{"vulnerability": "CVE-2020-1165", "sightings": [{"uuid": "97e6da1e-69e2-4d7a-97bb-979984de2a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/5ebd4758-e128-45f5-b745-4be00a025876", "content": "", "creation_timestamp": "2020-05-14T15:56:28.000000Z"}, {"uuid": "47bb28b8-d1f9-4878-8dc7-abcb5b72ec08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/5ebd4758-e128-45f5-b745-4be00a025876", "content": "", "creation_timestamp": "2020-05-14T15:56:28.000000Z"}, {"uuid": "65accd74-56fd-465d-a0ca-7b405d08ea23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "0eaeb6f8-1392-4d0a-8b37-81de7f020f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "9f166c5a-e9c7-49b0-a0c2-f4d77bfb3b72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "f16fa451-0b83-4c87-a4a9-6a63cc7eb9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "1730eb90-1252-4702-b804-21825c223a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970941", "content": "", "creation_timestamp": "2024-12-24T20:22:04.031314Z"}, {"uuid": "05cb89e8-ad04-4566-a83f-274909e98251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970940", "content": "", "creation_timestamp": "2024-12-24T20:22:03.253654Z"}, {"uuid": "06d836cb-7fdb-4755-9bdd-5630fe75559c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "84c04889-a373-4a33-8675-eff630ad13c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "1e7099d9-5064-41a0-b54e-ec4351bfd139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11656", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-028-05", "content": "", "creation_timestamp": "2025-01-28T11:00:00.000000Z"}, {"uuid": "95d26a22-1f1a-4b0f-9d4f-6ffdd8004897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11656", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113907073799836511", "content": "", "creation_timestamp": "2025-01-28T17:06:53.182919Z"}, {"uuid": "4a842a16-4a86-48c6-81eb-371048a1dfc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:22.000000Z"}, {"uuid": "704989b4-80d1-48b7-afd1-6d8756cbeb98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:22.000000Z"}, {"uuid": "abe589cf-03d7-44b7-86a6-5a5a9b2d0a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/saltstack-salt-hallintakehikossa-kriittisia-haavoittuvuuksia", "content": "", "creation_timestamp": "2020-05-03T19:21:42.000000Z"}, {"uuid": "3ac3ac9e-fa35-4ad7-867c-4cd2deceecee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:45.000000Z"}, {"uuid": "f98e0031-90e3-463a-a5cc-e4c8aee08c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:45.000000Z"}, {"uuid": "1391a887-449f-4568-aa01-5c7f66fd9113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/saltstack_salt_root_key.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "321ba20f-8f23-4835-9f28-aa2346cc3f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/saltstack_salt_root_key.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "63a7794e-a462-48e4-b3f2-c36c31fb5654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/saltstack_salt_unauth_rce.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "eece374b-7f1a-405a-908f-e7172d0ca527", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/saltstack_salt_unauth_rce.rb", "content": "", "creation_timestamp": "2020-05-12T18:48:12.000000Z"}, {"uuid": "6170828d-eb17-4a23-8bbb-0a802d72a3bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2020-11651", "type": "seen", "source": "https://gist.github.com/onewesong/bd072f0a8a8689c4906bee2b936b7ee5", "content": "", "creation_timestamp": "2026-03-03T16:20:50.000000Z"}, {"uuid": "b88998a5-aee5-49b8-9cd3-04bfa45cdaa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-11651", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d2ba95e6-fcde-4d18-943a-bd030d0aff30", "content": "", "creation_timestamp": "2026-02-02T12:29:01.664168Z"}, {"uuid": "8211cc8c-ff61-4729-ab97-e14f13b1a873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/saltstack-salt-hallintakehikossa-kriittisia-haavoittuvuuksia", "content": "", "creation_timestamp": "2020-05-03T19:21:42.000000Z"}, {"uuid": "f01ceca2-0d2d-416e-982b-7abeed33c422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://gist.github.com/kakairesteven/c933ab23280dded60023773c5d6d477a", "content": "", "creation_timestamp": "2026-01-24T11:15:40.000000Z"}, {"uuid": "07050109-999f-4b89-9b1c-5351cdf63622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://t.me/arpsyndicate/224", "content": "#ExploitObserverAlert\n\nCVE-2020-11651\n\nDESCRIPTION: Exploit Observer has 73 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.