{"vulnerability": "cve-2024-5633", "sightings": [{"uuid": "3a712d04-d88a-4e75-9954-a62e46d03938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/5047", "content": "\u200b\u26a1\ufe0fCVE-2024-56337: \u043d\u043e\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 Tomcat\n\n\ud83d\udcac\u0424\u043e\u043d\u0434 Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u043c \u041f\u041e Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-56337, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2024-50379 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0441 Tomcat \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u0432\u043a\u043b\u044e\u0447\u0451\u043d\u043d\u044b\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 readonly \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0432 false), \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u043d\u0435\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0442\u0438\u043f\u0430 (Race Condition) Time-of-check Time-of-use (TOCTOU). \u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c \u0447\u0442\u0435\u043d\u0438\u0438 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-56337 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat:\n\nApache Tomcat 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 9.0.0.M1 \u0434\u043e 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438 \u0432\u044b\u0448\u0435).\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n\u0414\u043b\u044f Java 8 \u0438 Java 11: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u2014 true).\n\u0414\u043b\u044f Java 17: \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u043d\u043e \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e).\n\u0414\u043b\u044f Java 21 \u0438 \u043d\u043e\u0432\u0435\u0435: \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0436\u0435 \u0431\u044b\u043b\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\nASF \u043f\u043e\u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u0438\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 KnownSec 404 Team \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 CVE-2024-56337 \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-24T06:43:49.000000Z"}, {"uuid": "72571475-44f4-4f6a-a546-5878fba8b8e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/1810", "content": "\u26a1\ufe0fCVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-23T14:08:18.000000Z"}, {"uuid": "a75e66a2-2d89-415c-bee0-0d350997d25f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56336\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability has been identified in SINAMICS S200 (All versions with serial number beginning with SZVS8, SZVS9, SZVS0 or SZVSN and the FS number is 02). The affected device contains an unlocked bootloader. This security oversight enables attackers to inject malicious code, or install untrusted firmware. The intrinsic security features designed to protect against data manipulation and unauthorized access are compromised when the bootloader is not secured.\n\ud83d\udccf Published: 2025-03-11T09:48:06.756Z\n\ud83d\udccf Modified: 2025-03-11T09:48:06.756Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-787280.html", "creation_timestamp": "2025-03-11T10:39:03.000000Z"}, {"uuid": "bb13bdd8-06e8-4ef1-a27f-a7f7463b66ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56338", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7162", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56338\n\ud83d\udd25 CVSS Score: 4.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.\n\ud83d\udccf Published: 2025-03-11T16:27:38.456Z\n\ud83d\udccf Modified: 2025-03-11T16:27:38.456Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7185265", "creation_timestamp": "2025-03-11T16:40:09.000000Z"}, {"uuid": "55e6bab4-32e7-4ef4-8450-1ac44fd1c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/NQCIil0LDLl7JvgUDLX-bHiJdmXE16iLAgNQvUY24Gfj9g", "content": "", "creation_timestamp": "2024-12-25T01:18:30.000000Z"}, {"uuid": "c33fe520-615c-49a1-b74e-a66f1db015ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/crackvaultde/348", "content": "Apache Tomcat CVE-2024-56337 Enables RCE\n\nCVE-2024-56337 exposes Apache Tomcat to remote code execution (RCE) on case-insensitive file systems, affecting multiple versions.\n\nFor Details\n\nTelegram Channel: https://t.me/crackvaultde\nTelegram Group: https://t.me/crack_vault_group\nWebsite: crackvault.de", "creation_timestamp": "2024-12-24T18:08:13.000000Z"}, {"uuid": "ec02c627-f930-4711-a84c-9c69c717c299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56335", "type": "seen", "source": "https://t.me/cvedetector/13463", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56335 - Vaultwarden Cross-Organization Group Manipulation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56335 \nPublished : Dec. 20, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. In affected versions an attacker is capable of updating or deleting groups from an organization given a few conditions: 1. The attacker has a user account in the server. 2. The attacker's account has admin or owner permissions in an unrelated organization. 3. The attacker knows the target organization's UUID and the target group's UUID. Note that this vulnerability is related to group functionality and as such is only applicable for servers who have enabled the `ORG_GROUPS_ENABLED` setting, which is disabled by default. This attack can lead to different situations: 1. Denial of service, the attacker can limit users from accessing the organization's data by removing their membership from the group. 