{"vulnerability": "cve-2024-2515", "sightings": [{"uuid": "9c69f808-9921-4714-bd56-d2ae7efac02b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25151", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3211", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25151\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-02-21T04:15:08.627\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25151\n2. https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25151", "creation_timestamp": "2025-01-28T03:16:47.000000Z"}, {"uuid": "6ff69ccf-f9ff-47f4-ad0d-da7233e9f62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25151", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3257", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25151\n\ud83d\udd25 CVSS Score: 5.4 (CVSS_V3)\n\ud83d\udd39 Description: The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not escape user supplied data in the default notification email template, which allows remote authenticated users to inject arbitrary web script or HTML via the title of a calendar event or the user's name. This may lead to a content spoofing or cross-site scripting (XSS) attacks depending on the capability of the receiver's mail client.\n\ud83d\udccf Published: 2024-02-21T06:30:32Z\n\ud83d\udccf Modified: 2025-01-28T15:04:36Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-25151\n2. https://github.com/liferay/liferay-portal\n3. https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25151", "creation_timestamp": "2025-01-28T15:09:03.000000Z"}, {"uuid": "15a80851-042e-4d1d-977c-7d77c4e486f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "Telegram/LbI7RB13PekjQJl1G9ESsJHkP4bxLATouS9B-vwMSo3_9g", "content": "", "creation_timestamp": "2024-03-18T16:12:35.000000Z"}, {"uuid": "a37574fc-0032-461a-9edd-de14d98d6489", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/712", "content": "The Hacker News\nFortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\n\nFortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "ad3c6d6a-f3b6-44f1-a694-8444a1c3b9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1939", "content": "CVE-2024-25153: Remote Code Execution\nFortra FileCatalyst\n*\nPOC\n*", "creation_timestamp": "2024-03-14T13:02:23.000000Z"}, {"uuid": "5591bfee-bab9-441d-9b97-4b107ab0e050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "Telegram/2GfGABMbOj_dUBupi29NMP8w73zh7k5WLTAkbKXAwN8qAS8", "content": "", "creation_timestamp": "2024-05-12T10:44:05.000000Z"}, {"uuid": "c8997b72-4946-4a80-958c-d3ef8c9fdecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/211487", "content": "https://ift.tt/nesKuQP\nPoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)", "creation_timestamp": "2024-03-19T13:46:53.000000Z"}, {"uuid": "2ed4cb06-a1ae-4142-a6d5-493d7a6cf482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2515", "type": "seen", "source": "https://t.me/ctinow/209467", "content": "https://ift.tt/TOvPFRn\nCVE-2024-2515", "creation_timestamp": "2024-03-16T10:26:18.000000Z"}, {"uuid": "8bc6da3c-d7ac-42d0-8c93-f4ca2c1b1b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25151", "type": "seen", "source": "https://t.me/ctinow/189215", "content": "https://ift.tt/vMf6Wxi\nCVE-2024-25151", "creation_timestamp": "2024-02-21T05:26:55.000000Z"}, {"uuid": "161012c9-dd52-4ea9-9fa9-8ebfc3b6a7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25150", "type": "seen", "source": "https://t.me/ctinow/188245", "content": "https://ift.tt/YWvui7X\nCVE-2024-25150", "creation_timestamp": "2024-02-20T09:26:06.000000Z"}, {"uuid": "321e365e-6fb6-4109-a5c5-67b399efedc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25150", "type": "seen", "source": "https://t.me/ctinow/188248", "content": "https://ift.tt/YWvui7X\nCVE-2024-25150", "creation_timestamp": "2024-02-20T09:31:44.000000Z"}, {"uuid": "e7912113-a1d2-4d2c-bfd5-3f99b9db5836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1441", "content": "CVE-2024-25153\n\nThis is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-14T18:38:46.000000Z"}, {"uuid": "b5b9afa2-99f1-4726-94f2-f07326e3517a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/thehackernews/4694", "content": "Fortra has patched a critical flaw (CVE-2024-25153) in FileCatalyst file transfer, preventing unauthorized remote code execution and blocking attackers from taking full control of vulnerable servers. \n \nRead details: https://thehackernews.com/2024/03/fortra-patches-critical-rce.html \n \nPatch immediately.", "creation_timestamp": "2024-03-18T14:02:22.000000Z"}, {"uuid": "021c0865-21f6-4952-9fdd-7f06c347a2f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2125", "content": "https://github.com/nettitude/CVE-2024-25153\n#poc", "creation_timestamp": "2024-03-14T11:30:00.000000Z"}, {"uuid": "523f5765-1776-42a5-b8ca-7f12e7296b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10150", "content": "#exploit\n1. CVE-2024-25153:\nRCE in Fortra FileCatalyst