{"vulnerability": "CVE-2022-26809", "sightings": [{"uuid": "ea59daec-526a-48e5-af8c-779551977fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=784", "content": "", "creation_timestamp": "2022-04-13T04:00:00.000000Z"}, {"uuid": "c8ff7c3d-be5d-4126-bd3e-2e9d06b1e9bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://gist.github.com/gal-dahan-wiz/13c8354a0ad368d7f2c33206cf8c925d", "content": "", "creation_timestamp": "2026-02-26T14:47:40.000000Z"}, {"uuid": "10248a4b-7b1f-4561-803d-fc86b7b1c09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://gist.github.com/gal-dahan-wiz/a770c7ef4af0cfe9030251cd58d6bb23", "content": "", "creation_timestamp": "2026-03-06T12:29:52.000000Z"}, {"uuid": "196cbe23-1f86-46bd-87ec-2ff7bc54399c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2228", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 RCE Exploit\nURL\uff1ahttps://github.com/rkxxz/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-19T03:40:41.000000Z"}, {"uuid": "34194e9d-dfd6-49f2-8241-ccc33a1e64ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2248", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 | is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows\nURL\uff1ahttps://github.com/seciurdt/CVE-2022-26809-MASS\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-20T15:22:18.000000Z"}, {"uuid": "b3a49099-7f18-4a4f-8de0-48f346b20dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/cKure/9351", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2022-26809 - Windows RPC Wormable Remote Code Execution.\n\nShodan: product:\"Microsoft RPC Endpoint Mapper\"\n\nCensys: https://censys.io/cve-2022-26809/\n\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26809", "creation_timestamp": "2022-04-14T12:07:39.000000Z"}, {"uuid": "23441e84-9055-41c1-afe9-bbdc4a05f6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2168", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 exp\nURL\uff1ahttps://github.com/Calvitz/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-12T07:50:02.000000Z"}, {"uuid": "a473b5bf-a408-46d6-9860-8b72f027564d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2316", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809   |  is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows \nURL\uff1ahttps://github.com/seciurdt/CVE-2022-26809-MASS-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-29T13:57:33.000000Z"}, {"uuid": "9039f0ee-adeb-4f85-b5b6-36564b9f71ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2531", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ametasploit module for CVE-2022-26809 windows rpc rce via smb 445 \nURL\uff1ahttps://github.com/Ziggy78/CVE-2022-26809-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-18T03:31:55.000000Z"}, {"uuid": "4f9ab1c2-9adf-4854-bfff-b62d8a45ca5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1940", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThe poc for CVE-2022-26809 RCE via RPC will be updated here. \nURL\uff1ahttps://github.com/sherlocksecurity/Microsoft-CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-14T03:58:45.000000Z"}, {"uuid": "d87a7f9e-9773-485f-8874-70888ff81d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1939", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThe poc for CVE-2022-26809 RCE via RPC will be updated here. \nURL\uff1ahttps://github.com/sherlocksecurity/Microsoft-CVE-2022-26809-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-14T03:47:38.000000Z"}, {"uuid": "6289eaef-dc1c-436a-9f48-ced7b580a288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1936", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 PoC\nURL\uff1ahttps://github.com/f8al/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-13T18:20:55.000000Z"}, {"uuid": "ff12fec8-db81-4816-bc71-cee3b176a0cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1950", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-26809-RCE-EXP \nURL\uff1ahttps://github.com/SeptS9119/CVE-2022-26809-RCE-\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T04:32:39.000000Z"}, {"uuid": "d91ccee9-cf61-4272-8f47-68b414122954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1949", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809-RCE-EXP\nURL\uff1ahttps://github.com/SeptS9119/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T03:26:35.000000Z"}, {"uuid": "6715dccc-23ab-48c8-838d-270765de2cdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2246", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime \nURL\uff1ahttps://github.com/XmasSnowISBACK/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-20T14:34:00.000000Z"}, {"uuid": "bfb2c0ee-1aa8-4870-b953-99f87a47c568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2139", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime \nURL\uff1ahttps://github.com/ExploitPwner/CVE-2022-26809-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-09T17:04:31.000000Z"}, {"uuid": "76fa4942-7250-429b-a228-f222acada9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2042", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime\nURL\uff1ahttps://github.com/XmasSnowREAL/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-25T19:00:32.000000Z"}, {"uuid": "ea7350c6-9a22-4c54-ab59-a178a18d4bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1951", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809-RCE-EXP-POC\nURL\uff1ahttps://github.com/SeptS9119/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T04:45:08.000000Z"}, {"uuid": "c4be20df-75fd-45a8-9a15-b770a9203813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1982", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 exploit\nURL\uff1ahttps://github.com/BugHunter010/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-19T09:40:28.000000Z"}, {"uuid": "7780dba6-ed5c-4082-8fed-8a66e9ecb239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2069", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis repository contains a PoC for remote code execution CVE-2022-26809\nURL\uff1ahttps://github.com/ZyxelTeam/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-30T15:55:45.000000Z"}, {"uuid": "8cda0bbe-82da-473c-882a-946bae2529d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1973", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA proof of concept of the CVE-2022-26809-RCE vulnerability.