{"vulnerability": "CVE-2022-3236", "sightings": [{"uuid": "875dae87-f88d-436f-803d-a73859764d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "28789df5-5986-484c-8ab9-6d12b2ed120d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "MISP/ffea72a3-7935-4078-b769-b872475c5eae", "content": "", "creation_timestamp": "2024-11-27T08:28:21.000000Z"}, {"uuid": "d7b03974-92a2-4b7a-b223-7a9ee7b38dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971718", "content": "", "creation_timestamp": "2024-12-24T20:33:12.466950Z"}, {"uuid": "97739b6f-d992-4033-aca5-388f7be8faaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ac1aea83-1a83-45f7-aade-1adc8f4588fd", "content": "", "creation_timestamp": "2026-02-02T12:27:12.319058Z"}, {"uuid": "9f34d5ab-f5ff-493d-a04b-3505a5c8e503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:37.000000Z"}, {"uuid": "03b461dc-5998-4481-a7b7-742f0cae057e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "MISP/8263fd3f-ae50-413c-8bac-1d69abcdb7bc", "content": "", "creation_timestamp": "2025-08-21T02:29:05.000000Z"}, {"uuid": "61d04db9-4717-42c0-9272-e6564d13f19f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=878", "content": "", "creation_timestamp": "2022-09-26T04:00:00.000000Z"}, {"uuid": "1be66272-969e-4818-a9f5-772343ba2daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://t.me/ctinow/154851", "content": "https://ift.tt/WyDxmAn\nSophos Backports Fix for CVE-2022-3236 for EOL Firewall Firmware", "creation_timestamp": "2023-12-13T15:48:07.000000Z"}, {"uuid": "a0e36936-673b-438b-8c14-f5725f49159d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3120", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aanalyze and PoC for sophos userportal and webadmin (CVE-2022-3236) RCE\nURL\uff1ahttps://github.com/Ha110w/CVE-2022-3236-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-25T18:57:44.000000Z"}, {"uuid": "26d98a1c-6567-4e37-a718-cef1f0867088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/BleepingComputer/19045", "content": "\u200aSophos backports RCE fix after attacks on unsupported firewalls\n\nSophos was forced to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. [...]\n\nhttps://www.bleepingcomputer.com/news/security/sophos-backports-rce-fix-after-attacks-on-unsupported-firewalls/", "creation_timestamp": "2023-12-12T21:27:36.000000Z"}, {"uuid": "5f414bff-a19f-4a67-bcf2-828a0387580e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10612", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 \ud83d\udea8 Over 4,000 Sophos Firewall devices vulnerable to RCE attacks viz. CVE-2022-3236.\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-3236\n\nhttps://www.bleepingcomputer.com/news/security/over-4-000-sophos-firewall-devices-vulnerable-to-rce-attacks/", "creation_timestamp": "2023-01-18T06:46:21.000000Z"}, {"uuid": "9aef5399-ebae-4b7e-9959-fa59c6b03084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/secsocteam/322", "content": "\u0627\u0644\u0634\u0631\u0643\u0627\u062a \u0627\u0644\u064a \u0628\u062a\u0633\u062a\u062e\u062f\u0645 Firewall Sophos \u0648 \u0627\u0644\u0640 Frameware \u0628\u062a\u0627\u0639\u0647\u0645 \u0623\u0642\u0644 \u0645\u0646 Firewall v19.0.1 MR1 \u064a\u0639\u0645\u0644\u0648 Updates \u0628\u0633\u0628\u0628 \u0638\u0647\u0648\u0631 \u062b\u063a\u0631\u0629 Zero-Day \u0645\u0646 \u0646\u0648\u0639 RCE \u26a0\ufe0f\n\u0648 \u062a\u0645 \u062a\u0623\u0643\u064a\u062f \u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0628\u0639\u0636 \u0639\u0645\u0644\u0627\u0621 Sophos \u0648 \u0628\u0627\u0644\u0623\u062e\u0635 \u0641\u064a \u062c\u0646\u0648\u0628 \u0622\u0633\u064a\u0627 \u0648 \u0628\u0644\u063a\u062a \u062e\u0637\u0648\u0631\u0629 \u0627\u0644\u062b\u063a\u0631\u0629 9.8 \u0648 \u0631\u0642\u0645\u0647\u0627 CVE-2022-3236 \u26d4\ufe0f\n\n\u0648 \u0627\u0644\u0623\u0641\u0636\u0644 \u0623\u0646\u0643 \u0643\u0640 Network Admin \u062a\u0642\u0641\u0644 \u0627\u0644\u0640 WAN Access \u0648 \u0627\u0644\u0640 WAN Ping \u0644\u0648 \u0645\u0641\u064a\u0634 \u0625\u0633\u062a\u062e\u062f\u0627\u0645 \u0636\u0631\u0648\u0631\u064a \u0644\u064a\u0647\u0645 \u0645\u0646\u0639\u0627\u064b \u0645\u0646 \u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0645 \u062e\u0635\u0648\u0635\u0627\u064b \u0645\u0639 \u0638\u0647\u0648\u0631 \u062b\u063a\u0631\u0627\u062a Zero-Day \u0644\u0640 Sophos \u062e\u0644\u0627\u0644 \u0627\u0644\u0623\u0634\u0647\u0631 \u0627\u0644\u064a \u0641\u0627\u062a\u062a \ud83d\udc4c\n\n\u0627\u0644\u0645\u0635\u0627\u062f\u0631 \u0644\u0644\u062a\u0641\u0627\u0635\u064a\u0644 \u0623\u0643\u062a\u0631 :\n[1] Sophos :\nhttps://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce\n\n[2] TheHackerNews :\nhttps://thehackernews.com/2022/09/hackers-actively-exploiting-new-sophos.html\n\n#Security_Society", "creation_timestamp": "2022-09-25T11:53:57.000000Z"}, {"uuid": "3d454bd8-a113-4518-b687-b0fe1c90e53c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/ctinow/154807", "content": "https://ift.tt/Yb18hRj\nEOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)", "creation_timestamp": "2023-12-13T12:12:14.000000Z"}, {"uuid": "0c32f50d-2cbc-4ede-83b8-769dc474f077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/ctinow/154801", "content": "https://ift.tt/WyDxmAn\nSophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks", "creation_timestamp": "2023-12-13T12:02:00.000000Z"}, {"uuid": "6d022ff9-b53e-4e2f-8986-99bdd1195630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://t.me/arpsyndicate/1831", "content": "#ExploitObserverAlert\n\nCVE-2022-3236\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.\n\nFIRST-EPSS: 0.106520000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T14:50:52.000000Z"}, {"uuid": "e0892541-ea35-4b32-ad4a-90c9d6338faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/ctinow/65576", "content": "RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)\n\nhttps://ift.tt/M7wV4v5", "creation_timestamp": "2022-09-26T13:08:25.000000Z"}, {"uuid": "bcdb6d82-3c9b-40e3-bc9a-9e26edcfdc99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://t.me/arpsyndicate/1067", "content": "#ExploitObserverAlert\n\nCVE-2022-3236\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-3236. A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.\n\nFIRST-EPSS: 0.106520000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T00:19:39.000000Z"}, {"uuid": "f7ea3162-02c0-4d2d-bf8a-64309417b725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/true_secator/3794", "content": "Sophos \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 Sophos Firewall \u0432\u0435\u0440\u0441\u0438\u0438 19.5 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f\u043c \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438\u00a0\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f Sophos Firewall\u00a0 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0435\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 19.5 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-3236, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u043c\u0435\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043d\u0435\u043b\u044c\u0437\u044f \u043d\u0430\u0437\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u043c.\u00a0\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e \u0435\u0433\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e CVE-2022-3236 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u043a\u0440\u0443\u0433 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u0422\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 Sophos Firewall 19.5, \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2022-3226, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 SSL VPN.\n\nCVE-2022-3713 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 Wi-Fi, \u0430 \u0442\u0440\u0435\u0442\u044c\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 CVE-2022-3696 - \u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435, \u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u0441\u0440\u0435\u0434\u043d\u044e\u044e \u0438\u043b\u0438 \u043d\u0438\u0437\u043a\u0443\u044e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c.\u00a0\u041e\u043d\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 XSS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043d\u0435\u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0431\u0430\u0433 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u0430\u043c\u043e\u0439 Sophos, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0434\u0440\u0443\u0433\u0438\u0435 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0432\u043d\u0435\u0448\u043d\u0438\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Bug Bounty.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Sophos, \u0438 \u0438\u043c\u0435\u044e\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0446\u0435\u043b\u0435\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435.", "creation_timestamp": "2022-12-07T10:30:06.000000Z"}, {"uuid": "dcad631b-944b-44be-b464-a686d9d301fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/MrVGunz/545", "content": "\u0634\u0631\u06a9\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0633\u0648\u0641\u0648\u0633 \u062e\u0628\u0631 \u0631\u0641\u0639 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u062f\u0631\u062c\u0647 \u0627\u0647\u0645\u06cc\u062a \u062d\u06cc\u0627\u062a\u06cc (CVSS:9.8) \u0648 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 CVE-2022-3236 \u06a9\u0647 \u0627\u0632 \u0646\u0648\u0639 RCE \u0645\u06cc \u0628\u0627\u0634\u062f \u0631\u0627 \u0628\u0637\u0648\u0631 \u0631\u0633\u0645\u06cc \u0631\u0633\u0627\u0646\u0647 \u0627\u06cc \u06a9\u0631\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u06cc\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0631\u0627 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u0645\u062e\u0631\u0628 \u062e\u0648\u062f \u0631\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0628\u062e\u0634 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 Webadmin \u0627\u062c\u0631\u0627 \u0646\u0645\u0627\u06cc\u062f.