{"vulnerability": "CVE-2023-25136", "sightings": [{"uuid": "fc7fa4b7-5e6d-4a65-8f1d-6419035ab2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5180", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aOpenSSH Pre-Auth Double Free CVE-2023-25136 \u2013 Writeup and Proof-of-Concept\nURL\uff1ahttps://github.com/malvika-thakur/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-21T12:18:49.000000Z"}, {"uuid": "3067d11c-261b-405a-a829-6fec9c063df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4214", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aOpenSSH Pre-Auth Double Free CVE-2023-25136 POC\nURL\uff1ahttps://github.com/adhikara13/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-18T21:52:09.000000Z"}, {"uuid": "7ee3d259-c44b-4040-a0b4-81a67177ca1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10509", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aAutomatic thesauri backups from RCE PoolParty\nURL\uff1ahttps://github.com/mrmtwoj/CVE-2023-25136\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-16T06:13:03.000000Z"}, {"uuid": "a31015dc-eee1-41bc-ad73-7106d13f5855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4483", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-25136_POC\nURL\uff1ahttps://github.com/axylisdead/CVE-2023-25136_POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-03T12:46:54.000000Z"}, {"uuid": "10fc4359-7db0-45b5-8dbe-a2adff7d6ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/331", "content": "CVE-2023-25136\n\n\nGithub [ https://github.com/adhikara13/CVE-2023-25136 ]", "creation_timestamp": "2023-06-30T05:04:42.000000Z"}, {"uuid": "891c44f6-1b3b-42d0-98a9-3c45f3be00bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/249", "content": "Top Security News for 09/02/2023\n\nISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)\nhttps://isc.sans.edu/diary/rss/29532 \n\nISC Stormcast For Thursday, February 9th, 2023 https://isc.sans.edu/podcastdetail.html?id=8362, (Thu, Feb 9th)\nhttps://malware.news/t/isc-stormcast-for-thursday-february-9th-2023-https-isc-sans-edu-podcastdetail-html-id-8362-thu-feb-9th/67041#post_1 \n\nRansomware review: February 2023\nhttps://malware.news/t/ransomware-review-february-2023/67039#post_1 \n\nDota 2 Under Attack: How a V8 Bug Was Exploited in the Game\nhttps://www.reddit.com/r/netsec/comments/10wsv0n/dota_2_under_attack_how_a_v8_bug_was_exploited_in/ \n\nGrowing number of endpoint security tools overwhelm users, leaving devices unprotected\nhttps://www.csoonline.com/article/3687140/growing-number-of-endpoint-security-tools-overwhelm-users-leaving-devices-unprotected.html#tk.rss_all \n\nOpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept\nhttps://www.reddit.com/r/netsec/comments/10x5fag/openssh_preauth_double_free_cve202325136_writeup/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/08-02-2023 \n\nCohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery\nhttps://www.csoonline.com/article/3687179/cohesity-data-cloud-70-enhances-privileged-access-authentication-ransomware-recovery.html#tk.rss_all \n\nSolving one of NOBELIUM\u2019s most novel attacks: Cyberattack Series\nhttps://www.microsoft.com/en-us/security/blog/2023/02/08/solving-one-of-nobeliums-most-novel-attacks-cyberattack-series/ \n\nCERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks\nhttps://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-02-09T08:00:05.000000Z"}, {"uuid": "27e5fbe1-b5af-4027-9302-d9ef35c79768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/ctinow/91254", "content": "CVE-2023-25136: Pre-Auth Double Free Vulnerability in OpenSSH Server 9.1\u00a0\n\nhttps://ift.tt/rwixemd", "creation_timestamp": "2023-02-03T20:46:29.000000Z"}, {"uuid": "236ebdfd-e164-46c4-834d-f06c4daeae67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/26", "content": "https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free", "creation_timestamp": "2023-02-12T09:03:30.000000Z"}, {"uuid": "dbc807d6-6107-437c-8e3f-bbe6dcef85cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "Telegram/0pasSqnGOfKqCpTYCrLgZ4rVNoUD4Cnroygw7lNecDo", "content": "", "creation_timestamp": "2023-02-26T07:46:42.000000Z"}, {"uuid": "82f295ff-241f-4f34-8332-f9f92fd5f091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "Telegram/fbj12fmifrJ2WYgfdQTgqkNjA94W70h8k-uUXDd6ZbY", "content": "", "creation_timestamp": "2023-02-26T07:50:51.000000Z"}, {"uuid": "67457bb7-8851-460f-850c-b673643dd926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberX5/570", "content": "OpenSSH 9.1 exploit and mass scan\n\nVulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.