Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 23:07:29 +0000 a4455759-1e6d-4a10-abf9-78fbf06b2d9f https://vulnerability.circl.lu/sighting/a4455759-1e6d-4a10-abf9-78fbf06b2d9f/export {"uuid": "a4455759-1e6d-4a10-abf9-78fbf06b2d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/cvedetector/4671", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7261 - Zyxel NWA1123AC/v WagonWeb Command Injection\", \n \"Content\": \"CVE ID : CVE-2024-7261 \nPublished : Sept. 3, 2024, 3:15 a.m. | 29\u00a0minutes ago \nDescription : The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n \nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n \nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T05:45:59.000000Z"} {"uuid": "a4455759-1e6d-4a10-abf9-78fbf06b2d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/cvedetector/4671", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7261 - Zyxel NWA1123AC/v WagonWeb Command Injection\", \n \"Content\": \"CVE ID : CVE-2024-7261 \nPublished : Sept. 3, 2024, 3:15 a.m. | 29\u00a0minutes ago \nDescription : The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n \nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n \nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T05:45:59.000000Z"} https://vulnerability.circl.lu/sighting/a4455759-1e6d-4a10-abf9-78fbf06b2d9f/export Tue, 03 Sep 2024 05:45:59 +0000 3a399f77-e388-46bc-a563-55cadaf5cea8 https://vulnerability.circl.lu/sighting/3a399f77-e388-46bc-a563-55cadaf5cea8/export {"uuid": "3a399f77-e388-46bc-a563-55cadaf5cea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/true_secator/6165", "content": "Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421.\n\nCVE-2024-7261 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3 9,8 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 cookie \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0441\u0435\u0440\u0438\u0439: NWA (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00), NWA1123-AC PRO (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), NWA1123ACv3, WAC500, WAC500H (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAC (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAX (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00) \u0438 WBE (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00).\n\nZyxel \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 USG LITE 60AX \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.2), \u043d\u043e \u044d\u0442\u0430 \u043c\u043e\u0434\u0435\u043b\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u043b\u0430\u043a\u043e\u043c \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.3), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u043f\u0430\u0442\u0447 \u0434\u043b\u044f CVE-2024-7261.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 APT \u0438 USG FLEX, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-6343, CVE-2024-7203, CVE-2024-42057-CVE-2024-42061.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f\u00a0CVE-2024-42057\u00a0(CVSS v3: 8.1), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044e IPSec VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0441\u043b\u0438 \u0441 Zyxel \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0442\u043e \u0441 D-Link \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u043f\u0440\u0438\u043d\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u043d\u0435\u0442\u0430\u043c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0441\u0442\u0438. \n\nD-Link \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2024-41622, CVE-2024-44340, CVE-2024-44341 \u0438 CVE-2024-44342, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 DIR-846W, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u043d\u0430 \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438, \u0442\u0440\u0438 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c yali-1002, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c\u00a0\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub, \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u0432\u0448\u0438\u0441\u044c \u043f\u043e\u043a\u0430 \u043e\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 PoC.\n\nD-Link \u0445\u043e\u0442\u044f \u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c, \u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 EoL \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b Mirai \u0438\u00a0Moobot, \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442 \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0434\u044b \u0432\u0437\u044f\u0442\u044c DIR-846W \u043f\u043e\u0434 \u0441\u0432\u043e\u0435 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0435 \u0438 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.", "creation_timestamp": "2024-09-04T12:00:00.000000Z"} {"uuid": "3a399f77-e388-46bc-a563-55cadaf5cea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/true_secator/6165", "content": "Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421.\n\nCVE-2024-7261 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3 9,8 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 cookie \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0441\u0435\u0440\u0438\u0439: NWA (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00), NWA1123-AC PRO (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), NWA1123ACv3, WAC500, WAC500H (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAC (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.28), WAX (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00) \u0438 WBE (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 7.00).\n\nZyxel \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 USG LITE 60AX \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.2), \u043d\u043e \u044d\u0442\u0430 \u043c\u043e\u0434\u0435\u043b\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u043b\u0430\u043a\u043e\u043c \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.00(ACIP.3), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u043f\u0430\u0442\u0447 \u0434\u043b\u044f CVE-2024-7261.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Zyxel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u0445 APT \u0438 USG FLEX, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-6343, CVE-2024-7203, CVE-2024-42057-CVE-2024-42061.