{"uuid": "ffa4b201-93f0-4d3e-ba79-8395284b1c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-3506", "type": "exploited", "source": "https://t.me/KomunitiSiber/222", "content": "8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency\nhttps://thehackernews.com/2023/05/8220-gang-exploiting-oracle-weblogic.html\n\nThe notorious cryptojacking group tracked as\u00a08220 Gang\u00a0has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware.\nThe flaw in question is\u00a0CVE-2017-3506\u00a0(CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands", "creation_timestamp": "2023-05-18T12:43:27.000000Z"}