{"vulnerability": "CVE-2022-2792", "sightings": [{"uuid": "0fab7a4b-3f84-44d7-9c01-c124b4cbd7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "MISP/b7effe8d-f245-44fd-94ef-5f2f693cfb06", "content": "", "creation_timestamp": "2022-09-30T08:50:28.000000Z"}, {"uuid": "5083ea9b-fbe4-4d86-92a6-01a2f38b3bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "MISP/f6514ab9-c7ca-4a21-a3c5-8cffbc6e32db", "content": "", "creation_timestamp": "2023-03-30T13:10:31.000000Z"}, {"uuid": "4cd5cf7d-3fae-4746-91ac-3b7d773dbcd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27924", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "7a859b44-4fb3-4959-8d7c-dea9493a266c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "2a684821-a4ff-435d-a8bc-9130cdbd88d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "c2df3359-cc46-4ca8-92cc-cc122aed3686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce", "content": "", "creation_timestamp": "2024-02-29T13:50:13.000000Z"}, {"uuid": "5ffe9c33-7790-4ddd-81e5-60221c940e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27924", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971675", "content": "", "creation_timestamp": "2024-12-24T20:32:39.684711Z"}, {"uuid": "6f1ecc44-3753-46e8-91c6-85c7048640a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971678", "content": "", "creation_timestamp": "2024-12-24T20:32:41.939047Z"}, {"uuid": "5c8934aa-9027-4811-8bac-1e779bfbf37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971679", "content": "", "creation_timestamp": "2024-12-24T20:32:42.740856Z"}, {"uuid": "6deb6adc-c279-4cff-8730-6090d94cb8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971790", "content": "", "creation_timestamp": "2024-12-24T20:34:05.861214Z"}, {"uuid": "ccb50317-a045-429d-8986-640ff8eb7c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "9e9cc2e6-1469-445c-b62d-96d5a3e421e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://infosec.exchange/users/saltmyhash/statuses/114039171548967342", "content": "", "creation_timestamp": "2025-02-21T01:01:38.284518Z"}, {"uuid": "2e1489a7-5cb0-4441-ab3f-01e665284a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:45.000000Z"}, {"uuid": "74280be3-46a0-4d42-a880-b2b3d17a18f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:37.000000Z"}, {"uuid": "1297ba44-6af8-478f-9e14-3ce3a5c59d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27924", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "f58136f2-dea3-40a1-bcde-9d47ecdd919e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:37.000000Z"}, {"uuid": "2ddae736-1991-4f19-8784-c97bc98534fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27926", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3mduyd54nkc2s", "content": "", "creation_timestamp": "2026-02-02T13:48:07.096645Z"}, {"uuid": "11161529-5b8e-460f-ad51-646617779ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zimbra_mboximport_cve_2022_27925.rb", "content": "", "creation_timestamp": "2022-08-23T17:44:46.000000Z"}, {"uuid": "1acf6176-c198-4cdb-ba56-594922919503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27924", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbuej7a76y24", "content": "", "creation_timestamp": "2026-01-07T21:03:20.173828Z"}, {"uuid": "c00c93e1-8641-4f70-9534-a28643c87235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "f85c7300-6d49-4aca-b15e-708b0cbc5add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0647d977-365d-4d49-9ed9-647141648903", "content": "", "creation_timestamp": "2026-02-02T12:27:17.708558Z"}, {"uuid": "368b9be3-72a6-490a-a3fd-27e5a84bd540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-27924", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e0f28782-b68a-48c6-ba25-00c324fdec21", "content": "", "creation_timestamp": "2026-02-02T12:27:18.201134Z"}, {"uuid": "a9184da9-8f32-4d96-88e9-620cf4858887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-27926", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/34458a75-2d82-4e03-9785-bc38c0481013", "content": "", "creation_timestamp": "2026-02-02T12:27:02.277403Z"}, {"uuid": "450d1c7f-753a-4c7e-a6e5-94bed3d636d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2989", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aZimbra CVE-2022-27925\nURL\uff1ahttps://github.com/Josexv1/CVE-2022-27925\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-20T16:04:19.000000Z"}, {"uuid": "90eb2f78-a157-49e6-9b62-774c54189b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27927", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1730", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-27927 Microfinance Management System V1.0 SQL Injection Vulnerability\nURL\uff1ahttps://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-28T06:48:33.000000Z"}, {"uuid": "51daed0c-7e86-44f6-91b3-4b32d95f038d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3049", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)\nURL\uff1ahttps://github.com/Chocapikk/CVE-2022-27925-Revshell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-27T03:12:05.000000Z"}, {"uuid": "d57112a9-9431-42dc-8acf-3000fc7dd734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2985", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aZimbra_Collaboration_CVE-2022-37042-_CVE-2022-27925\nURL\uff1ahttps://github.com/GreyNoise-Intelligence/Zimbra_Collaboration_CVE-2022-37042-_CVE-2022-27925\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-22T01:17:51.000000Z"}, {"uuid": "b91f042f-f2b5-4908-97c5-f7eeb0aba913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/itsec_news/1182", "content": "\u200b\ud83d\udd13 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Zimbra \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\ud83d\udcac \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0443\u0433\u0440\u043e\u0437 Volexity, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Zimbra Collaboration Suite \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 ZCS \u0441 \u043a\u043e\u043d\u0446\u0430 \u0438\u044e\u043d\u044f.