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f\u00a0CVE-2024-42057\u00a0(CVSS v3: 8.1), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044e IPSec VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0441\u043b\u0438 \u0441 Zyxel \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0442\u043e \u0441 D-Link \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u043f\u0440\u0438\u043d\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u043d\u0435\u0442\u0430\u043c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0441\u0442\u0438. \n\nD-Link \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2024-41622, CVE-2024-44340, CVE-2024-44341 \u0438 CVE-2024-44342, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 DIR-846W, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u043d\u0430 \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438, \u0442\u0440\u0438 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c yali-1002, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c\u00a0\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub, \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u0432\u0448\u0438\u0441\u044c \u043f\u043e\u043a\u0430 \u043e\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 PoC.\n\nD-Link \u0445\u043e\u0442\u044f \u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c, \u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 EoL \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b Mirai \u0438\u00a0Moobot, \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442 \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0434\u044b \u0432\u0437\u044f\u0442\u044c DIR-846W \u043f\u043e\u0434 \u0441\u0432\u043e\u0435 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0435 \u0438 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.", "creation_timestamp": "2024-09-04T12:00:00.000000Z"} https://vulnerability.circl.lu/sighting/3a399f77-e388-46bc-a563-55cadaf5cea8/export Wed, 04 Sep 2024 12:00:00 +0000 fb20b975-0779-4a45-a6e5-e7fd81ae3820 https://vulnerability.circl.lu/sighting/fb20b975-0779-4a45-a6e5-e7fd81ae3820/export {"uuid": "fb20b975-0779-4a45-a6e5-e7fd81ae3820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/thehackernews/5516", "content": "Zyxel has patched a critical #vulnerability (CVE-2024-7261) that allowed unauthenticated attackers to execute OS commands on certain routers and access points.\n\nLearn more: https://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html", "creation_timestamp": "2024-09-04T13:29:52.000000Z"} {"uuid": "fb20b975-0779-4a45-a6e5-e7fd81ae3820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/thehackernews/5516", "content": "Zyxel has patched a critical #vulnerability (CVE-2024-7261) that allowed unauthenticated attackers to execute OS commands on certain routers and access points.\n\nLearn more: https://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html", "creation_timestamp": "2024-09-04T13:29:52.000000Z"} https://vulnerability.circl.lu/sighting/fb20b975-0779-4a45-a6e5-e7fd81ae3820/export Wed, 04 Sep 2024 13:29:52 +0000 a9a5effd-18b4-45c8-a205-8b6ff413f80b https://vulnerability.circl.lu/sighting/a9a5effd-18b4-45c8-a205-8b6ff413f80b/export {"uuid": "a9a5effd-18b4-45c8-a205-8b6ff413f80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/KomunitiSiber/2510", "content": "Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\nhttps://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T15:29:38.000000Z"} {"uuid": "a9a5effd-18b4-45c8-a205-8b6ff413f80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/KomunitiSiber/2510", "content": "Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\nhttps://thehackernews.com/2024/09/zyxel-patches-critical-os-command.html\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T15:29:38.000000Z"} https://vulnerability.circl.lu/sighting/a9a5effd-18b4-45c8-a205-8b6ff413f80b/export Wed, 04 Sep 2024 15:29:38 +0000 e46b7fc1-ccf3-4cb4-b5bd-5a6a25ec4437 https://vulnerability.circl.lu/sighting/e46b7fc1-ccf3-4cb4-b5bd-5a6a25ec4437/export {"uuid": "e46b7fc1-ccf3-4cb4-b5bd-5a6a25ec4437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "Telegram/vzJe-wuZX7RaNVxnAGubRZlyjB8-FReEYD9etACvI5lfnw", "content": "", "creation_timestamp": "2024-09-04T18:18:29.000000Z"} {"uuid": "e46b7fc1-ccf3-4cb4-b5bd-5a6a25ec4437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "Telegram/vzJe-wuZX7RaNVxnAGubRZlyjB8-FReEYD9etACvI5lfnw", "content": "", "creation_timestamp": "2024-09-04T18:18:29.000000Z"} https://vulnerability.circl.lu/sighting/e46b7fc1-ccf3-4cb4-b5bd-5a6a25ec4437/export Wed, 04 Sep 2024 18:18:29 +0000 1e629b26-9b9d-4154-b46b-4c9e630e7cbb https://vulnerability.circl.lu/sighting/1e629b26-9b9d-4154-b46b-4c9e630e7cbb/export {"uuid": "1e629b26-9b9d-4154-b46b-4c9e630e7cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3942", "content": "The Hacker News\nZyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T18:18:30.000000Z"} {"uuid": "1e629b26-9b9d-4154-b46b-4c9e630e7cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3942", "content": "The Hacker News\nZyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T18:18:30.000000Z"} https://vulnerability.circl.lu/sighting/1e629b26-9b9d-4154-b46b-4c9e630e7cbb/export Wed, 04 Sep 2024 18:18:30 +0000 2f4cfe16-931a-4997-b649-655b9796ac4c https://vulnerability.circl.lu/sighting/2f4cfe16-931a-4997-b649-655b9796ac4c/export {"uuid": "2f4cfe16-931a-4997-b649-655b9796ac4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19595", "content": "The Hacker News\nZyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T18:18:30.000000Z"} {"uuid": "2f4cfe16-931a-4997-b649-655b9796ac4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19595", "content": "The Hacker News\nZyxel Patches Critical OS Command Injection Flaw in Access Points and Routers\n\nZyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands.\n\nTracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command injection.