\nURL\uff1ahttps://github.com/F1uk369/CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-18T03:53:27.000000Z"}, {"uuid": "cb51a547-d4ff-4a99-a637-d6410f67d1a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1972", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThe poc for CVE-2022-26809 RCE via RPC will be updated here. \nURL\uff1ahttps://github.com/sherlocksecurity/Microsoft-CVE-2022-26809-The-Little-Boy\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-18T03:34:42.000000Z"}, {"uuid": "80618d47-609d-46b7-bc3b-4cbd24258577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1992", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis repository contains a PoC for  remote code execution CVE-2022-26809\nURL\uff1ahttps://github.com/DESC0N0C1D0/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-20T21:02:35.000000Z"}, {"uuid": "7189ba2e-b643-4f1e-8ef8-ae5cc4c5bed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2114", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809   |  is a  remote code execution vulnerablity in rpc runtime and affects a wide versions of windows \nURL\uff1ahttps://github.com/seciurdt/CVE-2022-26809-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-08T15:04:34.000000Z"}, {"uuid": "78935f2c-88c1-48b1-ad3e-6ba158ffaf87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2165", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809   |  is a remote code execution vulnerablity in rpc runtime and affects a wide versions of windows \nURL\uff1ahttps://github.com/seciurdt/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-11T20:45:27.000000Z"}, {"uuid": "0d0368ca-50f1-4589-ae71-1eb482b254cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2217", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDetects attempts and successful exploitation of CVE-2022-26809\nURL\uff1ahttps://github.com/corelight/cve-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-17T15:25:06.000000Z"}, {"uuid": "d13a5217-9408-423a-8bce-ce8d0d9f7db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2307", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aMass RCE VIA CVE-2022-6809 AND THE METASPLOIT MODULE\nURL\uff1ahttps://github.com/ChrisopherJohanso/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-28T14:17:25.000000Z"}, {"uuid": "d65a85e2-9604-496d-8443-37ad76010da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2786", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u7ea2\u961f\n\u63cf\u8ff0\uff1a\u8b66\u60d5 \u4e00\u79cd\u9488\u5bf9\u7ea2\u961f\u7684\u65b0\u578b\u6eaf\u6e90\u624b\u6bb5!\nURL\uff1ahttps://github.com/fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp\n\n\u6807\u7b7e\uff1a#\u7ea2\u961f", "creation_timestamp": "2022-07-27T15:59:46.000000Z"}, {"uuid": "12e3dddc-8024-470b-b5cf-02ddd7adecdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2837", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime \nURL\uff1ahttps://github.com/emanuelandrei/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-02T20:48:24.000000Z"}, {"uuid": "51ef3573-e9ed-4c40-b7ef-4dfbd6b63af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2491", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1awriteup and poc for [CVE-2022-26809]\nURL\uff1ahttps://github.com/scoobydoobi/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-11T13:28:39.000000Z"}, {"uuid": "ad7dd79f-e373-48e9-8c28-3ba5a71ad771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2947", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ametasploit and python module for CVE-2022-26809 windows rpc rce via smb 445\nURL\uff1ahttps://github.com/Ziggy78/CVE-2022-26809-MASS-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-15T12:13:54.000000Z"}, {"uuid": "5f750662-87bc-48a0-9be5-46375d47ba2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2754", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTHE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE\nURL\uff1ahttps://github.com/ToomArni65/CVE-2022-26809-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-21T20:10:53.000000Z"}, {"uuid": "c54a7963-f5a5-4bc0-8ecd-20c1e79bc640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/GithubRedTeam/2506", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1awriteup and poc for [CVE-2022-26809]  CVE-2022-26809 Vulnerabillity in cre windows componen(RPC) with a high cvss score of 9.8\nURL\uff1ahttps://github.com/SonicWave21/Follina-CVE-2022-30190-Unofficial-patch\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-14T13:03:21.000000Z"}, {"uuid": "36c720fe-bed8-42b1-b94c-7e9fba04632d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2999", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTHE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE \nURL\uff1ahttps://github.com/ToomArni65/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-22T16:48:18.000000Z"}, {"uuid": "145922a3-e252-4b87-9d73-5a8a2dc3f821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2636", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ametasploit and python module for CVE-2022-26809 windows rpc rce via smb 445\nURL\uff1ahttps://github.com/Ziggy78/CVE-2022-26809-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-04T09:33:21.000000Z"}, {"uuid": "e33b837d-f24f-4757-8e9c-208d7cb4f190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/itsec_news/474", "content": "\u200b\u2705 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\ud83d\udcac \u0412\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a, 12-\u0433\u043e \u0430\u043f\u0440\u0435\u043b\u044f, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0435, Office, Exchange Server, Visual Studio, \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 \u0438 \u043f\u0440.\n\n\u0414\u0435\u0441\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. 115 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043a\u0430\u043a \u043e\u043f\u0430\u0441\u043d\u044b\u0435, \u0438 3 \u2014 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041e\u0434\u043d\u0430 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u0420\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Common Log File System, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 \u0438 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CrowdStrike. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-24521 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 7,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0440\u0430\u043d\u0435\u0435. CVE-2022-26904 (7.0 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows User Profile Service.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Runtime Library (CVE-2022-26809), Windows Network File System (CVE-2022-24491 \u0438 CVE-2022-24497), Windows Server Service (CVE-2022-24541), Windows SMB (CVE-2022-24500) \u0438 Microsoft Dynamics 365 (CVE-2022-23259).\n\nMicrosoft \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows DNS Server, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 17 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u0415\u0449\u0451 15 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438.\n\n#Microsoft #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-04-13T08:18:48.000000Z"}, {"uuid": "982c3561-93b4-4da0-9d3c-17ddccf0b8a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2536", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-26809, analisys and considerations are shown in the github.io.\nURL\uff1ahttps://github.com/s1ckb017/PoC-CVE-2022-26809\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-18T13:56:54.000000Z"}, {"uuid": "70a1d1cd-bf9b-483e-aae9-3809f6bbf3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1774", "content": "PoC-CVE-2022-26809\nPoC \u0434\u043b\u044f CVE-2022-26809, \u0430\u043d\u0430\u043b\u0438\u0437 \u0438 \u0441\u043e\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u044b \u043d\u0430 github.io. PoC \u0431\u044b\u043b \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u0432 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 Impacket. \u041f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0441: impacket \u0432\u0435\u0440\u0441\u0438\u0438 0.10.0\nPoC \u043d\u0435 \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0442.