\n\n\u2014 RCE-\u043e\u0448\u0438\u0431\u043a\u0430 CVE-2022-27925 \u0443\u043f\u0440\u043e\u0441\u0442\u0438\u043b\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u0430 \u043d\u0430 \u0434\u0438\u0441\u043a \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430   \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u043d\u0430\u0437\u0430\u0434. \u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\u2014 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2022-37042 \u2014 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f RCE-\u043e\u0448\u0438\u0431\u043a\u043e\u0439.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0442\u044c \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0441\u0442\u0430\u0445 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0421\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a Zimbra \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b, \u0438 \u043f\u0440\u0438\u0437\u0432\u0430\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 Zimbra 8.8.12 Patch 33 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 Zimbra 9.0.0 Patch 26 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 Volexity, \u0431\u043e\u043b\u0435\u0435 1.000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ZCS \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443 \u0443\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u044d\u0442\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b ZCS \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430\u043c \u0438 \u043c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430\u043c, \u0432\u043e\u0435\u043d\u043d\u044b\u043c \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430\u043c \u0438 \u0432\u0441\u0435\u043c\u0438\u0440\u043d\u044b\u043c \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c \u0441 \u0434\u043e\u0445\u043e\u0434\u043e\u043c \u0432 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u044b \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432.\n\nZimbra \u2014 \u044d\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 200.000 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 140 \u0441\u0442\u0440\u0430\u043d, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 1.000 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439.\n\n#Zimbra #\u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0412\u0437\u043b\u043e\u043c #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-08-13T07:34:20.000000Z"}, {"uuid": "d87fc6cc-9508-450e-be10-7840d3311867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/290", "content": "\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f Zimbra RCE: CVE-2022-27925 - CVE-2022-37042\n\n\u2014\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0420\u0421\u0415 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u0434\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.8.15P31 \u0438 9.0.0P24 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e zip-\u0430\u0440\u0445\u0438\u0432\u0430. \n\n\u2014\u041d\u0430\u0439\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0448\u043e\u0434\u0430\u043d\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e \u0434\u043e\u0440\u043a\u0443: \nhttp.favicon.hash:\"1624375939\"\n\u0418\u043b\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e CLI \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0434\u043b\u044f \u043d\u0443\u043a\u043b\u0435\u044f:\nshodan search 'http.favicon.hash:\"1624375939\"' --fields ip_str --limit 1000 > zimbra_urls.txt \n\n\u2014\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u0430 Nuclei \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435:\nNuclei Template \n\n\u2014\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u044d\u0442\u043e\u0439 \u0443\u0442\u0438\u043b\u0438\u0442\u043e\u0439 (\u0412 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 email \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u043c \u0441\u043b\u043e\u0432\u043e admin), \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0443\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043d\u0443\u0436\u043d\u044b\u0435 \u0437\u0438\u043f-\u0430\u0440\u0445\u0438\u0432\u044b:\nPoC \npython3 zimbra-exploit.py https://ip admin\n\n\u2014 \u0414\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0434 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u0432\u044b\u0448\u0435\n\n\u2014\u0421\u0441\u044b\u043b\u043a\u0438 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0434\u0430\u043d\u043d\u043e\u0439 CVE:\n\u0421\u0442\u0430\u0442\u044c\u044f 1 \n\u0421\u0442\u0430\u0442\u044c\u044f 2 \n\n\u2014\u0422\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.\n\n\n#cve", "creation_timestamp": "2022-08-21T10:44:51.000000Z"}, {"uuid": "359d4572-60ab-47da-8756-8708f994268e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/ptswarm/123", "content": "\u26a0\ufe0fSynacor fixed an Authenticated RCE (CVE-2022-27925) in Zimbra Collaboration Suite found by our researcher Mikhail Klyuchnikov.\n\nSo far, no advisory, but the patch is available: https://wiki.zimbra.com/wiki/Security_Center", "creation_timestamp": "2022-05-05T14:03:26.000000Z"}, {"uuid": "a9437a6f-b193-40d6-a4c8-ae9eed288de6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "Telegram/Al5s1pu9DlCNMnH7rJt2q5NFKP_tt6i0TJLpRuR3HfdnDhA", "content": "", "creation_timestamp": "2022-12-05T04:24:48.000000Z"}, {"uuid": "0eb0e83c-67a7-47b7-a79a-e0b5c7dd8c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/monkey_hacker/28", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T07:00:36.000000Z"}, {"uuid": "7b738b95-30da-4cc7-a7d8-a65b89a705f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/package_security/17", "content": "\u200b\ud83c\udfc6 \u0418\u0442\u043e\u0433\u0438 \u0433\u043e\u0434\u0430\n\n\u041d\u0430\u0441\u0442\u0430\u043b\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043e \u0440\u0430\u0431\u043e\u0447\u0435\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u0435.