{"vulnerability": "CVE-2022-40684", "sightings": [{"uuid": "30ba93dd-6414-40ab-9de7-b509fb53a793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "d93d396c-973f-469c-8c97-dbcc2fdafa5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3lfu7nif6i22k", "content": "", "creation_timestamp": "2025-01-16T11:50:35.537333Z"}, {"uuid": "ac5e9863-d7b1-4600-a4cf-a7293891796c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lftcgs2fru2y", "content": "", "creation_timestamp": "2025-01-16T03:07:52.408873Z"}, {"uuid": "ed5d48e6-8c71-486d-b8db-0c0a34727df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971723", "content": "", "creation_timestamp": "2024-12-24T20:33:16.224239Z"}, {"uuid": "49e58eb6-0334-4b87-893f-00ee914be389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lfufwluvlk2z", "content": "", "creation_timestamp": "2025-01-16T13:43:05.884802Z"}, {"uuid": "d5d9cafd-73ef-4470-94e3-665df18544f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113838486993713906", "content": "", "creation_timestamp": "2025-01-16T14:24:20.905019Z"}, {"uuid": "e0f6b5ae-4a19-47e8-890c-96ac95142ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3lfutoo46r22l", "content": "", "creation_timestamp": "2025-01-16T17:49:11.341514Z"}, {"uuid": "efbe292c-04ef-41ce-a73e-34608afda727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-2025cd14-08ad998052c055cd", "content": "", "creation_timestamp": "2025-01-16T17:59:13.682528Z"}, {"uuid": "bf7e5c3f-8833-48cf-ba85-26ef84f56a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/cudeso.bsky.social/post/3lfuncdbn222j", "content": "", "creation_timestamp": "2025-01-16T15:54:56.027783Z"}, {"uuid": "5d20c175-0eeb-4ef5-9ee2-f1c77e7fc989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-40684", "type": "confirmed", "source": "https://github.com/cudeso/tools/blob/master/CVE-2022-40684/", "content": "", "creation_timestamp": "2025-01-16T16:03:00.659050Z"}, {"uuid": "476129d0-5e9d-4ae3-8e1c-d8748862fe08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113835343933778715", "content": "", "creation_timestamp": "2025-01-16T01:05:16.851013Z"}, {"uuid": "89cbaa3c-0f48-49cd-b793-09b1bdfb9455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/GossiTheDog.cyberplace.social.ap.brid.gy/post/3lft3let3h7j2", "content": "", "creation_timestamp": "2025-01-16T01:05:19.457279Z"}, {"uuid": "f0b3f7b3-b16b-436d-985c-b70756c0f3f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3lfuotu647m2j", "content": "", "creation_timestamp": "2025-01-16T16:22:35.436297Z"}, {"uuid": "627a7504-1ff0-45ca-9c99-25b781cfa7c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113841533161451940", "content": "", "creation_timestamp": "2025-01-17T03:19:01.973643Z"}, {"uuid": "0c20063d-e8ef-48ac-acf7-e2bd30dbd935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lfwxnb6pt42r", "content": "", "creation_timestamp": "2025-01-17T14:05:17.587406Z"}, {"uuid": "27b8d554-8263-4df8-97b1-0c270bb56c07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lg7mhp4aus2o", "content": "", "creation_timestamp": "2025-01-21T00:39:19.547930Z"}, {"uuid": "846246a7-dfb5-4997-859a-5f2e16e67860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lg6zphmsjf22", "content": "", "creation_timestamp": "2025-01-20T19:03:36.471340Z"}, {"uuid": "3456df9f-3c40-48a1-b967-b8de96c30140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "41e75106-6ae3-4ff3-9937-23cd44a5973e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/s-trobertlaszlo.bsky.social/post/3lhkzuzpcdk2b", "content": "", "creation_timestamp": "2025-02-07T07:03:52.568073Z"}, {"uuid": "b87861bf-c77b-4b84-a3e5-7d36cf6d55e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "317b841c-2e96-454b-9dfc-e08f997b8937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/treadstone71.bsky.social/post/3lgejjkweqh2v", "content": "", "creation_timestamp": "2025-01-22T23:29:57.244019Z"}, {"uuid": "1c5c0c44-9964-4fbf-bbcb-39da14afc333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/treadstone71.bsky.social/post/3lgejkdgqyp24", "content": "", "creation_timestamp": "2025-01-22T23:30:22.711032Z"}, {"uuid": "2bca0e12-e5f1-4dc6-826a-830d2050c3b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "e69e6a72-77ba-4f1c-9de9-9d4423a782f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/greynoise.bsky.social/post/3lgtas4igas2o", "content": "", "creation_timestamp": "2025-01-28T20:03:40.060959Z"}, {"uuid": "1187cbd2-e7d6-46c4-a616-e60febded5ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "901a97f2-8038-4de4-8183-3eab742a2465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-24)", "content": "", "creation_timestamp": "2025-01-24T00:00:00.000000Z"}, {"uuid": "c167d0a4-d810-4303-aed3-79f205ec50a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-23)", "content": "", "creation_timestamp": "2025-01-23T00:00:00.000000Z"}, {"uuid": "a863276e-3f7e-4521-b379-58b2cadbacae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-15)", "content": "", "creation_timestamp": "2025-01-15T00:00:00.000000Z"}, {"uuid": "3f3bdf0e-57d0-4a50-86d8-711f0b6b4d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-16)", "content": "", "creation_timestamp": "2025-01-16T00:00:00.000000Z"}, {"uuid": "967c4cbe-bb41-4ef6-8e14-28e0c3eebacb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-22)", "content": "", "creation_timestamp": "2025-01-22T00:00:00.000000Z"}, {"uuid": "3f93a85c-8e96-427d-84df-50e02df616c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "c00c031f-87be-4f90-a08e-6b972839c5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-26)", "content": "", "creation_timestamp": "2024-12-26T00:00:00.000000Z"}, {"uuid": "98d7bc3d-edf9-4885-bf1b-abba00b1fcb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-31)", "content": "", "creation_timestamp": "2024-12-31T00:00:00.000000Z"}, {"uuid": "a12ea8ea-1342-4028-857e-98dca5063c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-27)", "content": "", "creation_timestamp": "2024-12-27T00:00:00.000000Z"}, {"uuid": "32ab4bcf-b70e-4481-8db2-eaa710e22db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-04)", "content": "", "creation_timestamp": "2025-01-04T00:00:00.000000Z"}, {"uuid": "6a9caae6-c914-44bb-bae5-8f8356e0d8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-05)", "content": "", "creation_timestamp": "2025-01-05T00:00:00.000000Z"}, {"uuid": "37cb0599-4dd1-473c-b41f-8dafeb3f5020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/greynoise.infosec.exchange.ap.brid.gy/post/3lgtbo2a7rer2", "content": "", "creation_timestamp": "2025-01-28T20:19:41.263965Z"}, {"uuid": "025e06b2-dea9-441d-94be-5f25c75eab6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "9dccdc4f-1072-4dd1-a8e0-8ba8d01e2f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "43a2a665-d0d3-4822-8785-71bf428d4a28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-10)", "content": "", "creation_timestamp": "2025-01-10T00:00:00.000000Z"}, {"uuid": "7b523ce8-6d58-4a7e-9a35-629b4e83921b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-08)", "content": "", "creation_timestamp": "2025-01-08T00:00:00.000000Z"}, {"uuid": "1417fead-db8f-4f99-882c-fcb2bec3f098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-25)", "content": "", "creation_timestamp": "2024-10-25T00:00:00.000000Z"}, {"uuid": "28cd3c9a-7bc3-4a7a-a849-bf1eaae2ae65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-26)", "content": "", "creation_timestamp": "2024-10-26T00:00:00.000000Z"}, {"uuid": "a8e61533-850e-476b-b6da-489e0d92955e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "2db37675-9e77-43b9-95c7-937861ea558a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-29)", "content": "", "creation_timestamp": "2024-10-29T00:00:00.000000Z"}, {"uuid": "5c7aa5c7-dc88-490c-831e-8a1b4dc14fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-30)", "content": "", "creation_timestamp": "2024-10-30T00:00:00.000000Z"}, {"uuid": "8fcd2d98-18c1-4436-b310-dd8f9fd027b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-04)", "content": "", "creation_timestamp": "2024-11-04T00:00:00.000000Z"}, {"uuid": "baa7aaf0-509e-424e-9c44-4d3e01544c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-08)", "content": "", "creation_timestamp": "2024-11-08T00:00:00.000000Z"}, {"uuid": "55bfaae3-71b0-4f33-a44a-c4f2de28f0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "7d42011b-eb35-432f-a15c-e36729c11f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-12)", "content": "", "creation_timestamp": "2024-11-12T00:00:00.000000Z"}, {"uuid": "aaeb1b59-9715-4696-9db1-0f236e31404c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-26)", "content": "", "creation_timestamp": "2024-11-26T00:00:00.000000Z"}, {"uuid": "10ee0324-223e-43ba-89e4-a7cdb62c43ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-27)", "content": "", "creation_timestamp": "2024-11-27T00:00:00.000000Z"}, {"uuid": "22891a52-fe72-411d-a582-097b9be765a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-29)", "content": "", "creation_timestamp": "2024-11-29T00:00:00.000000Z"}, {"uuid": "eed16566-d408-489b-8a12-dc42395af042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-06)", "content": "", "creation_timestamp": "2024-12-06T00:00:00.000000Z"}, {"uuid": "784678ae-8013-4a36-ad88-eb93f57d7efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-19)", "content": "", "creation_timestamp": "2024-11-19T00:00:00.000000Z"}, {"uuid": "dd9dde87-4551-4258-aaa1-81086d89c51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "13127a82-e7a3-4f72-b403-1b66f0b75288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-11)", "content": "", "creation_timestamp": "2024-12-11T00:00:00.000000Z"}, {"uuid": "983d192a-a945-4da8-bf9e-5a84f9d82d2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-04)", "content": "", "creation_timestamp": "2024-12-04T00:00:00.000000Z"}, {"uuid": "ac87af6e-cd41-4d57-9136-776098cb5b21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-13)", "content": "", "creation_timestamp": "2024-12-13T00:00:00.000000Z"}, {"uuid": "1acbd19f-433e-4be8-a068-74820c31ae3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-03)", "content": "", "creation_timestamp": "2024-12-03T00:00:00.000000Z"}, {"uuid": "6bde229f-8ad2-41e5-90ad-c647eb0481ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "8d39254b-4dcc-4633-970f-2a4fd38bb18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-05)", "content": "", "creation_timestamp": "2024-12-05T00:00:00.000000Z"}, {"uuid": "a46c8518-625c-4c48-98dd-ff623e497218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-17)", "content": "", "creation_timestamp": "2024-12-17T00:00:00.000000Z"}, {"uuid": "093bfe46-dc81-4237-84b9-75a580c64195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-10)", "content": "", "creation_timestamp": "2024-12-10T00:00:00.000000Z"}, {"uuid": "e6d469f0-a460-4755-9382-c99745ded91d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-18)", "content": "", "creation_timestamp": "2024-12-18T00:00:00.000000Z"}, {"uuid": "bd27d82c-a041-4806-b342-c70277a06a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://ioc.exchange/users/sicert/statuses/113879199829746014", "content": "", "creation_timestamp": "2025-01-23T18:58:10.205848Z"}, {"uuid": "f17284f9-6d19-48e1-a75e-4428f11deac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "bfbceb49-49ef-4a79-8cd3-6f02bba976a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "2d4a24b2-c051-4bf1-9978-ec0c173386cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "0b1a69dd-6d2f-40d7-8cfc-45ca40ccf76c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "8eead67c-1299-46a1-aa0d-a8796fd05eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "d1c83f3b-5e25-4469-87ed-53d637efe3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-05)", "content": "", "creation_timestamp": "2025-03-05T00:00:00.000000Z"}, {"uuid": "fcd836e3-7f46-479a-81f3-6eca59a9e441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114183697508254377", "content": "", "creation_timestamp": "2025-03-18T13:35:55.653577Z"}, {"uuid": "ba29dd8f-7a4f-4133-8a84-444826649a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:48.000000Z"}, {"uuid": "599e7a18-259f-453d-8627-d4f23474979f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-23)", "content": "", "creation_timestamp": "2025-03-23T00:00:00.000000Z"}, {"uuid": "800e1fe1-0b14-4364-a1e2-d97069bdb6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "c893beb1-d20c-4554-96bf-a1f4ec8dfa12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "a7e53072-d2fa-4888-8e39-662265be56a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "89653df7-8451-404a-95e9-8d36ccb0923b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-26)", "content": "", "creation_timestamp": "2025-03-26T00:00:00.000000Z"}, {"uuid": "f7b4d5fc-9ab3-4ae9-98d7-19cad3fd9c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-26)", "content": "", "creation_timestamp": "2025-02-26T00:00:00.000000Z"}, {"uuid": "e4652a01-3fa3-4229-8967-580d3afa91fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-12)", "content": "", "creation_timestamp": "2025-03-12T00:00:00.000000Z"}, {"uuid": "e57b77fb-8322-46ec-b6ac-590ea797be9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-13)", "content": "", "creation_timestamp": "2025-03-13T00:00:00.000000Z"}, {"uuid": "e98d883d-232e-4bf7-98d6-55bf28a6c42b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-13)", "content": "", "creation_timestamp": "2025-02-13T00:00:00.000000Z"}, {"uuid": "fc57dabf-b5e0-49db-9a7b-4c7e7345fb40