\u0435. \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043a\u0443\u0447\u0435, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 1048576 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0442\u0430\u043a \u043a\u0430\u043a 1048576*4096 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0446\u0435\u043b\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0438\u0437 32 \u0431\u0438\u0442.\n\u041d\u0435 \u043d\u0430\u0448\u0435\u043b \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u0430 \u043e\u0431\u043c\u0430\u043d\u0443\u0442\u044c \u0440\u0430\u0437\u043c\u0435\u0440, \u043c\u043d\u0435 \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442 len, \u0442\u043e \u0435\u0441\u0442\u044c 16 \u0431\u0438\u0442, \u0441\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f \u0441 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u043c \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u043e\u043d\u0438 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u043d\u044b.\nhttps://github.com/s1ckb017/PoC-CVE-2022-26809\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-06-20T05:02:31.000000Z"}, {"uuid": "dd742f43-d5d8-4646-b2a0-7333b6007f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/804", "content": "#BugBountyTips of the Day\n\ud83e\udde8 Windows RPC Critical Vulnerability (CVE-2022-26809)  You can search for vulnerable hosts in Shodan by dorks:  port:445  product:\"Microsoft RPC Endpoint Mapper\"  Link to PoC  https://t.co/AXQC2W0rmU  #bugbountytips #CVE #cybersecurity #infosec #bugbounty  https://t.co/r7uf5eWgji\n---\n(WEF - 802.11 Offensive Framework To Automate Attacks for WPA, WEP, Hash Cracking, Bluetooth Hacking & More) -  https://t.co/dwhlbrYK9H #infosec #netsec #pentest #cybersecurity #bugbounty  https://t.co/nlSnMICPaf\n---\nNew RCE log4j with @GodfatherOrwa Paylaod : ${jndi:ldap://${Command}XXXX${::-.} https://t.co/CSf4toAzvx}zzzz   Command  sys:os.arch & sys:os.version &  hostName #bugbountytips #bugbountytip #bugbounty\n---\ntoxssin\u2623\ufe0fA POST-XSS exploitation tool. \u00bb  https://t.co/MnYBAafnon  #cybersecurity #bugbounty #infosec #bugbountytips  #xss  https://t.co/MFUCvuQq2X\n---\n16 Search Engines for Pentester and Security Professionals \ud83d\udc47\ud83d\udca3  Credits: @NandanLohitaksh  #searchengine #attacksurface #recontips #bugbountytips #reconone  https://t.co/A6tUqpT9VH\n---\nFound a Method by which I Got Some Database Credentials leaks Recently \"Quick Tips\" Or \"writeups\" #bugbounty #cybersecurity #Hackingtime  https://t.co/atRsBJY7z0\n---\nHello  #BugBounty community, this is my first writeup about account take over hope you like  #infosecurity #bugbountytips    https://t.co/O5hUBbuSah\n---\nToday it's been 4 years working on  @Bugcrowd . I have so many great memories with @Bugcrowd, I remember my first bounty there, The first time I could change my Laptop, and remember when I could spend my summer in a new country, remember when I bought my first car. #BugBounty\n---\nNmap reconnaissance for the win \ud83d\udd25\ud83d\udd25\ud83d\udd25  nmap --script default,safe,discovery -p 80,443,8080,8443,9000,9001,9002,9003,8888,8088,8880,3000 -n -T4  -iL hosts.txt -oN output  #bugbountytips #bugbountytip #bugbounty", "creation_timestamp": "2022-06-19T13:37:04.000000Z"}, {"uuid": "b039ca52-8d48-4266-8718-642a3d5ea5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1368", "content": "CVE-2022-26809\nvuln scaner and exploit\n\u041c\u044b Hell Knights Crew \u0440\u0435\u0448\u0438\u043b\u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u043d\u0430 \u0430\u0440\u0435\u043d\u0443 \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0438 \u043c\u0438\u0440\u0435. \u0412 \u0447\u0435\u0441\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u043f\u043e\u0434 SMB \u0412 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0447\u0435\u043a\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442.\n\u0427\u0435\u043a\u0435\u0440 \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u043b\u0438\u0447\u043d\u043e \u043d\u0430\u043c\u0438. \u0421\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043d\u0430\u0448\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0434\u0440\u0443\u0433\u043e\u043c \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u043d \u0435\u0449\u0435 \u0434\u0432\u0443\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c .\n\nhttps://github.com/HellKnightsCrew/CVE-2022-26809\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-22T17:02:21.000000Z"}, {"uuid": "6f49f57e-dbc7-40b5-8269-b24214a1492a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1404", "content": "CVE-2022-26809\n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u043f\u043e\u0434 SMB \u0412 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0447\u0435\u043a\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442.\nhttps://github.com/HellKnightsCrew/CVE-2022-26809\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-27T09:01:47.000000Z"}, {"uuid": "38a48a2a-4719-40d6-a677-64ca1855bd15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/BleepingComputer/11830", "content": "Latest news and stories from BleepingComputer.com\nCritical Windows RPC CVE-2022-26809 flaw raises concerns \u2014 Patch now\n\nMicrosoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed. Therefore, all organization needs to apply Windows security updates as soon as possible. [...]", "creation_timestamp": "2022-04-15T05:58:14.000000Z"}, {"uuid": "fdc45be0-5767-4995-ba9e-c2825a772231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2759", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTHE FINAL POC FOR CVE-2022-26809 TO ACHIEVE RCE\nURL\uff1ahttps://github.com/ToomArni65/CVE-2022-26809-FINAL-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-23T02:21:37.000000Z"}, {"uuid": "93c8193c-5c43-409e-9673-8ba8127d871c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/poxek/2373", "content": "#Windows #CVE #POC\n\nRemote Procedure Call Runtime Remote Code Execution Vulnerability\nCVE-2022-26809\n\n\u0421\u043b\u0430\u0431\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Windows (RPC) \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9.8 \u043d\u0435 \u0431\u0435\u0437 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 (RCE) \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u044b RPC, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0440\u0435\u0434\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RPC. \u042d\u0442\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, \u0435\u0441\u043b\u0438 \u043f\u043e\u0432\u0435\u0437\u0435\u0442, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 Windows, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 SMB. