{"vulnerability": "cve-2024-10220", "sightings": [{"uuid": "84ad0210-ac44-481d-ae16-f969fd15fbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9272", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-10220 Test repo\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-10220-githooks\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-01T05:19:59.000000Z"}, {"uuid": "69b28388-9a5f-48aa-bcc5-289dafedbc26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9461", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-10220 POC\nURL\uff1ahttps://github.com/candranapits/poc-CVE-2024-10220\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T08:29:04.000000Z"}, {"uuid": "d54c4a39-b054-48f4-a916-5f33e9041875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "seen", "source": "https://t.me/CyberBulletin/1558", "content": "\u26a1\ufe0fCVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-11-21T11:24:12.000000Z"}, {"uuid": "298de440-5e27-4475-acb9-90376c4d5861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "seen", "source": "https://t.me/CyberBulletin/26536", "content": "\u26a1\ufe0fCVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-11-21T11:24:12.000000Z"}, {"uuid": "9adeb3c2-49b3-4d56-83ab-727609287a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527565921741571", "content": "", "creation_timestamp": "2024-11-22T16:33:01.570556Z"}, {"uuid": "e1db9a3c-cedb-4716-8190-9504be867ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/113527267526229969", "content": "", "creation_timestamp": "2024-11-22T15:17:08.774142Z"}, {"uuid": "f62bf76e-572d-4b3c-95f4-527cd6ffcd98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "Telegram/q7VD5LFLz0DQI0He0CdIi8UKDEAJAk3zBKou56yKpQVq99g", "content": "", "creation_timestamp": "2025-12-01T03:00:07.000000Z"}, {"uuid": "a6683904-10bb-488b-b5f1-488df3c080db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9176", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a1. \u6d4b\u8bd5CVE-2024-10220\nURL\uff1ahttps://github.com/phoenixmerk/CVE-2024-10220-test-case\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-25T08:17:10.000000Z"}, {"uuid": "bbfb388d-db54-4f17-b753-f3f2de3e2087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9170", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a1. \u6d4b\u8bd5CVE-2024-10220\nURL\uff1ahttps://github.com/phoenixmerk/CVE-2024-10220\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-25T05:48:22.000000Z"}, {"uuid": "e1e535c0-75d6-45a3-b260-88d299aa638f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9113", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-10220 Test repo\nURL\uff1ahttps://github.com/mochizuki875/CVE-2024-10220-githooks\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-21T06:46:22.000000Z"}, {"uuid": "af59d7d6-c3be-44e8-8441-4c1395c47add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10220", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/967", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u062e\u0648\u0634\u0647 \u0645\u0627\u0634\u06cc\u0646 \u0645\u062c\u0627\u0632\u06cc Kubernetes \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u0646\u0627\u0645 \u0645\u0633\u06cc\u0631 \u0646\u0627\u062f\u0631\u0633\u062a \u062f\u0631 \u06cc\u06a9 \u0641\u0647\u0631\u0633\u062a \u0645\u062d\u062f\u0648\u062f \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u062e\u0627\u0631\u062c \u0627\u0632 \u0645\u0631\u0632\u0647\u0627\u06cc \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0645\u06cc\u0632\u0628\u0627\u0646 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2024-10035\nCVE-2024-10220\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062d\u062c\u0645 gitRepo\n\u0634\u0628\u06cc\u0647 \u0633\u0627\u0632\u06cc \u06cc\u06a9 \u0645\u062e\u0632\u0646\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0644\u06cc\u0633\u062a \"\u0633\u0641\u06cc\u062f\" \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://discuss.kubernetes.io/t/security-advisory-cve-2024-10220-arbitrary-command-execution-through-gitrepo-volume/30571\nhttps://github.com/kubernetes/kubernetes/pull/124531\n\u26a0\ufe0f\u0628\u06cc\u0627\u0646\u06cc\u0647 \u0633\u0644\u0628 \u0645\u0633\u0626\u0648\u0644\u06cc\u062a\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-29T17:22:02.000000Z"}]}