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "52bae710-f5c4-4abc-8509-927bb8edb70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://swecyb.com/users/nopatience/statuses/114182151088002586", "content": "", "creation_timestamp": "2025-03-18T07:02:49.100641Z"}, {"uuid": "952bc125-f605-41c9-a8de-061a218f1794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-16)", "content": "", "creation_timestamp": "2025-03-16T00:00:00.000000Z"}, {"uuid": "247f81c4-edc1-4089-9830-758c70a0c080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-25)", "content": "", "creation_timestamp": "2025-03-25T00:00:00.000000Z"}, {"uuid": "0eeb76b2-e3d9-473e-a4cb-bf20b9d9dde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "c07a0211-b307-4418-822f-d7d86701bcdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-18)", "content": "", "creation_timestamp": "2025-03-18T00:00:00.000000Z"}, {"uuid": "0415c0f4-0067-4fc9-a905-be21246a0462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-19)", "content": "", "creation_timestamp": "2025-03-19T00:00:00.000000Z"}, {"uuid": "fec575b7-b304-4f9c-be27-a0d158f596ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "2e232108-02cf-48f3-977d-50a08a4bef56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "2398cc57-7b56-44f8-82c0-69b2907cd7c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-19)", "content": "", "creation_timestamp": "2025-02-19T00:00:00.000000Z"}, {"uuid": "6a264c2e-5814-466e-ba0d-9a6724a3bfd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-20)", "content": "", "creation_timestamp": "2025-03-20T00:00:00.000000Z"}, {"uuid": "6a159b80-b5c8-4c0e-8b5c-abc5d0f7e910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-20)", "content": "", "creation_timestamp": "2025-02-20T00:00:00.000000Z"}, {"uuid": "e7c627fa-5797-4005-90e0-81a8e2225849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "1330719a-9b56-459e-921a-12d922c26f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "5d457dd8-c675-46de-9f5a-88af3978302a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "6be59281-5d56-48d8-91e8-2bfad61feb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-22)", "content": "", "creation_timestamp": "2025-03-22T00:00:00.000000Z"}, {"uuid": "1a651396-70d0-4a16-a0da-9dc77a044348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-27)", "content": "", "creation_timestamp": "2025-03-27T00:00:00.000000Z"}, {"uuid": "7765b9d5-eec5-422f-ab2e-07d07ae6027c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "600a1841-38bf-4751-bcd6-624f8100e0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-25)", "content": "", "creation_timestamp": "2025-02-25T00:00:00.000000Z"}, {"uuid": "2317518d-72f5-4bf2-a40e-2cbc7bc04079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "f434da44-26ea-4435-93ab-53016cf37f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-31)", "content": "", "creation_timestamp": "2025-03-31T00:00:00.000000Z"}, {"uuid": "f2d4ad62-955a-45fa-b565-6077c378db1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-11)", "content": "", "creation_timestamp": "2025-07-11T00:00:00.000000Z"}, {"uuid": "e7343552-6864-4293-adb7-622eef419939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-01)", "content": "", "creation_timestamp": "2025-04-01T00:00:00.000000Z"}, {"uuid": "008d00d5-263c-4530-877d-a9052175ab44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-03)", "content": "", "creation_timestamp": "2025-04-03T00:00:00.000000Z"}, {"uuid": "8109a97e-94e5-410a-a5cf-d3d36ed431bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-02)", "content": "", "creation_timestamp": "2025-04-02T00:00:00.000000Z"}, {"uuid": "01960f5b-ab9a-49bf-8057-259f33b7b834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-09)", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "c89ea14a-55f1-4759-9dd4-faaf091584ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-14)", "content": "", "creation_timestamp": "2025-07-14T00:00:00.000000Z"}, {"uuid": "c12a97a3-9077-45bd-8aad-5a689870b770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-12)", "content": "", "creation_timestamp": "2025-07-12T00:00:00.000000Z"}, {"uuid": "a795323a-a395-4a3e-8df0-c62c80a4e978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-10)", "content": "", "creation_timestamp": "2025-04-10T00:00:00.000000Z"}, {"uuid": "b0fff1c5-e522-4f4a-8911-4a9c8587678f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "05db0f54-fabf-4159-98e6-225c8323f64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-08)", "content": "", "creation_timestamp": "2025-04-08T00:00:00.000000Z"}, {"uuid": "8fb9711f-6f42-450f-860b-19e7959d8ab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-17)", "content": "", "creation_timestamp": "2025-04-17T00:00:00.000000Z"}, {"uuid": "3f7d3cdf-f7e7-4f4a-b632-3e6615e3bfe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-15)", "content": "", "creation_timestamp": "2025-04-15T00:00:00.000000Z"}, {"uuid": "13b7a86c-9496-4ae5-94c5-9cc7277d3c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-21)", "content": "", "creation_timestamp": "2025-05-21T00:00:00.000000Z"}, {"uuid": "9bbbf791-6cf4-4c64-b0fa-396b3ce630d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "aaeabc90-5438-4e4b-b909-a39886d69a4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lmwbsqqo4p2b", "content": "", "creation_timestamp": "2025-04-16T09:31:00.966212Z"}, {"uuid": "5b6fd278-6436-471e-843c-c07e10e701c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-16)", "content": "", "creation_timestamp": "2025-04-16T00:00:00.000000Z"}, {"uuid": "64627e03-c1eb-4c37-a717-e0d2b8c82308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "ed703fd4-31c1-48c4-8e00-21561b4b98d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-05)", "content": "", "creation_timestamp": "2025-06-05T00:00:00.000000Z"}, {"uuid": "70ac83ef-07da-4d9b-8e51-372449625312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "b6cab502-ed19-427d-9f22-f92b8afecead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "7a96c3b9-01aa-4015-b071-99098f7c32be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-28)", "content": "", "creation_timestamp": "2025-05-28T00:00:00.000000Z"}, {"uuid": "d018be3a-8f1b-4767-a69a-b0fc80916be0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-03)", "content": "", "creation_timestamp": "2025-07-03T00:00:00.000000Z"}, {"uuid": "9598b550-03b1-4dc0-a8ea-d5841a06646c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "c5560588-befe-4c2f-8112-3c153d46ddc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-25)", "content": "", "creation_timestamp": "2025-04-25T00:00:00.000000Z"}, {"uuid": "44c0276c-a221-46e5-bcea-5dca690f566b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "99ade6a4-3bfa-4be7-bd1b-ae83894b3906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-30)", "content": "", "creation_timestamp": "2025-04-30T00:00:00.000000Z"}, {"uuid": "d4b1f464-e296-48ee-b3e2-d18de6bee975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-10)", "content": "", "creation_timestamp": "2025-07-10T00:00:00.000000Z"}, {"uuid": "57699206-67aa-4900-b282-21da3468be50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-02)", "content": "", "creation_timestamp": "2025-05-02T00:00:00.000000Z"}, {"uuid": "c6f1d081-cde5-4b6b-a367-18261f10571a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-12)", "content": "", "creation_timestamp": "2025-06-12T00:00:00.000000Z"}, {"uuid": "545ee105-5e52-4d63-a9fb-14d36c106731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "739b3bde-a112-40af-9028-83c1dcac80b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "c4c546c4-424d-4ee2-bd3c-d18ca00757b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-22)", "content": "", "creation_timestamp": "2025-05-22T00:00:00.000000Z"}, {"uuid": "9213359e-6968-4646-aae6-d516c6574b93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-05)", "content": "", "creation_timestamp": "2025-05-05T00:00:00.000000Z"}, {"uuid": "121ddb80-7c1c-44d2-b080-0d132593a554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "cbfc570f-764e-4796-9866-720c123c2a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "d53750c6-ae60-421e-8909-7ffe94594cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "0f954482-361a-4d11-9931-50dbbf62e27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "4bd537dd-2ed1-4e8c-b98f-6bac127e57f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "f95901c4-7a29-41f4-9111-01bd045e6f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-02)", "content": "", "creation_timestamp": "2025-07-02T00:00:00.000000Z"}, {"uuid": "38410314-13f3-4553-baf8-05cf9e46d217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "b9053f4b-d128-4534-afec-e1bc73845240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-06)", "content": "", "creation_timestamp": "2025-06-06T00:00:00.000000Z"}, {"uuid": "4c6ac511-293b-45a3-8f12-0dc52b801429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-25)", "content": "", "creation_timestamp": "2025-06-25T00:00:00.000000Z"}, {"uuid": "6eb90c56-c9b4-4186-a5e9-2c182b4eb779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "1859bd84-6246-48f5-ba07-4d7df48f9414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "e3ca3dfc-4b8e-4da4-b001-6f96d019c746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "b9c08e80-21cf-40d5-90b9-77d7b922fd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "a44c79df-4dd0-4667-b039-cb52f0cbb006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "9ba14fd3-16dd-47e1-a2e2-7419b62d3638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "02e14917-b282-4c22-9981-1b1c89524c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-29)", "content": "", "creation_timestamp": "2025-05-29T00:00:00.000000Z"}, {"uuid": "e7aba3ed-afd7-467b-a191-dd9d7584b5fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-27)", "content": "", "creation_timestamp": "2025-06-27T00:00:00.000000Z"}, {"uuid": "c31374fc-e10e-4c8d-a46a-8198574c8c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-04)", "content": "", "creation_timestamp": "2025-06-04T00:00:00.000000Z"}, {"uuid": "cec98ef9-5f4a-49b8-8ea1-7bdd05a596b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-14)", "content": "", "creation_timestamp": "2025-05-14T00:00:00.000000Z"}, {"uuid": "fb773215-385a-4515-aa9a-ed37c5d749c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-17)", "content": "", "creation_timestamp": "2025-07-17T00:00:00.000000Z"}, {"uuid": "56e703ff-779d-4b71-9f27-1e65c2df7bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "2862cff9-057c-4fa4-9b94-0b536824e740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "3bbdaeef-cd45-4056-824c-219c1f9291fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "4ce0102a-539e-4a0b-977c-0350d0dd78db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-24)", "content": "", "creation_timestamp": "2025-07-24T00:00:00.000000Z"}, {"uuid": "c00d626b-b3a8-483a-b4fd-57587f3e5dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-23)", "content": "", "creation_timestamp": "2025-07-23T00:00:00.000000Z"}, {"uuid": "b8f5300a-df01-4239-a8ff-4f0b8b14c78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-85aeda5d-3a0884ef4e0bac3a", "content": "", "creation_timestamp": "2025-07-23T06:09:01.167949Z"}, {"uuid": "e8ac56ce-c328-48c2-938e-b709b5e52bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-31)", "content": "", "creation_timestamp": "2025-07-31T00:00:00.000000Z"}, {"uuid": "11fb1a9c-4076-4be0-9a61-39930b96375f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-29)", "content": "", "creation_timestamp": "2025-10-29T00:00:00.000000Z"}, {"uuid": "c754acac-ad3a-41f7-bcb3-de43f45f6254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-25)", "content": "", "creation_timestamp": "2025-09-25T00:00:00.000000Z"}, {"uuid": "d8f2fca9-7155-497c-95c8-23fb492e0577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "d1d1c0a9-64cf-493a-b67c-86fcd3d64c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-26)", "content": "", "creation_timestamp": "2025-07-26T00:00:00.000000Z"}, {"uuid": "c0fed838-3286-4e0e-95d0-f08ddf852149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "3a341f61-3941-42d1-bdeb-9cbfd0d60caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-16)", "content": "", "creation_timestamp": "2025-09-16T00:00:00.000000Z"}, {"uuid": "69ceb1de-dee0-4dcc-8845-fa035ae35608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://www.cert.at/de/warnungen/2022/10/kritische-sicherheitslucken-in-fortinet-firewalls-updates-verfugbar", "content": "", "creation_timestamp": "2022-10-10T06:11:01.000000Z"}, {"uuid": "ea599d7d-0b18-4a73-bde5-1961b8939792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "d3572606-76a3-414a-b7df-b1b4793e3866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "c7a30003-3a5d-4261-9cef-590e08492664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-06)", "content": "", "creation_timestamp": "2025-08-06T00:00:00.000000Z"}, {"uuid": "cf228033-2c6d-4fd3-9db4-27a2b5dd4d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-20)", "content": "", "creation_timestamp": "2025-11-20T00:00:00.000000Z"}, {"uuid": "381f0a18-e049-40f8-ae2a-8d12ed3e9043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-08)", "content": "", "creation_timestamp": "2025-10-08T00:00:00.000000Z"}, {"uuid": "1e21084f-275b-454b-a89b-ae883716b22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-07)", "content": "", "creation_timestamp": "2025-08-07T00:00:00.000000Z"}, {"uuid": "a98661fd-5142-434b-963d-b8f0194851e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