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a \u0438\u0437\u0432\u043d\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u0435\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f, \u0442\u0430\u043a \u0438 \u043c\u0435\u0436\u0434\u0443 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u0432 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2022-09-02T12:16:19.000000Z"}, {"uuid": "1ece83b2-d841-4ba8-899c-185191f07d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/poxek/2418", "content": "#Windows #CVE #POC\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0430\u0433\u0430 \u0432 Microsoft RPC RCE\nCVE-2022-26809\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u044b \u0438\u0437-\u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-26809, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 Windows RPC. \u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043f\u043e\u0441\u043b\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2022-09-01T07:00:04.000000Z"}, {"uuid": "f2c59840-350e-4c86-966b-43c37aeb5d70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/alexmakus/4666", "content": "\u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434 \u0443 Microsoft \u0431\u044b\u043b Patch Tuesday, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n\u043e\u0431\u0449\u0435\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u0430 \nhttps://isc.sans.edu/forums/diary/Microsoft+April+2022+Patch+Tuesday/28542/\n\n\u043f\u0430\u0440\u043e\u0447\u043a\u0430 \u043e\u0441\u043e\u0431\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u0435\u0449\u0435\u0439\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24521\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26809\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24491\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24497", "creation_timestamp": "2022-04-14T14:20:14.000000Z"}, {"uuid": "a4ffa2fc-b633-449f-8f03-e45b9f18bf5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/ctinow/50331", "content": "Critical Windows RPC CVE-2022-26809 flaw raises concerns \u2014 Patch now\n\nhttps://ift.tt/6Rq2EFX", "creation_timestamp": "2022-04-15T00:56:17.000000Z"}, {"uuid": "edfe85e3-5d5e-45b2-83c0-cc5c86e8e73d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/netrunnerz/251", "content": "#Windows #CVE #POC\n\nRemote Procedure Call Runtime Remote Code Execution Vulnerability\nCVE-2022-26809\n\n\u0421\u043b\u0430\u0431\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Windows (RPC) \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9.8 \u043d\u0435 \u0431\u0435\u0437 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 (RCE) \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u044b RPC, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0440\u0435\u0434\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RPC. \u042d\u0442\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, \u0435\u0441\u043b\u0438 \u043f\u043e\u0432\u0435\u0437\u0435\u0442, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 Windows, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 SMB. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a \u0438\u0437\u0432\u043d\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u0435\u0435 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f, \u0442\u0430\u043a \u0438 \u043c\u0435\u0436\u0434\u0443 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u0432 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2022-09-24T13:01:20.000000Z"}, {"uuid": "b086881e-235a-426c-84b0-5906166cacbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/eXJ6uhsB4kT2KyMwIIgJLCK6BJUbaFQ2cqtfVl9phdXYTZg", "content": "", "creation_timestamp": "2023-03-06T19:04:24.000000Z"}, {"uuid": "07ed0011-b813-4fd9-8b71-df8483fb9db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/rgCACBqCq3yrgYu1tSjvW6F61CLUl9rwyIWqydDPRYg6Mg", "content": "", "creation_timestamp": "2022-05-20T14:20:51.000000Z"}, {"uuid": "47de32b0-9509-44b3-841b-351839c92e3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/proxy_bar/882", "content": "CVE-2022-26809\nPOC exploit\n*\n#exploit #windows", "creation_timestamp": "2022-06-18T18:54:45.000000Z"}, {"uuid": "3971111a-0434-46df-b60e-c5a333b9522a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/rQduWbuSH08JksqzTYzYNb1rXpUsWDHdj6X479n1V4dgPIg", "content": "", "creation_timestamp": "2024-08-15T21:04:58.000000Z"}, {"uuid": "0ded2e30-7861-4832-8ce8-f9f78f13ea32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/gCOuO9iWDJWvwpp0O436YDyDWUsO-HN7KVT1Z1rluXl7uA", "content": "", "creation_timestamp": "2022-07-12T09:53:44.000000Z"}, {"uuid": "c55dd13a-ca08-4273-bea9-5bd781a5fad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/LUaQa4xON7mKwimEDqe1X1noIuOQUe7lwi24BvTXfcBBsCY", "content": "", "creation_timestamp": "2022-04-28T12:43:29.000000Z"}, {"uuid": "beb15c87-cd84-4c2f-8e48-203a57a02d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/FEOCBftSnkFuxRK3Re7iTerfuaBPsbX8fZGvKKREHM94725-", "content": "", "creation_timestamp": "2022-04-17T23:43:01.000000Z"}, {"uuid": "c2ffa7e6-448b-4f70-863d-70a06853a264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/Kyc2zoRHleZWpIFI16w3E867CKH_FdWvD_ObIl8GRKgVrA", "content": "", "creation_timestamp": "2022-06-27T22:34:41.000000Z"}, {"uuid": "4b3f68c4-1001-42dd-b065-7aaa9f393f1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/1ll-2MPOn8LMCeZiE3pRF9FSDbLElStD7WsueL_I7DoNDA", "content": "", "creation_timestamp": "2022-06-27T22:32:54.000000Z"}, {"uuid": "07f107fc-07cb-42f6-a9ac-15bcfc475e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/KLri32QKmv2eUX9f8aXOdlQYKcehGW763_FlbYC-F6xuTg", "content": "", "creation_timestamp": "2022-06-19T21:49:12.000000Z"}, {"uuid": "7d777969-105a-4f0c-8a97-9c100264ee07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/gXm6O0jCrlxIiMwsyseccDQ70n-S1TfM4iyXjeh9yBop6g", "content": "", "creation_timestamp": "2022-06-19T11:05:21.000000Z"}, {"uuid": "c9e3d7a6-65d9-4137-982e-370220810186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/EJM7w_XdOJx_4ye5gLtGCmRucv1vmIgtjLocmD7nEHDGQA", "content": "", "creation_timestamp": "2022-05-19T06:21:17.000000Z"}, {"uuid": "3439a454-6140-4cc2-a240-5e476f8b3034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "exploited", "source": "https://t.me/true_secator/2844", "content": "\u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 PartchTuesday \u043e\u0442 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 0-day \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u041f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b Microsoft Windows \u0438 \u0435\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, Microsoft Defender, Microsoft Dynamics, Microsoft Edge, Exchange Server, Office, SharePoint Server, Windows Hyper-V, DNS-\u0441\u0435\u0440\u0432\u0435\u0440, Skype, .NET, Visual Studio, Windows App Store.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 10 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, 115 - \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b\u0435, \u0430 3 - \u043a\u0430\u043a \u0441\u0440\u0435\u0434\u043d\u0438\u0435, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c 47 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 47 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, 13 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 9 - \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, 3 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u00a026 \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043e\u0448\u0438\u0431\u043a\u0430\u043c \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Edge \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chromium \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u0435\u0441\u044f\u0446\u0430.