{"vulnerability": "CVE-2023-20118", "sightings": [{"uuid": "7fc94f37-fd0e-4bba-8f67-df74318da7da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "MISP/bc6d9ead-717c-4bad-8e5d-c5b708f792f5", "content": "", "creation_timestamp": "2025-02-26T13:01:21.000000Z"}, {"uuid": "305ed910-51b8-4301-a230-eba559d25f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3472164", "content": "", "creation_timestamp": "2025-03-03T15:58:05.373006Z"}, {"uuid": "dec8fc1a-ba11-4c12-8000-c16797a8975a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ljnfrdwpgs2i", "content": "", "creation_timestamp": "2025-03-05T16:32:20.058063Z"}, {"uuid": "73383725-18a3-415d-8e31-86d0d38807a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ljatvuz6iq2s", "content": "", "creation_timestamp": "2025-02-28T16:40:44.420878Z"}, {"uuid": "ff66d97e-472e-4472-b012-f32d5501e054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3ll3qajqhuc2g", "content": "", "creation_timestamp": "2025-03-24T02:42:10.608862Z"}, {"uuid": "1af0f8aa-ea90-420d-bc9e-31dc5a0c8b33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ljinbdwlgm23", "content": "", "creation_timestamp": "2025-03-03T19:03:10.167147Z"}, {"uuid": "59f20503-cf00-4c1b-8d59-8213b5c02c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://blog.sekoia.io/polaredge-unveiling-an-uncovered-iot-botnet/", "content": "", "creation_timestamp": "2025-03-03T21:17:17.645607Z"}, {"uuid": "2ee273e3-fecb-45d2-94dd-829df79d5355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "cve-2023-20118", "type": "seen", "source": "https://www.bleepingcomputer.com/news/security/cisa-tags-windows-and-cisco-vulnerabilities-as-actively-exploited/", "content": "", "creation_timestamp": "2025-03-03T21:51:57.433781Z"}, {"uuid": "25d48244-9287-47da-bc30-58a46aee8d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-03T18:10:04.000000Z"}, {"uuid": "1e78db5a-edd5-4ef0-989c-1bb804400439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0224/", "content": "", "creation_timestamp": "2025-03-03T21:22:47.758717Z"}, {"uuid": "6df72c84-510e-48ab-9e9f-bb7a10925a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://github.com/advisories/GHSA-gr43-pwpc-mp54", "content": "", "creation_timestamp": "2025-03-03T21:25:11.073707Z"}, {"uuid": "fb1f0ae4-20df-46c4-bffa-e062939ec2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/7fortress.bsky.social/post/3ljgtb3kdis2a", "content": "", "creation_timestamp": "2025-03-03T01:45:11.452951Z"}, {"uuid": "3babd19e-ee6d-4b42-8268-02ccfd43f887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://thehackernews.com/2025/02/polaredge-botnet-exploits-cisco-and.html", "content": "", "creation_timestamp": "2025-02-27T08:20:00.000000Z"}, {"uuid": "75ac4f58-2469-4a42-8bcd-c581a2fd2a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://threatintel.cc/2025/03/04/cisa-tags-windows-cisco-vulnerabilities.html", "content": "", "creation_timestamp": "2025-03-04T12:33:03.000000Z"}, {"uuid": "613fbcc1-bcc1-46a0-ba1b-d125fa2b58c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://social.circl.lu/users/cedric/statuses/114100760686642284", "content": "", "creation_timestamp": "2025-03-03T22:03:59.721489Z"}, {"uuid": "de56d6f5-afc5-40f8-b1f9-bb849bef1d02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj6s25dizz2t", "content": "", "creation_timestamp": "2025-02-27T21:02:02.405950Z"}, {"uuid": "ce7ee2f3-9ef5-46c6-b0c8-0c6abb08583e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljjij3a2vc2j", "content": "", "creation_timestamp": "2025-03-04T03:10:41.277218Z"}, {"uuid": "5fed5579-4ddc-40d8-add1-fe847bf09e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleer42ec26", "content": "", "creation_timestamp": "2025-03-04T21:02:03.704095Z"}, {"uuid": "280c326b-81ef-4a7b-8800-5ead59061909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-06T04:40:22.000000Z"}, {"uuid": "fbac99e9-cd13-42db-87b0-ebac880357ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljjltjrhoc24", "content": "", "creation_timestamp": "2025-03-04T04:10:13.076546Z"}, {"uuid": "9a132e01-9adf-4c0e-924a-9579d5e2e11b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljw3bmmxlc2g", "content": "", "creation_timestamp": "2025-03-09T03:18:31.891382Z"}, {"uuid": "1f6c50a9-4198-442c-9dba-80553f2ca5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://threatintel.cc/2025/05/26/vicioustrap-infiltrate-control-lure-turning.html", "content": "", "creation_timestamp": "2025-05-26T10:33:18.000000Z"}, {"uuid": "c5072123-2b83-4d5c-931f-64db736df46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ljju3sq7ox2o", "content": "", "creation_timestamp": "2025-03-04T06:38:00.929725Z"}, {"uuid": "ec7a35cc-1731-42a4-8c57-dde517eda286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://thehackernews.com/2025/03/cisco-hitachi-microsoft-and-progress.html", "content": "", "creation_timestamp": "2025-03-04T03:39:00.000000Z"}, {"uuid": "b7121149-b1fe-4055-8ec5-4095d084e418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-6f581033-9f27783820ebb20c", "content": "", "creation