2. Privilege escalation, if the attacker is part of the victim organization, they can escalate their own privileges by joining a group they wouldn't normally have access to. For attackers that aren't part of the organization, this shouldn't lead to any possible plain-text data exfiltration as all the data is encrypted client side. This vulnerability is patched in Vaultwarden `1.32.7`, and users are recommended to update as soon as possible. If it's not possible to update to `1.32.7`,  some possible workarounds are: 1. Disabling `ORG_GROUPS_ENABLED`, which would disable groups functionality on the server. 2. Disabling `SIGNUPS_ALLOWED`, which would not allow an attacker to create new accounts on the server. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T23:26:34.000000Z"}, {"uuid": "9af7cab9-e7f4-46c3-a17a-7f439be4219b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://t.me/cvedetector/13461", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56334 - systeminformation OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-56334 \nPublished : Dec. 20, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized when before they are passed as a parameter to cmd.exe in the `getWindowsIEEE8021x` function. This means that malicious content in the SSID can be executed as OS commands. This vulnerability may enable an attacker, depending on how the package is used, to perform remote code execution or local privilege escalation. This issue has been addressed in version 5.23.7 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T23:26:33.000000Z"}, {"uuid": "0174c801-4a5e-4527-9cb5-2aad9633b6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/cvedetector/13444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56337 - Apache Tomcat CaseInsensitive TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56337 \nPublished : Dec. 20, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.  \n  \nThe mitigation for CVE-2024-50379 was incomplete.  \n  \nUsers running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation   \nparameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat:  \n- running on Java 8 or Java 11: the system property\u00a0sun.io.useCanonCaches must be explicitly set to false (it defaults to true)  \n- running on Java 17: the\u00a0system property sun.io.useCanonCaches, if set, must be set to false\u00a0(it defaults to false)  \n- running on Java 21 onwards: no further configuration is required\u00a0(the system property and the problematic cache have been removed)  \n  \nTomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that\u00a0sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set\u00a0sun.io.useCanonCaches to false by default where it can. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T18:25:23.000000Z"}, {"uuid": "3c55e586-581c-448b-a13b-f78c9b2b73d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/cibsecurity/81797", "content": "\ud83d\udd8b\ufe0f Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \ud83d\udd8b\ufe0f\n\nThe Apache Software Foundation ASF has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution RCE under certain conditions. The vulnerability, tracked as CVE202456337, has been described as an incomplete mitigation for CVE202450379 CVSS score 9.8, another critical security flaw in the same product that.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-12-24T07:15:10.000000Z"}, {"uuid": "5e2db275-1356-4285-a0ba-44feac523e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5633", "type": "seen", "source": "https://t.me/cvedetector/305", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5633 - Longse model\u00a0LBH30FE200W cameras, as well as produ\", \n  \"Content\": \"CVE ID : CVE-2024-5633 \nPublished : July 9, 2024, 11:15 a.m. | 35\u00a0minutes ago \nDescription : Longse model\u00a0LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports.\u00a0  \nAn attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T13:55:44.000000Z"}, {"uuid": "0107be1c-281b-41dd-8fa8-6daee41a5968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/1031", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:03.000000Z"}, {"uuid": "c169cc15-9b18-4f63-81e4-44c2d17f428f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/3620", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks\n\nThe Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software\u2026\n\nhttps://osintcorp.net/apache-tomcat-vulnerability-cve-2024-56337-exposes-servers-to-rce-attacks/", "creation_timestamp": "2024-12-24T12:56:25.000000Z"}, {"uuid": "104aef9a-7d17-45ad-88dc-628ea8bbabb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/eVIPFGRhkq3YCk2O8BWYITIBkjx0dvNLYbcNpq7wmBtPfw", "content": "", "creation_timestamp": "2024-12-24T11:23:07.000000Z"}, {"uuid": "a41115b0-cd44-4cc1-888c-52756e13fd07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9207", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "de8fc57e-fdff-42e4-8549-53190bc5217e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/dilagrafie/4036", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:32.000000Z"}, {"uuid": "baabfe46-87b6-4a4b-ace4-91d104094243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/V15QyGWFxYCpoASWuAHRlgFg7gSQsN8DhAxkLcr1e2OZj1Y", "content": "", "creation_timestamp": "2024-12-24T07:32:58.000000Z"}, {"uuid": "a73ad6d5-f4c1-478f-9873-0336d963c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/true_secator/6586", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 CVE-2024-43441 \u0432 HugeGraph-Server \u0438 CVE-2024-56337 \u0432 Tomcat \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Traffic Control \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9,9 CVSS.