\n\n\"The improper neutralization of special elements in the", "creation_timestamp": "2024-09-04T18:18:30.000000Z"} https://vulnerability.circl.lu/sighting/2f4cfe16-931a-4997-b649-655b9796ac4c/export Wed, 04 Sep 2024 18:18:30 +0000 f2d4c6f4-f537-42b6-a5cf-3d967e043777 https://vulnerability.circl.lu/sighting/f2d4c6f4-f537-42b6-a5cf-3d967e043777/export {"uuid": "f2d4c6f4-f537-42b6-a5cf-3d967e043777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "Telegram/vl-1CnEuw0adFrTGzdbg-ODIW9Oy6bXXpTOqBB1LpElKTQ", "content": "", "creation_timestamp": "2024-09-04T20:41:27.000000Z"} {"uuid": "f2d4c6f4-f537-42b6-a5cf-3d967e043777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "Telegram/vl-1CnEuw0adFrTGzdbg-ODIW9Oy6bXXpTOqBB1LpElKTQ", "content": "", "creation_timestamp": "2024-09-04T20:41:27.000000Z"} https://vulnerability.circl.lu/sighting/f2d4c6f4-f537-42b6-a5cf-3d967e043777/export Wed, 04 Sep 2024 20:41:27 +0000 8fbb7630-81cf-47f3-839d-52b05b54c961 https://vulnerability.circl.lu/sighting/8fbb7630-81cf-47f3-839d-52b05b54c961/export {"uuid": "8fbb7630-81cf-47f3-839d-52b05b54c961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/sysodmins/22962", "content": "Zyxel \u043f\u0430\u0442\u0447\u0438\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 \u2328\ufe0f\n\n\u0421\u0430\u043c\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-7261) \u0438\u0437 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 9,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430. \u0422\u0430\u043a\u0436\u0435 Zyxel \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0447\u0442\u0438 \u0434\u0435\u0441\u044f\u0442\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\nCVE-2024-7261 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430:\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f NWA: NWA50AX, NWA50AX PRO, NWA55AXE, NWA90AX, NWA90AX PRO, NWA110AX, NWA130BE, NWA210AX, NWA220AX-6E. \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 7.00 (ABYW.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f NWA1123-AC PRO: \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.28, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 6.28 (ABHD.3) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f NWA1123ACv3, WAC500, WAC500H: \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.70, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 6.70 (ABVT.5) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WAC: WAC6103D-I, WAC6502D-S, WAC6503D-S, WAC6552D-S, WAC6553D-E, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.28, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 6.28 (AAXH.3) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WAX: WAX300H, WAX510D, WAX610D, WAX620D-6E, WAX630S, WAX640S-6E, WAX650S, WAX655E, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 7.00 (ACHF.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WBE: WBE530, WBE660S, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 7.00 (ACLE.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u041c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b USG LITE 60AX \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c V2.00(ACIP.2) \u0442\u043e\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435, \u043d\u043e \u044d\u0442\u0430 \u043c\u043e\u0434\u0435\u043b\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u043b\u0430\u043a\u043e \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 V2.00(ACIP.3), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u043f\u0430\u0442\u0447.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-09-06T01:53:58.000000Z"} {"uuid": "8fbb7630-81cf-47f3-839d-52b05b54c961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-7261", "type": "seen", "source": "https://t.me/sysodmins/22962", "content": "Zyxel \u043f\u0430\u0442\u0447\u0438\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 \u2328\ufe0f\n\n\u0421\u0430\u043c\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-7261) \u0438\u0437 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 9,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430. \u0422\u0430\u043a\u0436\u0435 Zyxel \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0447\u0442\u0438 \u0434\u0435\u0441\u044f\u0442\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\nCVE-2024-7261 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430:\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f NWA: NWA50AX, NWA50AX PRO, NWA55AXE, NWA90AX, NWA90AX PRO, NWA110AX, NWA130BE, NWA210AX, NWA220AX-6E. \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 7.00 (ABYW.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f NWA1123-AC PRO: \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.28, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 6.28 (ABHD.3) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f NWA1123ACv3, WAC500, WAC500H: \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.70, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 6.70 (ABVT.5) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WAC: WAC6103D-I, WAC6502D-S, WAC6503D-S, WAC6552D-S, WAC6553D-E, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 6.28, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 6.28 (AAXH.3) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WAX: WAX300H, WAX510D, WAX610D, WAX620D-6E, WAX630S, WAX640S-6E, WAX650S, WAX655E, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 7.00 (ACHF.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\u25aa\ufe0f \u0421\u0435\u0440\u0438\u044f WBE: WBE530, WBE660S, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043e 7.00, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 7.00 (ACLE.2) \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u041c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b USG LITE 60AX \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c V2.00(ACIP.2) \u0442\u043e\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435, \u043d\u043e \u044d\u0442\u0430 \u043c\u043e\u0434\u0435\u043b\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u043b\u0430\u043a\u043e \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 V2.00(ACIP.3), \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u043f\u0430\u0442\u0447.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-09-06T01:53:58.000000Z"} https://vulnerability.circl.lu/sighting/8fbb7630-81cf-47f3-839d-52b05b54c961/export Fri, 06 Sep 2024 01:53:58 +0000