{"vulnerability": "CVE-2022-2637", "sightings": [{"uuid": "bd2f997a-796b-479a-a088-e9b53f9107aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01", "content": "", "creation_timestamp": "2025-05-13T10:00:00.000000Z"}, {"uuid": "ad35ab3a-0b1c-4a96-9ca0-873c869a50b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12735", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 IBM QRadar - When The Attacker Controls Your Security Stack (CVE-2022-26377).\n\nhttps://labs.watchtowr.com/ibm-qradar-when-the-attacker-controls-your-security-stack/", "creation_timestamp": "2024-04-16T19:51:40.000000Z"}, {"uuid": "c48c4aac-1755-4372-bde1-d2e1b1fbd671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26374", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5335", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-26374\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2022-08-18T19:59:11.000Z\n\ud83d\udccf Modified: 2025-02-25T16:57:49.861Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00701.html", "creation_timestamp": "2025-02-25T17:23:19.000000Z"}, {"uuid": "a952369e-3e63-42fc-990d-c716ace9bcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11842", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2023-46747 (Score 9.8); an unauthenticated remote code execution vulnerability via a side-channel from the management interface (Traffic Management User Interface (TMUI) and is closely related to CVE-2022-26377 which is a HTTP request smuggling vulnerability).\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution by running arbitrary commands. This only affects the control plane and not the data plane.\n\nApparently, at the management console; sending requests to the \u201cbackend\u201d service that assumes the \u201cfrontend\u201d handled authentication is leading to this issue using HRS.\n\nTrack this issue at: http://ckure.esy.es/archives/13495\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/\n\nhttps://my.f5.com/manage/s/article/K000137353\n\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T19:50:20.000000Z"}, {"uuid": "cb8f480b-2d4c-4aab-9455-d49c120351c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/habr_com_news/18854", "content": "Asus \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u043e\u0447\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043b\u044f Wi-Fi \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 \u0438 TUF-AX5400. \u0412 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0434\u0435\u0432\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0433\u043e \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f (CVE-2022-26376 \u0438 CVE-2018-1160), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043d\u0430 \u043d\u0438\u0445 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0439 \u043a\u043e\u0434.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0442\u0435\u0445\u043d\u0438\u043a\u0430", "creation_timestamp": "2023-06-20T08:44:38.000000Z"}, {"uuid": "d025192d-94e2-4290-be97-93d5825f68ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/192", "content": "Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747\n\n\ud83d\udc64 by Michael Weber and Thomas Hendrickson\n\nAs a result of the research researchers were able to identify an authentication bypass issue that led to complete compromise of an F5 system with the Traffic Management User Interface (TMUI) exposed. The bypass was assigned CVE-2023-46747, and is closely related to CVE-2022-26377. Like they recently reported Qlik RCE, the F5 vulnerability was also a request smuggling issue. In this blog authors will discuss their methodology for identifying the vulnerability, walk through the underlying issues that caused the bug, and explain the steps they took to turn the request smuggling into a critical risk issue. They will conclude with remediation steps and their thoughts on the overall process.\n\n\ud83d\udcdd Contents:\n\u25cf Overview\n\u25cf Mapping out the F5 BIG-IP Attack Surface\n\u25cf F5 Traffic Management User Interface (TMUI) Overview\n\u25cf Verifying AJP Smuggling\n\u25cf AJP Smuggling and Server Interpretation\n\u25cf But What To Do With the Smuggling?\n\u25cf Remediation\n\u25cf Conclusion\n\u25cf Disclosure Timeline\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-27T05:50:12.000000Z"}, {"uuid": "3b9de5a1-7a2c-42d0-953b-4738f152914e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/kasperskyb2b/705", "content": "\ud83d\udc40 Asus patch monday\n\n\u0412\u0447\u0435\u0440\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043a\u0443\u043c\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f 19 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0433\u0440\u043e\u0432\u044b\u0435 \u0440\u043e\u0443\u0442\u0435\u0440\u044b \u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f mesh Wi-Fi. \u0412\u0441\u0435\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 17 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u043b\u044e\u0441 9 \u0441 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u043c\u0438 CVE: CVE-2023-28702 (CVSS 8.8), CVE-2023-28703 (CVSS 7.2), CVE-2023-31195, CVE-2022-46871 (CVSS 8.8), CVE-2022-38105, CVE-2022-35401 (CVSS 8.1), CVE-2018-1160 (2018! \u0438 CVSS 9.8), CVE-2022-38393, CVE-2022-26376.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0430\u043c\u044b\u0435 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u0430\u0441\u0441\u0443 RCE \u0438 DoS.