\n\nJoin us: @CyberX5\n\ndownload exploit and mass scan", "creation_timestamp": "2023-05-27T19:57:35.000000Z"}, {"uuid": "43e9b023-f1a4-4b7d-89cc-7d4ed586f239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/OpenHackChile/1714", "content": "OpenSSH releases update to fix multiple security bugs, including a pre-authentication double free vulnerability (CVE-2023-25136). Upgrade now!\n\nRead: https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html", "creation_timestamp": "2023-02-06T13:34:29.000000Z"}, {"uuid": "bbef4f3a-6469-4902-843d-94288fa38a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/aDDWOWx1lP5nq07BgPScAx5CF-OpLOIbxwE7FkEA6YAzWuw", "content": "", "creation_timestamp": "2023-02-09T07:26:18.000000Z"}, {"uuid": "b55381e1-400d-4937-9de5-388aec00ad95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/epgzXho1aWpP3mrf_Xi3_TsRFZGopalQxi88swzQGmp5IQ4", "content": "", "creation_timestamp": "2023-02-26T08:34:57.000000Z"}, {"uuid": "6073a498-0225-4ccf-891d-b667612a0998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/D35YRl860vg2vrLB9ThouoHApc7bdyCMVranv9YfbXcbDpQ", "content": "", "creation_timestamp": "2023-02-09T07:24:45.000000Z"}, {"uuid": "b4b82195-8d7a-4459-8eae-f13114f72425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/huwbgAbaMEWosXfyrmxxciyHWQADSO7pn6QM2fwvuRZxHT8", "content": "", "creation_timestamp": "2023-02-23T14:13:17.000000Z"}, {"uuid": "54e12f3d-0677-4bfc-b0b3-44e81160872d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/3P39skWV0CuYdCFc1CDff3RNSl_3uD4Vk_8TbrIFWkWzUe8", "content": "", "creation_timestamp": "2023-03-09T14:58:18.000000Z"}, {"uuid": "2c86855e-61c3-450b-8d78-e98afaf56206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/HackingVidhya/389", "content": "https://github.com/Christbowel/CVE-2023-25136", "creation_timestamp": "2023-08-24T15:08:53.000000Z"}, {"uuid": "27a7032d-058e-4b4e-a455-4040db2e88f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/YH4NAcMBod_OvfZLwAx4EkVRlXm7kVZfaFvtRTT2SzsrltI", "content": "", "creation_timestamp": "2023-04-14T14:38:04.000000Z"}, {"uuid": "768ffb8a-6610-4375-b6fb-ec664003d47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1376", "content": "CVE-2023-25136 - OpenSSH - Pre-Auth Double Free\nWriteup\nPoC - \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 DOS \u0441\u0435\u0440\u0432\u0430\u043d\u0442\u0430", "creation_timestamp": "2023-02-09T05:53:28.000000Z"}, {"uuid": "747ab7d0-35a5-4a5c-92d6-c289158c2123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/208429", "content": "{\n  \"Source\": \"documentors\",\n  \"Content\": \"https://github.com/Christbowel/CVE-2023-25136 GitHubGitHub - Christbowel/CVE-2023-25136: OpenSSH 9.1 vulnerability mass scan and exploit OpenSSH 9.1 vulnerability mass scan and exploit. Contribute to Christbowel/CVE-2023-25136 development by creating an account on GitHub.\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"27 Feb 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-27T00:19:10.000000Z"}, {"uuid": "d208f3e9-f3ce-48ed-8889-edb89d3a4d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/TeBP79ol3RD716nEO-zGLcT4IJDjgH07IpScP1pDSvKw1U0", "content": "", "creation_timestamp": "2025-01-16T10:00:06.000000Z"}, {"uuid": "71ab0ed9-9411-4a76-aafe-f81326eb5bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1399", "content": "OpenSSH 9.1  exploit  and mass scan\n*\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-25136 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SSH. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0433\u043e, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u0440\u0435\u0434\u0438\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\ndownload exploit  and mass scan\n\n\n#ssh #exploit #scanner", "creation_timestamp": "2023-02-24T13:08:59.000000Z"}, {"uuid": "e651b164-fdbc-452c-a782-a11093e21eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "Telegram/e3bpyNkZgrHshiotOT-A7e7Z2RbicSoKqqUpz_UwsdlIf84", "content": "", "creation_timestamp": "2023-02-17T16:26:05.000000Z"}, {"uuid": "9666fc45-c86d-4ef3-afd7-b8df8d044d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/cibsecurity/57445", "content": "\u203c CVE-2023-25136 \u203c\n\nOpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that \"exploiting this vulnerability will not be easy.\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T12:20:36.000000Z"}, {"uuid": "86e19081-4273-4eda-bc6d-003df994b50a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/true_secator/4037", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u041f\u041e Secure Shell \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 OpenSSH \u0432\u0435\u0440\u0441\u0438\u0438 9.1.\n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u044d\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0430\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenSSH (sshd).