\n\u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0627\u0632 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u0628\u0627 \u0646\u0633\u062e\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc v19.0 MR1 \u0628\u0647 \u0642\u0628\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u0646\u0645\u0627\u06cc\u062f\u060c \u062d\u062a\u0645\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0628\u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0631\u0627 \u062f\u0631 \u0627\u0648\u0644\u0648\u06cc\u062a \u0642\u0631\u0627\u0631 \u062f\u0647\u06cc\u062f.\n\u0627\u06cc\u0646 \u062f\u0648\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u062f\u0631 \u0633\u0627\u0644 \u062c\u0627\u0631\u06cc \u0645\u06cc\u0644\u0627\u062f\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0627\u0639\u0644\u0627\u0646 CISA \u062f\u0631 \u0644\u06cc\u0633\u062a \u062d\u0645\u0644\u0627\u062a \u062c\u062f\u06cc \u0641\u0639\u0627\u0644 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a.(\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0642\u0628\u0644\u06cc \u062f\u0631 \u0645\u0627\u0647 \u0645\u0627\u0631\u0633 \u0631\u0633\u0627\u0646\u0647 \u0627\u06cc \u0634\u062f.)\n\u062c\u0632\u0626\u06cc\u0627\u062a \u06a9\u0627\u0645\u0644: https://bit.ly/SopoRCE2", "creation_timestamp": "2022-10-08T16:30:47.000000Z"}, {"uuid": "e8f0f5aa-65ad-4024-96e8-6fa86ecdbbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://t.me/true_secator/6473", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Trend Micro \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 GhostSpider, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0441\u044f Salt Typhoon (Earth Estries, GhostEmperor \u0438\u043b\u0438 UNC2286) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433.\n\n\u041f\u043e\u043c\u0438\u043c\u043e GhostSpider Salt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0431\u043e\u0440 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u0441\u0442\u0440\u043e\u0433\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u044b\u0445 \u0430\u0442\u0430\u043a: SNAPPYBEE (Deed RAT), SparrowDoor, CrowDoor \u0438 MASOL RAT \u0434\u043b\u044f Linux, \u0440\u0443\u0442\u043a\u0438\u0442 DEMODEX, ShadowPad, NeoReGeorg, frpc\u00a0\u0438 Cobalt Strike.\n\nSalt Typhoon - \u044d\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 2019 \u0433\u043e\u0434\u0430 \u0438 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0438 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Verizon, AT&amp;T, Lumen Technologies \u0438\u00a0T-Mobile.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Washington Post, Salt Typhoon \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c\u00a0\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0435\u00a0\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 150 \u0434\u043e\u043b\u0436\u043d\u043e\u0441\u0442\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438\u0437 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0421\u0428\u0410 \u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u043e\u0432.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0Trend Micro, Salt Typhoon \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u0442\u0435\u043b\u0435\u043a\u043e\u043c, \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u043e\u0432\u044b\u0435, \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0421\u0428\u0410, \u0410\u0437\u0438\u0430\u0442\u0441\u043a\u043e-\u0422\u0438\u0445\u043e\u043e\u043a\u0435\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435, \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435, \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u0444\u0440\u0438\u043a\u0435 \u0438 \u0434\u0440.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0434\u0432\u0430\u0434\u0446\u0430\u0442\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 Salt Typhoon \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0443\u0434\u0435\u043b\u0435\u043d\u043e \u0434\u0432\u0443\u043c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c: \n- \u0410\u043b\u044c\u0444\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Demodex \u0438 SnappyBee,\n- \u0411\u0435\u0442\u0430 - \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u043f\u0440\u043e\u0442\u0438\u0432 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c GhostSpider \u0438 Demodex.