-13)", "content": "", "creation_timestamp": "2025-08-13T00:00:00.000000Z"}, {"uuid": "b2bb6d7f-7e78-40cf-937c-2a81bdd3530c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-23)", "content": "", "creation_timestamp": "2025-10-23T00:00:00.000000Z"}, {"uuid": "3e49e627-d91b-4e74-a9c5-8ba83d6c969b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-11)", "content": "", "creation_timestamp": "2025-08-11T00:00:00.000000Z"}, {"uuid": "c4dcb0d1-c178-46d5-97f6-13c863a29696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-06)", "content": "", "creation_timestamp": "2025-11-06T00:00:00.000000Z"}, {"uuid": "44ccc205-22ad-4a6c-8b1d-42e67a318964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-21)", "content": "", "creation_timestamp": "2025-09-21T00:00:00.000000Z"}, {"uuid": "2cbcb812-6e43-48aa-b98d-d573bde3e397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-17)", "content": "", "creation_timestamp": "2025-09-17T00:00:00.000000Z"}, {"uuid": "ce308827-eb26-4e05-969a-7a716d0c7f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-10)", "content": "", "creation_timestamp": "2025-09-10T00:00:00.000000Z"}, {"uuid": "4b8a2d9b-06a1-401e-abc8-779481810655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "5aeff67e-fc02-4f34-8c0b-a0a58de53032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-12)", "content": "", "creation_timestamp": "2025-11-12T00:00:00.000000Z"}, {"uuid": "f60bbe26-2e9b-412a-a965-5d711df42ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-13)", "content": "", "creation_timestamp": "2025-11-13T00:00:00.000000Z"}, {"uuid": "19cb7622-fd25-4b32-8916-ad16f755a8f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "3bbf7227-a466-4d68-8dd8-2f2d3318d1d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-19)", "content": "", "creation_timestamp": "2025-11-19T00:00:00.000000Z"}, {"uuid": "6677f110-953f-48e3-aea4-a53ac0e20327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-09)", "content": "", "creation_timestamp": "2025-10-09T00:00:00.000000Z"}, {"uuid": "9d75a6e0-dcf6-413d-88ed-2537713d00ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "723fa267-b4ea-4bf4-a67f-6bfb3c766580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "ca33c742-2543-446f-b38b-0f95c3f9d745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-21)", "content": "", "creation_timestamp": "2025-08-21T00:00:00.000000Z"}, {"uuid": "b5a8961a-1339-4625-a999-e50bc4bf9cda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-29)", "content": "", "creation_timestamp": "2025-09-29T00:00:00.000000Z"}, {"uuid": "8ff559b3-3549-4bca-8823-72b0f2fa68a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "33b80548-85e4-4c60-8d6b-8777908af75b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "a004df70-3960-4a17-85a2-66205469c4f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "d89f376f-708c-4e36-baf6-ddbed4f8c4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "628b3d23-9baf-4e04-8d84-e1c917fa0873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "d195c89f-7f06-48a3-b784-6dd518f30a4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-26)", "content": "", "creation_timestamp": "2025-11-26T00:00:00.000000Z"}, {"uuid": "5cced4b0-f3b9-45ed-8fc1-9edfb9022955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "28b0105b-9458-4051-a0a2-6683065c51fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://gist.github.com/Darkcrai86/e74fee63d490a56ca931b89a9fccfa7d", "content": "", "creation_timestamp": "2025-11-14T17:07:27.000000Z"}, {"uuid": "c722456d-1c90-4d85-b733-2a43f881cded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-04)", "content": "", "creation_timestamp": "2025-12-04T00:00:00.000000Z"}, {"uuid": "1849ae2a-d682-49e2-bdf5-f51f6f3428d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-27)", "content": "", "creation_timestamp": "2025-08-27T00:00:00.000000Z"}, {"uuid": "ae515972-91bf-4446-aa64-58cf2ee2ab0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684.rb", "content": "", "creation_timestamp": "2022-10-18T23:32:15.000000Z"}, {"uuid": "6035a3e4-4861-4eec-9699-2fee2d1d19a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-11)", "content": "", "creation_timestamp": "2025-09-11T00:00:00.000000Z"}, {"uuid": "ae40290f-7889-4b35-a2f8-ab0a333cd896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-28)", "content": "", "creation_timestamp": "2025-08-28T00:00:00.000000Z"}, {"uuid": "87d87813-a843-4e6a-9d25-fe4e051885b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-24)", "content": "", "creation_timestamp": "2025-09-24T00:00:00.000000Z"}, {"uuid": "8693263f-0cff-4ca3-9332-e433de209a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}, {"uuid": "10d4c7cd-63c9-476b-ac19-5ae85ed259d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "edce7943-4b96-4ece-8503-f4d726655021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "3b95200d-c6a1-400c-9b59-28e9de47e41a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:41.000000Z"}, {"uuid": "9bd8bd7b-d100-4b3e-8c1c-5363e63ec0fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-03)", "content": "", "creation_timestamp": "2025-09-03T00:00:00.000000Z"}, {"uuid": "82ff55d1-81ff-45b8-84e6-e1f8be37000e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-25)", "content": "", "creation_timestamp": "2026-02-25T00:00:00.000000Z"}, {"uuid": "199aceef-7e36-4ca1-9f2c-c18bb6986795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-03)", "content": "", "creation_timestamp": "2025-12-03T00:00:00.000000Z"}, {"uuid": "48e16eb7-ba18-4838-ac04-96c772079063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-10)", "content": "", "creation_timestamp": "2026-02-10T00:00:00.000000Z"}, {"uuid": "f0f26cd8-a88f-40cd-9dd1-fecb51e82691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-04)", "content": "", "creation_timestamp": "2026-03-04T00:00:00.000000Z"}, {"uuid": "7afed964-fe6c-44fa-a755-4eb8152e02d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-13)", "content": "", "creation_timestamp": "2026-02-13T00:00:00.000000Z"}, {"uuid": "3ea79ca7-043d-491f-9ceb-0abe35071b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "dabc57c1-fd66-46ef-acac-729228f1a77d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "1fcf88da-834a-4aa3-aa1d-0f35b73594c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "974dca73-1a77-4e88-9fc2-9f9eac8048f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-12)", "content": "", "creation_timestamp": "2025-12-12T00:00:00.000000Z"}, {"uuid": "00689103-2d3a-432c-a495-499723a8756a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-17)", "content": "", "creation_timestamp": "2026-02-17T00:00:00.000000Z"}, {"uuid": "02178a8f-8cc9-4ccf-aef3-9db4161dae84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "ddaf78cb-f61b-4e8a-84a0-19b6491a6629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-03)", "content": "", "creation_timestamp": "2026-03-03T00:00:00.000000Z"}, {"uuid": "a3b8a4bd-68d4-4914-85da-f66117be676c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-03)", "content": "", "creation_timestamp": "2026-02-03T00:00:00.000000Z"}, {"uuid": "7bbfb6f8-4290-4569-b7a8-b1d48e89b19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-17)", "content": "", "creation_timestamp": "2025-12-17T00:00:00.000000Z"}, {"uuid": "d8b55634-f383-4f93-b907-587bd0bfc905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-19)", "content": "", "creation_timestamp": "2025-12-19T00:00:00.000000Z"}, {"uuid": "6ab5bcd9-0b9b-466f-be09-487373eb153b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "f704d6e2-e10a-42a5-98a4-aee0538fac72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-26)", "content": "", "creation_timestamp": "2025-12-26T00:00:00.000000Z"}, {"uuid": "847531ce-7fe1-49c1-b88c-48fc895601ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "622f71bb-82e1-4a42-9237-db629e2e7706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "8b39b2d6-3a91-4ea3-aa75-e046cf502c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "77e048f3-3117-4b33-b44c-92132ba90f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "26da79cf-94e6-4f09-8df1-1fcfd77c1063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-24)", "content": "", "creation_timestamp": "2026-02-24T00:00:00.000000Z"}, {"uuid": "5e0d90a0-929c-48f9-a4a8-954966b3e609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-04)", "content": "", "creation_timestamp": "2026-02-04T00:00:00.000000Z"}, {"uuid": "9b16cc6b-c4ef-4832-8b39-ff8619b54e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-31)", "content": "", "creation_timestamp": "2025-12-31T00:00:00.000000Z"}, {"uuid": "d264d9d0-ea74-4b7f-a7a2-4e4741c9827b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-28)", "content": "", "creation_timestamp": "2025-12-28T00:00:00.000000Z"}, {"uuid": "d6ea84a0-0971-4643-bf1a-7aed18010d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "be8e9f84-1e2f-4ee2-b3a1-3234ae91d1fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "d1ebde71-0441-49b0-affc-609a92f450ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-26)", "content": "", "creation_timestamp": "2026-02-26T00:00:00.000000Z"}, {"uuid": "e2244c7d-e02e-4cba-9118-41692898a881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "2fc49ea5-79fe-4c2f-ab45-c8eb65e3aba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "a3017da4-e69c-4ad3-a571-a0ddc7970aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "c9ab9ac7-4d81-4789-b079-83a82566ece4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "ad6a550c-c1f9-47a0-8490-037d08bf785f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "e90b6e54-9170-432e-bc17-7b02e42d56d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-03)", "content": "", "creation_timestamp": "2026-01-03T00:00:00.000000Z"}, {"uuid": "92f0784e-8dfc-4255-b710-06edc12b0463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "69f0925f-a498-4bf9-82a7-1d0a71f45a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "219b7e78-2b67-48e3-abc7-a3a0d4199fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-07)", "content": "", "creation_timestamp": "2026-01-07T00:00:00.000000Z"}, {"uuid": "e1ffb36b-b12f-474a-afec-0764f51aea17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-17)", "content": "", "creation_timestamp": "2026-03-17T00:00:00.000000Z"}, {"uuid": "8bd7c9a8-e47c-42d0-b79b-dd022db67808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "f75576f1-026f-4a18-afd1-4e8e6acda21a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "d2a260b6-930a-49f4-8201-17460ae2092d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-09)", "content": "", "creation_timestamp": "2026-01-09T00:00:00.000000Z"}, {"uuid": "38b4d893-bb2e-4387-ae0a-1d3c1f9f4be3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-21)", "content": "", "creation_timestamp": "2026-01-21T00:00:00.000000Z"}, {"uuid": "16b71ec4-41f3-414e-81f5-7eac63fd0cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-09)", "content": "", "creation_timestamp": "2026-01-09T00:00:00.000000Z"}, {"uuid": "ae3e28fb-ca15-4c61-a051-cd501b750a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "93126ff1-8cbe-4f36-8b57-0dec3a8a0585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://vulnerability.circl.lu/comment/ad2fd548-18b4-43c1-af5f-c72c3096c2a7", "content": "", "creation_timestamp": "2025-01-16T16:05:29.258596Z"}, {"uuid": "d2168e60-73e0-4ae6-82d6-7d877240d452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-20)", "content": "", "creation_timestamp": "2026-01-20T00:00:00.000000Z"}, {"uuid": "b629183a-1fd1-4fb8-bc2e-2e4d1fb767eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-10)", "content": "", "creation_timestamp": "2026-01-10T00:00:00.000000Z"}, {"uuid": "acccec53-b678-4c1e-9f9b-118f0454c261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-18)", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "70732189-57c9-4266-be95-60cd9616f79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-13)", "content": "", "creation_timestamp": "2026-01-13T00:00:00.000000Z"}, {"uuid": "d45248d6-6eaf-49b9-9c69-71e47e952c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "080c9ee0-23c7-4338-809d-cbe20802b64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "eab634a5-94fa-4a05-af75-7d1fac9d0864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "62fb650b-efb3-4a0f-af71-c0c0ce309864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-26)", "content": "", "creation_timestamp": "2026-01-26T00:00:00.000000Z"}, {"uuid": "e6bfe79c-6ac2-4938-a106-ade449f2bd2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-22)", "content": "", "creation_timestamp": "2026-01-22T00:00:00.000000Z"}, {"uuid": "07f8cea3-8e9a-4768-9a23-ad2b598919f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=888", "content": "", "creation_timestamp": "2022-10-10T04:00:00.000000Z"}, {"uuid": "a1aa2eac-569a-4fc9-ba41-a2eacacd3a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_16/2022", "content": "", "creation_timestamp": "2022-10-10T10:25:16.000000Z"}, {"uuid": "234a52cb-0b85-44ac-8cb3-9172f88c4098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=891", "content": "", "creation_timestamp": "2022-10-11T04:00:00.000000Z"}, {"uuid": "0ee7ede1-17e8-40e3-8e48-95f5b73387a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7d5078d2-9fc2-443b-952b-331db33a6a5e", "content": "", "creation_timestamp": "2026-02-02T12:27:11.744801Z"}, {"uuid": "f5d312b3-782a-4f4e-a985-a4792c2735a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "ddafe4b1-75a7-4231-a22f-6796842608aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-27)", "content": "", "creation_timestamp": "2026-01-27T00:00:00.000000Z"}, {"uuid": "6c167116-41dc-464c-8969-7469c02d17af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "ae1a80dd-b746-4fc4-854b-e02488efa6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10306", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass IOCs (CVE-2022-40684).