\n2\u043a22 \u0433\u043e\u0434 \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u043a \u043a\u043e\u043d\u0446\u0443, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u043f\u043e\u0440\u0430 \u043f\u043e\u0434\u0432\u043e\u0434\u0438\u0442\u044c \u0438\u0442\u043e\u0433\u0438.\n\n\u0423 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u043e\u0432, \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u0433\u0434\u0430, \u0438\u0442\u043e\u0433\u0438 \u0441\u0432\u043e\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u0435\u0440\u0436\u0438\u0442\u0435 \u0422\u041e\u041f-10 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 2022 \u0433\u043e\u0434\u0443 \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Cyber Threat Intelligence:\n\n1. Follina (CVE-2022-30190) \n\n2. Log4Shell (CVE-2021-44228) \n\n3. Spring4Shell (CVE-2022-22965) \n\n4. F5 BIG-IP (CVE-2022-1388) \n\n5. Google Chrome zero-day (CVE-2022-0609) \n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882) \n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040) \n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352) \n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134) \n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n\u0411\u0443\u0434\u044c\u0442\u0435 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u044b, \u0431\u0435\u0440\u0435\u0433\u0438\u0442\u0435 \u0441\u0435\u0431\u044f \u0438 \u0432\u0430\u0448\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\nP.S. \u041d\u0438\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0438\u043a\u0447\u0430 \u0441 \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u044b\u043c\u0438 \u0438\u043a\u043e\u043d\u043a\u0430\u043c\u0438\n\n#\u041f\u043e\u043b\u0435\u0437\u043d\u043e\u0435\n\n\u041f\u0430\u043a\u0435\u0442 \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438", "creation_timestamp": "2022-12-16T15:56:36.000000Z"}, {"uuid": "e5e2de76-aff1-4fb4-ab89-b6ec46523950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "Telegram/dZnZi6ug0WeSWlcqH71INgtRjHAPFNi08Gbp-MDfqLE-", "content": "", "creation_timestamp": "2023-10-23T19:47:41.000000Z"}, {"uuid": "7b885a02-edcc-4296-9c9c-3845d0df76f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1244", "content": "wget https://raw.githubusercontent.com/SecTheBit/CVE-2022-1388/main/bigip.yaml\nhttps://github.com/rafaelwdornelas/my-nuclei-templates\nhttps://github.com/Akokonunes/Private-Nuclei-Templates\nhttps://github.com/trungkay2/Nuclei-template\nhttps://github.com/Kaue-Navarro/Templates-kaue-nuclei\nhttps://github.com/1dayluo/My-Nuclei-Templates\nhttps://github.com/topscoder/nuclei-wordfence-cve\nhttps://github.com/drfabiocastro/certwatcher-templates\nhttps://github.com/erickfernandox/nuclei-templates\nhttps://github.com/damon-sec/Nuclei-templates-Collection\nhttps://github.com/ptyspawnbinbash/template-enhancer\nhttps://github.com/abbycantcode/Nuclei-Template\nhttps://github.com/ayadim/Nuclei-bug-hunter\nhttps://github.com/pacho15/mynuclei_templates\nhttps://github.com/soumya123raj/Nuclei\nhttps://github.com/soapffz/myown-nuclei-poc\nhttps://github.com/zer0yu/Open-PoC\nhttps://github.com/SumedhDawadi/Custom-Nuclei-Template\nhttps://github.com/coldrainh/nuclei-ByMyself\nhttps://github.com/binod235/nuclei-templates-and-reports\nhttps://github.com/mbskter/Masscan2Httpx2Nuclei-Xray\nhttps://github.com/luck-ying/Library-YAML-POC\nhttps://github.com/PedroFerreira97/nuclei_templates\nhttps://github.com/Odayex/Random-Nuclei-Templates\nhttps://github.com/Hunt2behunter/nuclei-templates\nhttps://github.com/mastersir-lab/nuclei-yaml-poc\nhttps://github.com/SirAppSec/nuclei-template-generator-log4j\nhttps://github.com/souzomain/mytemplates\nhttps://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins\nhttps://github.com/0xPugazh/my-nuclei-templates\nhttps://github.com/UltimateSec/ultimaste-nuclei-templates\nhttps://github.com/h0tak88r/nuclei_templates\n# https://github.com/0XParthJ/Nuclei-Templates\n# https://github.com/1dayluo/My-Nuclei-Templates\n# https://github.com/Aituglo/nuclei-templates\n# https://github.com/ChiaraNRTT96/BountySkill\n# https://github.com/Linuxinet/nuclei-templates\n# https://github.com/Nithissh0708/Custom-Nuclei-Templates\n# https://github.com/abbycantcode/Nuclei-Template\n# https://github.com/foulenzer/foulenzer-templates\n# https://github.com/joanbono/nuclei-templates\n# https://github.com/pacho15/mynuclei_templates\n# https://github.com/themastersunil/Nuclei-TamplatesBackup.git\n# https://github.com/themastersunil/nucleiDB\n# https://github.com/trungkay2/Nuclei-template\n# https://github.com/shubham-rooter/Nuclei-Template-Collection\nhttps://github.com/0xElkot/My-Nuclei-Templates\nhttps://github.com/0xmaximus/final_freaking_nuclei_templates\nhttps://github.com/10kHacktech/nuclei_templates\nhttps://github.com/2jung/nuclei-templates\nhttps://github.com/Arvinthksrct/alltemplate\nhttps://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template\nhttps://github.com/ChristianWeiler/custom-nuclei-templates\nhttps://github.com/DoubleTakes/nuclei-templates\nhttps://github.com/Elsfa7-110/log4jNuclei\nhttps://github.com/ExpLangcn/NucleiTP\nhttps://github.com/Facucuervo87/openssl-3.0.4-template\nhttps://github.com/GlennPegden2/misc-nuclei-scripts\nhttps://github.com/Hack4rLIFE/CVE-2022-42889\nhttps://github.com/Jagomeiister/nuclei-templates\nhttps://github.com/KeepHowling/all_freaking_nuclei_templates\nhttps://github.com/Lopseg/nuclei-c-templates\nhttps://github.com/Lu3ky13/Authorization-Nuclei-Templates\nhttps://github.com/MikeeI/nuclei-templates\nhttps://github.com/MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed\nhttps://github.