<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 07 Jul 2026 13:06:39 +0000</lastBuildDate>
    <item>
      <title>1275a3f8-8bea-484e-a089-f5ec296a7329</title>
      <link>https://vulnerability.circl.lu/sighting/1275a3f8-8bea-484e-a089-f5ec296a7329/export</link>
      <description>{"uuid": "1275a3f8-8bea-484e-a089-f5ec296a7329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcxkzuuslg2i", "content": "", "creation_timestamp": "2026-01-21T21:03:02.579910Z"}</description>
      <content:encoded>{"uuid": "1275a3f8-8bea-484e-a089-f5ec296a7329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcxkzuuslg2i", "content": "", "creation_timestamp": "2026-01-21T21:03:02.579910Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1275a3f8-8bea-484e-a089-f5ec296a7329/export</guid>
      <pubDate>Wed, 21 Jan 2026 21:03:02 +0000</pubDate>
    </item>
    <item>
      <title>bb69f7b6-c850-43fb-ab0b-797fdc36811a</title>
      <link>https://vulnerability.circl.lu/sighting/bb69f7b6-c850-43fb-ab0b-797fdc36811a/export</link>
      <description>{"uuid": "bb69f7b6-c850-43fb-ab0b-797fdc36811a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/splunk_auth_rce_cve_2024_36985.rb", "content": "", "creation_timestamp": "2026-01-20T20:45:59.000000Z"}</description>
      <content:encoded>{"uuid": "bb69f7b6-c850-43fb-ab0b-797fdc36811a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/splunk_auth_rce_cve_2024_36985.rb", "content": "", "creation_timestamp": "2026-01-20T20:45:59.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bb69f7b6-c850-43fb-ab0b-797fdc36811a/export</guid>
      <pubDate>Tue, 20 Jan 2026 20:45:59 +0000</pubDate>
    </item>
    <item>
      <title>0412e3c0-182a-4dfb-93bf-20a5f489f7eb</title>
      <link>https://vulnerability.circl.lu/sighting/0412e3c0-182a-4dfb-93bf-20a5f489f7eb/export</link>
      <description>{"uuid": "0412e3c0-182a-4dfb-93bf-20a5f489f7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "published-proof-of-concept", "source": "Telegram/P-MMRzhkWfYVd_dumlZOPnB40IKywh2dEVqz_apUhr1-c7M", "content": "", "creation_timestamp": "2026-01-04T15:00:07.000000Z"}</description>
      <content:encoded>{"uuid": "0412e3c0-182a-4dfb-93bf-20a5f489f7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "published-proof-of-concept", "source": "Telegram/P-MMRzhkWfYVd_dumlZOPnB40IKywh2dEVqz_apUhr1-c7M", "content": "", "creation_timestamp": "2026-01-04T15:00:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0412e3c0-182a-4dfb-93bf-20a5f489f7eb/export</guid>
      <pubDate>Sun, 04 Jan 2026 15:00:07 +0000</pubDate>
    </item>
    <item>
      <title>cd6f4b10-7de3-47e7-9629-03bef2a2a0b8</title>
      <link>https://vulnerability.circl.lu/sighting/cd6f4b10-7de3-47e7-9629-03bef2a2a0b8/export</link>
      <description>{"uuid": "cd6f4b10-7de3-47e7-9629-03bef2a2a0b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5872", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36985\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application.\n\ud83d\udccf Published: 2024-07-01T16:30:57.461Z\n\ud83d\udccf Modified: 2025-02-28T11:03:58.932Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0705\n2. https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131", "creation_timestamp": "2025-02-28T11:26:07.000000Z"}</description>
      <content:encoded>{"uuid": "cd6f4b10-7de3-47e7-9629-03bef2a2a0b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5872", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36985\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application.\n\ud83d\udccf Published: 2024-07-01T16:30:57.461Z\n\ud83d\udccf Modified: 2025-02-28T11:03:58.932Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0705\n2. https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131", "creation_timestamp": "2025-02-28T11:26:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cd6f4b10-7de3-47e7-9629-03bef2a2a0b8/export</guid>
      <pubDate>Fri, 28 Feb 2025 11:26:07 +0000</pubDate>
    </item>
    <item>
      <title>2991c391-c89a-440c-a816-9803f0a3cdc5</title>
      <link>https://vulnerability.circl.lu/sighting/2991c391-c89a-440c-a816-9803f0a3cdc5/export</link>
      <description>{"uuid": "2991c391-c89a-440c-a816-9803f0a3cdc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36983", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5869", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36983\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.\n\ud83d\udccf Published: 2024-07-01T16:30:41.779Z\n\ud83d\udccf Modified: 2025-02-28T11:03:59.649Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0703\n2. https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/", "creation_timestamp": "2025-02-28T11:26:02.000000Z"}</description>
