{"vulnerability": "CVE-2022-3033", "sightings": [{"uuid": "8d3568a0-0938-44a2-aea7-169b54cb645a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "2e4029d5-b5be-48bc-95b6-080b00b4f233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971676", "content": "", "creation_timestamp": "2024-12-24T20:32:40.464237Z"}, {"uuid": "e82cc311-5613-45a6-a692-3083419dec76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:46.000000Z"}, {"uuid": "70f11eaf-4e06-45fc-bc94-c62db98080f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "fb29f6ab-f9ec-4a48-8b2e-be0b09a63a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:37.000000Z"}, {"uuid": "c6285ab0-62d1-44da-92c7-a0c82aefa107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zimbra_unrar_cve_2022_30333.rb", "content": "", "creation_timestamp": "2022-08-04T18:07:25.000000Z"}, {"uuid": "55f18e79-f3de-40d2-a844-bf52dc4ba7f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/linuxtnt/3240", "content": "This is a critical exploit of unrar in Linux and is Unix. Allows writing to files and directory traversal:\nCVE-2022-30333", "creation_timestamp": "2022-10-04T15:25:30.000000Z"}, {"uuid": "fa65318e-43b4-4634-9748-38ff157e3678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/fileformat/unrar_cve_2022_30333.rb", "content": "", "creation_timestamp": "2022-08-04T18:07:25.000000Z"}, {"uuid": "919f4263-6f88-4a8a-863b-cbbd2ec904c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-30333", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e84219f4-2a3a-44ff-80ee-bd035efd3481", "content": "", "creation_timestamp": "2026-02-02T12:27:18.073569Z"}, {"uuid": "6d1eea48-e445-48b9-8ef2-a2b6c1de7faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "exploited", "source": "https://t.me/cKure/9862", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zero-Day: Zimbra Mail pre-auth RCE via Path Traversal bug in unrar (CVE-2022-30333). Zimbra has been the target of a 0day campaign likely conducted by a state actor. More details in this blog post.\n\nhttps://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/", "creation_timestamp": "2022-06-29T05:00:04.000000Z"}, {"uuid": "9d77c52d-7dce-4233-9d7c-a15ca92e6f74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "exploited", "source": "https://t.me/ics_cert/623", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 RCE \u062f\u0631 Zimbra Collaboration Suite\u060c \u06cc\u06a9 \u0633\u0631\u0648\u06cc\u0633\u200c\u06af\u06cc\u0631\u0646\u062f\u0647 \u0648\u0628 \u0648 \u0633\u0631\u0648\u0631 \u067e\u0633\u062a\u06cc \u067e\u0631\u06a9\u0627\u0631\u0628\u0631\u062f\u060c \u062a\u062d\u062a \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0641\u0639\u0627\u0644 \u0627\u0633\u062a. \n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0647\u06cc\u0686 \u0631\u0627\u0647 \u062d\u0644\u06cc \u0628\u0631\u0627\u06cc \u062d\u0644 \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f. 0-day \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2022-41352 \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f \u0648 \u062f\u0627\u0631\u0627\u06cc \u0631\u062a\u0628\u0647 \u0628\u0646\u062f\u06cc CVSS 9.8 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0628\u0627\u06af \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0631\u0648\u0634 (cpio) \u0627\u0633\u062a \u0648 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 Amavis (\u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u06cc\u0645\u06cc\u0644) \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u062f\u0644\u062e\u0648\u0627\u0647 \u0622\u067e\u0644\u0648\u062f \u06a9\u0646\u0646\u062f \u0648 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0645\u062e\u0631\u0628\u06cc \u0631\u0627 \u0631\u0648\u06cc \u0646\u0635\u0628\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u0646\u062f. @ics_cert \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f \u06a9\u0647 CVE-2022-41352 \u062a\u0642\u0631\u06cc\u0628\u0627\u064b \u0628\u0627 CVE-2022-30333 \u06cc\u06a9\u0633\u0627\u0646 \u0627\u0633\u062a\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u067e\u06cc\u0645\u0627\u06cc\u0634 \u0645\u0633\u06cc\u0631 \u062f\u0631 \u0646\u0633\u062e\u0647 \u06cc\u0648\u0646\u06cc\u06a9\u0633 \u0627\u0628\u0632\u0627\u0631 RARlab unRAR \u06a9\u0647 \u0627\u0648\u0627\u06cc\u0644 \u0698\u0648\u0626\u0646 \u0633\u0627\u0644 \u062c\u0627\u0631\u06cc \u06a9\u0634\u0641 \u0634\u062f. \u0645\u0624\u0644\u0641\u0647 cpio \u062f\u0627\u0631\u0627\u06cc \u0646\u0642\u0635\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u0622\u0631\u0634\u06cc\u0648\u0647\u0627\u06cc\u06cc \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u062f\u0631 \u0647\u0631 \u0646\u0642\u0637\u0647 \u0627\u0632 \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0641\u0627\u06cc\u0644 \u0642\u0627\u0628\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0632\u06cc\u0645\u0628\u0631\u0627 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0634\u0648\u0646\u062f. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0647 \u0633\u0631\u0648\u0631 \u0632\u06cc\u0645\u0628\u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f\u060c \u0633\u06cc\u0633\u062a\u0645 \u0627\u0645\u0646\u06cc\u062a\u06cc Amavis \u0622\u0631\u0634\u06cc\u0648 \u0631\u0627 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u0645\u062d\u062a\u0648\u06cc\u0627\u062a \u0622\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0648\u06cc\u0631\u0648\u0633 \u0647\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0627\u06af\u0631 \u0622\u0631\u0634\u06cc\u0648 cpio.\u060c tar.\u060c \u06cc\u0627 rpm. \u0631\u0627 \u06a9\u0647 \u062e\u0627\u0635 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u06a9\u0646\u062f\u060c \u0645\u062d\u062a\u0648\u06cc\u0627\u062a \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u062f\u0631 \u0631\u06cc\u0634\u0647 \u0648\u0628 Zimbra \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u06a9\u0631\u062f. \n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0648\u0641\u0642\u06cc\u062a \u0622\u0645\u06cc\u0632 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u06cc\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0631\u0627 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0631\u06cc\u0634\u0647 Zimbra \u0631\u0627 \u0628\u0627\u0632\u0646\u0648\u06cc\u0633\u06cc \u06a9\u0646\u062f\u060c \u06a9\u062f \u067e\u0648\u0633\u062a\u0647 \u0631\u0627 \u062a\u0632\u0631\u06cc\u0642 \u06a9\u0646\u062f \u0648 \u0628\u0647 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u062f\u06cc\u06af\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f. \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u067e\u0633\u062a\u200c\u0647\u0627\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0627\u0646\u062c\u0645\u0646 \u0632\u06cc\u0645\u0628\u0631\u0627\u060c \u0627\u0632 \u0627\u0628\u062a\u062f\u0627\u06cc \u0633\u067e\u062a\u0627\u0645\u0628\u0631 2022 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0633\u067e\u0633 Zimbra \u06cc\u06a9 \u062a\u0648\u0635\u06cc\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 14 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0635\u0627\u062f\u0631 \u06a9\u0631\u062f \u0648 \u0628\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f \u06a9\u0647 Pax\u060c \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 \u0628\u0627\u06cc\u06af\u0627\u0646\u06cc \u0642\u0627\u0628\u0644 \u062d\u0645\u0644 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f \u0648 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0627\u06cc \u062c\u0627\u06cc\u06af\u0632\u06cc\u0646\u06cc cpio \u0645\u062c\u062f\u062f\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u0646\u062f. \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 8.8.15 \u0648 9.0 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u060c \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u062a\u0648\u0632\u06cc\u0639 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0645\u0627\u0646\u0646\u062f Oracle Linux 8\u060c Red Hat Enterprise Linux 8\u060c Rocky Linux 8 \u0648 CentOS 8 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f\u060c \u0628\u0647 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc Ubuntu \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0627\u06cc\u0646 \u0648\u0627\u0642\u0639\u06cc\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u0628\u0633\u062a\u0647 \u0642\u0628\u0644\u0627\u064b \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0631\u0648\u06cc \u0646\u0635\u0628 \u0634\u062f\u0647 \u0627\u0633\u062a. 0-day \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2022-41352 \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f \u0648 \u0628\u0647 \u062c\u0632 \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0627\u06cc\u0646\u06a9\u0647 pax \u0642\u0628\u0644\u0627\u064b \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0646\u0635\u0628 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0632\u06cc\u0645\u0628\u0631\u0627 \u06af\u0641\u062a \u0627\u0646\u062a\u0638\u0627\u0631 \u062f\u0627\u0631\u062f \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0648\u0635\u0644\u0647 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u0628\u0639\u062f\u06cc \u0628\u0631\u0637\u0631\u0641 \u0634\u0648\u062f\u060c \u06a9\u0647 cpio \u0631\u0627 \u062d\u0630\u0641 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 pax \u0631\u0627 \u0628\u0647 \u06cc\u06a9 \u062c\u0632\u0621 \u0636\u0631\u0648\u0631\u06cc \u062a\u0628\u062f\u06cc\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u0647 \u062c\u062f\u0648\u0644 \u0632\u0645\u0627\u0646\u06cc \u0645\u0634\u062e\u0635\u06cc \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0645\u0634\u06a9\u0644 \u0627\u0631\u0627\u0626\u0647 \u0646\u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. \u062d\u062a\u06cc \u0646\u06af\u0631\u0627\u0646\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u062a\u0631 \u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u06af\u0641\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f Zimbra \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u0645\u062a\u06cc\u0627\u0632 0 \u0631\u0648\u0632\u0647 \u062f\u06cc\u06af\u0631\u06cc \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627 \u0628\u0633\u062a\u0647 cpio \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u06cc\u0627\u0628\u06cc \u0628\u0647 \u0646\u0641\u0648\u0630 \u06a9\u0627\u0645\u0644 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0633\u0631\u0648\u0631\u0647\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u062a\u0631 \u0627\u0633\u062a. \u06af\u0632\u0627\u0631\u0634 \u062c\u062f\u06cc\u062f Rapid7 \u062c\u0632\u0626\u06cc\u0627\u062a \u0641\u0646\u06cc \u0631\u0627 \u0631\u0648\u0634\u0646 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0634\u0627\u0645\u0644 \u06cc\u06a9 PoC \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u0628\u0647 \u0631\u0627\u062d\u062a\u06cc \u0622\u0631\u0634\u06cc\u0648\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u0646\u062f. \u0645\u062f\u06cc\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0628\u0631\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 ZCS \u062e\u0648\u062f \u0627\u0642\u062f\u0627\u0645 \u0641\u0648\u0631\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u0646\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2022-10-11T20:08:38.000000Z"}, {"uuid": "1c44c4ff-5eea-4b2d-9066-48ed47abd4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/arpsyndicate/1070", "content": "#ExploitObserverAlert\n\nCVE-2022-30333\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-30333. RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.\n\nFIRST-EPSS: 0.805220000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T00:34:46.000000Z"}, {"uuid": "aa65cfb2-0970-45f1-8884-811f1dda39c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/51", "content": "Top Security News for 29/06/2022\n\nZimbra unauthenticated RCE via unrar path traversal (CVE-2022-30333)\nhttps://www.reddit.com/r/netsec/comments/vmy6ut/zimbra_unauthenticated_rce_via_unrar_path/ \n\n2022-06-27 - TA578 IcedID (Bokbot) with DarkVNC and Cobalt Strike\nhttps://malware.news/t/2022-06-27-ta578-icedid-bokbot-with-darkvnc-and-cobalt-strike/61361/1 \n\nLockBit 3.0 introduces important novelties, including a bug bounty program\nhttps://securityaffairs.co/wordpress/132701/cyber-crime/lockbit-3-0.html \n\nIntune hacking: when is a \"wipe\" not a wipe\nhttps://www.reddit.com/r/netsec/comments/vmhsfj/intune_hacking_when_is_a_wipe_not_a_wipe/ \n\nASEC Weekly Malware Statistics (June 20th, 2022 \u2013 June 26th, 2022)\nhttps://malware.news/t/asec-weekly-malware-statistics-june-20th-2022-june-26th-2022/61369/1 \n\n[Control Systems] Motorola Solutions security advisory (AV22-356)\nhttps://malware.news/t/control-systems-motorola-solutions-security-advisory-av22-356/61365/1 \n\nHow to Evade Windows Defender and Commercial AV with Msfvenom Payloads\nhttps://www.reddit.com/r/netsec/comments/vn4uo2/how_to_evade_windows_defender_and_commercial_av/ \n\n[Control Systems] Omron security advisory (AV22-358)\nhttps://malware.news/t/control-systems-omron-security-advisory-av22-358/61363/1 \n\nChinese threat actor uses ransomware as a distraction. Scalpers sell appointments for Israeli government services. Lyceum uses drone-themed phishbait. The Bumblebee loader's growing importance in C2C markets.