\n\n\u0421\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, Asus \u0440\u0430\u0441\u0448\u0435\u0432\u0435\u043b\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0440\u044f\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 \u0442\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u0445\u043e\u0447\u0435\u0442 \u0438\u043b\u0438 \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u044d\u0442\u043e\u0433\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b WAN \u0432\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u043d\u0438\u0435 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439. \u0412 \u0447\u0438\u0441\u043b\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0434\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432 \u0442\u0430\u043a\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438, \u0432\u0445\u043e\u0434\u044f\u0442 VPN-\u0441\u0435\u0440\u0432\u0435\u0440, DDNS, DMZ \u0438 \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0430\u0446\u0438\u044f \u043f\u043e\u0440\u0442\u043e\u0432. \n\u0421\u0430\u043c\u044b\u0435 \u0441\u0432\u0435\u0436\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u043e\u0433\u043e CERT, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438 \u0440\u0430\u0441\u043f\u0438\u043d\u0430\u043b \u0433\u043e\u0440\u0434\u0443\u044e \u043f\u0442\u0438\u0446\u0443 Asus \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439. \u041b\u0443\u0447\u0448\u0435 \u043f\u043e\u0437\u0434\u043d\u043e, \u0447\u0435\u043c \u043d\u0438\u043a\u043e\u0433\u0434\u0430?\n \n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-06-20T09:57:08.000000Z"}, {"uuid": "6f05b3bb-5e3d-4c8e-a075-b6d92af7c868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "c58ba674-44b3-47d1-9dc5-dc9360ed69cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "Telegram/UcN9rrly21Uor-mxnNKzE-XVEYoCekrfw70xXO3rK8w--F4", "content": "", "creation_timestamp": "2023-06-21T07:15:35.000000Z"}, {"uuid": "0d6adfef-703a-47ba-8822-5c02e34508e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/YE_0x/765", "content": "\ud83d\udd12 \u0628\u0627\u062f\u0631 \u0628\u0627\u0644\u062a\u062d\u0631\u0643 \u0627\u0644\u0622\u0646! \n\n\u0623\u0635\u062f\u0631\u062a ASUS \u062a\u062d\u062f\u064a\u062b\u0627\u062a \u0644\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u062b\u0627\u0628\u062a\u0629 \u0644\u0625\u0635\u0644\u0627\u062d \u062a\u0633\u0639\u0629 \u0623\u062e\u0637\u0627\u0621 \u0623\u0645\u0646\u064a\u0629 \u062a\u0624\u062b\u0631 \u0639\u0644\u0649 \u0646\u0645\u0627\u0630\u062c \u062c\u0647\u0627\u0632 \u0627\u0644\u062a\u0648\u062c\u064a\u0647.\n\n\u0627\u0644\u0625\u0635\u0644\u0627\u062d\u0627\u062a \u0627\u0644\u0631\u0626\u064a\u0633\u064a\u0629: CVE-2018-1160 \u0648 CVE-2022-26376. \u0642\u0645 \u0628\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u062b\u0627\u0628\u062a\u0629 \u0648\u062a\u0639\u0637\u064a\u0644 \u062e\u062f\u0645\u0627\u062a WAN \u0648\u0625\u062c\u0631\u0627\u0621 \u0639\u0645\u0644\u064a\u0627\u062a \u062a\u062f\u0642\u064a\u0642 \u0645\u0646\u062a\u0638\u0645\u0629 \u0644\u062a\u062d\u0642\u064a\u0642 \u0623\u0642\u0635\u0649 \u0642\u062f\u0631 \u0645\u0646 \u0627\u0644\u0623\u0645\u0627\u0646\n\n\ud83d\udea8 ===============\n\ud83d\udd30 #0xYE\n\ud83d\udd30 #Cyber_Security\n\ud83d\udd30 #Yemeni_Hackers \n\ud83d\udd30 @YE_0x\n\ud83d\udea8===============", "creation_timestamp": "2023-06-25T04:46:46.000000Z"}, {"uuid": "f5ddfac3-f5f4-4ded-ade3-e5518e09b6c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "seen", "source": "https://t.me/true_secator/5640", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 WatchTowr \u0437\u0430\u0434\u0430\u044e\u0442\u0441\u044f \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f \u043f\u0430\u043d\u0438\u043a\u0443\u0435\u0442 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0434\u0430\u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445\u00a0\u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044f \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c, \u043e\u0431\u0440\u0443\u0448\u0438\u043b\u0438\u0441\u044c \u0441 \u043a\u0440\u0438\u0442\u0438\u043a\u043e\u0439 \u043d\u0430 IBM, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u043b\u0430 \u0441\u0432\u043e\u0439 \u0444\u043b\u0430\u0433\u043c\u0430\u043d\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442, \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u0430\u0437\u0430\u0442\u044c, \u0436\u0435\u043c\u0447\u0443\u0436\u0438\u043d\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438 \u0441\u0435\u0440\u0434\u0446\u0435 \u0441\u0442\u0435\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u043d\u043e\u0433\u0438\u0445 \u0435\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, - QRadar SIEM.\n\n\u041e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0434\u043b\u044f \u0434\u0430\u0432\u043d\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache (CVE-2022-26377, CVSS: 7,3), \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043d\u0430 \u0441\u0435\u0431\u044f \u0441\u0435\u0430\u043d\u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0432\u0437\u044f\u0442\u044c \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440 QRadar SIEM \u0432 \u043e\u0434\u043d\u043e\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u0435.