      <content:encoded>{"uuid": "2991c391-c89a-440c-a816-9803f0a3cdc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36983", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5869", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36983\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.\n\ud83d\udccf Published: 2024-07-01T16:30:41.779Z\n\ud83d\udccf Modified: 2025-02-28T11:03:59.649Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0703\n2. https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/", "creation_timestamp": "2025-02-28T11:26:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2991c391-c89a-440c-a816-9803f0a3cdc5/export</guid>
      <pubDate>Fri, 28 Feb 2025 11:26:02 +0000</pubDate>
    </item>
    <item>
      <title>69ae60ad-75b7-405c-9457-af260c5d318c</title>
      <link>https://vulnerability.circl.lu/sighting/69ae60ad-75b7-405c-9457-af260c5d318c/export</link>
      <description>{"uuid": "69ae60ad-75b7-405c-9457-af260c5d318c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1828", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36985\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application.\n\ud83d\udccf Published: 2024-07-01T16:30:57.461Z\n\ud83d\udccf Modified: 2025-01-15T17:05:43.848Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0705\n2. https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131", "creation_timestamp": "2025-01-15T17:55:11.000000Z"}</description>
      <content:encoded>{"uuid": "69ae60ad-75b7-405c-9457-af260c5d318c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36985", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1828", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36985\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the \u201csplunk_archiver\u201c application.\n\ud83d\udccf Published: 2024-07-01T16:30:57.461Z\n\ud83d\udccf Modified: 2025-01-15T17:05:43.848Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0705\n2. https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131", "creation_timestamp": "2025-01-15T17:55:11.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/69ae60ad-75b7-405c-9457-af260c5d318c/export</guid>
      <pubDate>Wed, 15 Jan 2025 17:55:11 +0000</pubDate>
    </item>
    <item>
      <title>1e7cd896-6f05-4094-be9f-a8722f4cd9c8</title>
      <link>https://vulnerability.circl.lu/sighting/1e7cd896-6f05-4094-be9f-a8722f4cd9c8/export</link>
      <description>{"uuid": "1e7cd896-6f05-4094-be9f-a8722f4cd9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36987", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1827", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36987\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.\n\ud83d\udccf Published: 2024-07-01T16:30:36.235Z\n\ud83d\udccf Modified: 2025-01-15T17:05:44.017Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0707", "creation_timestamp": "2025-01-15T17:55:10.000000Z"}</description>
      <content:encoded>{"uuid": "1e7cd896-6f05-4094-be9f-a8722f4cd9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36987", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1827", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36987\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.\n\ud83d\udccf Published: 2024-07-01T16:30:36.235Z\n\ud83d\udccf Modified: 2025-01-15T17:05:44.017Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0707", "creation_timestamp": "2025-01-15T17:55:10.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1e7cd896-6f05-4094-be9f-a8722f4cd9c8/export</guid>
      <pubDate>Wed, 15 Jan 2025 17:55:10 +0000</pubDate>
    </item>
    <item>
      <title>9eeacff6-3b06-49be-ae56-0c14b1492b94</title>
      <link>https://vulnerability.circl.lu/sighting/9eeacff6-3b06-49be-ae56-0c14b1492b94/export</link>
      <description>{"uuid": "9eeacff6-3b06-49be-ae56-0c14b1492b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36989", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1822", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36989\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.\n\ud83d\udccf Published: 2024-07-01T16:30:38.545Z\n\ud83d\udccf Modified: 2025-01-15T17:05:45.264Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0709\n2. https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030", "creation_timestamp": "2025-01-15T17:55:02.000000Z"}</description>