_timestamp": "2025-02-28T08:52:30.326295Z"}, {"uuid": "388207da-ef21-4be0-a9ba-ed667eb72a89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/unrayocruel.bsky.social/post/3lpw3woazuc2x", "content": "", "creation_timestamp": "2025-05-24T12:01:27.969158Z"}, {"uuid": "7a14366a-fef2-4450-99c4-74482105cd2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/500a1b4c.bsky.social/post/3lpwg755vwc2z", "content": "", "creation_timestamp": "2025-05-24T15:05:08.320264Z"}, {"uuid": "bcb8241d-7c7a-4e10-aef8-0891dec55715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/mrtechking.bsky.social/post/3lq5msofa6o27", "content": "", "creation_timestamp": "2025-05-27T11:52:03.172615Z"}, {"uuid": "bea916aa-9b11-4a51-8946-82e777eb626b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/jfreeg.bsky.social/post/3lqdhosjjoe2p", "content": "", "creation_timestamp": "2025-05-29T19:36:22.933987Z"}, {"uuid": "aabd2d92-3e0c-4176-9cae-9def4be9ff12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e82994ab-9ef4b77c68ffa8a5", "content": "", "creation_timestamp": "2025-05-27T14:51:56.309022Z"}, {"uuid": "c63a236b-e587-4aab-8968-a9746da653f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-20118", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3m3stusglylz2", "content": "", "creation_timestamp": "2025-10-22T22:03:23.391071Z"}, {"uuid": "06a39cb2-6488-42f6-9499-93d5b190e067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lpzg5iurlv2o", "content": "", "creation_timestamp": "2025-05-25T19:42:10.309187Z"}, {"uuid": "3243882d-d2ea-4396-aa97-cb56d245dd62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3m35qkkqnoz2f", "content": "", "creation_timestamp": "2025-10-14T12:36:13.212523Z"}, {"uuid": "80bbe508-a5c3-46d1-84f4-e25e5e1d8879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lptpe3etva2g", "content": "", "creation_timestamp": "2025-05-23T13:10:57.112721Z"}, {"uuid": "ee72d70b-8e97-46f0-948d-18680ce606b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html", "content": "", "creation_timestamp": "2025-05-23T10:49:00.000000Z"}, {"uuid": "f079a12b-a3f0-4158-b813-b7c56f7bf840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://gist.github.com/Darkcrai86/786633cb7e59efb72b05c1152e4a892f", "content": "", "creation_timestamp": "2025-10-14T13:26:43.000000Z"}, {"uuid": "4c704315-1621-4845-ba00-ce26fb0d2e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3m3aaevc6c72c", "content": "", "creation_timestamp": "2025-10-15T12:24:41.948799Z"}, {"uuid": "6b588973-604c-448e-b410-6911ed91d6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3m37wxrdlnc2d", "content": "", "creation_timestamp": "2025-10-15T09:36:21.176121Z"}, {"uuid": "6c6eed0d-3aa7-476f-8e08-fa1ac7113d3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "MISP/c89179d7-2841-52e0-bff9-060614be76ef", "content": "", "creation_timestamp": "2025-10-14T12:13:30.000000Z"}, {"uuid": "e83f6a70-ec1d-415e-b75f-8d7de4e25903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/kasperskyb2b/516", "content": "\u041c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0438\u0439 Patch Tuesday: \u043e\u0431\u0437\u043e\u0440\n\n\u0423\u0434\u0430\u0440\u043d\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u0438 \u0434\u043b\u044f \u0418\u0422-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u0434\u043b\u044f \u0418\u0411-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439:  Microsoft \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u0431\u043e\u043b\u0435\u0435 100 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445  \u2014 \u0434\u0435\u0432\u044f\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f.  27 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 21  \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 2  \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 4  \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0411\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u044b\u043c \u0445\u0438\u0442\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Outlook (CVE-2023-23397, CVSS 9.8), \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u0438\u0441\u044c\u043c\u043e \u043f\u0440\u043e\u0432\u043e\u0446\u0438\u0440\u0443\u0435\u0442 Outlook \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u043c \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0445\u044d\u0448 Net-NTLMv2 \u043e\u0442 \u0437\u0430\u043b\u043e\u0433\u0438\u043d\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0416\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u043e \ud83d\ude13, \u0432\u0441\u0451 \u0441\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0435\u0433\u043e \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u043c. \u041f\u0440\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0430\u0442\u0447\u0438\u0442\u044c Outlook, Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043e\u0441\u043e\u0431\u043e \u0432\u0430\u0436\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 (\u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c) \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 Protected users, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c NTLM \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u043e\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u2014 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0438\u0437 \u0441\u0435\u0442\u0438 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 445.