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c: CVE-2023-46805, CVE-2024-21887\u00a0(VPN-\u0441\u0435\u0440\u0432\u0438\u0441 Ivanti Connect), CVE-2023-48788 (FortiClient EMS), CVE-2022-3236 (\u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440 Sophos), CVE-2021-26855, CVE-2021-26857 - 26858, CVE-2021-27065 (ProxyLogon).\n\nSalt Typhoon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b LOLbin \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, GhostSpider - \u044d\u0442\u043e \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u0437\u0430 \u0441\u0447\u0435\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u041e\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL \u0438 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 regsvr32.exe, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043c\u0430\u044f\u043a\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u044c.\n\nGhostSpider \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f (C2), \u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u0445 HTTP \u0438\u043b\u0438 \u0444\u0430\u0439\u043b\u0430\u0445 cookie, \u0447\u0442\u043e\u0431\u044b \u0441\u043c\u0435\u0448\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u0421\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440\u0443 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0430\u0440\u0441\u0435\u043d\u0430\u043b Salt Typhoon \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0431\u0448\u0438\u0440\u0435\u043d \u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u0435\u0442 \u0435\u0435 \u043a\u0430\u043a \u043e\u0434\u043d\u0443 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0430\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u044b\u0445 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 APT.", "creation_timestamp": "2024-11-26T13:40:05.000000Z"}, {"uuid": "ecd4d9af-db3d-496c-91dd-016e8a8da2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/true_secator/3466", "content": "\u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0430\u044f Sophos \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0435\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, \u0432\u0435\u0440\u0441\u0438\u044f 19.0 MR1 (19.0.1) \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Sophos Firewall \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2022-3236 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,8). \u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b User Portal \u0438 Webadmin.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Sophos \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e - \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\u00a0\u041a\u0430\u0436\u0434\u0443\u044e \u0438\u0437 \u044d\u0442\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u0441 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 Sophos Firewall, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f  \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 Sophos \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0431\u0438\u043b \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043e\u0442 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438. \u0414\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0441\u043e\u043b\u044c Sophos Central \u0438\u043b\u0438 VPN.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0430\u0442\u0447\u0430.\n\n\u0414\u043b\u044f \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430 \u0443\u0433\u0440\u043e\u0437, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438\u0437 \u042f\u043f\u043e\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 Shodan, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0434\u043e 200 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Sophos \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443\u00a0\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041d\u0435\u0443\u0442\u0435\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0434\u043b\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Sophos, \u0432\u0435\u0434\u044c \u0432\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0437 \u0437\u0430 \u0433\u043e\u0434, \u043a\u043e\u0433\u0434\u0430 0-day \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c.\n\n\u0420\u0430\u043d\u0435\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0434\u0440\u0443\u0433\u0430\u044f CVE-2022-1040 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u044d\u0442\u043e\u043c \u0436\u0435 \u0440\u0435\u0433\u0438\u043e\u043d\u0435. Volexity \u0441\u0432\u044f\u0437\u0430\u043b\u0430 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439\u00a0DriftingCloud.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e \u0443\u0436\u0435 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 CVE-2020-25223 (Sophos SG UTM), CVE-2020-12271 (XG Firewall) \u0438 CVE-2022-1040 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Sophos, \u043a\u043e\u0442\u043e\u0440\u0443\u044e CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433.