\nhttps://thecyberwire.com/podcasts/research-briefing/123/notes \n\nAPT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor\nhttps://thehackernews.com/2022/06/apt-hackers-targeting-industrial.html \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-06-29T07:20:27.000000Z"}, {"uuid": "77ec30c3-69e5-4290-8b1b-43203ebe9223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/poxek/1872", "content": "A new vulnerability (CVE-2022-30333) has been discovered in RARlab's UnRAR utility that also affects several other applications using it, including Zimbra Mail\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-06-30T15:00:38.000000Z"}, {"uuid": "a9b5e332-4b03-4841-8a68-a0122c7f802e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/poxek/2222", "content": "\u2060CVE-2022-30333\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b \u0432 \u043b\u044e\u0431\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0435\u0433\u043e unrar (\u043d\u0430 Zimbra \u044d\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c zimbra). \u041d\u0430 Zimbra \u043c\u044b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u041e\u0431\u0440\u0430\u0442\u0438\u0442\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443, \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e.", "creation_timestamp": "2022-08-13T21:01:19.000000Z"}, {"uuid": "7f34b5de-257f-4df8-9ee5-3c2f34e67952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30334", "type": "seen", "source": "https://t.me/arpsyndicate/2935", "content": "#ExploitObserverAlert\n\nCVE-2022-30334\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-30334. Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises \"Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.\"\n\nFIRST-EPSS: 0.001130000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2024-01-19T15:17:04.000000Z"}, {"uuid": "25048ea0-8eeb-493d-ac62-151db6741834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "Telegram/WZAOhmgob71YnefQoWB-eGItek41jjXfnw6kcPFEXKd3lg", "content": "", "creation_timestamp": "2022-07-19T17:41:13.000000Z"}, {"uuid": "dcbc9b17-a403-4a06-bbd4-6e537f5ae1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "Telegram/BnM5S5zNNeaAgZhmsQ5GC58SGsVwUigmzA5S5tsXcbsUcw", "content": "", "creation_timestamp": "2022-07-19T12:12:47.000000Z"}, {"uuid": "62c1fb8f-8467-460c-a11f-07271eded9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/920", "content": "CVE-2022-30333 \nZimbra,  \u0432\u0441\u0451 \u0442\u043e\u0436\u0435, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430.  C full exploit \u0438 payload\n\u041f\u043e\u0433\u0440\u0443\u0437\u0438\u0442\u044c\u0441\u044f\n\u0413\u043e\u043b\u043e\u0441 \u0438\u0437 \u0437\u0430\u043b\u0430 \u043a\u0430\u043a \u0431\u044b \u043a\u0440\u0438\u0447\u0438\u0442, \u0447\u0442\u043e unrar \u043d\u0443\u0436\u043d\u043e \u0431\u044b\u043b\u043e  \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0430 7zip 1999 \u0433\u043e\u0434\u0443 - \u043d\u0443 \u0432\u043e \u043f\u0435\u0440\u0432\u044b\u0445, \u0432\u0441\u0435 \u0440\u0430\u0434\u0438\u043a\u0430\u043b\u044c\u043d\u043e \u0441\u0440\u0430\u0442\u044c \u0435\u0431\u0430\u043b\u0438, \u0430 \u0432\u043e \u0432\u0442\u043e\u0440\u044b\u0445 - 7zip \u0441\u0430\u043c \u043d\u0435 \u043b\u044b\u043a\u043e\u043c shit\n\n#zimbra #exploit", "creation_timestamp": "2022-07-18T21:52:07.000000Z"}, {"uuid": "9bbe72af-b467-494c-97b7-9db65af72db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "Telegram/sPEAUS-b2O0_cg9JwZjUIb4NhdzXUaYEZNZ1Wu7XzN3W17A", "content": "", "creation_timestamp": "2022-07-19T09:53:27.000000Z"}, {"uuid": "8864f4cf-5ead-45d9-a6ae-3319f2d63636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/MrVGunz/576", "content": "Another look at Zimbra in 2022\n\nZimbra Authentication Bypass / RCE | Zip Path Traversal [CVE-2022-27925,CVE-2022-37042]\nZimbra UnRAR Path Traversal [CVE-2022-30333]\nZimbra TAR Path Traversal [CVE-2022-41352]", "creation_timestamp": "2022-11-09T21:29:01.000000Z"}, {"uuid": "77c861b7-0154-474c-a02e-12351c8a3d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/true_secator/3115", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 SonarSource \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Path Traversal (CVE-2022-30333) \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 UnRAR \u043e\u0442 RARlab, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432\u0435\u0431-\u043f\u043e\u0447\u0442\u044b Zimbra.