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 (CVE-2023-24880, CVSS 5.4) \u2014 \u044d\u0442\u043e \u0441\u043b\u0435\u0433\u043a\u0430 \u0438\u0437\u043c\u0435\u043d\u0451\u043d\u043d\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c MotW, \u0447\u0442\u043e\u0431\u044b \u0436\u0435\u0440\u0442\u0432\u0430 \u043c\u043e\u0433\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0433\u0440\u043e\u0437\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 Windows SmartScreen. \u041d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432 Google TAG \u2014 \u0441 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0435\u0439 \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u0437\u0430\u043f\u0430\u043a\u043e\u0432\u0430\u0432 \u0441\u0432\u043e\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a \u0432 MSI-\u0444\u0430\u0439\u043b.\n\n\u0412\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e \u0437\u0432\u0443\u0447\u0430\u0442 CVE-2023-23416 (\u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b Windows, RCE, CVSS 8.4),  CVE-2023-23415 (ICMP, RCE, CVSS 9.8), CVE-2023-21708 (RPC, RCE, CVSS 9.8) \u043d\u043e \u0434\u043b\u044f \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u044f. \u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442. \u0412\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0439 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 IP \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0430\u043a\u0435\u0442\u0430 ICMP, \u043d\u043e \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0443\u0436\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0449\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043b\u043e \u0431\u0435\u0441\u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044c\u043d\u044b\u0439 \u0441\u043e\u043a\u0435\u0442 (raw socket).  \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u0436\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 RPC-\u0437\u0430\u043f\u0440\u043e\u0441 \u0438 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f. \u0421\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u043c\u043e\u0436\u043d\u043e, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u043e\u0440\u0442 135 \u043d\u0430 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0435 \u0441\u0435\u0442\u0438.\n\n\u0412 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u043e\u0448\u043b\u0438 \u0444\u0438\u043a\u0441\u044b \u0434\u043b\u044f \u043f\u0430\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 TPM (CVE-2023-1017, CVE-2023-1018), \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u044b \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 Adobe (8 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f RCE \u0432 Creative Cloud, Illustrator, \u0438 4 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Adobe Commerce  \u0438 Magento), \u043e\u0441\u043e\u0431\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u043c 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cold Fusion, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (CVE-2023-26360, RCE CVSS 8.6; CVE-2023-26359, RCE, CVSS 9.8).\n\nSAP \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430\u0441\u044c 19 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u043c\u0438,  \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \"\u043f\u0440\u0438\u044f\u0442\u043d\u043e \u0443\u0434\u0438\u0432\u043b\u044f\u044e\u0442\" \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 CVSS-\u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.9.\n\u041e\u0434\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 SAP Business Objects Business Intelligence Platform (CVE-2023-25616), \u0430 \u0432\u0442\u043e\u0440\u0430\u044f - \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c SAP NetWeaver AS for Java \u0438 \u0432\u043d\u043e\u0441\u0438\u0442\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2023-23857).\n\u041f\u0430\u0440\u0430 \u0431\u0430\u0433\u043e\u0432 \u0441 CVSS 9.6. \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0434\u0435\u043b\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 SAP NetWeaver AS \u043d\u0435\u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u043c\u0438. (CVE-2023-27269 CVE-2023-27500)\n\nCisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f CVE-2023-20118 \u0432 \u0441\u0432\u043e\u0439 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 \u0434\u043b\u044f \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 RV016, RV042, RV042G, RV082, RV320 \u0438 RV325. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0430 \u043d\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432 \u0432\u0435\u0431-\u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u0421\u043b\u043e\u0432\u043e \"\u043f\u0430\u0442\u0447\" \u043e\u0442\u0441\u0443\u0442\u0441\u0432\u0443\u0435\u0442 \u043d\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u2014 \u0435\u0433\u043e \u043d\u0435\u0442 \u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u043c\u043e\u0436\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u043e\u0440\u0442\u044b 443 \u0438  60443.", "creation_timestamp": "2023-03-15T07:54:44.000000Z"}, {"uuid": "40ae26f7-43ea-499b-bb23-ad993a23a1f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://bsky.app/profile/matricedigitale.bsky.social/post/3m3prmlmabg2l", "content": "", "creation_timestamp": "2025-10-21T16:43:10.407812Z"}, {"uuid": "4c1943bc-90e9-4884-80fa-2e5e42ea1295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-20118", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/115414087631625899", "content": "", "creation_timestamp": "2025-10-21T20:40:18.384837Z"}, {"uuid": "bd55a672-300b-456f-af10-d2592b25c1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/aba4b997-7dab-4307-9987-69f8886a89d0", "content": "", "creation_timestamp": "2026-02-02T12:26:11.114880Z"}, {"uuid": "ed486468-1079-4de4-ab76-cb7d52157220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "MISP/a6277f87-233c-5eb4-b94a-884c8d9ffb7b", "content": "", "creation_timestamp": "2025-08-24T01:55:52.000000Z"}, {"uuid": "698e2276-f754-48c2-85d2-f334d68c44f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://vulnerability.circl.lu/comment/9fd019c6-b2d5-454c-88b2-2c693681e47f", "content": "", "creation_timestamp": "2025-03-03T21:30:27.513197Z"}, {"uuid": "2fe22b4c-5984-45f6-99bc-4e8ea78100a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/cIub1337/75", "content": "PolarEdge: Unveiling an uncovered ORB network\n\n#PolarEdge #botnet active since late 2023. This botnet targets a variety of devices by exploiting multiple vulnerabilities, deploying advanced payloads like a #TLS #backdoor. The investigation identified over 2,000 compromised assets worldwide, with the botnet leveraging the Mbed TLS library and focusing on edge devices. Notably, the botnet exploits CVE-2023-20118, a vulnerability in #Cisco Small Business #Routers, to deploy webshells and backdoors, enabling persistent access and control over infected devices. \n\nhttps://blog.sekoia.io/polaredge-unveiling-an-uncovered-iot-botnet/\n\nTelegram   \u2709\ufe0f @club1337\nX (Twitter) \ud83d\udd4a @club31337", "creation_timestamp": "2025-03-18T12:07:32.000000Z"}, {"uuid": "f2c140b0-65af-4409-9d82-f83e737adb1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6043", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20118\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\n This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.\n Cisco has not and will not release software updates that address this vulnerability.\n\ud83d\udccf Published: 2023-04-05T16:05:41.067Z\n\ud83d\udccf Modified: 2025-03-01T04:55:32.723Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", "creation_timestamp": "2025-03-01T05:27:12.000000Z"}, {"uuid": "e47240b9-bd28-47ae-b06f-c85789a42085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/CyberBulletin/2449", "content": "\u26a1CVE-2023-20118 Exploited: PolarEdge Targets EoL Routers, NAS.\n\n#CyberBulletin", "creation_timestamp": "2025-03-01T06:33:24.000000Z"}, {"uuid": "e5fbe7fd-5051-4572-b551-4d28ec77222e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/claytechsolution/170", "content": "The Hacker News\nCisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited\u2014CISA Sounds Alarm\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe list of vulnerabilities is as follows -\n\nCVE-2023-20118 (CVSS score: 6.5) - A command injection", "creation_timestamp": "2025-03-04T06:09:22.000000Z"}, {"uuid": "df4b595d-aa90-4f7f-93f3-cdff7943ef9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "Telegram/5L54eh2lIYszZP3n0CdouPxaVJ5jF3kh7l2cKdPyfJWnJA", "content": "", "creation_timestamp": "2025-05-23T13:49:49.000000Z"}, {"uuid": "883a6b5a-020c-4f1a-8ee8-4a44c3c74ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/nemeZ1da_ru/5606", "content": "\u041d\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e PolarEdge \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco, ASUS, QNAP \u0438 Synology \u0441 \u043a\u043e\u043d\u0446\u0430 2023 \u0433\u043e\u0434\u0430, \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u044f \u0438\u0445 \u0432 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Sekoia \u0430\u0442\u0430\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-20118 \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Cisco Small Business \u0441\u0435\u0440\u0438\u0439 RV, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437-\u0437\u0430 \u0441\u0442\u0430\u0442\u0443\u0441\u0430 End-of-Life.