\n\n\u041f\u0440\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45387 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0440\u043e\u043b\u044c\u044e admin, federation, operations, portal \u0438\u043b\u0438 steering \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 SQL \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e PUT-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e Tencent YunDing Security Lab \u042e\u0430\u043d\u044c \u041b\u043e. \u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Traffic Control \u043e\u0442 8.0.0 \u0434\u043e 8.0.1.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Traffic Control 8.0.2. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e.", "creation_timestamp": "2024-12-26T12:00:09.000000Z"}, {"uuid": "789bd312-7054-4419-8b27-3b3d45674641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6582", "content": "Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-56337 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0443\u0434\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2024-50379 (CVSS: 9,8), \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u0441 Tomcat \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\u00bb \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043d\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u043e\u0442\u043b\u0438\u0447\u043d\u043e\u0435 \u043e\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e), \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-50379 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f Java \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 Tomcat.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u044b \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f (TOCTOU), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0438 \u0442\u043e\u0433\u043e \u0436\u0435 \u0444\u0430\u0439\u043b\u0430 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 Tomcat \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE.\n\nCVE-2024-56337 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat: \n- 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 9.0.0.M1 \u2013 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n- Java 8 \u0438\u043b\u0438 Java 11: \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430\u0434\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u043c\u0443 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u0443 sun.io.useCanonCaches \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e true);\n\n- Java 17: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e false);\n\n- Java 21 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438: \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\n\nASF \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 KnownSec 404 \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 CVE-2024-56337 \u0441 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c PoC.", "creation_timestamp": "2024-12-25T15:20:25.000000Z"}, {"uuid": "df92e9b4-9f85-40b1-8549-6a80bbece2eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/26895", "content": "\u26a1\ufe0fCVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-23T13:21:26.000000Z"}, {"uuid": "b2c12342-f38d-4735-a553-7741d749dc0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/26898", "content": "\u26a1\ufe0fApache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:05:26.000000Z"}, {"uuid": "9681d01a-dc90-4bc1-8761-9af231eeb479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://t.me/CyberBulletin/26903", "content": "\u26a1\ufe0fCVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:07:33.000000Z"}, {"uuid": "41b52da2-5945-49e0-8258-61ed04ad2dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56333", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113686907311266678", "content": "", "creation_timestamp": "2024-12-20T19:55:38.408325Z"}, {"uuid": "a0764982-25ec-438b-8862-1e00acc2e904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113687004395004128", "content": "", "creation_timestamp": "2024-12-20T20:20:19.689281Z"}, {"uuid": "e0b16653-7053-4c7d-bc2f-864b4fdc3038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56335", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113687004412562172", "content": "", "creation_timestamp": "2024-12-20T20:20:20.103868Z"}, {"uuid": "7ddf8275-d0d8-44e8-8c96-15973a214f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ldqsi62and25", "content": "", "creation_timestamp": "2024-12-20T16:26:35.706417Z"}, {"uuid": "042f4ffe-1c60-47a8-a961-6441bb470e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56331", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldr7clsqk52r", "content": "", "creation_timestamp": "2024-12-20T20:16:11.123691Z"}, {"uuid": "6dff9255-2961-4f5d-beaa-fbdb212042c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56333", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldr7codblo2s", "content": "", "creation_timestamp": "2024-12-20T20:16:14.023166Z"}, {"uuid": "57fd63a6-c223-4324-98d4-5b9e02882933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56331", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113686907294716814", "content": "", "creation_timestamp": "2024-12-20T19:55:38.105582Z"}, {"uuid": "74566a61-6cf6-4533-82b7-a3852f98d57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/igalog.bsky.social/post/3ldwpcmp4cf2j", "content": "", "creation_timestamp": "2024-12-23T00:45:47.695561Z"}, {"uuid": "9b0309a1-f108-438c-a434-a0c32d2c11f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldx4bnd7x22r", "content": "", "creation_timestamp": "2024-12-23T04:37:56.878413Z"}, {"uuid": "04a164a0-ee3e-4c2a-bce1-5af7e1f8857a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldxqwuejyz2q", "content": "", "creation_timestamp": "2024-12-23T10:47:39.838967Z"}, {"uuid": "b783e8a5-350c-4e92-bf29-4766baec2fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldxyht5qzb2k", "content": "", "creation_timestamp": "2024-12-23T13:02:25.301656Z"}, {"uuid": "ce3ddd0a-b84f-4298-82fb-d7f08bbedb37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldxyhtb5jn2l", "content": "", "creation_timestamp": "2024-12-23T13:02:25.848911Z"}, {"uuid": "2c84e18e-4dd8-4146-ac18-c13e17ea21e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ldznjfonlc2h", "content": "", "creation_timestamp": "2024-12-24T04:51:47.184153Z"}, {"uuid": "53fa2ff3-d169-4dc1-a347-0d212188fd3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldzoimfuvc26", "content": "", "creation_timestamp": "2024-12-24T05:09:15.197054Z"}, {"uuid": "fd4ca4e9-a089-410f-a1a7-a36d49ab4004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ldzsigkif72m", "content": "", "creation_timestamp": "2024-12-24T06:20:43.196608Z"}, {"uuid": "bf71b1f6-0adc-435e-ae2e-c0db309b4694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldzsixe4mc24", "content": "", "creation_timestamp": "2024-12-24T06:21:02.254312Z"}, {"uuid": "a2766411-5bb2-4c7b-ac3e-e88e5efbb195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3ldzsjgqh7a2w", "content": "", "creation_timestamp": "2024-12-24T06:21:16.480369Z"}, {"uuid": "f1d4c363-edf6-40e0-9b38-0d24c1fabd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3ldzsz6vn2v2w", "content": "", "creation_timestamp": "2024-12-24T06:30:05.310522Z"}, {"uuid": "b75e4f6f-fdde-4fc2-95d1-adefbd522525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3ldztkerswg2r", "content": "", "creation_timestamp": "2024-12-24T06:39:41.574313Z"}, {"uuid": "92058138-8d61-4c73-9c0a-af6a34e99197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3le255gg2d32a", "content": "", "creation_timestamp": "2024-12-24T09:31:25.612958Z"}, {"uuid": "2df78d49-2ec0-425b-ba3e-03cfef36969a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/jiniyabasky.bsky.social/post/3le2ab4s5uk2h", "content": "", "creation_timestamp": "2024-12-24T10:27:13.007882Z"}, {"uuid": "6f903bb0-700b-465d-beec-9ae6f9fe0a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2buzcuxh22", "content": "", "creation_timestamp": "2024-12-24T10:56:11.014633Z"}, {"uuid": "5388b833-323d-4f0a-97ef-b9d2f0ca5be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "content": "", "creation_timestamp": "2024-12-24T05:06:00.000000Z"}, {"uuid": "f6cdb4d7-3f0a-41b9-9bed-9f3bd2aa7b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2cdfe56i2p", "content": "", "creation_timestamp": "2024-12-24T11:04:13.076249Z"}, {"uuid": "d63ebb32-cdf8-4d96-9025-781625d96f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/jurassiquehack.bsky.social/post/3le2i6pox3s2r", "content": "", "creation_timestamp": "2024-12-24T12:49:01.893857Z"}, {"uuid": "3b2cf084-03bf-44fb-a0f6-3b98bb41ede2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2ie2bmlq23", "content": "", "creation_timestamp": "2024-12-24T12:51:57.665577Z"}, {"uuid": "13d291bd-a999-40b2-bcce-d575934a047c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2ip6ervu2z", "content": "", "creation_timestamp": "2024-12-24T12:58:11.251554Z"}, {"uuid": "7d84ee04-76f3-45f1-b196-99e111d24575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2irg4vvq2e", "content": "", "creation_timestamp": "2024-12-24T12:59:26.455815Z"}, {"uuid": "f7f05c66-5073-41b3-a00e-51c71840eb51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2iuczrha27", "content": "", "creation_timestamp": "2024-12-24T13:01:03.787793Z"}, {"uuid": "ae554c4a-e7a8-49b9-9eab-402d0b09a72a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2kdl43br22", "content": "", "creation_timestamp": "2024-12-24T13:27:29.810702Z"}, {"uuid": "66660ca6-e0a2-4480-b72e-21c5c9d3c110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/erik.thauvin.net/post/3le2keaatnb2m", "content": "", "creation_timestamp": "2024-12-24T13:27:51.591492Z"}, {"uuid": "128232ec-3c5f-46c8-b798-8c49d05c38e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2lap347z22", "content": "", "creation_timestamp": "2024-12-24T13:43:46.629845Z"}, {"uuid": "d95affbe-a33d-4120-9a0e-ae8e95a6c75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113708106021039311", "content": "", "creation_timestamp": "2024-12-24T13:46:44.879035Z"}, {"uuid": "ba52eaa5-46ee-4c69-a5cf-232b13124941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2ljhqmvf27", "content": "", "creation_timestamp": "2024-12-24T13:48:40.872366Z"}, {"uuid": "aa1d2e45-9abb-455a-ac74-ae8110b6cc63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2lsnesto2n", "content": "", "creation_timestamp": "2024-12-24T13:53:48.584217Z"}, {"uuid": "f6326ddc-cf95-4fae-abda-61b45322af79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/zenai06100.bsky.social/post/3le2lyqkuw42b", "content": "", "creation_timestamp": "2024-12-24T13:57:13.694582Z"}, {"uuid": "62c33a37-46ca-409b-bed0-41d90a2ae569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56332", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3lfahdu7kpk26", "content": "", "creation_timestamp": "2025-01-08T15:15:08.247044Z"}, {"uuid": "33a3aea7-bec9-4032-9943-60501bc244d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljym4xw6lc2b", "content": "", "creation_timestamp": "2025-03-10T03:25:27.242879Z"}, {"uuid": "d2b715fb-262e-4bce-ad80-59e56680e85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lk3uvimzgn22", "content": "", "creation_timestamp": "2025-03-11T10:40:17.535779Z"}, {"uuid": "cb9ca318-75f9-4d93-a15e-b3160accf9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114143638933252093", "content": "", "creation_timestamp": "2025-03-11T11:48:29.857480Z"}, {"uuid": "65fdcc85-2fce-4950-9bea-0db24be1857f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "MISP/dd71e3c5-20f7-409a-8bcc-8df3cd8022a7", "content": "", "creation_timestamp": "2025-09-03T13:30:06.000000Z"}, {"uuid": "2f50d47c-08b7-4b17-b98c-e4932af95faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1447", "content": "", "creation_timestamp": "2024-12-18T04:00:00.000000Z"}, {"uuid": "13df1b00-3a53-4c52-bbc0-d44f2a8e3ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://t.me/CyberBulletin/1818", "content": "\u26a1\ufe0fCVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:07:33.000000Z"}, {"uuid": "2f39b2d5-e3a3-41f9-b1a5-b521441afbd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56333", "type": "seen", "source": "https://t.me/cvedetector/13456", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56333 - Apache Onyxia Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56333 \nPublished : Dec. 20, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : Onyxia is a web app that aims at being the glue between multiple open source backend technologies to provide a state of art working environment for data scientists. This critical vulnerability allows authenticated users to remotely execute code within the Onyxia-API, leading to potential consequences such as unauthorized access to other user environments and denial of service attacks. This issue has been patched in api versions 4.2.0, 3.1.1, and 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T21:46:08.000000Z"}, {"uuid": "513ff0a8-439a-41cd-b806-bb0b2ba1ab5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56331", "type": "seen", "source": "https://t.me/cvedetector/13455", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56331 - Uptime Kuma Local File Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56331 \nPublished : Dec. 20, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **\"real-browser\"** request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as `file:///etc/passwd`, an attacker can read sensitive data from the server. This vulnerability arises because the system does not properly validate or sanitize the user input for the URL field. Specifically: 1. The URL input (``) allows users to input arbitrary file paths, including those using the `file:///` protocol, without server-side validation. 2. The server then uses the user-provided URL to make a request, passing it to a browser instance that performs the \"real-browser\" request, which takes a screenshot of the content at the given URL. If a local file path is entered (e.g., `file:///etc/passwd`), the browser fetches and captures the file\u2019s content. Since the user input is not validated, an attacker can manipulate the URL to request local files (e.g., `file:///etc/passwd`), and the system will capture a screenshot of the file's content, potentially exposing sensitive data. Any **authenticated user** who can submit a URL in \"real-browser\" mode is at risk of exposing sensitive data through screenshots of these files. This issue has been addressed in version 1.23.16 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T21:46:07.000000Z"}, {"uuid": "5f6081ec-2971-4461-a650-a7bdd67055ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56330", "type": "seen", "source": "https://t.me/cvedetector/13454", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56330 - Stardust ADC - Unauthenticated Inter-Container Communication\", \n  \"Content\": \"CVE ID : CVE-2024-56330 \nPublished : Dec. 20, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : Stardust is a platform for streaming isolated desktop containers. With this exploit, inter container communication (ICC) is not disabled. This would allow users within a container to access another containers agent, therefore compromising access.The problem has been patched in any Stardust build past 12/20/24. Users are advised to upgrade. Users may also manually disable ICC if they are unable to upgrade. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T21:46:06.000000Z"}, {"uuid": "e4fb0bb0-1e4e-4d88-9a56-12d47a97845e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/6710", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:03.000000Z"}, {"uuid": "92d0fb4b-d206-4d46-9862-6cafd519d2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "Telegram/JgBVg74YAjFeVjh1LxGBWYumtSMJKipEv7wiLvtCTwXM8b4", "content": "", "creation_timestamp": "2024-12-24T09:03:00.000000Z"}, {"uuid": "d3359bea-9bad-45a5-bc58-8cb86178e65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberDilara/1370", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:43.000000Z"}, {"uuid": "513b3459-3de7-4dbc-8f20-342e325f680d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "Telegram/QJNKafZ39RPUBf0W2FOX1OlC1JbKcylQtoMgEZm-Z-wGay4", "content": "", "creation_timestamp": "2025-03-04T04:00:07.000000Z"}, {"uuid": "759a0be9-b0aa-43dd-b643-f43592d24c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7946", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-31T11:35:51.000000Z"}, {"uuid": "0d8cdace-49ef-4304-b966-758aa3c82aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/GrayHatsHack/7788", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "6c3403b3-fe69-4331-9cb5-d8f6d690af00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113685883850360893", "content": "", "creation_timestamp": "2024-12-20T15:35:21.559670Z"}, {"uuid": "37046ec8-79e3-4898-97d9-64d688d1bcd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56335", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldrcmxmxbs22", "content": "", "creation_timestamp": "2024-12-20T21:15:40.085906Z"}, {"uuid": "3f3d8726-c274-4b2e-8494-f08cc551cd59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56330", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113686962967680123", "content": "", "creation_timestamp": "2024-12-20T20:09:47.558162Z"}, {"uuid": "c8032df3-af33-41c1-b443-acae3927def3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldrcmvhhok2e