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter\nhttps://github.com/NightRang3r/misc_nuclei_templates\nhttps://github.com/Saboor-Hakimi/CVE-2023-23752\nhttps://github.com/SecTheBit/CVE-2022-1388\nhttps://github.com/T4t4ru/nuclei-templates\nhttps://github.com/aels/CVE-2022-37042\nhttps://github.com/akincibor/CVE-2022-27925\nhttps://github.com/al4xs/nuclei-templates\nhttps://github.com/am0nt31r0/custom-nuclei-templates", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "3b00d976-f14c-4a74-a7f0-5dc0e70770d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1251", "content": "https://github.com/SirAppSec/nuclei-template-generator-log4j\nhttps://github.com/Str1am/my-nuclei-templates\nhttps://github.com/SumedhDawadi/Custom-Nuclei-Template\nhttps://github.com/SumedhDawadi/Nuclei_Template_Subdomain_Takeover\nhttps://github.com/System00-Security/backflow\nhttps://github.com/T4t4ru/nuclei-templates\nhttps://github.com/Tykerdestroy/Bug-bounty-custom-templates\nhttps://github.com/UnaPibaGeek/honeypots-detection\nhttps://github.com/V0idC0de/dir-listing-iis-test\nhttps://github.com/VulnExpo/nuclei-templates\nhttps://github.com/W01fh4cker/nucleiTemplatesClassifier\nhttps://github.com/YashVardhanTrip/nuclei-templates\nhttps://github.com/adampielak/nuclei-templates\nhttps://github.com/aels/CVE-2022-37042\nhttps://github.com/ahmedalroky/nuclei-templates\nhttps://github.com/akincibor/CVE-2022-27925\nhttps://github.com/al4xs/nuclei-templates\nhttps://github.com/alexrydzak/rydzak-nuclei-templates\nhttps://github.com/am0nt31r0/custom-nuclei-templates\nhttps://github.com/anmolksachan/nuclei-templates\nhttps://github.com/attacker-codeninja/My-Nuclei-Templates-2\nhttps://github.com/ayadim/Nuclei-bug-hunter\nhttps://github.com/b4dboy17/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/badboy-sft/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/badboycxcc/CVE-2023-24100\nhttps://github.com/baharebenesbordi/Nuclei-Templates\nhttps://github.com/bhataasim1/PersonalTemplates\nhttps://github.com/binod235/nuclei-templates-and-reports\nhttps://github.com/bjhulst/nuclei-custom-templates\nhttps://github.com/blazeinfosec/nuclei-templates\nhttps://github.com/boobooHQ/private_templates\nhttps://github.com/brinhosa/brinhosa-nuclei-templates\nhttps://github.com/bufferbandit/gitScanNucleiTemplate\nhttps://github.com/bugbountydude/Nuclei-TamplatesBackup\nhttps://github.com/c-sh0/nuclei_templates\nhttps://github.com/c3l3si4n/malicious_nuclei_templates\nhttps://github.com/chouaibhm/foulenzer-templates\nhttps://github.com/cipher387/juicyinfo-nuclei-templates\nhttps://github.com/clarkvoss/Nuclei-Templates\nhttps://github.com/coldrainh/nuclei-ByMyself\nhttps://github.com/compr00t/nuclei-templates\nhttps://github.com/d3sca/Nuclei_Templates\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/damon-sec/Nuclei-templates-Collection\nhttps://github.com/damon-sec/TCSZ-Nuclei\nhttps://github.com/dk4trin/templates-nuclei\nhttps://github.com/drfabiocastro/certwatcher-templates\nhttps://github.com/e1abrador/SpringCorePoC.sh\nhttps://github.com/ed-red/redmc_custom_templates_nuclei\nhttps://github.com/ekinsb/Nuclei-Templates\nhttps://github.com/emadshanab/nucleiDB\nhttps://github.com/erickfernandox/nuclei-templates\nhttps://github.com/esetal/nuclei-bb-templates\nhttps://github.com/ethicalhackingplayground/erebus-templates\nhttps://github.com/fostane/my-nuclei-templates-1\nhttps://github.com/geeknik/nuclei-templates-1\nhttps://github.com/geeknik/the-nuclei-templates\nhttps://github.com/glyptho/templatesallnuclei\nhttps://github.com/h4ndsh/nuclei-templates\nhttps://github.com/ibaiw/nuclei_templates\nhttps://github.com/im403/nuclei-temp\nhttps://github.com/imhunterand/nuclei-custom-templates\nhttps://github.com/javaongsan/nuclei-templates\nhttps://github.com/justmumu/SpringShell\nhttps://github.com/k00kx/nuclei-templates\nhttps://github.com/kaanatmacaa/CVE-2024-23897\nhttps://github.com/kabilan1290/templates\nhttps://github.com/kernel-krunch/nuclei-templates\nhttps://github.com/kh4sh3i/CVE-2022-23131\nhttps://github.com/kh4sh3i/Nextcloud-Pentesting\nhttps://github.com/kh4sh3i/Webmin-CVE\nhttps://github.com/learnerboy88/CVE-2023-29489\nhttps://github.com/lliwi/nuclei-repo-hunter\nhttps://github.com/luck-ying/Library-YAML-POC\nhttps://github.com/manasmbellani/nuclei-templates\nhttps://github.com/marcositu/nuclei-custom-templates\nhttps://github.com/mastersir-lab/nuclei-yaml-poc\nhttps://github.com/mbskter/Masscan2Httpx2Nuclei-Xray", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "d5882116-fcca-4e34-a7fd-d3a4a0075c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/proxy_bar/1190", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T06:36:16.000000Z"}, {"uuid": "b56addcf-9c54-4858-ae25-b2a24715b045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27924", "type": "seen", "source": "https://t.me/arpsyndicate/1056", "content": "#ExploitObserverAlert\n\nCVE-2022-27924\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-27924. Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.\n\nFIRST-EPSS: 0.096650000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T23:25:04.000000Z"}, {"uuid": "f8fb6413-dbe2-44e4-9de2-15ee7eea38e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/992", "content": "\u041c\u044b \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0438\u043b\u0438 exploit \u0434\u043b\u044f CVE-2022-27925 (zimbra)\n\u0412\u043e\u0442 \u0442\u043e\u0442 \u0436\u0435 \u0441\u043f\u043b\u043e\u0438\u0442, \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 reverseShell (\u0434\u043b\u044f \u043b\u0435\u043d\u0438\u0432\u044b\u0445)\n\ud83d\ude0b", "creation_timestamp": "2022-09-18T10:10:01.000000Z"}, {"uuid": "38b24cf5-3a22-4148-8902-490b264d5d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2752", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nMicrowaveo\n\nConvert dll exe, etc. to an encrypted shellcode.\n\nhttps://github.com/Ciyfly/microwaveo\n\nCVE-2022-40297\n\nPrivilage escalation in Ubuntu Touch 16.04 - by PIN Bruteforce.\n\nhttps://github.com/filipkarc/PoC-ubuntutouch-pin-privesc\n\n#cve\n\nexploits-predict\n\nPredicting the probability of an exploit being released after a CVE is published (by Machine learning algorithm)\n\nhttps://github.com/wisoffe/exploits-predict\n\n#cve #exploit\n\nvMass Bot\n\nvMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2).