\n\nCisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u0440\u0442\u0430\u043c 443 \u0438 60443, \u043e\u0434\u043d\u0430\u043a\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a, \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 Sekoia, \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u2014 TLS, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 \u00abq\u00bb, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0439 \u043f\u043e FTP, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043e\u0447\u0438\u0449\u0430\u0435\u0442 \u043b\u043e\u0433\u0438, \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0430\u0440\u0445\u0438\u0432 \u00abt.tar\u00bb \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u00abcipher_log\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u043f\u0440\u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044f\u0441\u044c \u0432 \u0430\u0432\u0442\u043e\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443.\n\n\u0411\u043e\u0442\u043d\u0435\u0442 PolarEdge \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0445\u0435\u043c\u0435: \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 TLS-\u0441\u0435\u0441\u0441\u0438\u044e, \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0438\u043d\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0443\u0437\u043b\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 C2-\u0441\u0435\u0440\u0432\u0435\u0440, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0443 \u0438 \u043f\u043e\u0440\u0442\u0443.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 Cisco, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 ASUS, QNAP \u0438 Synology. \u0417\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 VirusTotal \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u0435. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0440\u0432\u0435\u0440 Huawei Cloud (IP 119.8.186[.]227), \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u044c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0431\u043e\u0442\u043d\u0435\u0442 \u0437\u0430\u0440\u0430\u0437\u0438\u043b \u0443\u0436\u0435 \u0441\u0432\u044b\u0448\u0435 2000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0432 \u0421\u0428\u0410, \u0422\u0430\u0439\u0432\u0430\u043d\u0435, \u0420\u043e\u0441\u0441\u0438\u0438, \u0418\u043d\u0434\u0438\u0438, \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438, \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0438 \u0438 \u0410\u0440\u0433\u0435\u043d\u0442\u0438\u043d\u0435. \u0422\u043e\u0447\u043d\u044b\u0435 \u0446\u0435\u043b\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b, \u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 DDoS-\u0430\u0442\u0430\u043a.", "creation_timestamp": "2025-02-28T08:08:36.000000Z"}, {"uuid": "bcbb69f7-bc9e-4d49-af9d-f2e5ccff02f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "published-proof-of-concept", "source": "Telegram/T8o144bN7FVP7sJs7RekRPlAywBiBpPqOAKkfrmq-4-sdw", "content": "", "creation_timestamp": "2025-02-27T12:39:48.000000Z"}, {"uuid": "ba04117a-a140-4981-9c81-c35c2af8f8a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "Telegram/DsZDlr1fl7Z1uxl5f2FUVR__uKvlZAQ6Aojd6urHPwWkkQ", "content": "", "creation_timestamp": "2025-03-04T10:27:01.000000Z"}, {"uuid": "8e196799-8535-480c-8d32-fcfebff66a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/true_secator/7071", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Sekoia \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441\u043e \u0432\u0437\u043b\u043e\u043c\u043e\u043c \u043f\u043e\u0447\u0442\u0438 5300 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 84 \u0441\u0442\u0440\u0430\u043d\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u0441\u0435\u0442\u044c, \u043f\u043e\u0445\u043e\u0436\u0443\u044e \u043d\u0430 \u043d\u0430\u0431\u043e\u0440 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0433\u043e \u043a \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043a\u0430\u043a ViciousTrap. \u0414\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043c \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Cisco Small Business RV016, RV042, RV042G, RV082, RV320 \u0438 RV325 (CVE-2023-20118).\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0432 \u041c\u0430\u043a\u0430\u043e, \u0433\u0434\u0435 \u0431\u044b\u043b\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e 850 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, NetGhost, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0440\u0442\u043e\u0432 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u0433\u043e \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u043f\u043e\u0445\u043e\u0436\u0443\u044e \u043d\u0430 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0443\u044e\u0441\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u043e\u0442\u043e\u043a\u0438.