", "content": "", "creation_timestamp": "2024-12-20T21:15:37.192235Z"}, {"uuid": "16970a50-ae3d-44c4-b541-36147471f7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldqruy33cf2v", "content": "", "creation_timestamp": "2024-12-20T16:15:55.026930Z"}, {"uuid": "ce58d98b-ef24-42bc-8e7c-858c68e4dfec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56330", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldr7ciutkx2a", "content": "", "creation_timestamp": "2024-12-20T20:16:07.783725Z"}, {"uuid": "7c6146a9-235d-4ed6-ab6c-8a0285053b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/mwyr.es/post/3lebihdgfba2z", "content": "", "creation_timestamp": "2024-12-27T07:42:26.836777Z"}, {"uuid": "49f64897-4ab2-47f7-bafb-04e9af05fc85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56332", "type": "seen", "source": "https://bsky.app/profile/nuke86.rfeed.it/post/3leywtkrizn2m", "content": "", "creation_timestamp": "2025-01-05T15:31:04.241208Z"}, {"uuid": "a4f7316a-dca9-4b5b-8c67-64746cf1d0ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56334", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-079bc9d7-8feebf14eed3d5b1", "content": "", "creation_timestamp": "2025-01-06T09:39:22.012204Z"}, {"uuid": "733487ab-5d61-4beb-8028-2597b178c34c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk56agj4gb2p", "content": "", "creation_timestamp": "2025-03-11T23:00:09.546421Z"}, {"uuid": "0538b8cb-e333-4a66-8679-eb57aeb3fc00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljyk3bezj22g", "content": "", "creation_timestamp": "2025-03-10T02:48:41.253059Z"}, {"uuid": "7e0bc552-94b7-4c6c-93ad-8f8ea69986d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-05", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "ba461bbc-af83-49af-b56e-c0a4a66b59e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114779416038120432", "content": "", "creation_timestamp": "2025-07-01T18:34:58.900105Z"}, {"uuid": "90023f32-5ef6-452a-84fa-53c592d2114b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56339", "type": "seen", "source": "https://bsky.app/profile/knaepp.bsky.social/post/3lu5zj3fenn2b", "content": "", "creation_timestamp": "2025-07-17T13:20:05.811537Z"}, {"uuid": "261d9099-6508-4f12-87ae-9a317377cb9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56339", "type": "seen", "source": "https://bsky.app/profile/knaepp.bsky.social/post/3lu622welul2m", "content": "", "creation_timestamp": "2025-07-17T13:30:04.049759Z"}, {"uuid": "b4bc814e-9fae-457d-837f-f883afaf694c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56339", "type": "seen", "source": "https://bsky.app/profile/knaepp.bsky.social/post/3lu64cgf2ih22", "content": "", "creation_timestamp": "2025-07-17T14:10:03.290313Z"}, {"uuid": "265e1ef6-9185-4725-afad-8a01d7d9344f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/hackingbra/215", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-26T02:57:28.000000Z"}, {"uuid": "4eaf0513-da22-49c3-99bf-dd8291df24dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://t.me/ics_cert/1049", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0648\u062a \u0644\u0648\u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u062f\u0631\u0627\u06cc\u0648 \u0633\u0631\u0648\u0648 SINAMICS S200 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0646\u0642\u0635 \u062f\u0631 \u0631\u0648\u0634 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2025-02718\nCVE-2024-56336\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627.\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0645\u0646\u0627\u0628\u0639 \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc:\nhttps://cert-portal.siemens.com/productcert/html/ssa-787280.html\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2025-03-23T15:54:21.000000Z"}, {"uuid": "feb01297-618a-4cef-a39f-632e8e899ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/1813", "content": "\u26a1\ufe0fApache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:05:26.000000Z"}, {"uuid": "da8007e8-3ce1-4c6f-85a8-0beda03351e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/kasperskyb2b/1574", "content": "\u2b50\ufe0f \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411\n\n\ud83d\ude11 \u0423\u0433\u0440\u043e\u0437\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0410\u0421\u0423 \u0432 3 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430: \u043e\u0431\u0437\u043e\u0440 \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430. \u0422\u043e\u043f \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u043b\u0438 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \n\n\ud83d\uddff \u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Masque, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 2024 \u0433\u043e\u0434\u0443 \u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0439 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0432\u044b\u0433\u043e\u0434\u044b.  \u0417\u0430\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u0442\u0451\u043a\u0448\u0438\u0435 \u0431\u0438\u043b\u0434\u0435\u0440\u044b Lockbit \u0438 Babuk.\n\n\ud83d\ude80 \u0412 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430\u0445 Palo Alto, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 CVE-2024-9474, \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 Littlelamb.Wooltea. \u041e\u0447\u0435\u043d\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e \u043d\u0451\u043c \u0445\u043e\u0440\u043e\u0448\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u043a\u0430\u043a \u043e\u043f\u044b\u0442\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\ud83d\udfe3\u0421\u043f\u0438\u0441\u043e\u043a \u0438\u0437 2,5 \u0442\u044b\u0441\u044f\u0447 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 Astrill VPN, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0447\u0435\u043d\u044c \u043b\u044e\u0431\u044f\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 APT.