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a CVE-2022-24521\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 7,8) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows Common Log File, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043a\u043b\u0430\u0434 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u0438\u043b\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u0410\u041d\u0411 \u0421\u0428\u0410, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0435 \u0437\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0440\u044f\u0434\u0430 \u0410\u0420\u0422. \u042d\u0442\u043e 15-\u044f \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0432 2022 \u0433\u043e\u0434\u0443.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2022-26904\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 7) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0441\u043b\u0443\u0436\u0431\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u0449\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430.\n\n\u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0440\u0435\u0448\u0430\u0435\u043c\u044b\u0445 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0441\u0442\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 RPC Runtime Library \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-26809\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9.8. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 ZeroDayInitiative, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u043e\u0440\u0442 (TCP-\u043f\u043e\u0440\u0442 135) \u043e\u0431\u044b\u0447\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0443 \u0441\u0435\u0442\u0438, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u044d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f.\u00a0\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a - \u0435\u0449\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u043a\u0430\u043a\u00a0CVE-2022-24491\u00a0\u0438\u00a0CVE-2022-24497.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a CVE, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 Microsoft \u043d\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2022 \u0433\u043e\u0434\u0430, \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f\u00a0\u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-04-13T16:05:03.000000Z"}, {"uuid": "acbc6057-f8b9-4a80-9de8-e313a1e4fc22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "exploited", "source": "https://t.me/NeKaspersky/2116", "content": "\u0412\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 \u043e\u0442 Microsoft: \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows \u0438 \u0432 \u0440\u044f\u0434\u0435 \u0435\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432. \n\nPartchTuesday \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b 128 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 10 \u0431\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 (\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u0432\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0435\u0439, \u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438),  \u0442\u0440\u0438 \u2014 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c, \u043a\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0438\u0437 \u0441\u0435\u0431\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c. \u0421\u0430\u043c\u0443\u044e \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS:3.1 \u0432 \u0446\u0435\u043b\u044b\u0445 9.8 \u0431\u0430\u043b\u043b\u0430 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-26809. \u0421\u0432\u044f\u0437\u0430\u043d\u0430 \u043e\u043d\u0430 \u0441 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u043e\u0439 \u0441\u0440\u0435\u0434\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f (Remote Procedure Call Runtime Library) Windows \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438. \u0415\u0451 \u0438 CVE-2022-24491 \u0438 CVE-2022-24497 (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c Windows Network File System) \u0441\u0447\u0438\u0442\u0430\u043b\u0438 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438, \u0442\u043e \u0435\u0441\u0442\u044c \u043e\u043d\u0438 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e \u0441\u0435\u0442\u0438.\n\n\u0414\u0430\u043b\u0435\u0435 \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0435, \u043d\u043e \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043f\u043e \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0434\u0435\u0442 CVE-2022-24521 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS:3.1 \u0432 7.8. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0430\u043b\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0435\u0449\u0435 \u0434\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f, \u043e\u043d\u0430 \u0441\u0447\u0438\u0442\u0430\u043b\u0430\u0441\u044c \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u041d\u0430\u0445\u043e\u0434\u0438\u043b\u0430\u0441\u044c \u043e\u043d\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b CLFS (Common Log File System) Windows \u0438 \u0431\u044b\u043b\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u0443\u0440\u043e\u0432\u043d\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\nCVE-2022-26904 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows (Windows User Profile Service), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0415\u0439 \u0431\u044b\u043b\u0430 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0430 \u043e\u0446\u0435\u043d\u043a\u0430 \u0432 7.0 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS:3.1. \u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u0441\u043b\u0443\u0447\u0430\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u043f\u0440\u043e\u0447\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b. \u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0430\u0442\u0447\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 Microsoft Windows \u0438 \u0435\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b: Microsoft Defender, Microsoft Dynamics, Microsoft Edge, Exchange Server, Office, SharePoint Server, Windows Hyper-V, DNS-\u0441\u0435\u0440\u0432\u0435\u0440, Skype, .NET, Visual Studio, Windows App Store. \n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u043c\u0435\u044e\u0442 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043e\u0431\u0449\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0441\u0442\u044c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n@NeKaspersky", "creation_timestamp": "2022-04-14T13:46:52.000000Z"}, {"uuid": "e8c9d116-4672-4977-9c07-21063b10ff8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/true_secator/2854", "content": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows \u043f\u043e\u043f\u0430\u043b\u0438 \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b\u044b \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\n\u0412\u0441\u0435 \u0434\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Microsoft \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows RPC CVE-2022-26809 \u0432 \u043f\u0430\u0431\u043b\u0438\u043a\u0435 \u043f\u0440\u043e\u0441\u043e\u0447\u0438\u043b\u0438\u0441\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043b\u0435\u0447\u044c \u0432 \u043e\u0441\u043d\u043e\u0432\u0443 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 Microsoft (RPC) \u2014 \u044d\u0442\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0441\u0432\u044f\u0437\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433 \u0441 \u0434\u0440\u0443\u0433\u043e\u043c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u044d\u0442\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442\u044b TCP, \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e 445 \u0438 135.