\n\n\u041a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 200 000 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0432 \u0433\u043e\u0441\u0441\u0435\u043a\u0442\u043e\u0440\u0435 \u0438 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445.\n\n0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 unrar, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 Zimbra, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \n\nCVE-2022-30333 \u0432 \u0431\u0438\u043d\u0430\u0440\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435 unrar, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u043c\u00a0\u00a0RarLab, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0436\u0435\u0440\u0442\u0432 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0440\u0445\u0438\u0432\u044b RAR. \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 Zimbra \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e \u0432\u0441\u0435\u0439 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u0440\u0440\u0435\u043f\u043e\u043d\u0434\u0435\u0446\u0438\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 unrar.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 \u043f\u043e \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435. \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c RAR-\u0430\u0440\u0445\u0438\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0443\u044e \u043f\u0440\u044f\u043c\u0443\u044e \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u043a\u043e\u0441\u0443\u044e \u0447\u0435\u0440\u0442\u0443 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u00ab..\\..\\..\\tmp/shell\u00bb), \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u043e\u0439\u0442\u0438 \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0435\u0433\u043e \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f. \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u0443\u0435\u0442 \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u043a\u043e\u0441\u0443\u044e \u0447\u0435\u0440\u0442\u0443 \u0432 \u043f\u0440\u044f\u043c\u0443\u044e \u043a\u043e\u0441\u0443\u044e \u0432 \u0430\u0440\u0445\u0438\u0432\u0430\u0445 RAR, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Windows, \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Unix.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 JSP \u0432 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 \u0432\u0435\u0431-\u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432 Zimbra.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 RCE \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u0430\u043c\u0438, \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c unrar, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0432\u0430\u0448 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u043d\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043d\u0430 \u043e\u0434\u043d\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435.", "creation_timestamp": "2022-06-30T10:57:20.000000Z"}, {"uuid": "814c4ff7-7e96-49a7-8677-6f470ec09a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "exploited", "source": "https://t.me/true_secator/3535", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u041f\u041e Zimbra Collaboration Suite, \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u043c \u0432\u0435\u0431-\u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\n0-day \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-41352\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9.8. \n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e Rapid7, \u043e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043c\u0435\u0442\u043e\u0434\u043e\u043c (cpio) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0447\u0435\u0440\u0435\u0437 Amavis (\u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b) \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445.