{"vulnerability": "CVE-2020-7796", "sightings": [{"uuid": "b628d3e0-7463-4e0d-8f7d-d5e19890555a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-09)", "content": "", "creation_timestamp": "2024-11-09T00:00:00.000000Z"}, {"uuid": "7dceaf67-782c-4d2e-ba61-2cbd11554f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "7151f088-665a-4759-860d-ae21f6cb3275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "937814ab-2845-46e9-97b1-42ebec477a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "7536a224-e6c7-4546-9db5-256dbeec40db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-03)", "content": "", "creation_timestamp": "2025-04-03T00:00:00.000000Z"}, {"uuid": "af0b7ab6-05df-4ea4-b554-5c8501a52742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-17)", "content": "", "creation_timestamp": "2025-02-17T00:00:00.000000Z"}, {"uuid": "b4ea8bba-e272-4086-9570-284a496fa98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "c507a289-23c9-4c08-b6aa-214679c67877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "05a5cb5f-3131-4ab7-adf0-83e3fbffdaad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-10)", "content": "", "creation_timestamp": "2025-09-10T00:00:00.000000Z"}, {"uuid": "4aebc291-c371-40cb-8520-ae7463cd5650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "a1b10b60-1936-4531-afdd-ff0fb1708d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "a04c833f-5d46-4193-9da0-bfe72ed76233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-07)", "content": "", "creation_timestamp": "2025-11-07T00:00:00.000000Z"}, {"uuid": "4a46972d-84c3-45b5-a06b-506511b9f215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-12)", "content": "", "creation_timestamp": "2025-05-12T00:00:00.000000Z"}, {"uuid": "8791a164-88bd-4205-b6dd-63ea9d9249c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "3b8fbcac-debe-46e8-8319-e340028bcfc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "1fdf0367-033c-4e93-8d7e-53bdd98c8587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "15c5d509-7b35-4378-915e-16be8d01f586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "25279228-bac2-44bd-85ba-6371d5b1c4a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-03)", "content": "", "creation_timestamp": "2026-03-03T00:00:00.000000Z"}, {"uuid": "f6ac0d0f-c3f9-49bd-8d89-da8ef1897563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-17)", "content": "", "creation_timestamp": "2025-10-17T00:00:00.000000Z"}, {"uuid": "81d12b4c-0524-4b69-b04c-63467c1a6e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-31)", "content": "", "creation_timestamp": "2025-08-31T00:00:00.000000Z"}, {"uuid": "ba13b561-8f28-4156-823b-b4d2882383e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-19)", "content": "", "creation_timestamp": "2026-02-19T00:00:00.000000Z"}, {"uuid": "ca132875-f555-4ea5-8a8e-5802b2646bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mf5y3s7gvc23", "content": "", "creation_timestamp": "2026-02-18T21:03:04.573658Z"}, {"uuid": "c405fea6-b179-446c-9c7a-715130922ec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mf46z6sods2i", "content": "", "creation_timestamp": "2026-02-18T04:01:34.009494Z"}, {"uuid": "fcd251c7-a9e2-41a1-b6d1-87fcb2d7ddc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "f1294c72-f164-4b43-b4f3-fd6037232495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-16)", "content": "", "creation_timestamp": "2025-12-16T00:00:00.000000Z"}, {"uuid": "970742a0-4304-425a-978b-0c2f3afa6b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-24)", "content": "", "creation_timestamp": "2025-10-24T00:00:00.000000Z"}, {"uuid": "11a648fa-2d21-4917-a433-af773ef4d3ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-20)", "content": "", "creation_timestamp": "2026-02-20T00:00:00.000000Z"}, {"uuid": "885cf5a1-cfde-4fb0-9514-e2da71ded9c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-15)", "content": "", "creation_timestamp": "2025-12-15T00:00:00.000000Z"}, {"uuid": "53528102-a28f-445b-ba16-42dfda46605a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "9b4719ee-8f31-46f2-81d8-a4304762b093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "72c0ff95-c887-43f9-aafe-8dbcb29dd297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-22)", "content": "", "creation_timestamp": "2025-12-22T00:00:00.000000Z"}, {"uuid": "fb0dfcdf-e84b-4d9d-986d-a96b0305847d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116092462468219250", "content": "", "creation_timestamp": "2026-02-18T15:59:57.085920Z"}, {"uuid": "dbb01522-1519-404b-af6f-1b2fb4cec1c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5923015", "content": "", "creation_timestamp": "2026-03-04T01:44:11.508793Z"}, {"uuid": "9f58d412-ecf4-4301-8c02-428ac4399676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "50ccba8b-f6f9-47e8-ba89-dbb6317d4fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "20f3d760-9374-40c7-af7c-3a25842f904b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-24)", "content": "", "creation_timestamp": "2026-01-24T00:00:00.000000Z"}, {"uuid": "f8674301-5cc6-4092-8763-fdc73c081f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mf3n6p4swc2q", "content": "", "creation_timestamp": "2026-02-17T22:42:32.230748Z"}, {"uuid": "f9f0d5c2-d715-40bd-9dd4-e6b60cca7d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "916e704e-6a1f-4183-ba8b-b25ade050f99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3149d83f-5286-4119-826e-a9c509a8c291", "content": "", "creation_timestamp": "2026-02-18T06:44:36.213883Z"}, {"uuid": "7ba3dec9-a2ad-4f9a-8df4-ba31f7d4d3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "de62e871-4a24-4533-9cd5-ed8b82508de8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "eb3c7b15-d33b-4d32-b79e-0d9f72a937c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "https://t.me/CyberBulletin/2595", "content": "Massive SSRF Attack Surge \n\nA coordinated wave of SSRF exploits hitting at least 400 IPs\u2014targeting U.S., Israel, and more.