{"vulnerability": "cve-2023-4836", "sightings": [{"uuid": "d899526a-e77a-48ef-b812-04befde505ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/redfoxsec/24", "content": "\ud83d\udd3bZeroQlik + DoubleQlik (CVE-2023-41265, CVE-2023-41266, CVE-2023-48365)\n\n\u0414\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043f\u0430\u043b\u0430\u0441\u044c \u043c\u043d\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043d\u0430 \u0433\u043b\u0430\u0437\u0430. \u041a \u043c\u043e\u0435\u043c\u0443 \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044e, \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u0433\u0434\u0435 \u043e \u043d\u0435\u0439 \u043d\u0435 \u043f\u0438\u0441\u0430\u043b\u043e\u0441\u044c \u0434\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043f\u0440\u043e \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Cactus \u043d\u0430 xakep.\n\n\ud83d\udd17 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c ZeroQlik \u043d\u0430\u0448\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Praetorian\n\n\ud83d\udcd1 \u0417\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u043d\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043a CL.TE \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0443 HTTP Request Smuggle \u043f\u0440\u043e\u043a\u0441\u0438 Qlik Sense, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0444\u0440\u043e\u043d\u0442\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0441\u0442\u0430\u043b\u0430 Path Traversal \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043c\u043d\u0435 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c - \u043a\u0430\u043a \u043f\u043e\u0434\u0445\u043e\u0434 (Grey box \u0430\u043d\u0430\u043b\u0438\u0437), \u0442\u0430\u043a \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE. \u042d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0433\u0434\u0435 \u043a\u0430\u043a \u0440\u0430\u0437 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 HTTP Request Smuggling. \n\n\ud83d\udd17 \u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u043a\u0441\u0430 DoubleQlik\n\n\ud83d\udcd1 \u0422\u0430\u043a \u043a\u0430\u043a \u0432 \u0444\u0438\u043a\u0441\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b\u043e\u0441\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 Transfer-encoding: chunked, \u0430 \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 chunked, \u0442\u043e Praetorian \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u043e \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u044d\u0442\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u043c \u0442\u0430\u0431\u0443\u043b\u044f\u0446\u0438\u0438: \nTransfer-encoding: ,\\tchunked,\\r\\n\n\n\u0428\u0430\u0431\u043b\u043e\u043d\u044b \u0434\u043b\u044f \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u043f\u043e\u0434 Nuclei \u0437\u0430\u0441\u0442\u0440\u044f\u043b\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u0443 Nuclei-templates, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043e\u0442 \u0441\u0441\u044b\u043b\u043a\u0438:\n\n\ud83d\udd38 CVE-2023-41265\n\ud83d\udd38 CVE-2023-41266\n\ud83d\udd38 CVE-2023-48365 (DoubleQlik \u043e\u0431\u0445\u043e\u0434)\n\n\ud83d\udd3b\u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0430\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c Qlik Sense \u043a\u0430\u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0434\u043b\u044f NTLM \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 /internal_windows_authentication/?targetId=$GUID, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0434\u0431\u0438\u0440\u0430\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0438\u043b\u0438 \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 Active Directory \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. Red Team \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443!\n\n\ud83d\udc40 \u041d\u0430 Shodan \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e 6576 (\u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0434\u043d\u044f 3 \u043d\u0430\u0437\u0430\u0434 \u0431\u044b\u043b\u043e 7000+) \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 Qlik. \u041a\u0430\u043a \u0438\u0441\u043a\u0430\u0442\u044c:\n\ud83d\udd39http.title:\"Qlik\"\n\ud83d\udd39http.favicon.hash:-1730722660\n\n\u0412\u043e\u0442 \u0442\u0430\u043a\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u0431\u044d\u043a\u0435\u043d\u0434 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u044c\u0441\u044f \u043f\u0440\u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u043e\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.", "creation_timestamp": "2023-12-03T17:01:28.000000Z"}, {"uuid": "3aa4b20a-a992-4133-a0fe-05a19da19f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4836", "type": "seen", "source": "https://t.me/cibsecurity/73239", "content": "\u203c CVE-2023-4836 \u203c\n\nThe WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-31T17:21:10.000000Z"}, {"uuid": "eb154d34-bf4c-41ad-9062-907791b5d925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/arpsyndicate/2349", "content": "#ExploitObserverAlert\n\nCVE-2023-48365\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48365. Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backend server that hosts the repository application. The fixed versions are August 2023 Patch 2, May 2023 Patch 6, February 2023 Patch 10, November 2022 Patch 12, August 2022 Patch 14, May 2022 Patch 16, February 2022 Patch 15, and November 2021 Patch 17. NOTE: this issue exists because of an incomplete fix for CVE-2023-41265.\n\nFIRST-EPSS: 0.000820000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2024-01-03T19:47:04.000000Z"}, {"uuid": "9e1df743-6cfe-4b2f-b587-3ecc56bfc070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/true_secator/5149", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Arctic Wolf \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u043f\u0435\u0440\u0432\u043e\u043c \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f CACTUS \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Qlik Sense (\u043e\u0431\u043b\u0430\u0447\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0438 \u0431\u0438\u0437\u043d\u0435\u0441-\u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0430).\n\n\u041a\u0430\u043a \u0441\u0447\u0438\u0442\u0430\u044e\u0442 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b, \u0430\u0442\u0430\u043a\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u0440\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b:\n- CVE-2023-41265\u00a0(CVSS: 9.9) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u0441\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c;\n- CVE-2023-41266 (CVSS: 6.5) \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c;\n- CVE-2023-48365 (CVSS: 9.9) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2023-48365 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c\u00a0\u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430\u00a0\u0434\u043b\u044f CVE-2023-41265, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 CVE-2023-41266 \u0431\u044b\u043b\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u0442 Praetorian \u0432\u00a0\u043a\u043e\u043d\u0446\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 CVE-2023-48365 \u0431\u044b\u043b\u043e\u00a0\u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e\u00a020 \u043d\u043e\u044f\u0431\u0440\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0442 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 Qlik Sense \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 ManageEngine Unified Endpoint Management and Security (UEMS), AnyDesk \u0438 Plink \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u0434\u0430\u043b\u044f\u043b\u0438 \u041f\u041e Sophos, \u043c\u0435\u043d\u044f\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438 RDP-\u0442\u0443\u043d\u043d\u0435\u043b\u044c \u0447\u0435\u0440\u0435\u0437 Plink.\n\n\u041d\u0443, \u0438 \u0432 \u043a\u0443\u043b\u044c\u043c\u0438\u043d\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u0433\u0434\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 rclone \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.", "creation_timestamp": "2023-11-30T17:55:24.000000Z"}, {"uuid": "305f8e1a-e905-48ff-91ab-a8a642f7d817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://bsky.app/profile/redvello.bsky.social/post/3lgpejmauvc2w", "content": "", "creation_timestamp": "2025-01-27T06:59:50.452396Z"}, {"uuid": "fd44b04f-5879-48c1-bc28-13acc65c0130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19c6acfb-6c90-4513-9e47-7d19fa8e81de", "content": "", "creation_timestamp": "2026-02-02T12:26:16.718481Z"}, {"uuid": "d6f6908a-6a3d-453a-80b1-38dce59266e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4836", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10200", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4836\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced\n\ud83d\udccf Published: 2023-10-31T13:54:46.188Z\n\ud83d\udccf Modified: 2025-04-03T13:21:19.295Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c17f2534-d791-4fe3-b45b-875777585dc6\n2. https://research.cleantalk.org/cve-2023-4836-user-private-files-idor-to-sensitive-data-and-private-files-exposure-leak-of-info-poc", "creation_timestamp": "2025-04-03T13:34:42.000000Z"}, {"uuid": "793f0090-4735-4cf2-bbb2-873b4d695531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48369", "type": "seen", "source": "https://t.me/ctinow/155481", "content": "https://ift.tt/AYnHjgD\nCVE-2023-48369 