\n\nRapid7 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e CVE-2022-41352 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u0430\u00a0CVE-2022-30333\u00a0\u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 Unix-\u0432\u0435\u0440\u0441\u0438\u0438 \u0443\u0442\u0438\u043b\u0438\u0442\u044b RARlab unRAR, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u0432 \u0438\u044e\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 cpio \u0438\u043c\u0435\u0435\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0430\u0440\u0445\u0438\u0432\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0432 \u043b\u044e\u0431\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0434\u043b\u044f Zimbra.\n\n\u041a\u043e\u0433\u0434\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Zimbra, \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Amavis \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0430\u0440\u0445\u0438\u0432 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0432\u0438\u0440\u0443\u0441\u043e\u0432.\u00a0\u041e\u0434\u043d\u0430\u043a\u043e, \u0435\u0441\u043b\u0438 \u043e\u043d \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 .cpio, .tar \u0438\u043b\u0438 .rpm, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u043e \u0432 \u0432\u0435\u0431-\u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 Zimbra.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 Zimbra, \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0448\u0435\u043b\u043b-\u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0430\u0445\u00a0Zimbra, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0448\u043b\u0430 \u0441\u0432\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0443\u0436\u0435 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e 14 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f Zimbra \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c Pax, \u043f\u043e\u0440\u0442\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u0443 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0434\u043b\u044f \u0437\u0430\u043c\u0435\u043d\u044b cpio.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.8.15 \u0438 9.0 \u041f\u041e, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Oracle Linux 8, Red Hat Enterprise Linux 8, Rocky Linux 8 \u0438 CentOS 8, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c Ubuntu \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 pax \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n0-day \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-41352\u00a0\u0438 \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c Ubuntu \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 pax \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\nZimbra \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043f\u0430\u0442\u0447\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442 cpio, \u0441\u0434\u0435\u043b\u0430\u0432 pax \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c.\u00a0\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0441\u0440\u043e\u043a\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0415\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e Zimbra, \u043a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u043e\u0433\u043e 0-day, \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0441 \u0441\u0432\u044f\u0437\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e cpio \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u041d\u043e\u0432\u044b\u0439\u00a0\u00a0\u043e\u0442\u0447\u0435\u0442 Rapid7\u00a0\u043f\u0440\u043e\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u0435\u0442 \u043d\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043b\u0435\u0433\u043a\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0430\u0440\u0445\u0438\u0432\u044b. \n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0432\u043e\u0438\u0445 ZCS.", "creation_timestamp": "2022-10-10T12:01:02.000000Z"}, {"uuid": "3efc00fa-c63e-41a0-ae1f-0025c51a2f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30337", "type": "seen", "source": "https://t.me/cibsecurity/46767", "content": "\u203c CVE-2022-30337 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin &lt;= 4.4.8 at WordPress allows an attacker to update the social settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-21T20:18:28.000000Z"}, {"uuid": "004ff0de-872b-4b2e-b7e6-ab182063cc7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/862", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccSmbpentest: Test Samba Servers which may have been configured improperly for anonymous access to vulnerable shares\n\n\ud83d\udcccLBOZO: A hybrid Windows Ransomware\n\n\ud83d\udcccHoaxshell: An unconventional Windows reverse shell, currently undetected by Microsoft Defender and other AV solutions, solely based on http(s) traffic\n\n\ud83d\udcccPing Castle Cloud\n\n\ud83d\udcccCoffeeLdr\n\n\ud83d\udcccZimbra #Exploit CVE-2022-30333\n\n\ud83d\udcccCVE-2022-24086 RCE POC\n\n\ud83d\udcccdata.gov.uk \u2013 UK Government Backups\n\n\ud83d\udccctelefonica Ecuador CRM Files Leaks\n\n\ud83d\udcccSvetlogorsk39.ru leak\n\n\ud83d\udcccrbcd-attack\n\n\ud83d\udcccRustyTokenManipulation\n\n\ud83d\udcccOralyzer - Open Redirection Analyzer\n\n\ud83d\udcccSalus \u2013 SBOM Tool\n\n\ud83d\udcccSliver GUI client.