\n\nExploiting multiple CVEs at once, including:\n\u2022 CVE-2020-7796 (Zimbra, CVSS 9.8)\n\u2022 CVE-2021-22175 (GitLab, CVSS 9.8)\n\u2022 CVE-2023-5830 (ColumbiaSoft, CVSS 9.8)", "creation_timestamp": "2025-03-12T14:21:18.000000Z"}, {"uuid": "30b36e89-7ff2-4366-ad03-6d6e91d8aed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "Telegram/EJVapW3YwD9OOaKa1fWPumeFOQoWT3EVkVH6tC9Mg2CJrg", "content": "", "creation_timestamp": "2025-03-12T14:06:29.000000Z"}, {"uuid": "fa165b60-923a-4646-b6bc-a97682480224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "https://t.me/true_secator/6843", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 SSRF, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c.\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441\u0442\u0430\u0440\u0442\u043e\u0432\u0430\u043b\u0430 9 \u043c\u0430\u0440\u0442\u0430, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0430 \u0438\u0437 400 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432.\n\n\u0410\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 SSRF \u0432 Zimbra, GitLab, DotNetNuke, VMware, ColumbiaSoft, Ivanti, BerriAI \u0438 OpenBMCS \u0438 \u043c\u043d\u043e\u0433\u0438\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u0445.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0421\u0428\u0410, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0418\u043d\u0434\u0438\u0438, \u042f\u043f\u043e\u043d\u0438\u0438 \u0438 \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0435, \u043d\u043e \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c\u0438 \u0431\u044b\u043b\u043e \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u0418\u0437\u0440\u0430\u0438\u043b\u044e \u0438 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u0430\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 SSRF: \n- CVE-2017-0929\u00a0(CVSS: 7,5, DotNetNuke), \n- CVE-2020-7796\u00a0(CVSS: 9,8, Zimbra Collaboration Suite, \n- CVE-2021-21973\u00a0(CVSS: 5,3, VMware vCenter, \n- CVE-2021-22054\u00a0(CVSS: 7,5, VMware Workspace ONE UEM), \n- CVE-2021-22175\u00a0(CVSS: 9,8, GitLab CE/EE, \n- CVE-2021-22214\u00a0(CVSS: 8,6) \u0438 CVE-2021-39935\u00a0(CVSS: 7,5, GitLab CE/EE), \n- CVE-2023-5830\u00a0(CVSS: 9,8, ColumbiaSoft DocumentLocator), \n- CVE-2024-6587\u00a0(CVSS: 7,5, BerriAI LiteLLM), \n- CVE-2024-21893\u00a0(CVSS: 8,2, Ivanti Connect Secure),\n- OpenBMCS 2.4\u00a0\u0438 Zimbra Collaboration Suite\u00a0(\u0431\u0435\u0437 CVE).\n\n\u041a\u0430\u043a \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 GreyNoise, \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 SSRF, \u043e\u0442\u043c\u0435\u0447\u0430\u044f, \u0447\u0442\u043e \u0448\u0430\u0431\u043b\u043e\u043d \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u043e\u0439  \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e, \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044e \u0438\u043b\u0438 \u0441\u0431\u043e\u0440 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0434 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0435\u0439.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 SSRF \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u0430\u0440\u0442\u044b \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439, \u0432\u044b\u044f\u0432\u043b\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432.\n\nGreyNoise \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0442\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u044b\u0433\u0440\u0430\u043b\u0438 \u0432\u0430\u0436\u043d\u0443\u044e \u0440\u043e\u043b\u044c \u0432\u00a0\u0443\u0442\u0435\u0447\u043a\u0435 Capital One\u00a0\u0432 2019 \u0433\u043e\u0434\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 100 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b.", "creation_timestamp": "2025-03-14T15:30:06.000000Z"}, {"uuid": "b3c6cc06-f412-4bc5-a71a-0595aa7c6d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7796", "type": "exploited", "source": "https://t.me/thehackernews/6480", "content": "\ud83d\udea8 Massive SSRF Attack Surge Detected \ud83d\udc40\n\nGreyNoise warns of a coordinated wave of SSRF exploits hitting at least 400 IPs\u2014targeting U.S., Germany, Singapore, Israel, and more.\n\n\ud83d\udd34 Exploiting multiple CVEs at once, including:\n\u2022 CVE-2020-7796 (Zimbra, CVSS 9.8)\n\u2022 CVE-2021-22175 (GitLab, CVSS 9.8)\n\u2022 CVE-2023-5830 (ColumbiaSoft, CVSS 9.8)\n\n\ud83d\ude80 Automated? Pre-compromise recon? Either way\u2014patch now, restrict outbound traffic, and monitor logs.\n\nDetails: https://thehackernews.com/2025/03/over-400-ips-exploiting-multiple-ssrf.html", "creation_timestamp": "2025-03-12T12:59:04.000000Z"}]}