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 Log resource consumption", "creation_timestamp": "2023-12-16T21:22:45.000000Z"}, {"uuid": "791ca413-e13a-4fc4-a385-944b46a920a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48360", "type": "seen", "source": "https://t.me/cibsecurity/74173", "content": "\u203c\ufe0fCVE-2023-48360\u203c\ufe0f\n\n in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:34:59.000000Z"}, {"uuid": "fbcc42d9-de30-40fd-ba72-e85ffaa70fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48360", "type": "seen", "source": "https://t.me/ctinow/171283", "content": "https://ift.tt/7TmJE1Y\nCVE-2023-48360 | OpenHarmony up to 3.2.2 Multimedia Player use after free", "creation_timestamp": "2024-01-22T16:37:39.000000Z"}, {"uuid": "3634b776-b1b7-4f25-86a3-6076d9d8b855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48360", "type": "seen", "source": "https://t.me/ctinow/161608", "content": "https://ift.tt/gruoIbM\nCVE-2023-48360", "creation_timestamp": "2024-01-02T09:26:18.000000Z"}, {"uuid": "cfc7231d-32e9-4fbc-bc08-317fd5031292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113623927561712873", "content": "", "creation_timestamp": "2024-12-09T16:59:03.956829Z"}, {"uuid": "8426f182-9d7d-460f-8d32-8f50405b8d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113623940738642550", "content": "", "creation_timestamp": "2024-12-09T17:02:24.982933Z"}, {"uuid": "17d7b2dc-40e1-45ab-8863-e6822b38977f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpvvjn6vw25", "content": "", "creation_timestamp": "2025-01-14T18:45:29.173733Z"}, {"uuid": "55f514c8-f761-492e-b52a-be9857b5ad5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48366", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113993094720886056", "content": "", "creation_timestamp": "2025-02-12T21:43:07.283869Z"}, {"uuid": "823eec63-3471-4e3b-b04a-0dce9945bc7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48366", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhz777beuv2a", "content": "", "creation_timestamp": "2025-02-12T22:16:18.420725Z"}, {"uuid": "e18d4289-a2e4-4033-b430-7e6923248eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48362", "type": "seen", "source": "https://t.me/cvedetector/1553", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-48362 - Apache Drill XML Format Plugin XXE Remote File System Access and Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-48362 \nPublished : July 24, 2024, 8:15 a.m. | 27\u00a0minutes ago \nDescription : XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file.  \nUsers are recommended to upgrade to version 1.21.2, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T10:47:52.000000Z"}, {"uuid": "9bf0a343-08aa-4b47-9c52-aac774938e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48364", "type": "seen", "source": "https://t.me/ctinow/183697", "content": "https://ift.tt/Sx7OE4j\nCVE-2023-48364", "creation_timestamp": "2024-02-13T10:21:56.000000Z"}, {"uuid": "aa410b6d-dce5-46e9-b379-3497d227a850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48363", "type": "seen", "source": "https://t.me/ctinow/183696", "content": "https://ift.tt/0lPZtr5\nCVE-2023-48363", "creation_timestamp": "2024-02-13T10:21:55.000000Z"}, {"uuid": "2508418b-c831-4131-bb23-1be6d7df0456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/d7168461-fec2-4f03-a1ae-005f581e0546", "content": "", "creation_timestamp": "2023-12-22T11:44:34.000000Z"}, {"uuid": "2404eb5b-9e3a-4192-a0f8-938e40f1b3f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-01-13T21:10:02.000000Z"}, {"uuid": "315d4659-6b69-435d-a71b-7049575d4387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3092047", "content": "", "creation_timestamp": "2025-01-13T15:16:13.368973Z"}, {"uuid": "391d98f2-492b-4bc8-8069-2acf906a81e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113821744720960181", "content": "", "creation_timestamp": "2025-01-13T15:26:34.157164Z"}, {"uuid": "44b99d80-fea3-4100-98da-d2fb056e6b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "80bc83fd-b6e1-4de4-b229-7bd3d344a474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/d7168461-fec2-4f03-a1ae-005f581e0546", "content": "", "creation_timestamp": "2025-06-19T20:17:38.000000Z"}, {"uuid": "4f414eaa-75a9-4713-befb-b0da78d10905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_28/2023", "content": "", "creation_timestamp": "2023-11-30T08:45:23.000000Z"}, {"uuid": "2b86e489-98fc-45ba-a686-5fa4b17a14ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48365", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19c6acfb-6c90-4513-9e47-7d19fa8e81de", "content": "", "creation_timestamp": "2026-02-02T12:26:16.718481Z"}]}