{"vulnerability": "CVE-2023-26360", "sightings": [{"uuid": "4de7bfcb-4e14-4b2b-b003-b1982186e894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "365578a5-abd5-4f5e-b69a-5732bd1cd42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971780", "content": "", "creation_timestamp": "2024-12-24T20:33:58.205959Z"}, {"uuid": "67a72d85-037b-4be8-ab1b-23838f31b2ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "dccd698f-7b4b-4426-9ea9-c5b3688fc186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "44dbf6cc-af90-4c55-b451-5a0f21b01ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:02.000000Z"}, {"uuid": "f7831d6e-abe6-4706-a7fc-aa899bbbb034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:41.000000Z"}, {"uuid": "e1848c94-5ffd-447d-9370-0151ca22fc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "fe7e63d5-c5d6-494a-b261-753842cb67e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/adobe_coldfusion_fileread_cve_2023_26360.rb", "content": "", "creation_timestamp": "2023-04-28T17:51:28.000000Z"}, {"uuid": "59f71a44-f601-4395-88f5-fe34f89af590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "Telegram/LavM1ny4lAq6KX4GIaGKRXMHLTsBbdXq6-Qb46iUfrPj0ug", "content": "", "creation_timestamp": "2025-11-29T03:00:05.000000Z"}, {"uuid": "3631bb04-e1fe-41a4-bbce-8c0be1cf82ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/adobe_coldfusion_rce_cve_2023_26360.rb", "content": "", "creation_timestamp": "2023-04-28T17:51:28.000000Z"}, {"uuid": "2cc70ac5-a263-4f22-b401-aba2e597de62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9af4ec8b-686c-43b0-b61d-cf3865baef35", "content": "", "creation_timestamp": "2026-02-02T12:27:03.454762Z"}, {"uuid": "873e1f0b-4c93-4447-bbe6-971e053e597c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/adobe_coldfusion_cve_2023_26360", "content": "", "creation_timestamp": "2024-04-29T21:27:01.000000Z"}, {"uuid": "3e66b4b8-7036-4ff1-9702-642b1c6a5bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/kasperskyb2b/516", "content": "\u041c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0438\u0439 Patch Tuesday: \u043e\u0431\u0437\u043e\u0440\n\n\u0423\u0434\u0430\u0440\u043d\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u0438 \u0434\u043b\u044f \u0418\u0422-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u0434\u043b\u044f \u0418\u0411-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439:  Microsoft \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u0431\u043e\u043b\u0435\u0435 100 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445  \u2014 \u0434\u0435\u0432\u044f\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f.  27 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 21  \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 2  \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 4  \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0411\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u044b\u043c \u0445\u0438\u0442\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Outlook (CVE-2023-23397, CVSS 9.8), \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u0438\u0441\u044c\u043c\u043e \u043f\u0440\u043e\u0432\u043e\u0446\u0438\u0440\u0443\u0435\u0442 Outlook \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u043c \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0445\u044d\u0448 Net-NTLMv2 \u043e\u0442 \u0437\u0430\u043b\u043e\u0433\u0438\u043d\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0416\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u043e \ud83d\ude13, \u0432\u0441\u0451 \u0441\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0435\u0433\u043e \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u043c. \u041f\u0440\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0430\u0442\u0447\u0438\u0442\u044c Outlook, Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043e\u0441\u043e\u0431\u043e \u0432\u0430\u0436\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 (\u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c) \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 Protected users, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c NTLM \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u043e\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u2014 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0438\u0437 \u0441\u0435\u0442\u0438 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 445.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 (CVE-2023-24880, CVSS 5.4) \u2014 \u044d\u0442\u043e \u0441\u043b\u0435\u0433\u043a\u0430 \u0438\u0437\u043c\u0435\u043d\u0451\u043d\u043d\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c MotW, \u0447\u0442\u043e\u0431\u044b \u0436\u0435\u0440\u0442\u0432\u0430 \u043c\u043e\u0433\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0433\u0440\u043e\u0437\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 Windows SmartScreen. \u041d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432 Google TAG \u2014 \u0441 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0435\u0439 \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u0437\u0430\u043f\u0430\u043a\u043e\u0432\u0430\u0432 \u0441\u0432\u043e\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a \u0432 MSI-\u0444\u0430\u0439\u043b.