\n\n\ud83d\udcccCVE-2022-32119 - Arox-Unrestricted-File-Upload\n\n\ud83d\udcccNodeJS Ransomware\n\n\ud83d\udcccDirble - Fast directory scanning and scraping tool\n\n\ud83d\udcccWebView2-Cookie-Stealer\n\n\ud83d\udcccZombieThread - Another meterpreter injection technique using C# that attempts to bypass WD.\n\n\ud83d\udcccEvil Clippy\n\n\ud83d\udcccEvtx Log (xml) Browser\n\n\ud83d\udcccCVE-2022-30333\n\n\ud83d\udcccCVE-2022-23614: PoC for CVE-2022-23614 (Twig sort filter code execution/sandbox bypass)\n\n\ud83d\udcccCVE-2022-33891 - Apache Spark shell command injection\n\n\ud83d\udcccEJS, Server side template injection RCE (CVE-2022-29078)\n\n\ud83d\udcccBinary Ninja Commercial 3.1.3469 (2022-05-31)\n\n\ud83d\udccccitycollege.edu Health University Leak\n\n\ud83d\udcccFull HHIDE.ORG forum dump\n\n\ud83d\udcccdanish.my Leak\n\n\ud83d\udcccstripchat.com Leak\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014-\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-19T13:38:52.000000Z"}, {"uuid": "3362ccbd-08fe-4f27-a00c-bf87e501f9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30338", "type": "seen", "source": "https://t.me/cibsecurity/63779", "content": "\u203c CVE-2022-30338 \u203c\n\nIncorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:25:40.000000Z"}, {"uuid": "df1f7e5a-df51-41d6-9d4e-71128880bfb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30339", "type": "seen", "source": "https://t.me/cibsecurity/58350", "content": "\u203c CVE-2022-30339 \u203c\n\nOut-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:41.000000Z"}, {"uuid": "9a4549a2-bb1c-42c1-8b49-704ee4e977bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/cibsecurity/42166", "content": "\u203c CVE-2022-30333 \u203c\n\nRARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-09T12:31:04.000000Z"}, {"uuid": "2d2f6648-797c-47cc-af50-4e8042a13ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/thehackernews/2328", "content": "A new vulnerability (CVE-2022-30333) has been discovered in RARlab's UnRAR utility that also affects several other applications using it, including Zimbra Mail.\n\nhttps://thehackernews.com/2022/06/new-unrar-vulnerability-could-let.html\n\nThe flaw allows remote attackers to execute arbitrary code on vulnerable Zimbra instances.", "creation_timestamp": "2022-12-05T11:34:28.000000Z"}, {"uuid": "fb592295-1168-44f1-bda8-b56b353c3920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30333", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6326", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (June 1-30)\n\nCVE-2022-30190 - Follina exploit\nCVE-2022-26134 - OGNL injection in Atlassian Confluence Server/Data Center\nCVE-2022-26809 - Weakness in a core Windows 7/10/Srv19/22 component (RPC)\nCVE-2022-30075 - TP-Link AX50 Auth RCE\nCVE-2022-23222 - Linux Kernel eBPF LPE\nCVE-2022-32275 - Grafana 8.4.3 allows reading files\nCVE-2022-26937 - Windows NFS NLM Portmap Stack Buffer Overflow\nCVE-2022-23088 - Heap Overflow in FreeBSD Wi-Fi Stack\nCVE-2022-31626 - RCE in PHP &lt;=7.4.29\nCVE-2022-30333 - Dir Traversal in rar", "creation_timestamp": "2024-10-12T06:49:41.000000Z"}, {"uuid": "2a7cd807-7cc6-4379-bf0f-031378e91457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30335", "type": "seen", "source": "https://t.me/cibsecurity/42206", "content": "\u203c CVE-2022-30335 \u203c\n\nBonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-09T22:33:09.000000Z"}, {"uuid": "6542e110-186e-42a9-91eb-b6fda849bafd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30334", "type": "seen", "source": "https://t.me/cibsecurity/42162", "content": "\u203c CVE-2022-30334 \u203c\n\nBrave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises \"Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-07T15:24:50.000000Z"}]}