\n\n\u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u0441\u0435\u0442 \u0432 \u0441\u0435\u0431\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0432 \u0441\u0438\u043b\u0443 \u0435\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c \u0441 Blaster 2003 \u0433\u043e\u0434\u0430, Wannacry 2017 \u0433\u043e\u0434\u0430 \u0438 Eternal Blue.\n\n\u0412\u0435\u0434\u044c \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u043b\u044e\u0431\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u0441\u044f \u0441 \u0442\u0435\u043c \u0436\u0435 \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0447\u0442\u043e \u0438 RPC-\u0441\u0435\u0440\u0432\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043f\u043e\u043b\u043d\u044b\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438.\n\n\u041a \u044d\u0442\u043e\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438\u0437 Akamai \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0432 rpcrt4.dll. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043d\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043a\u043e\u0433\u0434\u0430 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043f\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0431\u0443\u0444\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043c\u0430\u043b \u0434\u043b\u044f \u0435\u0433\u043e \u0437\u0430\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f. \u042d\u0442\u043e, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0443. \u041f\u0440\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u043e\u0442 \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043c\u043e\u0433 \u0438 \u0410\u043d\u0442\u043e\u043d\u0438\u043e \u041a\u043e\u043a\u043e\u043c\u0430\u0446\u0438 \u0438\u0437 Sentinel One \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u043c RPC-\u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0430 \u043d\u0435 \u043d\u0430 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u0435 Windows, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0432, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f RPC.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u043b \u041c\u044d\u0442\u044c\u044e \u0425\u0438\u043a\u0438\u00a0\u0438\u0437 Hacker House, \u0443\u044f\u0437\u0432\u0438\u043c\u0430\u044f rpcrt4.dll \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 Microsoft, \u043d\u043e \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u043a\u043b\u0438\u0435\u043d\u0442/\u0441\u0435\u0440\u0432\u0435\u0440, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0430\u0433\u0435\u043d\u0442\u043e\u0432 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u044b, \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0438 \u0434\u0430\u0436\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 RPC.\n\n\u041f\u043e\u043a\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430\u0434 \u0432\u044b\u044f\u0441\u043d\u0435\u043d\u0438\u0435\u043c \u0432\u0441\u0435\u0445 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0438, \u0430 \u0443\u043c\u0435\u043b\u044c\u0446\u044b \u043f\u0438\u043b\u044f\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday, \u0447\u0442\u043e \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043e\u0436\u0438\u0434\u0430\u044e\u0442 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438.", "creation_timestamp": "2022-04-15T14:33:06.000000Z"}, {"uuid": "deef3e39-92c7-47ce-a86a-c9ce1c2fd7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2968", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cyble \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0435\u0439 Infosec-\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u043c PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 Cobalt Strike.\n\n\u0412\u0441\u0435 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0441 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0432 Twitter, \u0430\u0432\u0442\u043e\u0440 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0440\u0430\u0437\u043e\u0431\u043b\u0430\u0447\u0438\u043b \u043c\u0430\u043b\u0432\u0430\u0440\u044c, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Proof of Concept \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 RPC Runtime Library (CVE-2022-26809 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 9.8), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0447\u0435\u0440\u0435\u0437 GitHub.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430\u0448\u0435\u043b\u0441\u044f \u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u0434 POC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2022-24500 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437\u0435\u0446, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u043b\u0441\u044f \u0432 GitHub. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0431\u0430 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043e\u0434\u043d\u043e\u043c\u0443 \u0438 \u0442\u043e\u043c\u0443 \u0436\u0435 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0443, \u044f\u0432\u043b\u044f\u044e\u0449\u0435\u043c\u0443\u0441\u044f \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0430\u043a\u0442\u043e\u0440\u043e\u043c \u0432\u0441\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043e\u0442\u0441\u043b\u0435\u0434\u0438\u043b\u0438 \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430 \u0418\u0411\u044d\u0448\u043d\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e \u043f\u043e\u0434 \u0432\u0438\u0434\u043e\u043c PoC.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u041f\u041e \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b .Net, \u0443\u043f\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439\u00a0ConfuserEX, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0438\u043a\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0432 \u043a\u043e\u0434\u0435 \u043d\u0438 \u0441\u0442\u0440\u043e\u0447\u043a\u0438 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0432 PoC \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u043e \u0444\u0430\u043a\u0442\u0443 \u043c\u0430\u043b\u0432\u0430\u0440\u044c \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e \u0438\u043c\u0438\u0442\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438,  \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u0432 \u0444\u043e\u043d\u0435 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 PowerShell \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e cmd.exe \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 Cobalt-Strike.\u00a0\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0433\u043e \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043a\u043e\u0432\u044b\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0439.