{"uuid": "780dc255-3911-40bf-b5d5-9dfd85ca3fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/350", "content": "\u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 CVE-2023-35719 / ZDI-23-891 (\u0639\u0628\u0648\u0631 \u0627\u0632 \u062a\u0623\u06cc\u06cc\u062f \u0647\u0648\u06cc\u062a \u062a\u0627 \u0634\u0644 SYSTEM \u062f\u0631 \u0645\u0634\u062a\u0631\u06cc Windows GINA ManageEngine ADSelfService Plus) \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0631\u0648\u06cc \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0648 \u067e\u0648\u0631\u062a TCP 8888 \u06af\u0648\u0634 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a GET HTTP \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u062f \u0648 \u0628\u0627\u0631 HTML \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u0631\u0627 \u0628\u0627\u0632\u06af\u0631\u062f\u0627\u0646\u062f. \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0631\u0627 \u0628\u0627 \u0647\u0631 \u0622\u062f\u0631\u0633 IP \u06a9\u0647 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062c\u0639\u0644 \u062f\u0627\u0631\u06cc\u062f (\u0622\u062f\u0631\u0633 \u0633\u0631\u0648\u0631 ADSelfService Plus) \u062c\u0627\u06cc\u06af\u0632\u06cc\u0646 \u06a9\u0646\u06cc\u062f \u0648 \u06cc\u06a9 \u0648\u0631\u0648\u062f\u06cc DNS \u0628\u0631\u0627\u06cc \u0646\u0627\u0645 \u062f\u0627\u0645\u0646\u0647 YOUR_DOMAIN_NAME \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0622\u062f\u0631\u0633 13.33.37.1 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0646\u062f.", "creation_timestamp": "2023-07-05T19:32:18.000000Z"}