\n\nhttps://www.horizon3.ai/fortinet-iocs-cve-2022-40684/", "creation_timestamp": "2022-10-13T21:04:20.000000Z"}, {"uuid": "11f3f3ad-5bf8-4829-991e-e01b5593d35a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-07)", "content": "", "creation_timestamp": "2026-04-07T00:00:00.000000Z"}, {"uuid": "47d74202-0572-4295-a7b4-b1755b8224b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-15)", "content": "", "creation_timestamp": "2026-04-15T00:00:00.000000Z"}, {"uuid": "f454bbe9-3295-4743-82f5-910bc7b40aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-08)", "content": "", "creation_timestamp": "2026-04-08T00:00:00.000000Z"}, {"uuid": "2ec64d5a-f50b-4932-8ead-73b6b6852848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/cKure/10298", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2022-40684 (CVSS score: 9.6).\n\nFortinet revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild.\n\nhttps://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html", "creation_timestamp": "2022-10-11T08:43:59.000000Z"}, {"uuid": "dbd2a048-2de1-443f-9f7d-64dbd894e9b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-13)", "content": "", "creation_timestamp": "2026-04-13T00:00:00.000000Z"}, {"uuid": "24e690f3-8b53-43c4-95b6-8f65ab7baaab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "501827dd-b80c-44dd-b39e-810ad57708cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10312", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2022-40684 - Auth bypass extract admin users and LDAP config - This PoC do only read-only actions.\n\nhttps://github.com/carlosevieira/CVE-2022-40684", "creation_timestamp": "2022-10-15T09:58:13.000000Z"}, {"uuid": "000c01f4-eebe-4827-a1b5-6967a158ab06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "204fef9f-7d74-448b-8c64-12b67c8e2ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "4a2bd887-c156-418e-ad95-a4e2b362eeed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3112", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aUtilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface).\nURL\uff1ahttps://github.com/und3sc0n0c1d0/CVE-2022-40684\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-24T17:01:32.000000Z"}, {"uuid": "3c4cad2e-1035-496a-9ed3-c825ceafe05a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3125", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aExploit Fortigate - CVE-2022-40684\nURL\uff1ahttps://github.com/gustavorobertux/gotigate\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-27T21:52:50.000000Z"}, {"uuid": "8a507127-4a64-430e-93aa-becf69d0c14b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "Telegram/7-jNfTqQR0wKc_hRV_5bYMeXWa3n9sCd8vwj_DysxGDQ18AZ", "content": "", "creation_timestamp": "2025-10-07T16:22:31.000000Z"}, {"uuid": "490cde35-b8f8-4f0f-8dfa-2c1c64a164ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/v9uCn_dLujK0z6nWpoAPZrXvhfEaTfJKfYKQA8qCx-Erqh4", "content": "", "creation_timestamp": "2026-04-01T15:00:07.000000Z"}, {"uuid": "9272dbe4-2cca-4485-bf6d-87086d8e1d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/PHoJQGmgGzsQrC8Gnxfc8pLZD55xgKQzGqHQgQ7hPSbJXl0", "content": "", "creation_timestamp": "2025-11-19T15:00:09.000000Z"}, {"uuid": "8652f968-49a4-42f8-a0a0-1fb31ec8f1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "6669101c-8c18-4cfa-b2ba-6b66f73ab43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/ics_cert/624", "content": "\ud83d\udea8\u0647\u0634\u062f\u0627\u0631 \n\u0634\u0631\u06a9\u062a Fortinet \u0628\u0647 \u0637\u0648\u0631 \u062e\u0635\u0648\u0635\u06cc \u0628\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u06a9\u0647 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627\u06cc FortiGate \u0648 \u0648\u0628 \u067e\u0631\u0648\u06a9\u0633\u06cc FortiProxy \u0631\u0627 \u062a\u062d\u062a \u062a\u0627\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a. \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \nCVE-2022-40684 \u062f\u0627\u0631\u0627\u06cc \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 9.6 \u0627\u0633\u062a \u0648 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627\u06cc \u067e\u0633 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP \u06cc\u0627 HTTPS \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u0639\u0645\u0644\u06cc\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u062f\u0631 \u0631\u0627\u0628\u0637 \u0627\u062f\u0627\u0631\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f. \u0627\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644 \u0628\u0631 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0632\u06cc\u0631 FortiOS \u0627\u0632 7.0.0 \u062a\u0627 7.0.6 \u0648 7.2.0 \u062a\u0627 7.2.1\u060c FortiProxy \u0627\u0632 7.0.0 \u062a\u0627 7.0.6 \u0648 7.2.0 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f. \n\u0634\u0631\u06a9\u062a Fortinet \u0627\u0641\u0634\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0648 \u062c\u0632\u0626\u06cc\u0627\u062a \u062d\u0645\u0644\u0627\u062a\u06cc \u06a9\u0647 \u0627\u0632 \u0622\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u0631\u0627 \u062a\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646\u0634 \u0648\u0635\u0644\u0647\u200c\u0647\u0627 \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f\u060c \u0628\u0647 \u062a\u0639\u0648\u06cc\u0642 \u0645\u06cc\u200c\u0627\u0646\u062f\u0627\u0632\u062f. \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u062f\u0631 FortiOS 7.0.7 \u0648 7.2.2 \u0648 FortiProxy 7.0.7 \u0648 7.2.1 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u067e\u062a\u0627\u0646\u0633\u06cc\u0644 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0648 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0628\u0648\u062f\u0646 \u0628\u06cc\u0634 \u0627\u0632 100000 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 FortiGate \u062f\u0631 \u0634\u0628\u06a9\u0647 \u0628\u0631 \u0627\u0633\u0627\u0633 \u062c\u0633\u062a\u062c\u0648\u06cc Shodan\u060c Fortinet \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0647\u0645\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u062f\u0627\u0631\u0627\u06cc \u0646\u0633\u062e\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u062f\u06cc\u062f\u0647 \u0641\u0648\u0631\u0627\u064b \u0622\u0646 \u0631\u0627 \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u0646\u062f. \u0628\u0647\u200c\u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0631\u0627\u0647\u200c\u062d\u0644 \u0645\u0648\u0642\u062a\u060c \u0641\u0648\u0631\u062a\u06cc\u200c\u0646\u062a \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u062f\u06cc\u0631\u06cc\u062a HTTPS \u0631\u0648\u06cc \u0648\u0628 \u0631\u0627 \u062a\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0646\u0635\u0628 \u0646\u0634\u062f\u0647\u200c\u0627\u0646\u062f \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0646\u0646\u062f\u060c \u06cc\u0627 \u0622\u062f\u0631\u0633\u200c\u0647\u0627\u06cc IP \u0631\u0627 \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062e\u0637\u200c\u0645\u0634\u06cc \u0645\u062d\u0644\u06cc \u0628\u0647 \u0631\u0627\u0628\u0637 \u0627\u062f\u0627\u0631\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f\u060c \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u0646\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2022-10-12T19:54:31.000000Z"}, {"uuid": "67581ec0-d855-4652-8f77-afcf142193c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "12d130f1-5426-4253-864c-5a2c4a772daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "Telegram/xFDzsLWCurHXjW4F4yEm6tQbHAhX5q3dlIa8C67O-q2Kqg", "content": "", "creation_timestamp": "2025-01-25T02:41:03.000000Z"}, {"uuid": "fed32328-d127-4f7f-8ecb-60f097918f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/ddos_guard/604", "content": "\u200b\u0423\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 VPN, IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 15 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 FortiGate \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435.\n\n\u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Belsen Group \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 1.6 \u0413\u0411 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u043e\u043b\u0435\u0435 15 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u0447\u0430\u0441\u0442\u043d\u044b\u043c \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u0430\u043c.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442 \u043f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442 \u0438\u0437\u0443\u0447\u0438\u043b \u043e\u0434\u043d\u043e \u0438\u0437 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0435\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u0438\u0437 \u0434\u0430\u043c\u043f\u0430 \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u0422\u0430\u043a\u0436\u0435 \u0411\u043e\u043c\u043e\u043d\u0442 \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u0443\u0442\u0435\u0447\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2022-40684.\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043c\u0435\u044e\u0442 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043d\u0430 2022 \u0433\u043e\u0434. \u041d\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u043d\u0438\u0445 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e.", "creation_timestamp": "2025-01-17T11:08:42.000000Z"}, {"uuid": "9b2ec89e-7b0a-4d52-9978-b06e29a42f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2529", "content": "#cve\n\nCVE-2022-40684\n\n\u0412 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet (FortiOS, FortiProxy \u0438 FortiSwitchManager) \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e LDAP, \u043f\u0443\u0442\u0435\u043c \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\n\n\u0412\u0441\u0435 \u043d\u0443\u0436\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b:\n\ud83d\udd38https://github.com/carlosevieira/CVE-2022-40684\n\ud83d\udd38https://www.usergate.com/ru/security-reports/CVE-2022-40684", "creation_timestamp": "2022-10-15T09:16:55.000000Z"}, {"uuid": "39dc00e3-2f69-4950-a2bb-fd4aaa44c29c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/40", "content": "https://github.com/horizon3ai/CVE-2022-40684", "creation_timestamp": "2023-03-19T19:21:16.000000Z"}, {"uuid": "6f07538b-6ef6-4639-b9f3-efda3705372a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/182", "content": "Top Security News for 19/10/2022\n\nAltruism under attack: why cybersecurity has become essential to humanitarian nonprofits\nhttps://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all \n\nCVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files\nhttps://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/ \n\nFake tractor fraudsters plague online transactions\nhttps://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions \n\nISC StormCast for Wednesday, October 19th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8220 \n\nData Collection\nhttps://malware.news/t/data-collection/64276#post_1 \n\nCVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration\nhttps://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html \n\nFortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC\nhttps://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/ \n\nOur new scanner for Text4Shell\nhttps://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/ \n\nSecurity Alert: Oracle Releases Critical Patch Update, October 2022\nhttps://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1 \n\nHow to spot a scam\nhttps://malware.news/t/how-to-spot-a-scam/64274#post_1 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-19T07:00:05.000000Z"}, {"uuid": "a8ceb53e-550c-4cb3-a061-603ec2e443de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/arm1tage/375", "content": "Fortinet \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b FortiGate \u0438 \u0432\u0435\u0431-\u043f\u0440\u043e\u043a\u0441\u0438 FortiProxy.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-40684\u00a0\u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,6 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 HTTP \u0438\u043b\u0438 HTTPS.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 FortiOS \u0441 7.0.0 \u0434\u043e 7.0.6 \u0438 \u0441 7.2.0 \u0434\u043e 7.2.1, FortiProxy \u0441 7.0.0 \u043d\u0430 7.0.6 \u0438 7.2.0. Fortinet \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a \u0441 \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u0435\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 FortiOS 7.0.7\u00a0\u0438\u00a07.2.2, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445\u00a0FortiProxy 7.0.7\u00a0\u0438\u00a07.2.1. \n\n\u041f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u043f\u043e\u0438\u0441\u043a\u0443 Shodan, \u0431\u043e\u043b\u0435\u0435 100 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 FortiGate \u0432 \u0441\u0435\u0442\u0438, Fortinet \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 HTTPS \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0438\u043b\u0438, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438.", "creation_timestamp": "2022-10-13T21:08:35.000000Z"}, {"uuid": "296b95de-af5d-4dda-a841-54f877c8eb3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/376", "content": "\u200b\u200b\ud83d\udd13 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 FortiOS, FortiProxy \u0438 FortiSwitchManager\n\nFortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b FortiGate \u0438 \u0432\u0435\u0431-\u043f\u0440\u043e\u043a\u0441\u0438 FortiProxy (CVE-2022-40684)\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0438, \u043f\u043e \u0441\u0443\u0442\u0438, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u041f\u043e \u0441\u0441\u044b\u043b\u043a\u0430\u043c \u043d\u0438\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f Nuclei \u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 PoC.