ink/d/leak-haztutienda-com/\n\n\ud83d\udc49\ud83c\udffbLeak voiswitch : https://system32.ink/d/leak-voiswitch-net/\n\n\ud83d\udc49\ud83c\udffbLeak unja.ac.id : https://system32.ink/d/leak-unja-ac-id/\n\nTools:\n\n\ud83d\udc49\ud83c\udffbPyrai - Mirai python variant : https://system32.ink/d/pyrai-mirai-python-variant/\n\nExploit:\n\n\ud83d\udc49\ud83c\udffbCVE-2023-33246 RocketMQ Remote Code Execution Exploit : https://system32.ink/d/cve-2023-33246-rocketmq-remote-code-execution-exploit/", "creation_timestamp": "2023-06-05T12:33:58.000000Z"}, {"uuid": "00b6e706-990e-4278-b8ad-bd12c978f0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://t.me/cibsecurity/66532", "content": "\u203c CVE-2023-37582 \u203c\n\nThe RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-15T16:57:00.000000Z"}, {"uuid": "aba65e97-eae9-47ab-88f1-55e70db05372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3324", "type": "seen", "source": "https://t.me/cibsecurity/67176", "content": "\u203c CVE-2023-3324 \u203c\n\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially craftedprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.This issue affects ABB Ability\u00e2\u201e\u00a2 zenon: from 11 build through 11 build 106404.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-24T22:26:11.000000Z"}, {"uuid": "bb9813ec-5ecc-4d33-a5b2-fec591cf9181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33243", "type": "seen", "source": "https://t.me/cibsecurity/65283", "content": "\u203c CVE-2023-33243 \u203c\n\nRedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-16T00:21:49.000000Z"}, {"uuid": "52402849-2b60-4537-8b7c-2e609202a997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33245", "type": "seen", "source": "https://t.me/cibsecurity/64777", "content": "\u203c CVE-2023-33245 \u203c\n\nMinecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-30T12:18:27.000000Z"}, {"uuid": "b7aa48d2-3252-4de5-816d-6594546618f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33240", "type": "seen", "source": "https://t.me/cibsecurity/64451", "content": "\u203c CVE-2023-33240 \u203c\n\nFoxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T14:26:59.000000Z"}, {"uuid": "c5f617d5-667d-4ae3-9611-2ccb0e3538ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33244", "type": "seen", "source": "https://t.me/cibsecurity/64489", "content": "\u203c CVE-2023-33244 \u203c\n\nObsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-20T22:24:06.000000Z"}, {"uuid": "9abad23d-f572-4a78-833a-f7b0305d8294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/dadda5f5-0a7e-4b70-82dc-374852e963d8", "content": "", "creation_timestamp": "2026-04-30T15:48:20.000000Z"}, {"uuid": "aa6a0d9c-07b4-4b59-a107-7e5f86d011d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "exploited", "source": "https://t.me/xakep_ru/14506", "content": "0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434 \u043e\u0431\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BitForge \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u043c \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\n\n\u041d\u0430 \u0418\u0411-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 BlackHat \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Fireblocks \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE-2023-33241 \u0438 CVE-2023-33242) \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u043c\u0438 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\u0438 MPC (\u0432\u043a\u043b\u044e\u0447\u0430\u044f Binance, Coinbase \u0438 ZenGo). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BitForge, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c seed-\u0444\u0440\u0430\u0437\u044b \u0438 \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\nhttps://xakep.ru/2023/08/11/bitforge/", "creation_timestamp": "2023-08-11T18:11:08.000000Z"}, {"uuid": "1d610cc4-57bd-4dbe-89d4-e871e77d0609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33241", "type": "exploited", "source": "https://t.me/xakep_ru/14506", "content": "0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434 \u043e\u0431\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BitForge \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u043c \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\n\n\u041d\u0430 \u0418\u0411-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 BlackHat \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Fireblocks \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 (CVE-2023-33241 \u0438 CVE-2023-33242) \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u043c\u0438 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\u0438 MPC (\u0432\u043a\u043b\u044e\u0447\u0430\u044f Binance, Coinbase \u0438 ZenGo). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BitForge, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c seed-\u0444\u0440\u0430\u0437\u044b \u0438 \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\nhttps://xakep.ru/2023/08/11/bitforge/", "creation_timestamp": "2023-08-11T18:11:08.000000Z"}, {"uuid": "2ce83de9-61ce-4ae9-ab05-225ea3bc1870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/629", "content": "https://github.com/Serendipity-Lucky/CVE-2023-33246", "creation_timestamp": "2023-06-09T05:42:19.000000Z"}, {"uuid": "8e79d956-0820-472d-84ab-a741f6088865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8411", "content": "#exploit\n1. CVE-2022-25743, CVE-2023-21665:\nQualcomm Adreno/KGSL Unchecked Cast / Type Confusion\nhttps://packetstormsecurity.com/files/172663\n\n2. CVE-2023-33733:\nReportlab RCE\nhttps://github.com/c53elyas/CVE-2023-33733\n\n3. CVE-2023-33246:\nRocketMQ RCE\nhttps://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT", "creation_timestamp": "2023-06-02T13:04:30.000000Z"}, {"uuid": "25fe71f5-6a4b-49cd-a243-6b80389fa0b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33242", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8859", "content": "#exploit\n1. WPS Office RCE\nhttps://github.com/ba0gu0/wps-rce\n\n2. CVE-2023-33242:\nLindell17 ECDSA Private Key information disclosure\nhttps://github.com/d0rb/CVE-2023-33242", "creation_timestamp": "2023-08-16T13:33:31.000000Z"}, {"uuid": "0e01d3bd-e195-431c-8f4e-746e1f61cf82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-09-06T18:10:02.000000Z"}, {"uuid": "72ac0cb8-4c95-4c43-8205-010e7da5a6fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/bafa81cb-3d9c-4b07-9938-5130c5013afa", "content": "", "creation_timestamp": "2023-08-31T14:24:24.000000Z"}, {"uuid": "29c67ab2-998c-4d25-b1e1-bddb05ca43fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971874", "content": "", "creation_timestamp": "2024-12-24T20:35:06.179969Z"}, {"uuid": "44d17658-6f68-417e-a353-95440e570fa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "28798df3-aa32-4cff-9c84-69377dd07b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-21)", "content": "", "creation_timestamp": "2024-11-21T00:00:00.000000Z"}, {"uuid": "eaff54b1-3e49-4a67-bcb3-ee126f4225b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}, {"uuid": "d660052d-0a5a-4ee6-9e15-751a6025903d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:46.000000Z"}, {"uuid": "cc52fadb-bdf7-4e3c-badc-c5a88c822cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "a7218315-d0fd-4e10-97cc-6224f583bcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "0e2fe1fa-df0f-40a5-9db8-e28d5f436665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:01.000000Z"}, {"uuid": "582315d5-1e94-4d6c-8a99-6f7a5d72bb5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/rocketmq_version.rb", "content": "", "creation_timestamp": "2023-06-13T22:37:51.000000Z"}, {"uuid": "4ab35dbb-152c-4725-b488-84025d414b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_rocketmq_update_config.rb", "content": "", "creation_timestamp": "2023-07-06T07:31:54.000000Z"}]}