\n\n\u041f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0435\u043c\u0441\u044f \u043a Cyble \u0438 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0430\u0441\u0442\u0430\u0438\u0432\u0430\u0435\u043c \u043d\u0430 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043e\u0442\u0447\u0435\u0442 \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u0435\u043d \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043e\u0431\u0449\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u043d\u0435\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IoC) \u043a\u0430\u0441\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.", "creation_timestamp": "2022-05-23T13:28:32.000000Z"}, {"uuid": "f6992468-4ec7-4ae2-9a27-aec3758a05d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/9YodqGzYt7fMfPCSrfrC5uGZWj9rcCmN39sFiHxIbTU53Ss", "content": "", "creation_timestamp": "2022-04-26T14:00:24.000000Z"}, {"uuid": "b87511d3-728b-40d9-8aa0-f63b254f6b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/829", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccSlient-Doc-Pdf-Exploit-Builder-Fud-Malware-Cve\n\ud83d\udcccZheTian Powerful Anti Anti-Virus Trojan horse generator\n\ud83d\udcccgpu poisoning; hide the payload inside the gpu memory.\n\ud83d\udcccJNPF_Chinese_Government_Contractor Leak\n\ud83d\udcccShodan Search Script\n\ud83d\udcccCloud7 Bot\n\ud83d\udcccFacebook 700m Leak (2021)\n\ud83d\udcccWordpress Mass Exploit : Augmented Reality\n\ud83d\udcccRed Rabbit Framework\n\ud83d\udcccZombie Bot from Darkweb\n\ud83d\udcccPoC for CVE-2022-26809, analisys and considerations are shown in the github.io\n\ud83d\udcccInvicti Professional Edition 6.6.0.36485\n\ud83d\udcccxRay_Web_Vulnerability_Scanner_Advanced_v1_8_5_x64_Full_Activated\n\ud83d\udcccReflex AV Bypass\n\ud83d\udcccPoC exploit for WinRing0\n\ud83d\udcccCVE-2022-1609 WordPress Weblizar Backdoor\n\ud83d\udcccPwnbolt\n\ud83d\udcccU-Boat\n\ud83d\udcccKernel Exploits\n\ud83d\udcccIos15_exploits_POC: my iOS applications for iOS 15.1\n\ud83d\udcccSosedi.by Leak\n\ud83d\udcccShein Leak\n\ud83d\udccckyivstar.ua Leak\n\ud83d\udcccstink: Stealer in just 2 lines with sending to Telegram\n\ud83d\udcccSnapChat Leak\n\ud83d\udccchijagger: Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration\n\ud83d\udcccSysmonQuiet Reflective DLL\n\ud83d\udccccgaty - Hooking the GDT Installing a Call Gate\n\ud83d\udccchttp redirector\n\ud83d\udcccLink - Link is a general RL framework to find reflected XSS vulnerabilities in a black-box and fully automatic manner\n\ud83d\udcccParagon\n\ud83d\udccc3snake - Dump sshd and sudo credential related strings\n\ud83d\udcccCrackerJack - Web GUI for #Hashcat developed in #Python.\n\ud83d\udccchaxx - Untethered + Unsandboxed code execution haxx as root on iOS 14 \u2013 iOS 14.8.1.\n\ud83d\udcccPE-infector - Crossplatform tool for inject shellcode into .exe binaries (x86 and 64).\n\ud83d\udcccBOF-Nim\n\ud83d\udcccPostDump\n\ud83d\udcccbear.tax Crypto Database full dump source +API codes\n\ud83d\udcccMobiFriends 2.6M Leak\n\ud83d\udcccElector.co.il Leak\n\ud83d\udcccChisel Strike\n\ud83d\udcccxhunter: Remote Administrator Tool [ RAT For Android ] No Port Forwarding\n\ud83d\udcccNotes and IoCs of fresh malware\n\ud83d\udccc29Million Wordpress + TOP Macro password 2525 list 2022 HQ\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-12T10:52:54.000000Z"}, {"uuid": "dad68b35-69c9-4460-9786-60688ab29e39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "Telegram/ogqsgv2CO216AvReimRPoXqKXCk681V6FOfeEwiUElM-h7Y", "content": "", "creation_timestamp": "2022-04-21T09:56:53.000000Z"}, {"uuid": "ae37281b-0c59-415a-9634-675e52c704c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/560", "content": "\u200bCVE-2022-26809 RCE Exploit\n\nWeakness in a core Windows component (RPC) earned a CVSS score of 9.8 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtime. \n\nThat critcal bug, with a bit of luck, allows to gain access to unpatched Windows host running SMB. The vulnerability can be exploited both from outside the network in order to breach it as well as between machines in the network.\n\nhttps://github.com/rkxxz/CVE-2022-26809\n\nVendor Information:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809\nhttps://www.pwndefend.com/2022/04/14/cve-2022-26809/\n\n#cve #poc #exploit", "creation_timestamp": "2022-05-20T14:09:37.000000Z"}, {"uuid": "22f4d6d3-900c-405a-9855-4f54cbba7b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2201", "content": "#CVE-2022\n\nmetasploit and python module for CVE-2022-26809 windows rpc rce via smb 445\n\nhttps://github.com/Ziggy78/CVE-2022-26809-RCE\n\n@BlueRedTeam", "creation_timestamp": "2022-07-04T11:45:17.000000Z"}, {"uuid": "efdd6bf7-4ebb-446a-8fcc-f2b31e701723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/1688", "content": "CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS Institute\nhttps://www.youtube.com/watch?v=fQ06VUq3kd8\n\nExploiting Windows RPC - CVE-2022-26809 Explained | Patch Analysis\nhttps://www.youtube.com/watch?v=GGlwy3_jVYE&t=2s", "creation_timestamp": "2022-04-19T18:45:00.000000Z"}, {"uuid": "9c17267f-fb0a-4185-8dc6-264157be2dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/kasperskyb2b/138", "content": "\u041d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0435 \u043f\u0440\u043e\u0444\u0438 \u043d\u0435 \u0431\u0435\u0433\u0430\u044e\u0442 \u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u043e\u043d\u0438 \u0438\u0445 \u0437\u0430\u043f\u0440\u0435\u0449\u0430\u044e\u0442 \ud83d\ude0e\n\n\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u0435\u0440\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0438\u043c\u043c\u0443\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0440\u0438\u0439. \u0412 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043e\u043a.\n\u0413\u043e\u0434 \u0435\u0449\u0435 \u043d\u0435 \u0437\u0430\u043a\u043e\u043d\u0447\u0438\u043b\u0441\u044f, \u0430 \u0432 \u041e\u0421 Microsoft Windows 10 \u0443\u0436\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 358 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 97 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \n\n\u0412\u043e\u0442 \u043c\u0438\u043d\u0438-\u043e\u0431\u0437\u043e\u0440 \u0441\u0432\u0435\u0436\u0438\u0445 CVE, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435:\n\u2022 CVE-2022-26809 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\u2022 \u0414\u0432\u0435 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Network File System (NFS) \u2014 CVE-2022-24491 \u0438 CVE-2022-24497 \u2014 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0443\u0436\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b NFS.\n\u2022 CVE-2022-24521 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 Common Log File System (CLFS) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f (\u0445\u043e\u0442\u044f \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435).\n\u2022 CVE-2022-26925, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a LSA Spoofing, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0432\u044b\u0437\u0432\u0430\u0432 \u043c\u0435\u0442\u043e\u0434 LSARPC-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430.