\n\n\u041f\u043e\u0438\u0441\u043a\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0432 Shodan. \u041e\u043a\u043e\u043b\u043e 160\u043a \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e \u0434\u043e\u0440\u043a\u0443:\n\nproduct:\"Fortinet FortiGate\"\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0448\u0430\u0431\u043b\u043e\u043d\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC\n\n#web #rce", "creation_timestamp": "2023-01-10T18:22:49.000000Z"}, {"uuid": "47959cdc-1d6c-44b6-9106-303d393e7676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/ctinow/68399", "content": "Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)\n\nhttps://ift.tt/K2jB5SP", "creation_timestamp": "2022-10-11T15:22:18.000000Z"}, {"uuid": "28089a43-0d65-4cf9-892f-4eb3b58a4b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/monkey_hacker/25", "content": "#cve\n\nCVE-2022-40684\n\n\u0412 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet (FortiOS, FortiProxy \u0438 FortiSwitchManager) \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e LDAP, \u043f\u0443\u0442\u0435\u043c \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\n\n\u0412\u0441\u0435 \u043d\u0443\u0436\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b:\n\ud83d\udd38https://github.com/carlosevieira/CVE-2022-40684\n\ud83d\udd38https://www.usergate.com/ru/security-reports/CVE-2022-40684", "creation_timestamp": "2022-11-11T07:59:15.000000Z"}, {"uuid": "7f5ae327-b6df-40e7-a311-c7390aa7d4c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/ctinow/68268", "content": "CVE-2022-40684 flaw in Fortinet products is being exploited in the wild\n\nhttps://ift.tt/YLFzNX9", "creation_timestamp": "2022-10-10T22:51:14.000000Z"}, {"uuid": "2a6aa230-32de-4f67-8944-69f224580b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/ctinow/69808", "content": "Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684 - Security Affairs\n\nhttps://ift.tt/bPnyu0I", "creation_timestamp": "2022-10-18T22:02:59.000000Z"}, {"uuid": "72136896-f92b-4687-a35b-718e4efab127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/ctinow/69704", "content": "Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684\n\nhttps://ift.tt/bPnyu0I", "creation_timestamp": "2022-10-18T10:11:37.000000Z"}, {"uuid": "366b6561-a3fa-4ff2-8801-ba7be3a9ea3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/69146", "content": "Experts released PoC exploit code for critical bug CVE-2022-40684 in Fortinet products\n\nhttps://ift.tt/wZx1fdL", "creation_timestamp": "2022-10-14T11:46:06.000000Z"}, {"uuid": "67fde105-9f20-4fd3-9637-d915211ed0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/ctinow/70451", "content": "Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684 - Security Affairs\n\nhttps://ift.tt/UKba5qT", "creation_timestamp": "2022-10-21T11:46:55.000000Z"}, {"uuid": "0ff23fd2-1ce2-4ebc-a91d-d49a9249f5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "Telegram/eXJ6uhsB4kT2KyMwIIgJLCK6BJUbaFQ2cqtfVl9phdXYTZg", "content": "", "creation_timestamp": "2023-03-06T19:04:24.000000Z"}, {"uuid": "2ccd524e-e28a-4b47-a15a-5a7784222a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/17088", "content": "\ud83d\udea8CVE-2022-40684: Proof of Concept of how an attacker can exploit a Fortinet device with public HTTPS management. PoC released by Horizon3AI.\n\nVideo Credit: youtube.com/@novacybersec", "creation_timestamp": "2025-05-09T18:34:09.000000Z"}, {"uuid": "7a1267f9-a0fe-41b7-b67b-c7c251ebd210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/3041", "content": "\ud83d\udea8A Threat Actor is Allegedly Selling an Exploit for CVE-2022-40684\n\nhttps://darkwebinformer.com/a-threat-actor-is-allegedly-selling-an-exploit-for-cve-2022-40684/", "creation_timestamp": "2024-09-06T15:46:07.000000Z"}, {"uuid": "609a6510-5b7f-489c-a4cb-ea26a4766bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/ViralCyber/10369", "content": "\ud83d\udd34 \u06cc\u06a9 \u0628\u0627\u0632\u06cc\u06af\u0631 \u062a\u0647\u062f\u06cc\u062f \u0627\u062f\u0639\u0627 \u06a9\u0631\u062f\u0647 \u06a9\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2022-40684 \u062a\u0648\u0646\u0633\u062a\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a 15000 \u0627\u06a9\u0627\u0646\u062a FortiGate VPN \u0631\u0648 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u06a9\u0646\u0647. \u0627\u06cc\u0646 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u0635\u0648\u0631\u062a \u0631\u0627\u06cc\u06af\u0627\u0646 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0646.\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2022-40684 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0628\u0648\u062f \u06a9\u0647 \u062f\u0631 \u0633\u0627\u0644 2022 \u062f\u0631 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627\u06cc FortiGate \u0648 \u067e\u0631\u0627\u06a9\u0633\u06cc\u200c\u0647\u0627\u06cc \u0648\u0628 FortiProxy \u0634\u0631\u06a9\u062a \u0641\u0648\u0631\u062a\u06cc\u200c \u0646\u062a \u06a9\u0634\u0641 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0648\u0639 \u062f\u0648\u0631 \u0632\u062f\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0628\u0648\u062f \u0648 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u062f\u0627\u062f \u0628\u062f\u0648\u0646 \u062f\u0627\u0634\u062a\u0646 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0645\u0639\u062a\u0628\u0631\u060c \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0648\u0627\u0631\u062f \u0628\u0634\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0627\u0648\u0646\u0627\u0631\u0648 \u0628\u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u0646.\n\n\u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u06a9\u0647 \u0627\u06cc\u0646 \u0628\u0627\u0632\u06cc\u06af\u0631 \u062a\u0647\u062f\u06cc\u062f \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647\u060c \u0634\u0627\u0645\u0644 IP \u0648 \u067e\u0633\u0648\u0631\u062f \u0648 \u06a9\u0627\u0646\u0641\u06cc\u06af \u0647\u0633\u062a\u0634 \u0648 \u062d\u062c\u0645 1.55 \u06af\u06cc\u06af \u062f\u0627\u0631\u0647. (\u0641\u0634\u0631\u062f\u0647 \u0634\u062f\u0647 \u0627\u0634)\n\n\u0627\u06af\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u06a9\u0646\u06cc\u062f\u060c \u0627\u06cc\u0646\u062c\u0627 IP\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0627\u062b\u06cc\u0631 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647\u060c \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647\u060c \u0645\u06cc\u062a\u0648\u0646\u06cc\u062f \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.\n\n#\u0641\u0648\u0631\u062a\u06cc_\u0646\u062a\n#CVE #fortinet #FortiGate #FortiProxy\n\n\ud83c\udd94 @onhex_ir\n\u27a1\ufe0f ALL Link", "creation_timestamp": "2025-01-22T11:07:38.000000Z"}, {"uuid": "62fd2ca7-75a8-49a6-8260-0dd48ee2a5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/UUBb8Gf4y_E2nIBpq5C_QjPYTDQWWE0SAsheqeKLKMFaxYI", "content": "", "creation_timestamp": "2025-01-16T16:00:10.000000Z"}, {"uuid": "e28eec4c-453e-47db-88cc-5ed4928bf50d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/309", "content": "#cve\n\nCVE-2022-40684\n\n\u0412 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet (FortiOS, FortiProxy \u0438 FortiSwitchManager) \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e LDAP, \u043f\u0443\u0442\u0435\u043c \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\n\n\u0412\u0441\u0435 \u043d\u0443\u0436\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b:\n\ud83d\udd38https://github.com/carlosevieira/CVE-2022-40684\n\ud83d\udd38https://www.usergate.com/ru/security-reports/CVE-2022-40684", "creation_timestamp": "2022-10-15T11:17:09.000000Z"}, {"uuid": "2ae7684e-935d-4863-802d-1cf4c7412144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/WihYjZpKNIYylc-ChTuYB_T11QPQd1rZGQXBp3o0NaE4LfU", "content": "", "creation_timestamp": "2025-01-24T22:00:05.000000Z"}, {"uuid": "6db57ee7-fffc-4b15-bf23-8aede2f00178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "Telegram/YygdwYzZCHMPO245g2DdeO09KlFfA-PZPbA398KwBQfH1yjY", "content": "", "creation_timestamp": "2025-02-19T22:21:30.000000Z"}, {"uuid": "c992f134-2107-4772-8af9-dd61447f926d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/legendscrewch/2494", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T18:17:33.000000Z"}, {"uuid": "fe0bd403-ae1e-47c9-bb25-ea6512f485d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/legendscrewch/2493", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:33.000000Z"}, {"uuid": "ee7642f0-e4c7-4f30-aedc-1b54435c246c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/3RIRgHPw6J4xgfvfrZclYkftkGA3hESPujhagMjsucbROF0", "content": "", "creation_timestamp": "2023-01-10T10:47:57.000000Z"}, {"uuid": "e63cd4d9-4196-4c89-9415-52943c1efa2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/x09wf5BV-L38GDGdLKlPP_ES7jGx8v3mUPVSlknfUHbTZ6U", "content": "", "creation_timestamp": "2025-01-18T22:00:06.000000Z"}, {"uuid": "b2088ec8-1d87-4cfc-b779-6d0e4da76dc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/118", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T13:30:21.000000Z"}, {"uuid": "5e3f0ee6-4a44-4ac2-a2d6-844c8ed1492c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/AnonCyberWarrior/344", "content": "We have successfully managed to replicate and confirm the public PoC for CVE-2022-40684. which grants SSH access without any interaction to vulnerable FortiOS instances, with CVSS score of 9.6.\n\nNuclei template for scanning can be found here:\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#BugBounty \n#ZeemiBhai", "creation_timestamp": "2022-10-20T14:28:44.000000Z"}, {"uuid": "da0ee04e-8e0a-4664-8b35-3bfe0a2d8563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/554", "content": "\u200b\u200bCVE-2022-40684 Metasploit Scanner\n\nAn authentication bypass using an alternate path or channel in Fortinet product\n\nhttps://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner\n\n#cve", "creation_timestamp": "2022-11-01T23:28:55.000000Z"}, {"uuid": "a8d2a51a-20a6-4a26-81f8-e23f0a15f960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/anonhamz/2451", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T18:17:34.000000Z"}, {"uuid": "be6e14ea-4e09-44f2-97ca-bfc30744ae0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/anonhamz/2450", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:34.000000Z"}, {"uuid": "88d15160-5ceb-43f5-86cc-f03b5e50125e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/117", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T07:10:23.000000Z"}, {"uuid": "6826b2ab-480d-45e8-a6e9-3c1533e59b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1063", "content": "\u041e\u0431\u043d\u043e\u0432\u0438  \u0441\u0432\u043e\u0439 MetaSploit\nAdded module for CVE-2022-40684 (FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass)\npull", "creation_timestamp": "2022-10-16T15:39:29.000000Z"}, {"uuid": "e8f0c83d-bbfb-4fea-8be9-659587db89f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2115", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T13:30:21.000000Z"}, {"uuid": "d62a0f51-c5f6-48c8-9717-d87e9905fd73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2114", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T07:10:23.000000Z"}, {"uuid": "6f02bf06-cf18-4152-8a00-f00a51b3131f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/dilagrafie/2561", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nZoneAlarmEoP\n\nExploit for Arbitrary File Move vulnerability in ZoneAlarm AV\n\nhttps://github.com/Wh04m1001/ZoneAlarmEoP\n\n\u200b\u200bAWSGoat\n\nA Damn Vulnerable AWS Infrastructure\n\nAWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.\n\nThe project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.\n\nhttps://github.com/ine-labs/AWSGoat\n\n\u200b\u200bPowerHub\n\nPowerHub is a convenient post exploitation tool for PowerShell which aids a pentester in transferring data, in particular code which may get flagged by endpoint protection. Check out the Wiki! \n\nFeatures:\n\u25ab\ufe0f Fileless\n\u25ab\ufe0f Stateless\n\u25ab\ufe0f Cert pinning\n\u25ab\ufe0f String \"obfuscation\" by RC4 encryption\n\u25ab\ufe0f Choose your AMSI Bypass\n\u25ab\ufe0f Transparent aliases for in-memory execution of C# programs\n\nhttps://github.com/AdrianVollmer/PowerHub\n\n\u200b\u200bHome-Grown-Red-Team\n\nThis repo is a resource for various red teaming techniques and tools based on open source software and non-commerical tools.\n\nAll of the tools and tradecraft on this repo will be geared toward using Raspberry Pis and Raspberry Pi Zero Ws instead of commerical implants like the Rubbery Ducky, BashBunny or Wifi Pineapple.