\n\nFIRST-EPSS: 0.974930000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-17T06:45:34.000000Z"}, {"uuid": "955ab963-ef14-4c34-92c5-1126ec367fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-11652", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4fd341db-d261-44c5-9891-3f4531b0097b", "content": "", "creation_timestamp": "2026-02-02T12:29:01.569199Z"}, {"uuid": "d00ec545-0db9-48d4-b6cc-ea7a187747e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://gist.github.com/byt3n33dl3/243ff409cc9fdceb7913bd392bbe08d6", "content": "", "creation_timestamp": "2026-04-08T11:40:39.000000Z"}, {"uuid": "5ba212fc-790e-4545-bad9-e461b7446130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://t.me/arpsyndicate/1796", "content": "#ExploitObserverAlert\n\nCVE-2020-11651\n\nDESCRIPTION: Exploit Observer has 79 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.\n\nFIRST-EPSS: 0.974930000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T02:31:56.000000Z"}, {"uuid": "473af933-83a6-4a22-9f47-381466ba2062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://t.me/arpsyndicate/1170", "content": "#ExploitObserverAlert\n\nCVE-2020-11652\n\nDESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.\n\nFIRST-EPSS: 0.973530000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T09:40:58.000000Z"}, {"uuid": "aed459f2-79d5-405a-ae36-7bcf952bc153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "seen", "source": "https://t.me/arpsyndicate/191", "content": "#ExploitObserverAlert\n\nCVE-2020-11652\n\nDESCRIPTION: Exploit Observer has 47 entries related to CVE-2020-11652. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.\n\nFIRST-EPSS: 0.973530000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-17T03:39:16.000000Z"}, {"uuid": "8b16c7e2-fd1a-4210-a72d-5a800237fea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://t.me/arpsyndicate/1578", "content": "#ExploitObserverAlert\n\nCVE-2020-11651\n\nDESCRIPTION: Exploit Observer has 79 entries related to CVE-2020-11651. An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.\n\nFIRST-EPSS: 0.974930000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-09T23:37:55.000000Z"}, {"uuid": "3d1d5976-caf6-4cfa-9b6c-b3d0d4fa5078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://t.me/true_secator/2035", "content": "\u200b\u200b\u0410\u0434\u043c\u0438\u043d\u0430\u043c \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443! \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0437\u043d\u0430\u043b\u0438 \u0447\u0435\u043c \u0441\u0435\u0431\u044f \u0437\u0430\u043d\u044f\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0431\u0443\u0434\u043d\u0438, \u0442\u043e \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e \u0441\u0435\u0442\u0435\u0439 \u0441\u0432\u043e\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0437 \u0422\u041e\u041f-15 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Linux:\n\n- CVE-2017-9805: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 REST \u0434\u043b\u044f Apache Struts 2, XStream RCE.\n- CVE-2018-7600: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Drupal Core RCE.\n- CVE-2020-14750: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Oracle WebLogic Server RCE.\n- CVE-2020-25213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WordPress File Manager (wp-file-manager).\n- CVE-2020-17496: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432  \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 vBulletin subwidgetConfig\n- CVE-2020-11651: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 SaltStack Salt.\n- CVE-2017-12611: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2017-7657: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u0438\u043d\u044b \u0431\u043b\u043e\u043a\u0430 Eclipse Jetty.\n- CVE-2021-29441: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Alibaba Nacos AuthFilter.\n- CVE-2020-14179: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Atlassian Jira, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n- CVE-2013-4547: Nginx \u0441\u043e\u0437\u0434\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0442\u0440\u043e\u043a\u0435 URI.\n- CVE-2019-0230: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache Struts 2 RCE.\n- CVE-2018-11776: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2020-7961: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Liferay Portal.