\n\n\u0411\u0430\u0433 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-25136 \u0438 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0435\u0433\u043e \u043d\u0435 \u0442\u0430\u043a \u0443\u0436 \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0441\u043b\u043e\u0432\u0438\u044e Write-what-where Condition, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2014 \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438, \u043f\u0440\u0438\u043d\u044f\u0442\u044b\u043c\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 sshd.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e OpenSSH 9.2, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-02-07T19:09:50.000000Z"}, {"uuid": "6df991ee-b26d-4c9c-abd0-7f29a27f981f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2653", "content": "OpenSSH 9.1 exploit and Mass Scan\n\n\n\nVulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.\n\nDownload: https://system32.ink/news-feed/p/258/", "creation_timestamp": "2023-02-24T13:17:21.000000Z"}, {"uuid": "0b376808-db8d-400b-9038-18e17f05b6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/thehackernews/3022", "content": "OpenSSH releases update to fix multiple security bugs, including a pre-authentication double free vulnerability (CVE-2023-25136). Upgrade now!\n\nRead: https://thehackernews.com/2023/02/openssh-releases-patch-for-new-pre-auth.html", "creation_timestamp": "2023-02-06T10:58:51.000000Z"}, {"uuid": "e4aeb2d5-9984-4eb4-bfc9-ab7bdc98452f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/463", "content": "https://github.com/Christbowel/CVE-2023-25136\n\u6279\u91cf\u626b\u63cf\u548c\u653b\u51fb\n#github", "creation_timestamp": "2023-02-24T13:09:23.000000Z"}, {"uuid": "263478ed-38a9-4e8c-8aea-1d216a0912d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "seen", "source": "https://t.me/S_E_Reborn/3429", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u041f\u041e Secure Shell \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 OpenSSH \u0432\u0435\u0440\u0441\u0438\u0438 9.1.\n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u044d\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0430\u044f \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenSSH (sshd).\n\n\u0411\u0430\u0433 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-25136 \u0438 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0435\u0433\u043e \u043d\u0435 \u0442\u0430\u043a \u0443\u0436 \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0441\u043b\u043e\u0432\u0438\u044e Write-what-where Condition, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2014 \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438, \u043f\u0440\u0438\u043d\u044f\u0442\u044b\u043c\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 sshd.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e OpenSSH 9.2, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-02-08T02:46:38.000000Z"}, {"uuid": "d016227a-fb0c-4e7c-8d1a-54f81e540821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8149", "content": "#exploit\n1. CVE-2022-22956, CVE-2022-22957:\nVMware Workspace ONE RCE\nhttps://packetstormsecurity.com/files/171918\n\n2. CVE-2023-25136:\nOpenSSH Pre-Auth Double Free\nhttps://github.com/adhikara13/CVE-2023-25136\n\n3. CVE-2023-21931:\nWebLogic After-Deserialization\nhttps://github.com/gobysec/Weblogic/blob/main/Research%20on%20WebLogic%20After-Deserialization.md", "creation_timestamp": "2023-04-21T02:07:48.000000Z"}, {"uuid": "43506a31-e2ff-47e6-9f28-839cc80444e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "exploited", "source": "https://t.me/LearnExploit/4730", "content": "CVE-2023-25136\n\nOpenSSH 9.1 vulnerability mass scan and exploit\n\nGithub\n\n#CVE #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:06.000000Z"}, {"uuid": "17dab561-53b1-47a7-9264-ce88e201402d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7711", "content": "#exploit\n1. CVE-2023-25136:\nPre-Auth Double Free Vulnerability in OpenSSH Server 9.1\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/02/03/cve-2023-25136-pre-auth-double-free-vulnerability-in-openssh-server-9-1\n\n2. CVE-2023-20928:\nAndroid - Binder VMA management security issues\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2374\n\n3. GoAnywhere MFT Bug\nhttps://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html", "creation_timestamp": "2023-02-08T11:03:01.000000Z"}, {"uuid": "f1f068ae-ebb3-4a58-bdb8-8658d2d4cc86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25136", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4945", "content": "CVE-2023-25136 ( OpenSSH Pre-Auth Double Free CVE-2023-25136 POC )\n\nGithub\n\n#CVE #POC \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"}]}