\n\nhttps://github.com/assume-breach/Home-Grown-Red-Team\n\n\u200b\u200bGhostPack-Compiled Binaries\n\nhttps://github.com/r3motecontrol/Ghostpack-CompiledBinaries\n\n\u200b\u200bCVE-2022-40684 Metasploit Scanner\n\nAn authentication bypass using an alternate path or channel in Fortinet product\n\nhttps://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner\n\n\u200b\u200bRollter\n\nIPsec VPN server with i2p onion and yggdrasil routing\n\nWEB serfing with no limits. Open any sites: onion, i2p and yggdrasil too!\n\nhttps://github.com/thedmdim/rollter\n\n\u200b\u200bSpartacus DLL Hijacking\n\nDid you really make yet another DLL Hijacking discovery tool?\n\n...but with a twist as Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an app that loads another DLL that loads yet another DLL when you use a specific feature of the parent app) DLL Hijacking vulnerabilities. It will also automatically generate proxy DLLs with all relevant exports for vulnerable DLLs.\n\nParsing ProcMon PML files natively. The config (PMC) and log (PML) parsers have been implemented by porting partial functionality to C# from https://github.com/eronnen/procmon-parser/. You can find the format specification here.\n\nSpartacus will create proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Spartacus will create a version.dll.cpp file for you with all the exports included in it. Then you can insert your payload/execution technique and compile.\n\nAble to process large PML files and store all DLLs of interest in an output CSV file. Local benchmark processed a 3GB file with 8 million events in 45 seconds.\n\n[Defence] Monitoring mode trying to identify running applications proxying calls, as in \"DLL Hijacking in progress\". This is just to get any low hanging fruit and should not be relied upon.\n\nhttps://github.com/Accenture/Spartacus\n\n\u200b\u200bBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org\n\u200b", "creation_timestamp": "2023-03-17T07:32:38.000000Z"}, {"uuid": "f3cc66c2-0d46-410e-93ea-a887495d1cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4135", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T18:17:34.000000Z"}, {"uuid": "492691ff-5d4a-49c3-8de8-8438c69f8321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4134", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:34.000000Z"}, {"uuid": "56ae54a4-3969-47d4-a8e2-cdfa66c62bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/breachdetector/404859", "content": "{\n  \"Source\": \"https://crackingx.com/\",\n  \"Content\": \"CVE-2022-40684\", \n  \"author\": \" (zwriner)\",\n  \"Detection Date\": \"22 Dec 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-22T15:02:54.000000Z"}, {"uuid": "a7ec4b09-e4aa-4657-8fb6-2aea7aa64cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/lcmysecteamch/4626", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nZoneAlarmEoP\n\nExploit for Arbitrary File Move vulnerability in ZoneAlarm AV\n\nhttps://github.com/Wh04m1001/ZoneAlarmEoP\n\n\u200b\u200bAWSGoat\n\nA Damn Vulnerable AWS Infrastructure\n\nAWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.\n\nThe project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.\n\nhttps://github.com/ine-labs/AWSGoat\n\n\u200b\u200bPowerHub\n\nPowerHub is a convenient post exploitation tool for PowerShell which aids a pentester in transferring data, in particular code which may get flagged by endpoint protection. Check out the Wiki! \n\nFeatures:\n\u25ab\ufe0f Fileless\n\u25ab\ufe0f Stateless\n\u25ab\ufe0f Cert pinning\n\u25ab\ufe0f String \"obfuscation\" by RC4 encryption\n\u25ab\ufe0f Choose your AMSI Bypass\n\u25ab\ufe0f Transparent aliases for in-memory execution of C# programs\n\nhttps://github.com/AdrianVollmer/PowerHub\n\n\u200b\u200bHome-Grown-Red-Team\n\nThis repo is a resource for various red teaming techniques and tools based on open source software and non-commerical tools.\n\nAll of the tools and tradecraft on this repo will be geared toward using Raspberry Pis and Raspberry Pi Zero Ws instead of commerical implants like the Rubbery Ducky, BashBunny or Wifi Pineapple.\n\nhttps://github.com/assume-breach/Home-Grown-Red-Team\n\n\u200b\u200bGhostPack-Compiled Binaries\n\nhttps://github.com/r3motecontrol/Ghostpack-CompiledBinaries\n\n\u200b\u200bCVE-2022-40684 Metasploit Scanner\n\nAn authentication bypass using an alternate path or channel in Fortinet product\n\nhttps://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner\n\n\u200b\u200bRollter\n\nIPsec VPN server with i2p onion and yggdrasil routing\n\nWEB serfing with no limits. Open any sites: onion, i2p and yggdrasil too!\n\nhttps://github.com/thedmdim/rollter\n\n\u200b\u200bSpartacus DLL Hijacking\n\nDid you really make yet another DLL Hijacking discovery tool?\n\n...but with a twist as Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an app that loads another DLL that loads yet another DLL when you use a specific feature of the parent app) DLL Hijacking vulnerabilities. It will also automatically generate proxy DLLs with all relevant exports for vulnerable DLLs.\n\nParsing ProcMon PML files natively. The config (PMC) and log (PML) parsers have been implemented by porting partial functionality to C# from https://github.com/eronnen/procmon-parser/. You can find the format specification here.\n\nSpartacus will create proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Spartacus will create a version.dll.cpp file for you with all the exports included in it. Then you can insert your payload/execution technique and compile.\n\nAble to process large PML files and store all DLLs of interest in an output CSV file. Local benchmark processed a 3GB file with 8 million events in 45 seconds.\n\n[Defence] Monitoring mode trying to identify running applications proxying calls, as in \"DLL Hijacking in progress\". This is just to get any low hanging fruit and should not be relied upon.\n\nhttps://github.com/Accenture/Spartacus\n\n\u200b\u200bBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org\n\u200b", "creation_timestamp": "2023-03-17T08:39:13.000000Z"}, {"uuid": "0c7d9974-80d4-420b-8c33-f0e42083bd70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/breachdetector/133711", "content": "\u26a0 Detectada filtraci\u00f3n \u26a0\n{\n  \"site\": \"Demon Forums\",\n  \"Threat Actor\": \"zwriner\",\n  \"Content\": \"CVE-2022-40684\u201d,\n  \"Detection Date\": \"27 Oct 2022 03:26\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-10-27T03:40:11.000000Z"}, {"uuid": "44c29a13-483e-4f19-9c13-ef3f02a51578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/breachdetector/133611", "content": "\u26a0 Detectada filtraci\u00f3n \u26a0\n{\n  \"site\": \"Sinister.ly\",\n  \"Threat Actor\": \"zwriner\",\n  \"Content\": \"CVE-2022-40684\",\n  \"Detection Date\": \"26 Oct 2022 08:17\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-10-26T08:35:52.000000Z"}, {"uuid": "ddf4d512-8d91-4ce6-85f3-ddb06c5437ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/Y8mz05uOIf8YtnySPaDRZUtACp4WSExl4gBbVXbK3Qdkoy8", "content": "", "creation_timestamp": "2022-10-24T12:04:05.000000Z"}, {"uuid": "22deb618-d6e7-4da5-b157-19a53c621548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/proxy_bar/1050", "content": "\u0422\u0430\u043a,  RCE (CVE-2022-40684 ) \u0432\u043e\u043d \u0432\u044b\u0448\u0435 \u0434\u0430\u043b\u0438, \u0430 \u0432\u044b \u0441\u0438\u0434\u0438\u0442\u0435 \u0431\u0435\u0437 \u0434\u0435\u043b\u0430, \u043f\u044f\u0442\u043d\u0438\u0446\u0430 ? ))))\n*\nDork: http://tag.name:(fortinet \u0418\u041b\u0418 fortigate_vpn)\nLink to search: app.netlas\n\n#fortinet", "creation_timestamp": "2022-10-14T14:12:15.000000Z"}, {"uuid": "fbd18a51-2ea5-4038-b957-3f590c32d903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1049", "content": "CVE-2022-40684\nFortiOS Authentication Bypass\n\nPOC \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u0431\u0435\u0437 \u043a\u0430\u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c\u0438 FortiOS", "creation_timestamp": "2022-10-13T21:48:59.000000Z"}, {"uuid": "b99ea311-fb68-4b7a-bfde-2f95950e1f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/13128", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nZoneAlarmEoP\n\nExploit for Arbitrary File Move vulnerability in ZoneAlarm AV\n\nhttps://github.com/Wh04m1001/ZoneAlarmEoP\n\n\u200b\u200bAWSGoat\n\nA Damn Vulnerable AWS Infrastructure\n\nAWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.\n\nThe project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.\n\nhttps://github.com/ine-labs/AWSGoat\n\n\u200b\u200bPowerHub\n\nPowerHub is a convenient post exploitation tool for PowerShell which aids a pentester in transferring data, in particular code which may get flagged by endpoint protection. Check out the Wiki! \n\nFeatures:\n\u25ab\ufe0f Fileless\n\u25ab\ufe0f Stateless\n\u25ab\ufe0f Cert pinning\n\u25ab\ufe0f String \"obfuscation\" by RC4 encryption\n\u25ab\ufe0f Choose your AMSI Bypass\n\u25ab\ufe0f Transparent aliases for in-memory execution of C# programs\n\nhttps://github.com/AdrianVollmer/PowerHub\n\n\u200b\u200bHome-Grown-Red-Team\n\nThis repo is a resource for various red teaming techniques and tools based on open source software and non-commerical tools.\n\nAll of the tools and tradecraft on this repo will be geared toward using Raspberry Pis and Raspberry Pi Zero Ws instead of commerical implants like the Rubbery Ducky, BashBunny or Wifi Pineapple.\n\nhttps://github.com/assume-breach/Home-Grown-Red-Team\n\n\u200b\u200bGhostPack-Compiled Binaries\n\nhttps://github.com/r3motecontrol/Ghostpack-CompiledBinaries\n\n\u200b\u200bCVE-2022-40684 Metasploit Scanner\n\nAn authentication bypass using an alternate path or channel in Fortinet product\n\nhttps://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner\n\n\u200b\u200bRollter\n\nIPsec VPN server with i2p onion and yggdrasil routing\n\nWEB serfing with no limits. Open any sites: onion, i2p and yggdrasil too!\n\nhttps://github.com/thedmdim/rollter\n\n\u200b\u200bSpartacus DLL Hijacking\n\nDid you really make yet another DLL Hijacking discovery tool?\n\n...but with a twist as Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an app that loads another DLL that loads yet another DLL when you use a specific feature of the parent app) DLL Hijacking vulnerabilities. It will also automatically generate proxy DLLs with all relevant exports for vulnerable DLLs.\n\nParsing ProcMon PML files natively. The config (PMC) and log (PML) parsers have been implemented by porting partial functionality to C# from https://github.com/eronnen/procmon-parser/. You can find the format specification here.\n\nSpartacus will create proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Spartacus will create a version.dll.cpp file for you with all the exports included in it. Then you can insert your payload/execution technique and compile.\n\nAble to process large PML files and store all DLLs of interest in an output CSV file. Local benchmark processed a 3GB file with 8 million events in 45 seconds.\n\n[Defence] Monitoring mode trying to identify running applications proxying calls, as in \"DLL Hijacking in progress\". This is just to get any low hanging fruit and should not be relied upon.\n\nhttps://github.com/Accenture/Spartacus\n\n\u200b\u200bBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org\n\u200b", "creation_timestamp": "2023-03-17T08:39:13.000000Z"}, {"uuid": "5a89a0f0-9b69-4796-8873-18003c73d4a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "Telegram/0m5T2oWRa_JTilHoVmSTzoaeqXYJLdSSAasB5uisMr16wUQ", "content": "", "creation_timestamp": "2022-10-12T11:14:37.000000Z"}, {"uuid": "909cd7f0-640a-4548-8a8b-5d31567c5c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "Telegram/l-OuTtmFyR4QFpCSnD7Vkipngfha_VtCiF77KFrEfeOSN1s", "content": "", "creation_timestamp": "2022-10-09T20:31:28.000000Z"}, {"uuid": "216ab558-330b-4ec2-821a-b623df6cffd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/12037", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T18:17:33.000000Z"}, {"uuid": "bd24fc37-43bc-4fc2-b544-f9a61fcd0573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/lcmysecteamch/12036", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:33.000000Z"}, {"uuid": "ce40617e-995a-4410-866b-d2b9d215c190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/jRSE_13w95cR-zx9TkBXruZT9ZsQKHSIh9tIsxa0Gj97dTA", "content": "", "creation_timestamp": "2022-11-14T04:04:21.000000Z"}, {"uuid": "498431d9-ac48-4acc-b5a8-7c981ae09984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/iqrAeUBgELAHmMqy0rGlHL1YoZePHnQDY1cYZJ3Or7I9lRc", "content": "", "creation_timestamp": "2022-11-13T15:15:10.000000Z"}, {"uuid": "13e1c7ac-6fa8-4236-8637-e4278e08004d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/RESOLUTEATTACK/299", "content": "CVE-2022-40684\n\nC\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e Fortinet FortiOS, FortiProxy \u0438 FortiSwitchManager, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435\n\nE7 SUBSCRIBE\n\n#\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  #CVE  #\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b  #\u041e\u0431\u0445\u043e\u0434", "creation_timestamp": "2023-01-05T21:54:37.000000Z"}, {"uuid": "0577a70e-940d-44e7-a1a1-91d28bb0c1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/TN9gewYomTAqkh8sYExl1z2TsA1HB-34c_Og297OqbQmXSI", "content": "", "creation_timestamp": "2022-10-23T17:50:15.000000Z"}, {"uuid": "29891bb5-90e8-4fff-ac92-292abf8353dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "Telegram/1KX0arkLatluM2b5xUJe2A3qPnkcl8HWpoBGo8oQI5RoRTA", "content": "", "creation_timestamp": "2022-10-23T12:49:04.000000Z"}, {"uuid": "c6a223be-747f-4fa4-9217-c0e95812c936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/tf3hp1yPdw2gOFQXFyAkDS6xnUogxh_W4oHMSrw7cMbqhik", "content": "", "creation_timestamp": "2023-01-02T18:48:04.000000Z"}, {"uuid": "cc06d3b5-9252-48dd-a966-07a9f01e3ed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/hJoPEaM8COgZEtLN1tx2kl_l9wNyCf3HFlZRp6RSb0E8UE0", "content": "", "creation_timestamp": "2022-10-15T01:25:38.000000Z"}, {"uuid": "7594262e-c964-4289-b9bc-508f9fd2034b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/true_secator/6627", "content": "\u0423\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0438 \u043d\u043e\u0432\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b \u0441\u043b\u0438\u043b\u0438 \u0432 \u043f\u0430\u0431\u043b\u0438\u043a \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 VPN \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 15\u00a0000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 FortiGate, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432\u0441\u0435\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u044f\u043c \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e.