\n\n\u0412\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e \u0437\u0432\u0443\u0447\u0430\u0442 CVE-2023-23416 (\u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b Windows, RCE, CVSS 8.4),  CVE-2023-23415 (ICMP, RCE, CVSS 9.8), CVE-2023-21708 (RPC, RCE, CVSS 9.8) \u043d\u043e \u0434\u043b\u044f \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u044f. \u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442. \u0412\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0439 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 IP \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0430\u043a\u0435\u0442\u0430 ICMP, \u043d\u043e \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0443\u0436\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0449\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043b\u043e \u0431\u0435\u0441\u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044c\u043d\u044b\u0439 \u0441\u043e\u043a\u0435\u0442 (raw socket).  \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u0436\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 RPC-\u0437\u0430\u043f\u0440\u043e\u0441 \u0438 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f. \u0421\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u043c\u043e\u0436\u043d\u043e, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u043e\u0440\u0442 135 \u043d\u0430 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0435 \u0441\u0435\u0442\u0438.\n\n\u0412 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u043e\u0448\u043b\u0438 \u0444\u0438\u043a\u0441\u044b \u0434\u043b\u044f \u043f\u0430\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 TPM (CVE-2023-1017, CVE-2023-1018), \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u044b \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 Adobe (8 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f RCE \u0432 Creative Cloud, Illustrator, \u0438 4 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Adobe Commerce  \u0438 Magento), \u043e\u0441\u043e\u0431\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u043c 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cold Fusion, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (CVE-2023-26360, RCE CVSS 8.6; CVE-2023-26359, RCE, CVSS 9.8).\n\nSAP \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430\u0441\u044c 19 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u043c\u0438,  \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \"\u043f\u0440\u0438\u044f\u0442\u043d\u043e \u0443\u0434\u0438\u0432\u043b\u044f\u044e\u0442\" \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 CVSS-\u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.9.\n\u041e\u0434\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 SAP Business Objects Business Intelligence Platform (CVE-2023-25616), \u0430 \u0432\u0442\u043e\u0440\u0430\u044f - \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c SAP NetWeaver AS for Java \u0438 \u0432\u043d\u043e\u0441\u0438\u0442\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2023-23857).\n\u041f\u0430\u0440\u0430 \u0431\u0430\u0433\u043e\u0432 \u0441 CVSS 9.6. \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0434\u0435\u043b\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 SAP NetWeaver AS \u043d\u0435\u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u043c\u0438. (CVE-2023-27269 CVE-2023-27500)\n\nCisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f CVE-2023-20118 \u0432 \u0441\u0432\u043e\u0439 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u043e\u0443\u0442\u0435\u0440\u0430\u0445 \u0434\u043b\u044f \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 RV016, RV042, RV042G, RV082, RV320 \u0438 RV325. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0430 \u043d\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432 \u0432\u0435\u0431-\u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u0421\u043b\u043e\u0432\u043e \"\u043f\u0430\u0442\u0447\" \u043e\u0442\u0441\u0443\u0442\u0441\u0432\u0443\u0435\u0442 \u043d\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u2014 \u0435\u0433\u043e \u043d\u0435\u0442 \u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u043c\u043e\u0436\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u043e\u0440\u0442\u044b 443 \u0438  60443.", "creation_timestamp": "2023-03-15T07:54:44.000000Z"}, {"uuid": "9e50bb14-2f2a-400e-99bb-28478c126ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6355", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aFile Read Arbrtary Exploit for CVE-2023-26360 - Adobe Coldfusion\nURL\uff1ahttps://github.com/yosef0x01/CVE-2023-26360\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2024-01-01T19:23:06.000000Z"}, {"uuid": "0cf7100d-989c-4fae-9ad9-a570ce51b65d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/cKure/13279", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Hackers use PoC exploits in attacks 22 minutes after release.