\n\nNo target list ? No worries, vMass Bot can generate hosts lists from IP ranges, URL list, dotenv low profile dorks and scrapes from (bing, duckduckgo, ..) or you can use IP ranges from various hosting providers for best hit rate while scanning, then generated lists can be checked using the bot to eleminate dead hosts.\n\nhttps://github.com/c99tn/vMass\n\nCVE-2022-36804-RCE\n\nZimbra Unauthenticated Remote Code Execution Exploit.\n\nhttps://github.com/mohamedbenchikh/CVE-2022-27925\n\n#cve #exploit\n\nEfiCMake\n\nCMake template for a basic EFI application/bootkit.\n\nhttps://github.com/mrexodia/EfiCMake\n\nDuckySploit\n\nV3 Roblox Level 7 Executor Free.\n\nFeatures:\n\u25ab\ufe0f Dark Hub\n\u25ab\ufe0f Dex Explorer\n\u25ab\ufe0f Fusionic Hub\n\u25ab\ufe0f Kraken Hub\n\u25ab\ufe0f Ori Hub\n\u25ab\ufe0f Owl Hub\n\u25ab\ufe0f Solaris\n\u25ab\ufe0f Zyrex Hub\n\nhttps://github.com/Omnis9/DuckySploit-V3\n\nChameleon\n\nChameleon provides better content discovery by using wappalyzer's set of technology fingerprints alongside custom wordlists tailored to each detected technologies.\n\nThe tool is highly customizable and allows users to add in their own custom wordlits, extensions or fingerprints.\n\nhttps://github.com/iustin24/chameleon\n\nThe full documentation is available on: \nhttps://youst.in/posts/context-aware-conent-discovery-with-chameleon/\n\nLIKE-DBG\n\nFully dockerized Linux kernel debugging environment.\n\n(LInux-KErnel-DeBuGger) aims at automating the boring steps when trying to set up a Linux kernel debugging environment.\n\nhttps://github.com/0xricksanchez/like-dbg\n\npypykatz\n\nMimikatz implementation in pure Python. \n\nhttps://github.com/skelsec/pypykatz\n\nAndroid RAT\n\n#RAT built in Android APP for Android User\n\nhttps://github.com/Th30neAnd0nly/Ohm\n\nSudo-Stealer\n\nSudo-Stealer is an *nix program for stealing sudo passwords by disguising as the original sudo software. Its capabilities are almost similar to that of the original sudo program as such as displaying the same input messages, error messages like incorrect attempts and also handling of some system signals such as SIGQUIT, SIGINT & SIGTSTP. It verify the password, stores it in json support as well as username, the command that was executed and the execution time in a file for later usage.\n\nFeatures:\n\u25ab\ufe0f Maximum of 3 wrong password attempts\n\u25ab\ufe0f Timeouts the superuser session's after 15 minutes\n\u25ab\ufe0f Stores correct passwords with their respective commands and the time it was executed\n\nhttps://github.com/Genaro-Chris/Sudo-Stealer\n\nEvil-Storm\n\nThis tool can create a Fake Access point.\n\nFeatures:\n\u25ab\ufe0f Create a Fake AP with a specific name and password\n\u25ab\ufe0f DNS spoofing (not completed)\n\u25ab\ufe0f ARP spoofing\n\u25ab\ufe0f Reverse shell\n\u25ab\ufe0f give the Victim Access to the Internet after connecting to your Fake AP\n\u25ab\ufe0f see all websites victim open it you are the Router\n\nhttps://github.com/Root3inspector/Evil-Storm\n\nLimeLighter\n\nA tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com.\n\nhttps://github.com/Tylous/Limelighter\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-29T02:59:56.000000Z"}, {"uuid": "bed80bac-1660-43e8-bc8c-5a7b348e7524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/proxy_bar/954", "content": "zimbra \u0441\u043d\u043e\u0432\u0430\nCVE-2022-27925\nMass Exploitation of (Un)authenticated Zimbra RCE\n\u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0447\u0438\u0442\u0430\u0435\u043c \u0441\u0442\u0430\u0442\u044c\u044e, \u0430 \u043f\u043e\u0442\u043e\u043c \u0438\u0434\u0435\u043c \u043d\u0430 #shodan (\u0441\u0435\u0440\u0432\u0430\u043a\u043e\u0432 \u0431\u043e\u043b\u044c\u0448\u0435 1000)\n\u0410 \u043f\u043e\u0442\u043e\u043c \u0437\u0430\u0431\u0438\u0440\u0430\u0435\u043c \u0441\u043f\u043b\u043e\u0435\u0442\n#zimba #exploit #mail", "creation_timestamp": "2022-09-06T22:43:12.000000Z"}, {"uuid": "0d2a62a5-4ebf-4a62-adba-2a9e2bc865d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "Telegram/3Ap471omwSnN704i6mdMRlg3gbENEZgg9tOrvvfVduOMTQ", "content": "", "creation_timestamp": "2022-08-17T23:41:17.000000Z"}, {"uuid": "c23bea47-9701-4ac3-a35b-579189234019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "Telegram/8yasABRsBeQ7_fA7ekcVN5-Bf6YalSSK4RwFtvSF2nNKkrM", "content": "", "creation_timestamp": "2022-12-06T17:10:12.000000Z"}, {"uuid": "7b6f350a-faef-432d-abb3-95e2c3ad50f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "Telegram/sv0eciwBFxAWXCeZmz3q7TDP7HIq-4ilFruEQw0Hd6c2UA", "content": "", "creation_timestamp": "2022-08-17T23:38:34.000000Z"}, {"uuid": "5252cc68-5a47-4dbe-941e-396f298bf864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "Telegram/wtusWjM4e8zD18JxFNqcnvXxNEDgd4YkqGFiCRLAQLgsx-M", "content": "", "creation_timestamp": "2022-09-14T16:00:30.000000Z"}, {"uuid": "b83fcc13-6303-43ef-81ee-50567e7b0d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/418", "content": "CVE-2022-27925 : Zimbra Unauthenticated Remote Code Execution Exploit ( RCE 2 TESTED)\nhttps://github.com/MeDx64/CVE-2022-27925", "creation_timestamp": "2022-08-18T09:30:12.000000Z"}, {"uuid": "5964981e-2b55-43bd-9ad1-32bb71de2418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/388", "content": "CVE-2022-27925 : Zimbra RCE Simple-POC\nhttps://github.com/vnhacker1337/CVE-2022-27925-PoC", "creation_timestamp": "2022-08-14T16:30:22.000000Z"}, {"uuid": "a7ca2ccd-b7de-4dcc-a027-af203b3eac0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/true_secator/4030", "content": "\u200b\u200b\u0423\u0436\u0435 \u0434\u0430\u0432\u043d\u043e \u043d\u0435 \u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0438 \u0432\u0430\u0441 \u0432\u0435\u0441\u0442\u044f\u043c\u0438 \u043e \u0431\u043e\u0439\u0446\u0430\u0445 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0433\u043e \u0447\u0443\u0447\u0445\u0435.