\n\n\u0420\u0430\u0431\u043e\u0442\u043d\u0435\u043c, \u043f\u043e\u0436\u0430\u043b\u0443\u0439.", "creation_timestamp": "2021-08-25T13:22:18.000000Z"}, {"uuid": "7662b619-91bd-4d54-816a-11a70462a06e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "published-proof-of-concept", "source": "Telegram/qtf5UlSjl8ansax6HEFOWjNwUYd29vo_Y6ok0vpVyjxeaHc", "content": "", "creation_timestamp": "2025-03-30T17:00:07.000000Z"}, {"uuid": "5acf86ee-3327-465f-96dd-5f1a35f3c90a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/246", "content": "CVE-2020-11651 SaltStack \u8a8d\u8b49\u7e5e\u904e\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-11651_SaltStack_%E8%AA%8D%E8%AD%89%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E#EXP", "creation_timestamp": "2021-04-23T02:57:14.000000Z"}, {"uuid": "c59edc8e-a890-4a7b-8c2b-a7441225f374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "seen", "source": "https://t.me/thehackernews/685", "content": "\ud83d\udd25 WARNING \u2014 Here\u2019s a new CVSS 10 Bug.\n\nA newly disclosed critical SaltStack RCE (as root) vulnerability (CVE-2020-11651) affects thousands of servers (~6000) deployed in data centers and cloud environments.\n\nRead details \u2014 https://thehackernews.com/2020/05/saltstack-rce-vulnerability.html", "creation_timestamp": "2020-05-01T15:21:08.000000Z"}, {"uuid": "a7d788f9-ab24-4d5c-a996-acabb6f50e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "exploited", "source": "https://t.me/thehackernews/686", "content": "WARNING \u2014 Just within a day after public disclosure of SaltStack RCE vulnerability (CVE-2020-11651), hackers have started exploiting unpatched servers.\n\n\u2705 LineageOS [hacked]\n\u2705 Ghost CMS [hacked]\n\u2705 DigiCert [hacked]\n\nRead more: https://thehackernews.com/2020/05/saltstack-rce-exploit.html", "creation_timestamp": "2020-05-04T12:06:14.000000Z"}, {"uuid": "04bd5ce9-72b6-4173-85ac-96d665a7a1fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "exploited", "source": "https://t.me/SecLabNews/7504", "content": "\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u0435\u0434\u0435\u0442\u0441\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0421\u0435\u0442\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c Salt, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432\u043d\u0443\u0442\u0440\u0438 \u0446\u0435\u043d\u0442\u0440\u043e\u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u043b\u043e\u0433\u043e\u0432 Ghost, \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2020-11651) \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 (CVE-2020-11652) \u0432 Salt \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\n\u041f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0431\u043b\u043e\u0433-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Ghost \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440", "creation_timestamp": "2020-05-05T09:45:03.000000Z"}, {"uuid": "1e7da5f2-c9d3-4641-ab38-a1da2a699fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "exploited", "source": "https://t.me/SecLabNews/7504", "content": "\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u0435\u0434\u0435\u0442\u0441\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0421\u0435\u0442\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c Salt, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432\u043d\u0443\u0442\u0440\u0438 \u0446\u0435\u043d\u0442\u0440\u043e\u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u043b\u043e\u0433\u043e\u0432 Ghost, \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2020-11651) \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 (CVE-2020-11652) \u0432 Salt \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\n\u041f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0438 \u0431\u043b\u043e\u0433-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Ghost \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440", "creation_timestamp": "2020-05-05T09:45:03.000000Z"}, {"uuid": "04f5cfe7-0ea0-47c7-b895-a869faed22f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11652", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1055", "content": "#exploit\nCVE-2020-11651,\nCVE-2020-11652:\nCisco Modeling Labs Corporate Edition (CML)/Virtual Internet Routing Lab Personal Edition (VIRL-PE) - SaltStack Authorization Bypass\nhttps://labs.f-secure.com/advisories/saltstack-authorization-bypass", "creation_timestamp": "2024-10-22T16:50:13.000000Z"}, {"uuid": "3434ef46-1f1f-456a-91b8-33865163b795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11651", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1055", "content": "#exploit\nCVE-2020-11651,\nCVE-2020-11652:\nCisco Modeling Labs Corporate Edition (CML)/Virtual Internet Routing Lab Personal Edition (VIRL-PE) - SaltStack Authorization Bypass\nhttps://labs.f-secure.com/advisories/saltstack-authorization-bypass", "creation_timestamp": "2024-10-22T16:50:13.000000Z"}]}