\n\nDuring the examined period, the most targeted flaws were CVE-2023-50164 and CVE-2022-33891 in Apache products, CVE-2023-29298, CVE-2023-38203 and CVE-2023-26360 in Coldfusion, and CVE-2023-35082 in MobileIron.\n\nA characteristic example of the rise in the speed of weaponization is CVE-2024-27198, an authentication bypass flaw in JetBrains TeamCity.\n\nhttps://www.bleepingcomputer.com/news/security/hackers-use-poc-exploits-in-attacks-22-minutes-after-release/\n\nhttps://blog.cloudflare.com/application-security-report-2024-update\n\nhttps://www.cloudflare.com/en-gb/2024-application-security-trends/", "creation_timestamp": "2024-07-13T20:21:42.000000Z"}, {"uuid": "70230de8-6db9-43a4-a3dc-20f6cc2863a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "Telegram/d-rVDZTUKUG3IYUJ4BAdDnIieq971JGpK_Ia99hM3eRIwok", "content": "", "creation_timestamp": "2025-10-28T09:00:04.000000Z"}, {"uuid": "aa464aea-2bcf-4b8c-9217-10f821ea2a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/6296", "content": "CVE-2023-26360 \u2705\n\nBy Neo )\n\nPoC\n\nDork (Google) : inurl:/CFIDE", "creation_timestamp": "2024-01-17T01:09:57.000000Z"}, {"uuid": "847dea94-1f59-4d63-9420-64060dc32b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/BleepingComputer/19006", "content": "\u200aHackers breach US govt agencies using Adobe ColdFusion exploit\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning\u00a0about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-breach-us-govt-agencies-using-adobe-coldfusion-exploit/", "creation_timestamp": "2023-12-05T20:56:11.000000Z"}, {"uuid": "ce8fd4b3-088e-4a35-92af-a418a28369d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/arpsyndicate/926", "content": "#ExploitObserverAlert\n\nCVE-2023-26360\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-26360. Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.\n\nFIRST-EPSS: 0.913940000\nNVD-IS: 4.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T11:57:18.000000Z"}, {"uuid": "5739aa20-6afc-437f-b621-98725f1c7191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "Telegram/z2DEIs9eqG9W2iCpvsGQdSXRaoEf6czpwrYj_q-fyuwBZQ", "content": "", "creation_timestamp": "2023-12-06T14:31:35.000000Z"}, {"uuid": "5564c8f3-83ed-4c59-acbe-06281aafb3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/239", "content": "\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CISA warns of an ongoing cyber threat targeting government servers via an Adobe ColdFusion vulnerability (CVE-2023-26360). \n \nLearn more: https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html \n \nUpdate your software now.", "creation_timestamp": "2023-12-06T12:20:53.000000Z"}, {"uuid": "69c2a83b-3106-41dc-be2a-cb6f6f4ad6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/KomunitiSiber/1173", "content": "Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers\nhttps://thehackernews.com/2023/12/hackers-exploited-coldfusion.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a\u00a0high-severity Adobe ColdFusion vulnerability\u00a0by unidentified threat actors to gain initial access to government servers.\n\"The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,\"", "creation_timestamp": "2023-12-06T13:48:27.000000Z"}, {"uuid": "69dfdccc-d50a-4191-9b9a-eb498c74afdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/poxek/2864", "content": "Adobe ColdFusion RCE + Arbitrary File Read\nCVE-2023-26360\n\nStatus: Exploited in the Wild\n\nAdobe ColdFusion - \u044d\u0442\u043e \u0431\u044b\u0441\u0442\u0440\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. 14 \u043c\u0430\u0440\u0442\u0430 2023 \u0433\u043e\u0434\u0430 Adobe \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 ColdFusion 2021 Update 5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 ColdFusion 2018 Update15 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438. \u041e\u0434\u043d\u0430 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u0432 \u044d\u0442\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 - CVE-2023-26360: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 CVSS=9.8 \u0438 \u0438\u043c\u0435\u0435\u0442 \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \"\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f\".\n\n#CVE #POC", "creation_timestamp": "2023-05-16T11:03:51.000000Z"}, {"uuid": "227f202a-7eac-4a26-9cc1-161da7f39430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/ctinow/103573", "content": "CVE-2023-26360 \u2013 Adobe ColdFusion Arbitrary Code Execution\n\nhttps://ift.tt/5HIlWP3", "creation_timestamp": "2023-04-04T17:26:13.000000Z"}, {"uuid": "5cdaa0ba-2853-4935-98b7-f905cbd60f54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/ctinow/103525", "content": "Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)\n\nhttps://ift.tt/vyAuY6Z", "creation_timestamp": "2023-04-04T15:51:44.000000Z"}, {"uuid": "7d52aca0-c163-4e17-a052-7705b3e18ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/ViralCyber/5196", "content": "\u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647 \u06a9\u0633\u067e\u0631\u0633\u06a9\u06cc \u0628\u0647 \u0628\u0645\u0628\u0627\u0631\u0627\u0646 \u06af\u0632\u0627\u0631\u0634 \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0627\u062f\u0627\u0645\u0647 \u0645\u06cc \u062f\u0647\u062f.