      <content:encoded>{"uuid": "9eeacff6-3b06-49be-ae56-0c14b1492b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36989", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1822", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36989\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.\n\ud83d\udccf Published: 2024-07-01T16:30:38.545Z\n\ud83d\udccf Modified: 2025-01-15T17:05:45.264Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-0709\n2. https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030", "creation_timestamp": "2025-01-15T17:55:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9eeacff6-3b06-49be-ae56-0c14b1492b94/export</guid>
      <pubDate>Wed, 15 Jan 2025 17:55:02 +0000</pubDate>
    </item>
    <item>
      <title>5745a6a1-e15e-451f-b958-0a57bb1e7198</title>
      <link>https://vulnerability.circl.lu/sighting/5745a6a1-e15e-451f-b958-0a57bb1e7198/export</link>
      <description>{"uuid": "5745a6a1-e15e-451f-b958-0a57bb1e7198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36980", "type": "seen", "source": "https://t.me/ics_cert/923", "content": "\u0628\u0627\u0631 \u062f\u06cc\u06af\u0631\u060c \u0645\u0627 \u062c\u062f\u06cc \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0627\u062f\u06cc\u062f\u0647 \u0646\u0645\u06cc \u06af\u06cc\u0631\u06cc\u0645. \u0627\u0645\u0631\u0648\u0632 \u0648\u0636\u0639\u06cc\u062a \u0686\u06cc\u0632\u06cc \u0634\u0628\u06cc\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0627\u0633\u062a:\n\n1. HPE Aruba Networking \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0631\u0627 \u062f\u0631 CLI \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0622\u0631\u0648\u0628\u0627 \u062e\u0648\u062f \u06a9\u0647 \u0627\u0632 Instant AOS-8 \u0648 AOS-10 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06a9\u062f \u0631\u0627 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\nCVE-2024-42505\u060c CVE-2024-42506\u060c \u0648 CVE-2024-42507 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a PAPI UDP \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0645\u062a\u0627\u0632 \u0648 RCE \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f.\n\n\u0647\u06cc\u0686 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u06cc\u0627 PoC \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f.\n\n2. OpenPLC \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0648 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc DoS \u0648 RCE \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u062a\u0648\u0633\u0637 Cisco Talos \u0641\u0627\u0634 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 17 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\n\n\u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-34026 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc EtherNet/IP \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0631\u0648\u06cc \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-36980\u060c CVE-2024-36981\u060c CVE-2024-39589 \u0648 CVE-2024-39590 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0646\u06cc\u0632 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0634\u06cc \u0645\u0634\u0627\u0628\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0645\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u06cc\u06a9 \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u06cc \u0634\u0648\u062f.\n\n3. \u062e\u0648\u062f \u0633\u06cc\u0633\u06a9\u0648 \u0646\u06cc\u0632 11 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u062c\u0645\u0644\u0647 7 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u06a9\u0647 IOS \u0648 IOS XE \u062f\u0627\u0631\u0646\u062f \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0634\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0634\u0634 \u0645\u0634\u06a9\u0644 DoS \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0645\u0624\u0644\u0641\u0647 UTD\u060c \u0648\u06cc\u0698\u06af\u06cc RSVP\u060c \u0648\u06cc\u0698\u06af\u06cc PIM\u060c \u0648\u06cc\u0698\u06af\u06cc DHCP Snooping\u060c \u0648\u06cc\u0698\u06af\u06cc HTTP Server\u060c \u0648 \u06a9\u062f \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u062c\u062f\u062f \u0642\u0637\u0639\u0647 \u0642\u0637\u0639\u0647 IPv4 \u062f\u0631 IOS \u0648 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u06cc\u0627 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u060c \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0648\u0628 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a CSRF \u0634\u0648\u062f\u060c \u0627\u06af\u0631 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06a9\u0627\u0631\u0628\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u200c\u0634\u062f\u0647 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0631\u0641\u0639 \u062f\u0648 \u0628\u0627\u06af \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 