Workflow\nhttps://github.com/nettitude/CVE-2024-25153\n\n2. CVE-2023-34060:\nhttps://packetstormsecurity.com/files/177554\n\n3. Mali GPU Kernel LPE Exploit\nhttps://github.com/0x36/Pixel_GPU_Exploit\n]-> https://github.com/0x36/Pixel_GPU_Exploit/blob/main/poc.cpp", "creation_timestamp": "2024-03-22T09:56:15.000000Z"}, {"uuid": "dff16508-6f4f-443a-b554-06f96f6e073f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "Telegram/BLjW2ymz1yoxdCcgiBg403svN1PQ1w0_l_KpeYzyzvQ-Tw", "content": "", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "39e6931f-48a3-4471-9654-5a86741ead6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "Telegram/GYZD-Wu8jWV1Vm3YjqS1gNokm8LMWU3g2g6s4i92mCqfQg", "content": "", "creation_timestamp": "2024-03-14T15:30:46.000000Z"}, {"uuid": "441a8dd8-00ef-42cb-be47-db27f5663533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25150", "type": "seen", "source": "https://t.me/arpsyndicate/3725", "content": "#ExploitObserverAlert\n\nCVE-2024-25150\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25150. Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions allows remote authenticated users to obtain a user's full name from the page's title by enumerating user screen names.", "creation_timestamp": "2024-02-21T07:24:35.000000Z"}, {"uuid": "bc3145d4-4b19-4746-81f1-6a18c78ac1ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25152", "type": "seen", "source": "https://t.me/arpsyndicate/3923", "content": "#ExploitObserverAlert\n\nCVE-2024-25152\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25152. Stored cross-site scripting (XSS) vulnerability in Message Board widget in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML via the filename of an attachment.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-22T04:16:53.000000Z"}, {"uuid": "42028605-62f7-4817-9a1a-abebb1c33aef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25151", "type": "seen", "source": "https://t.me/arpsyndicate/3922", "content": "#ExploitObserverAlert\n\nCVE-2024-25151\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25151. The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not escape user supplied data in the default notification email template, which allows remote authenticated users to inject arbitrary web script or HTML via the title of a calendar event or the user's name. This may lead to a content spoofing or cross-site scripting (XSS) attacks depending on the capability of the receiver's mail client.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-22T04:15:58.000000Z"}, {"uuid": "fe9a1973-f7e9-4e8e-9024-d6d57df936bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "exploited", "source": "https://t.me/true_secator/5539", "content": "Fortra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (MFT) FileCatalyst, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u043f\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-25153 \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 ftpservlet \u043f\u043e\u0440\u0442\u0430\u043b\u0430 FileCatalyst Workflow, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 uploadtemp \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST.\n\n\u0412 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0444\u0430\u0439\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0432 DocumentRoot \u0432\u0435\u0431-\u043f\u043e\u0440\u0442\u0430\u043b\u0430, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b JSP \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 9 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430 \u043e\u0442 LRQA Nettitude, \u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 FileCatalyst Workflow \u0432\u0435\u0440\u0441\u0438\u0438 5.1.6 \u0441\u0431\u043e\u0440\u043a\u0438 114 \u0431\u0435\u0437 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 CVE, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u043d\u0430 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC, \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortra \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FileCatalyst Direct (CVE-2024-25154 \u0438 CVE-2024-25155), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0434\u043b\u0435\u0447\u0438\u043b\u0438 \u0438 GoAnywhere MFT \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.4.2, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u0435\u0434\u0443\u0449\u0438\u0435 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 MFT-\u0440\u0435\u0448\u0435\u043d\u0438\u0438 Fortra GoAnywhere \u0438 \u0438\u0445 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Cl0p, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 SOCRadar, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f PoC \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\u00a0", "creation_timestamp": "2024-03-19T14:50:05.000000Z"}, {"uuid": "36925eb6-302e-4819-b808-21200c6d7756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2515", "type": "seen", "source": "https://t.me/ctinow/209465", "content": "https://ift.tt/TOvPFRn\nCVE-2024-2515", "creation_timestamp": "2024-03-16T10:21:51.000000Z"}, {"uuid": "b4c8ca00-223b-4c53-8dd9-ea8307f8e357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25156", "type": "seen", "source": "https://t.me/ctinow/207861", "content": "https://ift.tt/djo2Kka\nCVE-2024-25156", "creation_timestamp": "2024-03-14T15:26:45.000000Z"}, {"uuid": "fabe4287-0b1f-4ed9-9d19-7a2fa5747048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/ctinow/207391", "content": "https://ift.tt/n6T4OcV\nCVE-2024-25153 Exploit", "creation_timestamp": "2024-03-14T03:16:27.000000Z"}, {"uuid": "62fb89d2-51f9-46e5-9630-d72954b45161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25155", "type": "seen", "source": "https://t.me/ctinow/206865", "content": "https://ift.tt/hybdwnm\nCVE-2024-25155", "creation_timestamp": "2024-03-13T16:27:19.000000Z"}, {"uuid": "ee466a75-0851-4d52-966d-911c1af6215c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25154", "type": "seen", "source": "https://t.me/ctinow/206864", "content": "https://ift.tt/R0CIaVJ\nCVE-2024-25154", "creation_timestamp": "2024-03-13T16:27:17.000000Z"}, {"uuid": "44dcd2a6-fbeb-4644-a003-2847cab078f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/ctinow/206863", "content": "https://ift.tt/hXqbyaK\nCVE-2024-25153", "creation_timestamp": "2024-03-13T16:27:16.000000Z"}, {"uuid": "00dbf410-6a28-47c1-91ab-6b64023ce1ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25152", "type": "seen", "source": "https://t.me/ctinow/189150", "content": "https://ift.tt/iUPZumY\nCVE-2024-25152", "creation_timestamp": "2024-02-21T03:31:48.000000Z"}, {"uuid": "d97948a0-2651-437f-8350-3ae761dcb8af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25152", "type": "seen", "source": "https://t.me/ctinow/189142", "content": "https://ift.tt/iUPZumY\nCVE-2024-25152", "creation_timestamp": "2024-02-21T03:21:21.000000Z"}, {"uuid": "428a7368-e3c3-476f-81be-c9e8e0874e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12526", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Proof-of-concept exploit for CVE-2024-25153.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-15T07:47:37.000000Z"}, {"uuid": "d7a850e6-8e91-42b9-90ec-e7050a0e97ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/97", "content": "This is a proof of concept for #CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-14T12:58:53.000000Z"}, {"uuid": "040e2a9e-4f49-4136-ad1f-3f7298b74880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6810", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aProof-of-concept exploit for CVE-2024-25153.\nURL\uff1ahttps://github.com/rainbowhatrkn/CVE-2024-25153\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-18T09:07:22.000000Z"}, {"uuid": "c2927b14-21e3-47e3-898a-76b36058a298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4212", "content": "The Hacker News\nFortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\n\nFortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "2e02a404-5fa8-4122-a83d-053c3ee6c0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/KomunitiSiber/1646", "content": "Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\nhttps://thehackernews.com/2024/03/fortra-patches-critical-rce.html\n\nFortra has released details of a now-patched critical security flaw impacting its\u00a0FileCatalyst\u00a0file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T16:15:36.000000Z"}, {"uuid": "0b7e1449-0777-4a1e-9632-4d11808e7ccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25154", "type": "exploited", "source": "https://t.me/true_secator/5539", "content": "Fortra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (MFT) FileCatalyst, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u043f\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-25153 \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 ftpservlet \u043f\u043e\u0440\u0442\u0430\u043b\u0430 FileCatalyst Workflow, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 uploadtemp \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST.\n\n\u0412 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0444\u0430\u0439\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0432 DocumentRoot \u0432\u0435\u0431-\u043f\u043e\u0440\u0442\u0430\u043b\u0430, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b JSP \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 9 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430 \u043e\u0442 LRQA Nettitude, \u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 FileCatalyst Workflow \u0432\u0435\u0440\u0441\u0438\u0438 5.1.6 \u0441\u0431\u043e\u0440\u043a\u0438 114 \u0431\u0435\u0437 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 CVE, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u043d\u0430 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC, \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortra \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FileCatalyst Direct (CVE-2024-25154 \u0438 