\n\n\u0413\u043b\u044f\u0434\u044f \u043d\u0430 \u044d\u0442\u0443 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443, \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u041e\u0421 \u0438 \u041f\u041e \u0436\u0438\u0437\u043d\u0435\u043d\u043d\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e. \u041c\u044b \u0438 \u0441\u0430\u043c\u0438 \u043f\u0440\u0438 \u043a\u0430\u0436\u0434\u043e\u043c \u0443\u0434\u043e\u0431\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u043c \u043d\u0435 \u043f\u0440\u0435\u043d\u0435\u0431\u0440\u0435\u0433\u0430\u0442\u044c \u0430\u043f\u0434\u0435\u0439\u0442\u0430\u043c\u0438 \u0438 \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u043f\u0430\u0442\u0447\u0438, \u0432\u0435\u0434\u044c \u043c\u0438\u0440 \u0436\u0435\u0441\u0442\u043e\u043a \u0438 \u043f\u043e\u043b\u043e\u043d \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041d\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0430 \u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f, \u0438 \u043f\u0440\u0438\u043d\u0446\u0438\u043f \u0433\u043e\u043d\u043a\u0438 \u00ab\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 \u0430\u043d\u0442\u0438\u0434\u043e\u0442\u00bb \u043f\u043e\u0442\u0438\u0445\u043e\u043d\u044c\u043a\u0443 \u0438\u0437\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0431\u044f. \u0415\u043c\u0443 \u043d\u0430 \u0441\u043c\u0435\u043d\u0443 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442 \u043f\u0440\u0438\u043d\u0446\u0438\u043f \u043a\u0438\u0431\u0435\u0440\u0438\u043c\u043c\u0443\u043d\u0438\u0442\u0435\u0442\u0430. \n\n\u0412 KasperskyOS \u0438 \u043a\u0438\u0431\u0435\u0440\u0438\u043c\u043c\u0443\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043d\u0430 \u0435\u0435 \u0431\u0430\u0437\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 Default Deny (\u0437\u0430\u043f\u0440\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0434\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u043c \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u044f\u0432\u043d\u043e \u043d\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043e \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043e\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043b\u043e\u0449\u0430\u0434\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043e\u0431 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2022-09-09T15:27:01.000000Z"}, {"uuid": "ed51ac11-cdb8-4f50-9ed9-b7e6db244c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1947", "content": "#exploit\n\n+ CVE-2022-26809:\nWeakness in a core Windows 7/10/Server2019/2022 component (RPC)\nhttps://github.com/XmasSnow/CVE-2022-26809-RCE\n\n+ CVE-2022-29072:\n7-Zip <21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area (0-day)\nhttps://github.com/kagancapar/CVE-2022-29072\n\n@BlueRedTeam", "creation_timestamp": "2022-04-17T08:35:15.000000Z"}, {"uuid": "4db63f04-c891-4a11-b81e-91fe8fa370e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2081", "content": "#CVE-2022\n\nDetects attempts and successful exploitation of CVE-2022-26809\n\nhttps://github.com/corelight/cve-2022-26809\n\n@BlueRedTeam", "creation_timestamp": "2022-05-17T17:41:33.000000Z"}, {"uuid": "e0240898-91e9-4b2e-ab0b-baa3a89d97b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1968", "content": "#CVE-2022\n\nThis repository contains a PoC for  remote code execution CVE-2022-26809\n\nhttps://github.com/DESC0N0C1D0/CVE-2022-26809-RCE\n\n@BlueRedTeam", "creation_timestamp": "2022-04-21T08:45:02.000000Z"}, {"uuid": "603eaf0d-735d-412f-8cad-e3400401ed02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "exploited", "source": "https://t.me/xakep_ru/12241", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0430\u0433\u0430 \u0432 Microsoft RPC\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u044b \u0438\u0437-\u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-26809, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 Windows RPC. \u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\nhttps://xakep.ru/2022/04/15/cve-2022-26809/", "creation_timestamp": "2022-04-15T21:04:08.000000Z"}, {"uuid": "b0970815-ff66-406b-95b5-13bd18da5c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/45", "content": "https://github.com/HellKnightsCrew/CVE-2022-26809", "creation_timestamp": "2022-04-19T02:40:05.000000Z"}, {"uuid": "811a0364-b636-406c-9c86-fbba7f4c83aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/60", "content": "https://github.com/DESC0N0C1D0/CVE-2022-26809-RCE", "creation_timestamp": "2022-04-21T09:18:22.000000Z"}, {"uuid": "969e84cb-416d-40e6-ae5a-08ab3a0cb1de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/Q9kBH2YEOkZxkL-oU6J6pvm6XIzvotmci13eXCVky8pcGctI", "content": "", "creation_timestamp": "2022-04-20T03:28:18.000000Z"}, {"uuid": "ee796cd4-8333-45fa-bcb1-b379eb4f338a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/vxunderground/810", "content": "You may not like it, but this is what a real 0day looks like. \ud83d\ude02\n\n*Hoax CVE-2022-26809 proof-of-concept published by \"rkxxz\", image courtesy of Podalirius_", "creation_timestamp": "2022-05-20T17:31:41.000000Z"}, {"uuid": "6158d7a0-c2b5-48b3-8c37-9736b676c425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6326", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (June 1-30)\n\nCVE-2022-30190 - Follina exploit\nCVE-2022-26134 - OGNL injection in Atlassian Confluence Server/Data Center\nCVE-2022-26809 - Weakness in a core Windows 7/10/Srv19/22 component (RPC)\nCVE-2022-30075 - TP-Link AX50 Auth RCE\nCVE-2022-23222 - Linux Kernel eBPF LPE\nCVE-2022-32275 - Grafana 8.4.3 allows reading files\nCVE-2022-26937 - Windows NFS NLM Portmap Stack Buffer Overflow\nCVE-2022-23088 - Heap Overflow in FreeBSD Wi-Fi Stack\nCVE-2022-31626 - RCE in PHP <=7.4.29\nCVE-2022-30333 - Dir Traversal in rar", "creation_timestamp": "2024-10-12T06:49:41.000000Z"}, {"uuid": "3eed6be5-ee07-48ff-8137-4e45a7f33426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5824", "content": "#exploit\n1. CVE-2022-26809:\nWeakness in a core Windows 7/10/Server2019/2022 component (RPC)\nhttps://github.com/XmasSnow/CVE-2022-26809-RCE\n\n2. CVE-2022-29072:\n7-Zip <21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area (0-day)\nhttps://github.com/kagancapar/CVE-2022-29072", "creation_timestamp": "2022-04-17T13:42:19.000000Z"}, {"uuid": "9eb2f60c-eff8-457e-a90a-31366b153409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5877", "content": "#reversing\n#Threat_Research\nReversing an RPC Vulnerability -\nCVE-2022-26809 Explained\nhttps://www.malwaretech.com/2022/04/video-exploiting-windows-rpc-cve-2022-26809-explained-patch-analysis.html", "creation_timestamp": "2022-05-14T12:31:02.000000Z"}, {"uuid": "391e91e7-e792-4817-a049-ae7d90864d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "seen", "source": "Telegram/SpRtBzvZQ9-cUVeLJyj_T3grE3BpBnuQxgG-zCfp2IJUJNM", "content": "", "creation_timestamp": "2022-06-26T23:22:10.000000Z"}, {"uuid": "86d3fa02-73b6-4f59-a7b3-b4c58339005c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/dc7342/51089", "content": "CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS Institute\nhttps://www.youtube.com/watch?v=fQ06VUq3kd8\n\nExploiting Windows RPC - CVE-2022-26809 Explained | Patch Analysis\nhttps://www.youtube.com/watch?v=GGlwy3_jVYE&t=2s", "creation_timestamp": "2022-04-20T00:43:49.000000Z"}, {"uuid": "d236d272-735f-4a1c-b39d-2ac9b22a1050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26809", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1051", "content": "CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS Institute\nhttps://www.youtube.com/watch?v=fQ06VUq3kd8\n\nExploiting Windows RPC - CVE-2022-26809 Explained | Patch Analysis\nhttps://www.youtube.com/watch?v=GGlwy3_jVYE&t=2s", "creation_timestamp": "2024-11-09T03:51:21.000000Z"}]}