\n\n\u0420\u0430\u043d\u0435\u0435 Sekoia \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2023-20118 \u0434\u0440\u0443\u0433\u043e\u043c\u0443 \u0431\u043e\u0442\u043d\u0435\u0442\u0443, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u043c\u0443 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u00a0PolarEdge. \u041e\u0434\u043d\u0430\u043a\u043e \u0434\u0430\u043d\u043d\u044b\u0445, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u044d\u0442\u0438 \u0434\u0432\u0430 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442. \n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, ViciousTrap, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043f\u0440\u0438\u043c\u0430\u043d\u043e\u043a, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b SOHO, SSL VPN, \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b BMC \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 50 \u0431\u0440\u0435\u043d\u0434\u043e\u0432: Araknis Networks, ASUS, D-Link, Linksys \u0438 QNAP.\n\n\u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0437\u0430\u043c\u044b\u0441\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c \u0437\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u043d\u0435\u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043c\u0435\u0441\u0442\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 CVE-2023-20118 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u0438\u043f\u0442\u0430 bash \u0447\u0435\u0440\u0435\u0437 ftpget, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 wget.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Cisco \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0437, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0435 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0440\u0430\u043d\u0435\u0435 \u0441\u0431\u0440\u043e\u0448\u0435\u043d\u043d\u043e\u0433\u043e wget.\n\n\u0421\u043a\u0440\u0438\u043f\u0442 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430 NetGhost \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u044e\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043e\u0431\u043b\u0435\u0433\u0447\u0430\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 AitM.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u043d \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0431\u044f \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0445\u043e\u0441\u0442\u0430 \u0434\u043b\u044f \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430.\n\nSekoia \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0432\u0441\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u0441\u0445\u043e\u0434\u0438\u043b\u0438 \u0441 \u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 (\u00ab101.99.91[.]151\u00bb), \u0430 \u0441\u0430\u043c\u0430\u044f \u0440\u0430\u043d\u043d\u044f\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043c\u0430\u0440\u0442\u043e\u043c 2025 \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 ViciousTrap \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 PolarEdge, \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439.\n\n\u0420\u0430\u043d\u0435\u0435, \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b ASUS, \u043d\u043e \u0441 \u0434\u0440\u0443\u0433\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 (\"101.99.91[.]239\"), \u0445\u043e\u0442\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0412\u0441\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438 \u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b (AS45839), \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u043c Shinjiru.\n\n\u041f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u043c\u0435\u0435\u0442 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u043e\u0435 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435, \u0438\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u0441 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 GobRAT, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0442\u0440\u0430\u0444\u0438\u043a \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u044b \u043d\u0430 \u0422\u0430\u0439\u0432\u0430\u043d\u0435 \u0438 \u0432 \u0421\u0428\u0410.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0446\u0435\u043b\u044c ViciousTrap \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u044f\u0441\u043d\u043e\u0439, \u0445\u043e\u0442\u044f Sekoia \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u043c \u0435\u0435 \u043a\u0430\u043a \u0441\u0435\u0442\u044c-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0443.", "creation_timestamp": "2025-05-27T13:42:14.000000Z"}, {"uuid": "9c616912-4eba-4986-a362-f68a09937e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20118", "type": "exploited", "source": "https://t.me/thehackernews/6886", "content": "\ud83d\udea8 5,300 routers hijacked\u2014not to attack, but to spy.\n\nA shadowy group dubbed ViciousTrap is turning Cisco routers across 84 countries into a massive honeypot-style network\u2014not to attack, but to silently watch.\n\n\ud83d\udd0d Exploiting CVE-2023-20118\n\ud83d\udc7b Dropping a script called NetGhost\n\nRead: https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html", "creation_timestamp": "2025-05-23T14:51:56.000000Z"}]}