\n\n\u0410\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0430\u044f \u0443\u0442\u0435\u0447\u043a\u0443 Belsen Group \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0441\u0435\u0442\u044f\u0445 \u0438 \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0431\u0440\u0435\u043d\u0434\u0430 Belsen Group \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0441\u0430\u0439\u0442 \u0432 Tor, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0434\u0430\u043c\u043f \u0434\u0430\u043d\u043d\u044b\u0445 FortiGate.\n\n\u0423\u0442\u0435\u0447\u043a\u0430 FortiGate \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0430\u0440\u0445\u0438\u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 1,6 \u0413\u0411 \u0441 \u043f\u0430\u043f\u043a\u0430\u043c\u0438, \u0443\u043f\u043e\u0440\u044f\u0434\u043e\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0441\u0442\u0440\u0430\u043d\u0430\u043c. \u041a\u0430\u0436\u0434\u0430\u044f \u043f\u0430\u043f\u043a\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0434\u043f\u0430\u043f\u043a\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 FortiGate \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0435.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u041a\u0435\u0432\u0438\u043d\u0430 \u0411\u043e\u043c\u043e\u043d\u0442\u0430, \u043a\u0430\u0436\u0434\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441 \u0438\u043c\u0435\u0435\u0442 configuration.conf \u0438 vpn-passwords.txt, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435.\n\n\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0442\u0430\u043a\u0443\u044e \u043a\u0430\u043a \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0443\u0442\u0435\u0447\u043a\u0430, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 0-day \u043e\u0442 2022 \u0433\u043e\u0434\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-40684, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043c\u043e\u043d\u0434 \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0441 CVE-2022\u201340684, \u0438 \u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0441\u0432\u0435\u0440\u0438\u0442\u044c, \u0447\u0442\u043e \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043f\u0430\u0440\u043e\u043b\u0438, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0432 \u0434\u0430\u043c\u043f\u0435, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u043d\u043e\u043c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0422\u043e\u0433\u0434\u0430 \u0432 2022 \u0433\u043e\u0434\u0443 Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0430 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u0443\u043b\u044f, CVE-2022\u201340684,\u00a0\u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 FortiGate \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 super_admin \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c \u00abfortigate-tech-support\u00bb.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043d\u0435\u043c\u0435\u0446\u043a\u043e\u0433\u043e \u0438\u0437\u0434\u0430\u043d\u0438\u044f Heise \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u0442\u0435\u0447\u043a\u0443 \u0438 \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0441\u043e\u0431\u0440\u0430\u043d\u0430 \u0432 2022 \u0433\u043e\u0434\u0443, \u043f\u0440\u0438\u0447\u0435\u043c \u043d\u0430 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 FortiOS 7.0.0-7.0.6 \u0438\u043b\u0438 7.2.0-7.2.2, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e - \u0432\u0435\u0440\u0441\u0438\u0435\u0439 7.2.0.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u0444\u0430\u0439\u043b\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u0441\u043e\u0431\u0440\u0430\u043d\u044b \u0432 2022 \u0433\u043e\u0434\u0443, \u043e\u043d\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u043c \u043c\u043e\u043c\u0435\u043d\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u042d\u0442\u0430 \u0443\u0442\u0435\u0447\u043a\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u043d\u0435 \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u044c\u0441\u044f \u0441 2021, \u043a\u043e\u0433\u0434\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043b\u0438\u043b\u0438 \u043f\u043e\u0447\u0442\u0438 500 000 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Fortinet VPN \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2018-13379, \u043d\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0438, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442.", "creation_timestamp": "2025-01-16T17:27:00.000000Z"}, {"uuid": "5ccf2991-73d4-49f0-919e-7054175259d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/CyberSecurityIL/64878", "content": "\u05e7\u05d1\u05d5\u05e6\u05ea \u05ea\u05e7\u05d9\u05e4\u05d4 \u05dc\u05d0 \u05de\u05d5\u05db\u05e8\u05ea \u05e4\u05d9\u05e8\u05e1\u05de\u05d4 \u05d0\u05ea\u05de\u05d5\u05dc \u05e0\u05ea\u05d5\u05e0\u05d9 \u05d4\u05d6\u05d3\u05d4\u05d5\u05ea, \u05e9\u05e0\u05d2\u05e0\u05d1\u05d5 \u05d1-2022, \u05dc\u05d0\u05dc\u05e4\u05d9 \u05de\u05db\u05e9\u05d9\u05e8\u05d9 Fortigate.\n\n\u05d0\u05ea\u05de\u05d5\u05dc \u05e0\u05d7\u05e9\u05e4\u05ea\u05d9 \u05dc\u05de\u05d9\u05d3\u05e2 \u05d0\u05d1\u05dc \u05dc\u05d0 \u05d4\u05e1\u05e4\u05e7\u05ea\u05d9 \u05dc\u05d1\u05d3\u05d5\u05e7 \u05d0\u05d5\u05ea\u05d5 \u05db\u05de\u05d5 \u05e9\u05e6\u05e8\u05d9\u05da, \u05d4\u05de\u05d9\u05d3\u05e2 \u05de\u05d7\u05d5\u05dc\u05e7 \u05dc\u05ea\u05d9\u05e7\u05d9\u05d5\u05ea \u05dc\u05e4\u05d9 \u05de\u05d3\u05d9\u05e0\u05d5\u05ea, \u05db\u05e9\u05d9\u05e9 \u05d2\u05dd \u05ea\u05d9\u05e7\u05d9\u05d9\u05d4 \u05dc-IL.\n\n\u05d7\u05d5\u05e7\u05e8\u05d9\u05dd \u05de\u05d7\u05d1\u05e8\u05ea heise \u05d1\u05d7\u05e0\u05d5 \u05d0\u05ea \u05d4\u05de\u05d9\u05d3\u05e2 \u05d5\u05d3\u05d9\u05d5\u05d5\u05d7\u05d5 \u05db\u05d9 \u05de\u05d3\u05d5\u05d1\u05e8 \u05e9\u05e0\u05d2\u05e0\u05d1 \u05d1-2022 \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e0\u05d9\u05e6\u05d5\u05dc \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2022-40684 \u05d5\u05db\u05d9 \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05e9\u05e0\u05e4\u05d2\u05e2\u05d5 \u05d4\u05df FortiOS 7.0.0-7.0.6 \u05d0\u05d5 7.2.0-7.2.2.\n\n\u05e2\u05d5\u05d3 \u05de\u05d0\u05de\u05ea\u05d9\u05dd \u05d4\u05d7\u05d5\u05e7\u05e8\u05d9\u05dd \u05db\u05d9 \u05dc\u05de\u05e8\u05d5\u05ea \u05e9\u05de\u05d3\u05d5\u05d1\u05e8 \u05d1\u05de\u05d9\u05d3\u05e2 \u05d9\u05e9\u05df \u05d7\u05dc\u05e7 \u05de\u05d4\u05e1\u05d9\u05e1\u05de\u05d0\u05d5\u05ea \u05e2\u05d3\u05d9\u05d9\u05df \u05ea\u05e7\u05e4\u05d5\u05ea.\n\nhttps://t.me/CyberSecurityIL/6413", "creation_timestamp": "2025-01-16T07:01:25.000000Z"}, {"uuid": "19e205d8-8cbe-42c8-ac0d-c5a4dd29005a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/zer0day1ab/438", "content": "Leaked 15k+ #FortiGate VPN accounts including configuration files and #VPN passwords via CVE-2022-40684.\n\nAffected IPs: https://github.com/arsolutioner/fortigate-belsen-leak/blob/main/affected_ips.txt\n\nOrigin: belsenacdodoy3nsmmyjfmtgjen6ipaqkti7dm2q57vabjx2vzq6tnad.onion/files/FortiGate.zip\n\nDownload: https://mega.nz/file/wDhQEC5Y#OctAHTwgv57eRbEc3nvPRb53aX5vxXFIW1HopceZXUI", "creation_timestamp": "2025-01-22T11:23:27.000000Z"}, {"uuid": "dd224b8d-50b6-49c8-9265-6d983e9e40cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/true_secator/3565", "content": "\u0414\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 FortiOS, FortiProxy \u0438 FortiSwitchManager \u043e\u0442 Fortinet, \u0441\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\nCVE-2022-40684 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435. Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0447\u0435\u0442\u0432\u0435\u0440\u0433.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Horizon3.ai \u0414\u0436\u0435\u0439\u043c\u0441 \u0425\u043e\u0440\u0441\u043c\u0430\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u043b\u044e\u0447\u0430 SSH \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 Python \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435, \u0447\u0442\u043e \u043e\u043d \u0437\u0430\u0445\u043e\u0447\u0435\u0442, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0438, \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0438\u043d\u0438\u0446\u0438\u0430\u0446\u0438\u044e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0447\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u0438 \u0432 Fortinet.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0430\u0448\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0443 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430: user=\" Local_Process_Access\", user_interface=\" Node.js\" \u0438\u043b\u0438 user_interface=\" Report Runner\".\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439. \u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 HTTP/HTTPS \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438.", "creation_timestamp": "2022-10-14T17:00:05.000000Z"}, {"uuid": "98931fcb-3c13-45c6-9a93-18e7b2c0c89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/true_secator/3536", "content": "Fortinet \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b FortiGate \u0438 \u0432\u0435\u0431-\u043f\u0440\u043e\u043a\u0441\u0438 FortiProxy.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-40684\u00a0\u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,6 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 HTTP \u0438\u043b\u0438 HTTPS.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 FortiOS \u0441 7.0.0 \u0434\u043e 7.0.6 \u0438 \u0441 7.2.0 \u0434\u043e 7.2.1, FortiProxy \u0441 7.0.0 \u043d\u0430 7.0.6 \u0438 7.2.0. Fortinet \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a \u0441 \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u0435\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 FortiOS 7.0.7\u00a0\u0438\u00a07.2.2, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445\u00a0FortiProxy 7.0.7\u00a0\u0438\u00a07.2.1. \n\n\u041f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u043f\u043e\u0438\u0441\u043a\u0443 Shodan, \u0431\u043e\u043b\u0435\u0435 100 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 FortiGate \u0432 \u0441\u0435\u0442\u0438, Fortinet \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 HTTPS \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0438\u043b\u0438, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438.", "creation_timestamp": "2022-10-10T14:35:04.000000Z"}, {"uuid": "f4898a15-458f-4bb0-8461-ac027f98512d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/true_secator/3655", "content": "Fortinet \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 16 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0448\u0435\u0441\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0431\u044b\u043b\u0430 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u0430\u044f \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 FortiTester \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\nFortiSIEM \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Glassfish \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0440\u043e\u043b\u044f.\n\n\u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u0438 \u043e\u0442\u0440\u0430\u0436\u0430\u044e\u0442 \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS).\n\n\u041e\u043d\u0438 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 FortiADC, FortiDeceptor, FortiManager \u0438 FortiAnalyzer.\u00a0\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0438 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 FortiOS, FortiTester, FortiSOAR, FortiMail, FortiEDR CollectorWindows, FortiClient \u0434\u043b\u044f Mac \u0438 FortiADC.\n\n\u0418\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, XSS-\u0430\u0442\u0430\u043a, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, DoS-\u0430\u0442\u0430\u043a, \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u0435\u043d\u0435\u0431\u0440\u0435\u0433\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 CVE-2022-40684 \u0432 FortiOS, FortiProxy \u0438 FortiSwitchManager.