\n\n\u2764\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0444\u0438\u0448\u0438\u043d\u0433-\u043a\u0438\u0442\u0430 WikiKit, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0433\u043e \u0441\u0432\u043e\u0451 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0443\u0435\u0442 \u043d\u0435\u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0412\u0438\u043a\u0438\u043f\u0435\u0434\u0438\u044e.\n\n\ud83d\ude35\u200d\ud83d\udcab \u041f\u044f\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Chrome, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043e\u0442 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Cyberhaven, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u043c\u0430\u0433\u0430\u0437\u0438\u043d Chrome. \u0415\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0434 \u043f\u043e\u0434\u0447\u0438\u043d\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 \u0432 \u0425\u0440\u043e\u043c \u0441\u0442\u0440\u043e\u0433\u0438\u043c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c.\n\n\ud83d\udfe2\u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u043d\u044c \u2014 \u043d\u043e\u0432\u043e\u0435 \u0412\u041f\u041e \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 open source. \u0422\u0435\u043f\u0435\u0440\u044c \u0447\u0435\u0440\u0435\u0437 PyPi \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0441\u0442\u0438\u043b\u0435\u0440\u044b Cometlogger \u0438 Zebo.\n\n\ud83d\udfe3\u0410 Lockbit \u0441\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c \u043e\u0442\u043f\u0440\u0430\u0437\u0434\u043d\u043e\u0432\u0430\u0442\u044c \u0433\u043e\u0434\u043e\u0432\u0449\u0438\u043d\u0443 \u0440\u0430\u0437\u0433\u043e\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Lockbit 4.0.\n\n\ud83d\ude35 \u0426\u0435\u043b\u0430\u044f \u043f\u0430\u0447\u043a\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0418\u0422-\u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043e\u043c\u0440\u0430\u0447\u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u0437\u043e\u043d. \u041e\u0442\u043c\u0435\u0442\u0438\u043c CVE-2024-52046 \u0432 Apache MINA (CVSS 10), CVE-2024-45387 \u0432 Apache Traffic Ops (CVSS 9.9) \u0438 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e CVE-2024-43441 \u0432 OpenGraph. \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0434\u0432\u0430 \u0432\u044b\u0434\u043e\u0445\u043d\u0443\u043b, \u0437\u0430\u043b\u0430\u0442\u0430\u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50379 \u0432 Apache Tomcat, \u0442\u043e\u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u2014 \u0444\u0438\u043a\u0441 \u0431\u044b\u043b \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435 CVE-2024-56337 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0439\u0442\u0435 \u0441\u043d\u0430\u0447\u0430\u043b\u0430. \u0414\u0430, \u0438 CVE-2024-53677 \u0432 Struts \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435.\n\u0421\u043d\u043e\u0432\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c \u0438 Palo Alto \u0441 DoS \u0432 PAN-OS (CVE-2024-3393, CVSS 8.7).\n\n\ud83d\udc4b \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0447\u0442\u0438\u0432\u043e \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435: \u043a\u0430\u043a \u043b\u044e\u0431\u0438\u043c\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u0430\u043f\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0441\u0430\u0434\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-12-28T08:57:19.000000Z"}, {"uuid": "3a02ce4e-7209-47d8-b79b-2aea105f3637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56332", "type": "seen", "source": "https://t.me/cvedetector/14244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56332 - \"Next.js Server Action Denial of Service/DoW Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-56332 \nPublished : Jan. 3, 2025, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Next.js is a React framework for building full-stack web applications. Starting in version 13.0.0 and prior to versions 13.5.8, 14.2.21, and 15.1.2, Next.js is vulnerable to a Denial of Service (DoS) attack that allows attackers to construct requests that leaves requests to Server Actions hanging until the hosting provider cancels the function execution. This vulnerability can also be used as a Denial of Wallet (DoW) attack when deployed in providers billing by response times. (Note: Next.js server is idle during that time and only keeps the connection open. CPU and memory footprint are low during that time.). Deployments without any protection against long running Server Action invocations are especially vulnerable. Hosting providers like Vercel or Netlify set a default maximum duration on function execution to reduce the risk of excessive billing. This is the same issue as if the incoming HTTP request has an invalid `Content-Length` header or never closes. If the host has no other mitigations to those then this vulnerability is novel. This vulnerability affects only Next.js deployments using Server Actions. The issue was resolved in Next.js 13.5.8, 14.2.21, and 15.1.2. We recommend that users upgrade to a safe version. There are no official workarounds. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T22:52:26.000000Z"}, {"uuid": "c18b2bc0-882f-47e1-8a37-84c7788528ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/nusantaraMYID/1873", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:00.000000Z"}, {"uuid": "cffeb5be-f9c8-4993-b77a-85824026f5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/Oxq5SO8-21GQipP6NIDCbdDkAA225btYdW6eEU8zypkEJg0", "content": "", "creation_timestamp": "2025-03-15T22:00:06.000000Z"}, {"uuid": "0c2151a9-5ede-4fc1-ad2b-86cdce69fcc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/yKcGWhhQJwisJolliiSQ_Vwze7Rv8usdLxIEJwq6Laah_Gw", "content": "", "creation_timestamp": "2025-02-26T22:00:06.000000Z"}, {"uuid": "b522839f-8d06-4b5f-8d60-31c8e6137cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4128", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-29T08:06:35.000000Z"}, {"uuid": "badef494-ec97-4797-ab67-0e07f06c1d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/proxy_bar/2445", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-24T19:45:29.000000Z"}, {"uuid": "bf478d10-84ce-47f2-82ea-7d3fd970832a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/ctinow/228547", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks\nhttps://ift.tt/n2bgjrK", "creation_timestamp": "2024-12-24T07:19:53.000000Z"}, {"uuid": "14cc8c15-d363-4c83-bece-e40fd2f80abb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/thehackernews/6084", "content": "\u26a1 A new remote code execution flaw in Apache Tomcat (CVE-2024-56337) exposes organizations to serious risk.\n\nAn uploaded file could turn into malicious JSP code\u2014resulting in remote code execution.\n\n\u00bb Affected Versions: Tomcat 9.0.0-M1 to 11.0.1\n\u00bb Java users: Incorrect configurations = higher risk.\n\u00bb Severity? CVE-2024-50379 scored a 9.8 on CVSS!\n\nDetails here \ud83d\udc49 https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "creation_timestamp": "2024-12-24T07:10:43.000000Z"}, {"uuid": "8fb27c49-5278-48fc-9163-f262c1d5ee59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/suboxone_chatroom/941", "content": "\u26a1\ufe0fCVE-2024-50379/CVE-2024-56337 : Apache Tomcat Patches Critical RCE Vulnerability\n\n\ud83d\udd25Exploit : https://github.com/SleepingBag945/CVE-2024-50379\n\n\ud83d\udc47Dorks:\nHUNTER :/product.name=\"Apache Tomcat\"\nFOFA : product=\"Apache-Tomcat\"\nSHODAN : product:\"Apache-Tomcat\"", "creation_timestamp": "2025-01-13T11:04:46.000000Z"}, {"uuid": "4870000b-d00d-426e-b58a-f37edc291082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56332", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lf4q3qxrwc22", "content": "", "creation_timestamp": "2025-01-07T03:41:01.593963Z"}, {"uuid": "5f40504a-24c8-4b80-bd7e-309aede6809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3le3k64ltuk2m", "content": "", "creation_timestamp": "2024-12-24T22:57:06.626902Z"}, {"uuid": "52da61a8-8e1b-4138-ae67-935f40650143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-56334", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3le46ovmnyc25", "content": "", "creation_timestamp": "2024-12-25T05:04:24.070297Z"}, {"uuid": "85a377b2-0d75-4b05-a298-35dc7ea1dd1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3le4rkngrml2c", "content": "", "creation_timestamp": "2024-12-25T10:42:02.953097Z"}, {"uuid": "e4b22148-fa18-4c8d-9cde-c2fa0c74bce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/113714575458051268", "content": "", "creation_timestamp": "2024-12-25T17:12:01.143598Z"}, {"uuid": "77f18c41-b7cd-433f-bfa1-8c6f272b25fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56332", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113766304946558973", "content": "", "creation_timestamp": "2025-01-03T20:27:31.880874Z"}, {"uuid": "d8a3934c-be54-4fbb-a5d7-685ace6215a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk43e3lcsb24", "content": "", "creation_timestamp": "2025-03-11T12:35:50.944696Z"}, {"uuid": "bc2a0179-98cd-4803-9e87-41dc4d085b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114143898401599829", "content": "", "creation_timestamp": "2025-03-11T12:54:29.694095Z"}, {"uuid": "633aefff-23c1-4a3b-b225-179eaaab3347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk6ghtbiby2p", "content": "", "creation_timestamp": "2025-03-12T11:00:05.745851Z"}, {"uuid": "fc9d8584-59d5-4a9e-8153-a64baa1d2dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/Sempf/statuses/114779378707638814", "content": "", "creation_timestamp": "2025-07-01T18:25:29.141658Z"}, {"uuid": "cc740197-a05a-4a21-9bad-6b3c2a8a6590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/Sempf.infosec.exchange.ap.brid.gy/post/3lswd4z7vh2s2", "content": "", "creation_timestamp": "2025-07-01T18:29:08.602276Z"}, {"uuid": "d7301d9a-6f42-4d31-a0eb-20cd35ceb1b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "e6c4484d-8e87-4e08-8007-9eb5fea0d712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56336", "type": "seen", "source": "https://t.me/cvedetector/20079", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56336 - \"Unsecured Bootloader Vulnerability in SINAMICS S200\"\", \n  \"Content\": \"CVE ID : CVE-2024-56336 \nPublished : March 11, 2025, 10:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability has been identified in SINAMICS S200 (All versions with serial number beginning with SZVS8, SZVS9, SZVS0 or SZVSN and the FS number is 02). The affected device contains an unlocked bootloader. This security oversight enables attackers to inject malicious code, or install untrusted firmware. The intrinsic security features designed to protect against data manipulation and unauthorized access are compromised when the bootloader is not secured. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T13:26:58.000000Z"}, {"uuid": "3198b211-7012-48bc-ba89-f7021fb834e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5633", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8043", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-5633\nURL\uff1ahttps://github.com/Adikso/CVE-2024-5633\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-21T20:30:44.000000Z"}]}