SSH \u0645\u0631\u06a9\u0632 Catalyst (CVE-2024-20350)\u060c Crosswork Network Services Orchestrator (NSO) JSON-RPC API \u0648 ConfD (CVE-2024-20381) \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u062f\u0631 \u0645\u0648\u0631\u062f CVE-2024-20350\u060c \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0645\u06cc\u0632\u0628\u0627\u0646 SSH \u0627\u06cc\u0633\u062a\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0642\u0627\u0646\u0648\u0646\u06cc \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0647\u06af\u06cc\u0631\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 SSH \u0648 \u062f\u0633\u062a\u06af\u0627\u0647 Catalyst Center\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u0632\u0631\u06cc\u0642 \u0641\u0631\u0645\u0627\u0646 \u0648 \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u060c \u062d\u0645\u0644\u0647 MitM \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\nCVE-2024-20381 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0645\u062c\u0648\u0632 \u062f\u0631 JSON-RPC API \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u062a\u0623\u06cc\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f\u060c \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-20381 \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc RV340 Dual WAN Gigabit VPN\u060c \u06a9\u0647 \u0628\u0647 EoL \u0631\u0633\u06cc\u062f\u0647 \u0627\u0646\u062f \u0648 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627  \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2024-09-27T08:45:27.000000Z"}</description>
      <content:encoded>{"uuid": "5745a6a1-e15e-451f-b958-0a57bb1e7198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36980", "type": "seen", "source": "https://t.me/ics_cert/923", "content": "\u0628\u0627\u0631 \u062f\u06cc\u06af\u0631\u060c \u0645\u0627 \u062c\u062f\u06cc \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0627\u062f\u06cc\u062f\u0647 \u0646\u0645\u06cc \u06af\u06cc\u0631\u06cc\u0645. \u0627\u0645\u0631\u0648\u0632 \u0648\u0636\u0639\u06cc\u062a \u0686\u06cc\u0632\u06cc \u0634\u0628\u06cc\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0627\u0633\u062a:\n\n1. HPE Aruba Networking \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0631\u0627 \u062f\u0631 CLI \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0622\u0631\u0648\u0628\u0627 \u062e\u0648\u062f \u06a9\u0647 \u0627\u0632 Instant AOS-8 \u0648 AOS-10 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06a9\u062f \u0631\u0627 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\nCVE-2024-42505\u060c CVE-2024-42506\u060c \u0648 CVE-2024-42507 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a PAPI UDP \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0645\u062a\u0627\u0632 \u0648 RCE \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f.\n\n\u0647\u06cc\u0686 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u06cc\u0627 PoC \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f.\n\n2. OpenPLC \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0648 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc DoS \u0648 RCE \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u062a\u0648\u0633\u0637 Cisco Talos \u0641\u0627\u0634 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 17 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\n\n\u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-34026 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc EtherNet/IP \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0631\u0648\u06cc \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-36980\u060c CVE-2024-36981\u060c CVE-2024-39589 \u0648 CVE-2024-39590 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0646\u06cc\u0632 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0634\u06cc \u0645\u0634\u0627\u0628\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0645\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u06cc\u06a9 \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u06cc \u0634\u0648\u062f.