\n\n\u041d\u043e \u0432 \u044d\u0442\u043e\u043c \u043d\u0430\u043c \u043f\u043e\u0434\u0441\u043e\u0431\u0438\u043b\u0430 \u0444\u0438\u043d\u0441\u043a\u0430\u044f WithSecure, \u0432\u044b\u043a\u0430\u0442\u0438\u0432 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u043e\u0435 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c No Pineapple!, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441 Lazarus.\n\n\u041d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0432\u0441\u0435 \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0441 ransomware, \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u044b\u0432\u0435\u043b\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u0432 \u043d\u0430 Lazarus \u0438\u0437-\u0437\u0430 \u0434\u043e\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0438\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0438. \u0421\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 \u0410\u0420\u0422, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0432\u044b\u043a\u0440\u0430\u0441\u0442\u044c 100 \u0413\u0411 \u0434\u0430\u043d\u043d\u044b\u0445 \u0443 \u0436\u0435\u0440\u0442\u0432\u044b, \u043d\u0435 \u043f\u0440\u0438\u0447\u0438\u043d\u0438\u0432 \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u0443\u0449\u0435\u0440\u0431\u0430.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0434\u043b\u0438\u043b\u0430\u0441\u044c \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u043e \u043d\u043e\u044f\u0431\u0440\u044c 2022 \u0433\u043e\u0434\u0430 \u0438 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043d\u0430\u0443\u0447\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043c\u0430\u0448\u0438\u043d\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f, \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u043e\u0431\u043e\u0440\u043e\u043d\u044b \u0438 \u0432\u0435\u0434\u0443\u0449\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442.\n\n\u0425\u0430\u043a\u0435\u0440\u044b Lazarus \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u044b 22 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2022 \u0433\u043e\u0434\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-27925 \u0438 CVE-2022-37042 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Zimbra, \u0441\u0431\u0440\u043e\u0441\u0438\u0432 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b \u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0442\u0438 \u0431\u044b\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Plink \u0438 3Proxy, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440.\n\n\u041c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0438\u0437\u0432\u043b\u0435\u043a\u043b\u0438 5 \u0413\u0411 \u0441 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0432 \u0432 CSV-\u0444\u0430\u0439\u043b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u0412 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0432\u0443\u0445 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 Lazarus \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b \u0441\u0432\u043e\u0439 Dtrack \u0438 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e GREASE (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0435, \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0441 Kimusky) \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 Windows, \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041f\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0438 5 \u043d\u043e\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430 \u0434\u0432\u0443\u0445\u043c\u0435\u0441\u044f\u0447\u043d\u043e\u0433\u043e \u0442\u0443\u0440\u043d\u0435 \u0432 \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, Lazarus \u0432\u044b\u043d\u0435\u0441\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 100 \u0413\u0411 \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u0440\u0438\u0447\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0445\u0430\u043a\u0435\u0440\u044b \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u043e\u0431\u0449\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u044b\u043c \u0432 \u041a\u041d\u0414\u0420 \u0442\u0440\u0443\u0434\u043e\u0432\u044b\u043c \u0433\u0440\u0430\u0444\u0438\u043a\u043e\u043c.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f WithSecure \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 Lazarus, \u0432\u043a\u043b\u044e\u0447\u0430\u044f: \u043d\u043e\u0432\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0431\u0435\u0437 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043c\u0435\u043d, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u041f\u041e Dtrack \u0438 GREASE (\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b).\n\n\u041d\u043e\u0432\u044b\u0439\u00a0\u0432\u0430\u0440\u0438\u0430\u043d\u0442\u00a0Dtrack \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 onedriver.exe \u0438 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 C2-\u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u043b\u0430\u0433\u0430\u044f\u0441\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0445 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u0430\u0440\u0445\u0438\u0432\u0435.\n\n\u041d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 GREASE \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u043a\u0430\u043a DLL (\"Ord.dll\") \u0441 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u043c\u044b\u043c\u0438 \u0437\u0430 \u0441\u0447\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f\u00a0PrintNightmare.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 RDPWrap \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u043b\u0443\u0436\u0431\u044b RDP \u043d\u0430 \u0445\u043e\u0441\u0442 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0414\u0430\u0436\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0433\u043b\u0430\u0437\u0430 \u043d\u0430 \u0437\u0430\u0441\u0432\u0435\u0447\u0435\u043d\u043d\u044b\u0439 Lazarus \u043f\u043e \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0439 \u0430\u0439\u043f\u0438\u0448\u043d\u0438\u043a 175.45.176[.]27, WithSecure \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u0439 \u043f\u043e TTP, \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0438 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433\u043e\u043c \u0441 \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438 Symantec \u0438 Cisco Talos, \n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043b\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u043e\u0434\u0443\u043b\u044f Impacket atexec.