\n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e Sophos \u043d\u0435 \u043e\u0442\u0441\u0442\u0430\u0435\u0442 \u043e\u0442 \u0441\u0432\u043e\u0438\u0445 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0445 \u043a\u043e\u043b\u043b\u0435\u0433 \u0438\u0437 Trend Micro \u0441 \u0438\u0445 \u0434\u044b\u0440\u044f\u0432\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0434\u043d\u0430\u0436\u0434\u044b \u0443\u043a\u0440\u0430\u043b\u0438 \u043b\u0438\u0447\u043d\u0443\u044e \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u0438\u043a\u0438 Mitsubishi Electric.", "creation_timestamp": "2022-09-26T15:37:03.000000Z"}, {"uuid": "bb6295fc-5b1d-446b-bc62-c7ed3b47cd27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "seen", "source": "https://t.me/cibsecurity/50315", "content": "\u203c CVE-2022-3236 \u203c\n\nA code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T16:13:26.000000Z"}, {"uuid": "a08dbb6a-73ab-4b05-baf5-c89e513208d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32366", "type": "seen", "source": "https://t.me/cibsecurity/44445", "content": "\u203c CVE-2022-32366 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:16.000000Z"}, {"uuid": "4b433dab-dbd2-4b75-90ec-2ca828a9c913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32368", "type": "seen", "source": "https://t.me/cibsecurity/44574", "content": "\u203c CVE-2022-32368 \u203c\n\nitsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T00:19:50.000000Z"}, {"uuid": "fa127b7b-13fa-4560-87ea-fa710791d225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32363", "type": "seen", "source": "https://t.me/cibsecurity/44473", "content": "\u203c CVE-2022-32363 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T00:19:37.000000Z"}, {"uuid": "297374ed-d882-4abb-af4d-059369a1fed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32367", "type": "seen", "source": "https://t.me/cibsecurity/44450", "content": "\u203c CVE-2022-32367 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&amp;id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:21.000000Z"}, {"uuid": "f8d58e92-a8a6-400f-94ca-206e76d12854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32362", "type": "seen", "source": "https://t.me/cibsecurity/44464", "content": "\u203c CVE-2022-32362 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T00:19:24.000000Z"}, {"uuid": "98e13992-3b48-4d7a-bfb4-2ace84ca2a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32365", "type": "seen", "source": "https://t.me/cibsecurity/44441", "content": "\u203c CVE-2022-32365 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:10.000000Z"}, {"uuid": "a4f3ad51-eedc-4d48-a63d-432ffe6b4740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32364", "type": "seen", "source": "https://t.me/cibsecurity/44440", "content": "\u203c CVE-2022-32364 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&amp;id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:09.000000Z"}, {"uuid": "05cca1ff-a70d-4d75-9ae6-26197d5b0f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/thehackernews/2599", "content": "Sophos has warned of cyberattacks targeting a recently fixed critical RCE vulnerability (CVE-2022-3236) in its firewall product.\n\nRead: https://thehackernews.com/2022/09/hackers-actively-exploiting-new-sophos.html", "creation_timestamp": "2022-09-24T07:13:55.000000Z"}, {"uuid": "08d53e7b-e3ed-45a6-96cb-55724c7a7f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "exploited", "source": "https://t.me/xakep_ru/13493", "content": "\u0411\u043e\u043b\u0435\u0435 4000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0431\u0430\u0433\u043e\u043c \u0432 Sophos Firewall\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 4000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Sophos Firewall, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0431\u0430\u0433\u043e\u043c, \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u044b\u0448\u0435\u043b \u0435\u0449\u0435 \u043e\u0441\u0435\u043d\u044c\u044e 2022 \u0433\u043e\u0434\u0430.\n\nhttps://xakep.ru/2023/01/19/cve-2022-3236-warning/", "creation_timestamp": "2023-01-19T13:35:02.000000Z"}, {"uuid": "333a6bcc-a094-4d32-9963-c919036c2675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3236", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7085", "content": "#exploit\n1. CVE-2021-39144:\nVMware Cloud Foundation RCE vulnerability via XStream\nhttps://github.com/b3wT/CVE-2021-39144-XSTREAM-RCE\n\n2. CVE-2022-3236:\nSophos Firewall User Portal and Web Admin Code Injection\nhttps://www.zerodayinitiative.com/blog/2022/10/19/cve-2022-3236-sophos-firewall-user-portal-and-web-admin-code-injection", "creation_timestamp": "2022-11-01T11:01:02.000000Z"}]}