\n\n3. \u062e\u0648\u062f \u0633\u06cc\u0633\u06a9\u0648 \u0646\u06cc\u0632 11 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u062c\u0645\u0644\u0647 7 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u06a9\u0647 IOS \u0648 IOS XE \u062f\u0627\u0631\u0646\u062f \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0634\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0634\u0634 \u0645\u0634\u06a9\u0644 DoS \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0645\u0624\u0644\u0641\u0647 UTD\u060c \u0648\u06cc\u0698\u06af\u06cc RSVP\u060c \u0648\u06cc\u0698\u06af\u06cc PIM\u060c \u0648\u06cc\u0698\u06af\u06cc DHCP Snooping\u060c \u0648\u06cc\u0698\u06af\u06cc HTTP Server\u060c \u0648 \u06a9\u062f \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u062c\u062f\u062f \u0642\u0637\u0639\u0647 \u0642\u0637\u0639\u0647 IPv4 \u062f\u0631 IOS \u0648 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u06cc\u0627 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u060c \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0648\u0628 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a CSRF \u0634\u0648\u062f\u060c \u0627\u06af\u0631 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06a9\u0627\u0631\u0628\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u200c\u0634\u062f\u0647 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0631\u0641\u0639 \u062f\u0648 \u0628\u0627\u06af \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 SSH \u0645\u0631\u06a9\u0632 Catalyst (CVE-2024-20350)\u060c Crosswork Network Services Orchestrator (NSO) JSON-RPC API \u0648 ConfD (CVE-2024-20381) \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u062f\u0631 \u0645\u0648\u0631\u062f CVE-2024-20350\u060c \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0645\u06cc\u0632\u0628\u0627\u0646 SSH \u0627\u06cc\u0633\u062a\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0642\u0627\u0646\u0648\u0646\u06cc \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0647\u06af\u06cc\u0631\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 SSH \u0648 \u062f\u0633\u062a\u06af\u0627\u0647 Catalyst Center\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u0632\u0631\u06cc\u0642 \u0641\u0631\u0645\u0627\u0646 \u0648 \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u060c \u062d\u0645\u0644\u0647 MitM \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\nCVE-2024-20381 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0645\u062c\u0648\u0632 \u062f\u0631 JSON-RPC API \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u062a\u0623\u06cc\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f\u060c \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-20381 \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc RV340 Dual WAN Gigabit VPN\u060c \u06a9\u0647 \u0628\u0647 EoL \u0631\u0633\u06cc\u062f\u0647 \u0627\u0646\u062f \u0648 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627  \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2024-09-27T08:45:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5745a6a1-e15e-451f-b958-0a57bb1e7198/export</guid>
      <pubDate>Fri, 27 Sep 2024 08:45:27 +0000</pubDate>
    </item>
    <item>
      <title>7dda89e8-c8de-412d-aa51-91436ee3cd14</title>
      <link>https://vulnerability.circl.lu/sighting/7dda89e8-c8de-412d-aa51-91436ee3cd14/export</link>
      <description>{"uuid": "7dda89e8-c8de-412d-aa51-91436ee3cd14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36981", "type": "seen", "source": "https://t.me/ics_cert/923", "content": "\u0628\u0627\u0631 \u062f\u06cc\u06af\u0631\u060c \u0645\u0627 \u062c\u062f\u06cc \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0627\u062f\u06cc\u062f\u0647 \u0646\u0645\u06cc \u06af\u06cc\u0631\u06cc\u0645. \u0627\u0645\u0631\u0648\u0632 \u0648\u0636\u0639\u06cc\u062a \u0686\u06cc\u0632\u06cc \u0634\u0628\u06cc\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0627\u0633\u062a:\n\n1. HPE Aruba Networking \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0631\u0627 \u062f\u0631 CLI \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0622\u0631\u0648\u0628\u0627 \u062e\u0648\u062f \u06a9\u0647 \u0627\u0632 Instant AOS-8 \u0648 AOS-10 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06a9\u062f \u0631\u0627 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\nCVE-2024-42505\u060c CVE-2024-42506\u060c \u0648 CVE-2024-42507 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a PAPI UDP \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0645\u062a\u0627\u0632 \u0648 RCE \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f.\n\n\u0647\u06cc\u0686 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u06cc\u0627 PoC \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f.