\n\nWithSecure \u0440\u0435\u0437\u044e\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0438\u0437\u044b\u0441\u043a\u0430\u043d\u0438\u044f \u0431\u0430\u043d\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u044b\u0432\u043e\u0434\u043e\u043c, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044f, \u0447\u0442\u043e \u0410\u0420\u0422 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442 \u0441\u0432\u043e\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0440\u0430\u0437\u0432\u0435\u0434\u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0434\u043b\u044f \u041a\u041d\u0414\u0420 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439.\n\n\u0414\u043e\u0431\u0430\u0432\u0438\u043c: \u043e\u043d\u0438 \u0431\u0443\u0434\u0443\u0442 \u0434\u0435\u043b\u0430\u0442\u044c \u0432\u0441\u0435 \u044d\u0442\u043e \u0431\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e, \u043d\u043e \u0441 \u043e\u0441\u043e\u0431\u044b\u043c \u0438\u0437\u044b\u0441\u043a\u043e\u043c.", "creation_timestamp": "2023-02-06T18:31:02.000000Z"}, {"uuid": "dc0516eb-3f87-4757-994c-a96ba61ddad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/MrVGunz/576", "content": "Another look at Zimbra in 2022\n\nZimbra Authentication Bypass / RCE | Zip Path Traversal [CVE-2022-27925,CVE-2022-37042]\nZimbra UnRAR Path Traversal [CVE-2022-30333]\nZimbra TAR Path Traversal [CVE-2022-41352]", "creation_timestamp": "2022-11-09T21:29:01.000000Z"}, {"uuid": "31b95d61-10ce-4e78-b183-b9648ad05cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/crackcodes/1915", "content": "#Analytics\nTop 10 most exploited vulnerabilities in 2022\n\n1. CVE-2022-30190: MS Office \"Follina\"\n\n2. CVE-2021-44228: Apache Log4Shell\n\n3. CVE-2022-22965: Spring4Shell\n\n4. CVE-2022-1388: F5 BIG-IP\n\n5. CVE-2022-0609: Google Chrome zero-day\nhttps://blog.google/threat-analysis-group/countering-threats-north-korea\n6. CVE-2017-11882: Old but not forgotten - MS Office bug\n\n7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell\n\n8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs\n\n\n9. CVE-2022-26134: Atlassian Confluence RCE flaw  \n\n10. CVE-2022-30525: Zyxel RCE vulnerability", "creation_timestamp": "2022-12-21T16:27:48.000000Z"}, {"uuid": "38ee7210-239a-461d-899f-779830a84b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/984", "content": "Zimbra Unauth Rce\n\nLink : https://github.com/mohamedbenchikh/CVE-2022-27925\n\nUsage : python CVE-2022-27925.py mail.target.com", "creation_timestamp": "2023-07-25T12:21:51.000000Z"}, {"uuid": "c5c48b1b-8428-44d2-818f-2b7369a5c520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/cibsecurity/48066", "content": "\u203c CVE-2022-37042 \u203c\n\nZimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:43:37.000000Z"}, {"uuid": "b9fad69b-407c-4a81-bd39-1045d2b9facd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/25781", "content": "https://github.com/Inplex-sys/CVE-2022-27925", "creation_timestamp": "2022-10-08T03:23:09.000000Z"}, {"uuid": "449e49f1-37a7-41db-9011-a945f36a0867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2792", "type": "seen", "source": "https://t.me/true_secator/3323", "content": "\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Team82 Claroty \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 6 XIoT-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0432\u0435\u0434\u0443\u0449\u0435\u0433\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0432 \u0441\u0444\u0435\u0440\u0435 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 Emerson.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u041f\u041e Proficy Machine Edition 9.00 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0447\u0443\u044e \u0441\u0442\u0430\u043d\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f PACSystems.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2022-2788 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS V3 9,3, \u043f\u0440\u0430\u0432\u0434\u0430 \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u043d\u0430 \u0434\u043d\u044f\u0445 \u0431\u0430\u0433\u0430 \u0431\u044b\u043b\u0430 \u0441\u043f\u0438\u0441\u0430\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441 3,9 \u0431\u0430\u043b\u043b\u0430\u043c\u0438.\n\n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, Proficy Machine Edition \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 ZipSlip \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b BLZ \u0432 \u041f\u041b\u041a. \u0424\u0430\u0439\u043b \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043d\u0443\u044e \u0441\u0442\u0430\u043d\u0446\u0438\u044e \u0432 Windows \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0420\u044f\u0434 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 (CVE-2022-2789 \u0441 CVSS V3 4.7) \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (CVE-2022-2790 \u0441 CVSS V3 5,9).\n\nCVE-2022-2791 (CVSS V3 5,9) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u0444\u0430\u0439\u043b \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u043f\u043a\u0443 \u043b\u043e\u0433\u0438\u043a\u0438, \u0432 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0439 \u041f\u041b\u041a, \u0430 CVE-2022-2792 (CVSS V3 6,6) \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u041f\u041e \u0445\u0440\u0430\u043d\u0438\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c\u0438 \u0441\u043f\u0438\u0441\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0418, \u043d\u0430\u043a\u043e\u043d\u0435\u0446, CVE-2022-2793 (\u0441 CVSS V3 5,9) \u0432\u044b\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 SRTP.