CVE-2024-25155), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0434\u043b\u0435\u0447\u0438\u043b\u0438 \u0438 GoAnywhere MFT \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.4.2, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u0435\u0434\u0443\u0449\u0438\u0435 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 MFT-\u0440\u0435\u0448\u0435\u043d\u0438\u0438 Fortra GoAnywhere \u0438 \u0438\u0445 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Cl0p, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 SOCRadar, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f PoC \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\u00a0", "creation_timestamp": "2024-03-19T14:50:05.000000Z"}, {"uuid": "0818fbd6-f867-439a-a755-5b1ed7a11f49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25155", "type": "exploited", "source": "https://t.me/true_secator/5539", "content": "Fortra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (MFT) FileCatalyst, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u043f\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-25153 \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 ftpservlet \u043f\u043e\u0440\u0442\u0430\u043b\u0430 FileCatalyst Workflow, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 uploadtemp \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST.\n\n\u0412 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0444\u0430\u0439\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0432 DocumentRoot \u0432\u0435\u0431-\u043f\u043e\u0440\u0442\u0430\u043b\u0430, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b JSP \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 9 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430 \u043e\u0442 LRQA Nettitude, \u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 FileCatalyst Workflow \u0432\u0435\u0440\u0441\u0438\u0438 5.1.6 \u0441\u0431\u043e\u0440\u043a\u0438 114 \u0431\u0435\u0437 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 CVE, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u043d\u0430 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC, \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortra \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FileCatalyst Direct (CVE-2024-25154 \u0438 CVE-2024-25155), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0434\u043b\u0435\u0447\u0438\u043b\u0438 \u0438 GoAnywhere MFT \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.4.2, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u0435\u0434\u0443\u0449\u0438\u0435 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 MFT-\u0440\u0435\u0448\u0435\u043d\u0438\u0438 Fortra GoAnywhere \u0438 \u0438\u0445 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Cl0p, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 SOCRadar, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f PoC \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\u00a0", "creation_timestamp": "2024-03-19T14:50:05.000000Z"}, {"uuid": "9d17b00b-2f9e-4a1d-a47e-d24a858d096e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2515", "type": "seen", "source": "https://t.me/ctinow/208985", "content": "https://ift.tt/QD6xmuB\nCVE-2024-2515 | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 home.php id cross site scripting", "creation_timestamp": "2024-03-15T17:56:52.000000Z"}, {"uuid": "87592929-9061-40ab-8582-79c8181085d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/4596", "content": "CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0433\u043e\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortra, \u043e\u043d\u0438 \u0436\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Cobalt Strike. \n\n\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u043a\u0435 FileCatalyst Workflow \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u043b\u0438\u0442\u044c JSP-\u0448\u0435\u043b\u043b \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0441 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c, \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n\u041f\u043e \u0434\u0435\u0444\u043e\u043b\u0442\u0443 \u0432\u0441\u0435 \u0433\u0440\u0443\u0437\u0438\u0442\u0441\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043f\u0430\u043f\u043a\u0443. \u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u043f\u0443\u0442\u044c, \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u0439\u0442\u0438, \u0440\u0430\u0437\u0440\u0435\u0432\u0435\u0440\u0441\u0438\u0432 Jar'\u043d\u0438\u043a \u0441 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c. \n\n\u0427\u0442\u043e \u0437\u0430\u0431\u0430\u0432\u043d\u043e, \u0442\u043e\u0436\u0435 \u0441\u0430\u043c\u043e\u0435 \u043d\u0430\u0448\u043b\u043e\u0441\u044c \u0438 \u0432 FileCatalyst Direct, \u0438, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0432\u0441\u043f\u043b\u044b\u0432\u0435\u0442 \u0433\u0434\u0435-\u0442\u043e \u0435\u0449\u0435.\n\nPoC: https://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-15T06:53:58.000000Z"}]}