\n\n2. OpenPLC \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0648 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc DoS \u0648 RCE \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u062a\u0648\u0633\u0637 Cisco Talos \u0641\u0627\u0634 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 17 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\n\n\u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-34026 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc EtherNet/IP \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0631\u0648\u06cc \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-36980\u060c CVE-2024-36981\u060c CVE-2024-39589 \u0648 CVE-2024-39590 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0646\u06cc\u0632 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0634\u06cc \u0645\u0634\u0627\u0628\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0645\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u06cc\u06a9 \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u06cc \u0634\u0648\u062f.\n\n3. \u062e\u0648\u062f \u0633\u06cc\u0633\u06a9\u0648 \u0646\u06cc\u0632 11 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u062c\u0645\u0644\u0647 7 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u06a9\u0647 IOS \u0648 IOS XE \u062f\u0627\u0631\u0646\u062f \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0634\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0634\u0634 \u0645\u0634\u06a9\u0644 DoS \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0645\u0624\u0644\u0641\u0647 UTD\u060c \u0648\u06cc\u0698\u06af\u06cc RSVP\u060c \u0648\u06cc\u0698\u06af\u06cc PIM\u060c \u0648\u06cc\u0698\u06af\u06cc DHCP Snooping\u060c \u0648\u06cc\u0698\u06af\u06cc HTTP Server\u060c \u0648 \u06a9\u062f \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u062c\u062f\u062f \u0642\u0637\u0639\u0647 \u0642\u0637\u0639\u0647 IPv4 \u062f\u0631 IOS \u0648 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u06cc\u0627 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u060c \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0648\u0628 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a CSRF \u0634\u0648\u062f\u060c \u0627\u06af\u0631 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06a9\u0627\u0631\u0628\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u200c\u0634\u062f\u0647 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0631\u0641\u0639 \u062f\u0648 \u0628\u0627\u06af \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 SSH \u0645\u0631\u06a9\u0632 Catalyst (CVE-2024-20350)\u060c Crosswork Network Services Orchestrator (NSO) JSON-RPC API \u0648 ConfD (CVE-2024-20381) \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u062f\u0631 \u0645\u0648\u0631\u062f CVE-2024-20350\u060c \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0645\u06cc\u0632\u0628\u0627\u0646 SSH \u0627\u06cc\u0633\u062a\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0642\u0627\u0646\u0648\u0646\u06cc \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0647\u06af\u06cc\u0631\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 SSH \u0648 \u062f\u0633\u062a\u06af\u0627\u0647 Catalyst Center\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u0632\u0631\u06cc\u0642 \u0641\u0631\u0645\u0627\u0646 \u0648 \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u060c \u062d\u0645\u0644\u0647 MitM \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\nCVE-2024-20381 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0645\u062c\u0648\u0632 \u062f\u0631 JSON-RPC API \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u062a\u0623\u06cc\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f\u060c \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-20381 \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc RV340 Dual WAN Gigabit VPN\u060c \u06a9\u0647 \u0628\u0647 EoL \u0631\u0633\u06cc\u062f\u0647 \u0627\u0646\u062f \u0648 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627  \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2024-09-27T08:45:27.000000Z"}</description>
      <content:encoded>{"uuid": "7dda89e8-c8de-412d-aa51-91436ee3cd14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36981", "type": "seen", "source": "https://t.me/ics_cert/923", "content": "\u0628\u0627\u0631 \u062f\u06cc\u06af\u0631\u060c \u0645\u0627 \u062c\u062f\u06cc \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0627\u062f\u06cc\u062f\u0647 \u0646\u0645\u06cc \u06af\u06cc\u0631\u06cc\u0645. \u0627\u0645\u0631\u0648\u0632 \u0648\u0636\u0639\u06cc\u062a \u0686\u06cc\u0632\u06cc \u0634\u0628\u06cc\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0627\u0633\u062a:\n\n1. HPE Aruba Networking \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0631\u0627 \u062f\u0631 CLI \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0622\u0631\u0648\u0628\u0627 \u062e\u0648\u062f \u06a9\u0647 \u0627\u0632 Instant AOS-8 \u0648 AOS-10 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06a9\u062f \u0631\u0627 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\nCVE-2024-42505\u060c CVE-2024-42506\u060c \u0648 CVE-2024-42507 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a PAPI UDP \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0645\u062a\u0627\u0632 \u0648 RCE \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f.