\n\n\u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c \u041f\u041b\u041a \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u041f\u041b\u041a \u043d\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u0441\u0442\u0430\u043d\u0446\u0438\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, Emerson \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043f\u043e\u00a0\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2022-08-23T10:18:15.000000Z"}, {"uuid": "947c419e-fb3a-42de-8956-7dc3e51aeea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/true_secator/3286", "content": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Zimbra \u0441\u0442\u043e\u0438\u0442 \u0432\u0441\u0435\u0440\u044c\u0435\u0437 \u043e\u0431\u0435\u0441\u043f\u043e\u043a\u043e\u0438\u0442\u044c\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \n\n\u041f\u0440\u0438\u0447\u0435\u043c CISA \u0443\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u043d\u0430 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0414\u0432\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441\u043e \u0441\u043b\u0430\u0431\u044b\u043c\u0438 \u043c\u0435\u0441\u0442\u0430\u043c\u0438 \u0432 Zimbra Collaboration, \u043e\u0431\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u043e\u0431\u0449\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 CVE-2022-27925 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7,2) \u2014 RCE \u0447\u0435\u0440\u0435\u0437 mboximport \u043e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f (\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435) \u0438 CVE-2022-37042 \u2014 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 MailboxImportServlet.\n\n\u0412 CISA \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u043b\u0438\u0441\u044c \u043e\u0442 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Volexity \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0430 \u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Zimbra \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c. \n\n\u0412\u043f\u0440\u043e\u0447\u0435\u043c \u0441\u0430\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u044e \u0441\u0442\u0430\u0440\u0448\u0435, \u0447\u0435\u043c Zimbra 8.8.15 patch 33 \u0438\u043b\u0438 Zimbra 9.0.0 patch 26, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043f\u0430\u0442\u0447\u0430.", "creation_timestamp": "2022-08-12T12:07:32.000000Z"}, {"uuid": "530dc511-95e2-491c-ab0c-8777de71333b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27927", "type": "seen", "source": "https://t.me/cibsecurity/41089", "content": "\u203c CVE-2022-27927 \u203c\n\nA SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-19T16:24:00.000000Z"}, {"uuid": "dd82cdc6-c588-4997-839a-feca46e49860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27920", "type": "seen", "source": "https://t.me/cibsecurity/39582", "content": "\u203c CVE-2022-27920 \u203c\n\nlibkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-26T01:02:38.000000Z"}, {"uuid": "c61219c0-b253-461e-8f95-aeb867c7579e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/thehackernews/2468", "content": "Researchers warn of mass exploitation of the RCE vulnerability in Zimbra (CVE-2022-27925 and CVE-2022-37042), which allows attackers to gain unauthenticated remote code execution on targeted email servers.\n\nRead details: https://thehackernews.com/2022/08/researchers-warn-of-ongoing-mass.html", "creation_timestamp": "2022-12-06T18:17:56.000000Z"}, {"uuid": "e0cc4b91-d093-4a16-923e-a887f14ce5d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/758", "content": "https://github.com/mohamedbenchikh/CVE-2022-27925\n#github", "creation_timestamp": "2023-07-25T05:58:41.000000Z"}, {"uuid": "c4f38cd0-975d-4590-b6eb-3a95f18ea07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/955", "content": "https://github.com/Inplex-sys/CVE-2022-27925\n#github", "creation_timestamp": "2023-08-28T22:48:11.000000Z"}, {"uuid": "dd505afa-b9c2-45f0-9bfb-29047064b7d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/248", "content": "https://github.com/mohamedbenchikh/CVE-2022-27925\n#github", "creation_timestamp": "2022-09-13T14:06:00.000000Z"}, {"uuid": "04d8f1f0-1b60-4ed1-b045-83e78adeae3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/265", "content": "", "creation_timestamp": "2022-09-18T13:38:51.000000Z"}, {"uuid": "301c03a9-dc30-426a-86fe-ae56a1bc0491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/291", "content": "https://github.com/Inplex-sys/CVE-2022-27925", "creation_timestamp": "2022-10-03T04:04:00.000000Z"}, {"uuid": "e172cd54-7965-4c28-a408-29a73665c4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6249", "content": "#exploit\nCVE-2022-27925:\nZimbra Collaboration - RCE\nhttps://paper.seebug.org/1924", "creation_timestamp": "2022-06-22T11:01:01.000000Z"}, {"uuid": "fb68d202-c5a0-4336-a751-5bee3c194bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "seen", "source": "https://t.me/LearnExploit/4351", "content": "1. Follina (CVE-2022-30190)\n\n2. Log4Shell (CVE-2021-44228)\n\n3. Spring4Shell (CVE-2022-22965)\n\n4. F5 BIG-IP (CVE-2022-1388)\n\n5. Google Chrome zero-day (CVE-2022-0609)\n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n#Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}, {"uuid": "f7f8cd94-85d4-45ba-8ff7-10fbf0c69299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27925", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/7395", "content": "#Analytics\nTop 10 most exploited vulnerabilities in 2022\n\n1. CVE-2022-30190: MS Office \"Follina\"\n2. CVE-2021-44228: Apache Log4Shell\n3. CVE-2022-22965: Spring4Shell\n4. CVE-2022-1388: F5 BIG-IP\n5. CVE-2022-0609: Google Chrome 0-day\n6. CVE-2017-11882: MS Office RCE\n7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell\n8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs\n9. CVE-2022-26134: Atlassian Confluence RCE\n10. CVE-2022-30525: Zyxel RCE vulnerability", "creation_timestamp": "2024-10-11T03:03:25.000000Z"}]}