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u0431\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e, \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 \u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u043e \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0439 \u043e\u0441\u0430\u0434\u043e\u0447\u0435\u043a \u043e\u0441\u0442\u0430\u043b\u0441\u044f.", "creation_timestamp": "2024-04-15T18:30:05.000000Z"}, {"uuid": "38e72769-6e0d-44cc-967a-00a01ac5b0ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/true_secator/4523", "content": "\ud83d\udea4 \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f ASUS \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u00ab\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f\u00bb\n\nASUS \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u0441 \u043a\u0443\u043c\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445. \u0412 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \"Latest security updates\" \u043e\u0442 06/19/2023 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u2194\ufe0f \u0412 \u043d\u043e\u0432\u043e\u0439 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u0441\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0435\u0432\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u0412 \u0441\u043f\u0438\u0441\u043a\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442\u0441\u044f CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376.\n\n\u0412 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u0445\u043e\u0434\u044f\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 \u0438 TUF-AX5400.\n\nhttps://www.asus.com/content/asus-product-security-advisory/#:~:text=06/19/2023%20New%20firmware%20with%20accumulate%20security%20updates\n\n\u270b @Russian_OSINT", "creation_timestamp": "2023-06-21T14:27:19.000000Z"}, {"uuid": "193e4f82-6d11-4e3c-ae4c-f0bee496b494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26375", "type": "seen", "source": "https://t.me/cibsecurity/51628", "content": "\u203c CVE-2022-26375 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology AB Press Optimizer plugin &lt;= 1.1.1 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T22:13:29.000000Z"}, {"uuid": "2fdbc33e-5439-43bc-9ebf-70acf4a8bec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2637", "type": "seen", "source": "https://t.me/cibsecurity/50896", "content": "\u203c CVE-2022-2637 \u203c\n\nIncorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects: Hitachi Storage Plug-in for VMware vCenter 04.8.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:16:46.000000Z"}, {"uuid": "5ebb970a-ca13-49b7-bf68-912d26cbb17f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26374", "type": "seen", "source": "https://t.me/cibsecurity/48399", "content": "\u203c CVE-2022-26374 \u203c\n\nUncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:22:42.000000Z"}, {"uuid": "6f99cf1d-17b7-4528-9a7c-0f62ebaee536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/thehackernews/3501", "content": "\ud83d\udd12 Take action now! ASUS has released firmware updates to fix nine security bugs impacting router models. \n \nKey fixes: CVE-2018-1160 and CVE-2022-26376. Update firmware, disable WAN services, and conduct regular audits for maximum security. \n \nRead details: https://thehackernews.com/2023/06/asus-releases-patches-to-fix-critical.html", "creation_timestamp": "2023-06-20T10:50:44.000000Z"}, {"uuid": "36a72274-7fda-4dd1-bd60-b11fedb681d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26376", "type": "seen", "source": "https://t.me/Russian_OSINT/2677", "content": "\ud83d\udea4 \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f ASUS \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u00ab\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f\u00bb\n\nASUS \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u0441 \u043a\u0443\u043c\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445. \u0412 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \"Latest security updates\" \u043e\u0442 06/19/2023 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u2194\ufe0f \u0412 \u043d\u043e\u0432\u043e\u0439 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u0441\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0435\u0432\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u0412 \u0441\u043f\u0438\u0441\u043a\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442\u0441\u044f CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376.\n\n\u0412 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u0445\u043e\u0434\u044f\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 \u0438 TUF-AX5400.\n\nhttps://www.asus.com/content/asus-product-security-advisory/#:~:text=06/19/2023%20New%20firmware%20with%20accumulate%20security%20updates\n\n\u270b @Russian_OSINT", "creation_timestamp": "2023-06-19T19:55:30.000000Z"}, {"uuid": "15a7e4e8-29fb-4c74-a0f7-168d2f730d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26377", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6376", "content": "#exploit\n1. CVE-2022-30308, CVE-2022-30309, CVE-2022-30310, CVE-2022-30311:\nFESTO: CECC-X-M1 - Command Injection Vulnerabilities\nhttps://onekey.com/blog/advisory-festo-cecc-x-m1-command-injection-vulnerabilities\n\n2. CVE-2022-26377:\nApache HTTPd AJP Request Smuggling\nhttp://noahblog.360.cn/apache-httpd-ajp-request-smuggling", "creation_timestamp": "2022-07-11T12:37:51.000000Z"}]}