\n\n\u0647\u06cc\u0686 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u06cc\u0627 PoC \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f.\n\n2. OpenPLC \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0648 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc DoS \u0648 RCE \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u062a\u0648\u0633\u0637 Cisco Talos \u0641\u0627\u0634 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 17 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\n\n\u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-34026 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc EtherNet/IP \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0631\u0648\u06cc \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-36980\u060c CVE-2024-36981\u060c CVE-2024-39589 \u0648 CVE-2024-39590 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0646\u06cc\u0632 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0634\u06cc \u0645\u0634\u0627\u0628\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0645\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u06cc\u06a9 \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u06cc \u0634\u0648\u062f.\n\n3. \u062e\u0648\u062f \u0633\u06cc\u0633\u06a9\u0648 \u0646\u06cc\u0632 11 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u062c\u0645\u0644\u0647 7 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u06a9\u0647 IOS \u0648 IOS XE \u062f\u0627\u0631\u0646\u062f \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0634\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0634\u0634 \u0645\u0634\u06a9\u0644 DoS \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0645\u0624\u0644\u0641\u0647 UTD\u060c \u0648\u06cc\u0698\u06af\u06cc RSVP\u060c \u0648\u06cc\u0698\u06af\u06cc PIM\u060c \u0648\u06cc\u0698\u06af\u06cc DHCP Snooping\u060c \u0648\u06cc\u0698\u06af\u06cc HTTP Server\u060c \u0648 \u06a9\u062f \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u062c\u062f\u062f \u0642\u0637\u0639\u0647 \u0642\u0637\u0639\u0647 IPv4 \u062f\u0631 IOS \u0648 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u06cc\u0627 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u060c \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0648\u0628 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a CSRF \u0634\u0648\u062f\u060c \u0627\u06af\u0631 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06a9\u0627\u0631\u0628\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u200c\u0634\u062f\u0647 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0631\u0641\u0639 \u062f\u0648 \u0628\u0627\u06af \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 SSH \u0645\u0631\u06a9\u0632 Catalyst (CVE-2024-20350)\u060c Crosswork Network Services Orchestrator (NSO) JSON-RPC API \u0648 ConfD (CVE-2024-20381) \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u062f\u0631 \u0645\u0648\u0631\u062f CVE-2024-20350\u060c \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0645\u06cc\u0632\u0628\u0627\u0646 SSH \u0627\u06cc\u0633\u062a\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0642\u0627\u0646\u0648\u0646\u06cc \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0647\u06af\u06cc\u0631\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 SSH \u0648 \u062f\u0633\u062a\u06af\u0627\u0647 Catalyst Center\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u0632\u0631\u06cc\u0642 \u0641\u0631\u0645\u0627\u0646 \u0648 \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u060c \u062d\u0645\u0644\u0647 MitM \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\nCVE-2024-20381 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0645\u062c\u0648\u0632 \u062f\u0631 JSON-RPC API \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u062a\u0623\u06cc\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f\u060c \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-20381 \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc RV340 Dual WAN Gigabit VPN\u060c \u06a9\u0647 \u0628\u0647 EoL \u0631\u0633\u06cc\u062f\u0647 \u0627\u0646\u062f \u0648 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627  \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2024-09-27T08:45:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7dda89e8-c8de-412d-aa51-91436ee3cd14/export</guid>
      <pubDate>Fri, 27 Sep 2024 08:45:27 +0000</pubDate>
    </item>
  </channel>
</rss>