\n\n\u041e\u043d\u0430 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u00a0\u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0430 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b\u00a0\u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u0412\u0435\u0434\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435\u00a0\u0441\u043f\u0435\u0448\u0438\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0442\u044c\u00a0\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2022-11-03T09:20:03.000000Z"}, {"uuid": "211b4398-bf46-4e26-a866-78edabea0ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/true_secator/3763", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cyble \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0431\u0440\u043e\u043a\u0435\u0440\u043e\u0432 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (IAB) \u043d\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet.\n\nCVE-2022-40684\u00a0\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b FortiOS, FortiProxy \u0438 FortiSwitchManager \u0438 \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u043d\u0430 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0431\u0445\u043e\u0434\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b HTTP \u0438\u043b\u0438 HTTPS \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0411\u0430\u0433\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043a SSH \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043b\u044e\u0447 SSH \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043d\u0438\u043c.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cyble, \u0432 \u0441\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0431\u043e\u043b\u0435\u0435 100 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 FortiGate, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043b\u044e\u0431\u043e\u0439 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u043b\u0447\u0435\u043d\u043d\u044b\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0432\u043f\u043e\u043b\u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0443\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c\u00a0, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e CVE-2022-40684.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043b \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a Fortinet VPN \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cyble, \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 Fortinet \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442\u0441\u044f \u0441 17 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u0421\u0430\u043c Fortinet \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u00a0\u0440\u0430\u0441\u0442\u0443\u0449\u0438\u043c \u0447\u0438\u0441\u043b\u043e\u043c \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 CVE-2022-40684, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e PoC.", "creation_timestamp": "2022-11-30T11:21:49.000000Z"}, {"uuid": "45b3749d-39bd-4f10-9972-784d4e11c9cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "7c61d8cd-e601-4907-9f06-878f1fdbcbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/VAbHA6edjx_CNaf0OfN8EtqBnBj6QPWvszVqXISogqTAXwo", "content": "", "creation_timestamp": "2022-10-28T18:54:11.000000Z"}, {"uuid": "bd815eb9-8373-4310-a119-175e4849a2f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/26903", "content": "https://github.com/carlosevieira/CVE-2022-40684", "creation_timestamp": "2022-10-14T16:13:44.000000Z"}, {"uuid": "4e6c3e49-cc8f-4deb-83bf-1036f56c25a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/26902", "content": "https://github.com/horizon3ai/CVE-2022-40684", "creation_timestamp": "2022-10-14T16:03:24.000000Z"}, {"uuid": "c1db7bc2-dd61-419b-a3ea-8171d1319c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/cibsecurity/51678", "content": "\u203c CVE-2022-40684 \u203c\n\nAn authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:22.000000Z"}, {"uuid": "2441226a-4b61-422d-84ef-fccb1201653d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3415", "content": "https://github.com/secunnix/CVE-2022-40684", "creation_timestamp": "2022-10-14T16:30:15.000000Z"}, {"uuid": "b79316d9-427d-45c9-a9d5-23a1ddd938b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/information_security_channel/48719", "content": "PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin\nhttps://www.securityweek.com/poc-published-fortinet-vulnerability-mass-exploitation-attempts-begin\n\nDetails and a proof-of-concept (PoC) exploit have been published for the recent Fortinet vulnerability tracked as CVE-2022-40684, just as cybersecurity firms are seeing what appears to be the start of mass exploitation attempts.\nread more (https://www.securityweek.com/poc-published-fortinet-vulnerability-mass-exploitation-attempts-begin)", "creation_timestamp": "2022-10-14T12:13:42.000000Z"}, {"uuid": "69a7ddfb-58c0-4e97-b2fe-cba6044ce07b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "Telegram/ndVGDiQeWW4WwWmn3hOoa_OwhRfnssnB56PgS_zLqwSd", "content": "", "creation_timestamp": "2022-10-29T00:54:01.000000Z"}, {"uuid": "65f14e00-e69a-465c-a188-69d6103cf604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6952", "content": "#exploit\n1. CVE-2022-41040:\nSSRF in Microsoft Exchange Server\nhttps://github.com/kljunowsky/CVE-2022-41040-POC\n]-> https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell\n\n2. CVE-2022-40684:\nCritical Authentication Bypass in FortiOS and FortiProxy\nhttps://github.com/horizon3ai/CVE-2022-40684", "creation_timestamp": "2025-01-17T05:54:36.000000Z"}, {"uuid": "ae427403-b19d-4a2f-b8a2-42648c7ac860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/2666", "content": "Researchers have published technical details and a PoC exploit for a recently disclosed critical vulnerability (CVE-2022-40684) affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager.\n\nRead: https://thehackernews.com/2022/10/poc-exploit-released-for-critical.html", "creation_timestamp": "2022-10-14T05:37:05.000000Z"}, {"uuid": "96237d85-ec4e-4ddc-b703-86f43a9ceaa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2393", "content": "#CVE-2022\n\nUtilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface).\n\nhttps://github.com/und3sc0n0c1d0/CVE-2022-40684\n\n@BlueRedTeam", "creation_timestamp": "2022-10-25T17:41:31.000000Z"}, {"uuid": "e65e26ea-ea8c-45f2-96ec-59427275e4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2411", "content": "#CVE-2022\n\nExploit Fortigate - CVE-2022-40684\n\nhttps://github.com/gustavorobertux/gotigate\n\n@BlueRedTeam", "creation_timestamp": "2022-10-30T18:33:03.000000Z"}, {"uuid": "e20e8847-d43b-4cd0-b5f9-3c1e370cbee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/warmakerz/1188", "content": "\ud83d\udea8CVE-2022-40684: Proof of Concept of how an attacker can exploit a Fortinet device with public HTTPS management\n\n\u27a1\ufe0f\u27a1\ufe0f  @WarmakerZ  \u2b05\ufe0f\u2b05\ufe0f", "creation_timestamp": "2025-05-10T07:00:48.000000Z"}, {"uuid": "fbd8776a-d35e-4d8b-9bab-8b2201bdfafc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "seen", "source": "https://t.me/thehackernews/2649", "content": "Fortinet has privately warned its customers about a new authentication bypass vulnerability (CVE-2022-40684) affecting FortiGate firewalls and FortiProxy web proxies.\n\nRead: https://thehackernews.com/2022/10/fortinet-warns-of-new-auth-bypass-flaw.html", "creation_timestamp": "2022-10-07T18:59:08.000000Z"}, {"uuid": "228730fe-7048-437b-8c24-33cf2b296587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/13063", "content": "\u041f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-40684, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b FortiGate, \u0432\u0435\u0431-\u043f\u0440\u043e\u043a\u0441\u0438 FortiProxy, \u0430 \u0442\u0430\u043a\u0436\u0435 FortiSwitch Manager. \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 9,6 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nhttps://xakep.ru/2022/10/14/cve-2022-40684-poc/", "creation_timestamp": "2022-10-14T12:43:31.000000Z"}, {"uuid": "1511d45d-f5ec-42fe-b3ca-eb3689c47bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6817", "content": "CVE-2022-40684\nhttps://github.com/secunnix/CVE-2022-40684", "creation_timestamp": "2022-10-28T11:17:52.000000Z"}, {"uuid": "07b523cb-846b-4166-875f-a7c3473a0399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/legendscrewmy/2475", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:32.000000Z"}, {"uuid": "43ff6901-bfda-444c-a815-8f2b2d9d54e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "published-proof-of-concept", "source": "https://t.me/legendscrewmy/2476", "content": "WPRecon (Wordpress Recon)\n\nWPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.\n\nWe can use wprecon to recognize the versions of plugins, themes, and wordpress core, in addition to counting users, and waf (web application firewall).\n\nThe purpose of this tool is just to help developers find possible loopholes in their systems/wordpress sites.\n\nhttps://github.com/AngraTeam/wprecon\n\n\u200b\u200bNuclei template CVE-2022-40684\n\nhttps://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml\n\n#cve\n\n\u200b\u200bChopper payload smuggling\n\nPorted the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName \ud83d\udc47\n\nThe tool would create random service, smuggle the payloads chunks through the windows service display name, and write/decode/execute the final payload.\n\nhttps://github.com/0xsp-SRD/0xsp.com/tree/main/chopper\n\nDetails:\nhttps://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1\n\n\u200b\u200bCVE-2021-45067\n\nThis bug was Out of Bounds Read caused by treating ANSI string as Unicode which can be exploited to leak sensitive information from the sandboxed adobe reader process.\n\nhttps://github.com/hacksysteam/CVE-2021-45067\n\n#cve\n\n\u200b\u200bOpenBackdoor\n\nOpenBackdoor is an open-source toolkit for textual backdoor attack and defense, which enables easy implementation, evaluation, and extension of both attack and defense models.\n\nhttps://github.com/thunlp/OpenBackdoor\n\n\u200b\u200bSharpAgent\n\nC# havoc implant\n\nA .NET Framework test agent for Havoc C2. I just wanna learn how to make c2 implants. Will receive updates for now.\n\nJust modify the handler to your teamserver. Also it's probably really buggy right now.\n\nhttps://github.com/susMdT/SharpAgent/\n\n\u200b\u200bPsyloDbg\n\nPsyloDbg is a very simple Windows Debugger that currently only monitor for debug events:\n\n\u25ab\ufe0f Exception\n\u25ab\ufe0f Create Thread\n\u25ab\ufe0f Create Process\n\u25ab\ufe0f Exit Thread\n\u25ab\ufe0f Exit Process\n\u25ab\ufe0f Load DLL\n\u25ab\ufe0f Unload DLL\n\u25ab\ufe0f Debug String\n\u25ab\ufe0f RIP\n\nhttps://github.com/DarkCoderSc/PsyloDbg\n\n\u200b\u200bmatano\n\nMatano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed specifically for AWS and focuses on enabling high scale, low cost, and zero-ops. Matano deploys fully into your AWS account.\n\nhttps://github.com/matanolabs/matano\n\n\u200b\u200bRedEye\n\nRedEye is an open-source analytic tool developed by CISA and DOE\u2019s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. \n\nThe tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye\u2019s presentation mode to present findings and workflow to stakeholders.\n\nhttps://github.com/cisagov/RedEye\n\n\u200b\u200bLocksmith\n\nA tool to identify and remediate common misconfigurations in Active Directory Certificate Services\n\nhttps://github.com/TrimarcJake/Locksmith\n\n\u200b\u200bosintui\n\nOpen Source Intelligence Terminal User Interface\n\nhttps://github.com/wssheldon/osintui\n\n#OSINT\n\n\u200b\u200bGhauri\n\nAn advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws\n\nhttps://github.com/r0oth3x49/ghauri\n\n\u200b\u200bThe Soaring Eagle C2\n\nI developed this tool for whoever wants to learn the basics regarding C2 and Malware Development, it is not intended to be used in real world scenarios and engagements you will get caught guaranteed, I developed it for learning not evasion. \n\nhttps://github.com/ItsCyberAli/The-Soaring-Eagle\n\n\u200b\u200b4/5", "creation_timestamp": "2022-12-11T18:17:32.000000Z"}, {"uuid": "b8f1824e-7178-4215-b2ba-4338e232a1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/club31337/3227", "content": "Belsen Group leaked 15k+ FortiGate VPN accounts including configuration files and VPN passwords likely obtained via exploitation of CVE-2022-40684 impacting FortiGate 7.x and 7.2.x devices.\n\nAlthough unconfirmed, it is likely that this threat group has been operating privately since 2022, given the age of the data and the nature of the vulnerability, and is only now sharing this data publicly.\n\nFor research purposes a GitHub repository was created including all affected IPs. \n\nWe do not recommend using the original download link:\n\nbelsenacdodoy3nsmmyjfmtgjen6ipaqkti7dm2q57vabjx2vzq6tnad.onion/files/FortiGate.zip\n\n\ud83d\udcbe It feels like you\u2019re back in 200x downloading data using GPRS on a Windows 98 machine \ud83e\udd26\ud83c\udffc\u200d\u2640\ufe0f\n\nDownload:\nhttps://mega.nz/file/wDhQEC5Y#OctAHTwgv57eRbEc3nvPRb53aX5vxXFIW1HopceZXUI\n\n@club31337", "creation_timestamp": "2025-01-22T05:44:48.000000Z"}]}