\n\n\u062f\u0631 \u06cc\u06a9\u06cc \u0627\u0632 \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0647\u0627\u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0628\u0647 \u062a\u0641\u0635\u06cc\u0644 \u06cc\u06a9 \u062d\u0645\u0644\u0647 \u0647\u062f\u0641\u0645\u0646\u062f \u062a\u0648\u0633\u0637 \u06af\u0631\u0648\u0647 APT \u0686\u06cc\u0646\u06cc Tropic Trooper \u0631\u0627 \u06a9\u0647 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a \u062d\u0642\u0648\u0642 \u0628\u0634\u0631 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f\u060c \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0645\u06cc \u06a9\u0646\u0646\u062f.\n\nTropic Trooper \u06a9\u0647 \u0627\u0632 \u0633\u0627\u0644 2011 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627 \u0646\u0627\u0645 \u0647\u0627\u06cc APT23\u060c Earth Centaur\u060c KeyBoy \u0648 Pirate Panda \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u0628\u0647 \u062f\u0644\u06cc\u0644 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0628\u0647 \u062f\u0648\u0644\u062a\u060c \u0645\u0631\u0627\u0642\u0628\u062a \u0647\u0627\u06cc \u0628\u0647\u062f\u0627\u0634\u062a\u06cc\u060c \u062d\u0645\u0644 \u0648 \u0646\u0642\u0644 \u0648 \u0634\u0631\u06a9\u062a \u0647\u0627\u06cc \u0641\u0646\u0627\u0648\u0631\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u062f\u0631 \u062a\u0627\u06cc\u0648\u0627\u0646\u060c \u0647\u0646\u06af \u06a9\u0646\u06af \u0648 \u0641\u06cc\u0644\u06cc\u067e\u06cc\u0646 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \n\n\u0631\u0648\u0627\u0628\u0637 \u0646\u0632\u062f\u06cc\u06a9\u06cc \u0628\u0627 \u06af\u0631\u0648\u0647 \u062f\u06cc\u06af\u0631\u06cc \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 FamousSparrow \u062f\u0646\u0628\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0645\u062d\u0642\u0642\u0627\u0646 \u06af\u0632\u0627\u0631\u0634 \u0645\u06cc \u062f\u0647\u0646\u062f \u06a9\u0647 \u062d\u062f\u0627\u0642\u0644 \u0627\u0632 \u0698\u0648\u0626\u0646 2023\u060c Tropic Trooper \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062c\u0627\u0633\u0648\u0633\u06cc \u0633\u0627\u06cc\u0628\u0631\u06cc \u0631\u0627 \u0628\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0646\u0627\u0634\u0646\u0627\u0633 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0648 \u0645\u0627\u0644\u0632\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u06cc\u0646 \u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647 \u062f\u0631 \u0698\u0648\u0626\u0646 2024 \u0641\u0639\u0627\u0644\u06cc\u062a\u06cc \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f \u0648 \u0646\u0633\u062e\u0647 \u062c\u062f\u06cc\u062f\u06cc \u0627\u0632 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 China Chopper \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f - \u0627\u0628\u0632\u0627\u0631\u06cc \u06a9\u0647 \u0645\u0648\u0631\u062f \u0639\u0644\u0627\u0642\u0647 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 APT\u0647\u0627\u06cc \u0686\u06cc\u0646\u06cc \u0632\u0628\u0627\u0646 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0627\u0633\u062a - \u062f\u0631 \u06cc\u06a9 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0639\u0645\u0648\u0645\u06cc \u06a9\u0647 \u062a\u0648\u0633\u0637 Umbraco CMS \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0632\u0646\u062c\u06cc\u0631\u0647 \u0627\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0634\u0627\u0645\u0644 \u062a\u0632\u0631\u06cc\u0642 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u06cc \u0628\u0647 \u0646\u0627\u0645 Crowdoor \u0628\u0648\u062f \u06a9\u0647 \u0646\u0648\u0639\u06cc \u0627\u0632 \u062f\u0631\u067e\u0634\u062a\u06cc SparrowDoor \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 ESET \u062f\u0631 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 2021 \u0645\u0633\u062a\u0646\u062f \u0634\u062f\u0647 \u0628\u0648\u062f.\n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0628\u0639\u062f\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0627\u0633\u06a9\u0646 \u0634\u0628\u06a9\u0647\u060c \u062d\u0631\u06a9\u062a \u062c\u0627\u0646\u0628\u06cc \u0648 \u0628\u0627\u06cc \u067e\u0633 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u06a9\u0646\u06cc\u06a9 \u0647\u0627\u06cc \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u062c\u0627\u0646\u0628\u06cc DLL (Fscan\u060c Swor\u060c Neo-reGeorg\u060c ByPassGodzilla) \u0645\u06cc \u0634\u0648\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u067e\u0648\u0633\u062a\u0647 \u0647\u0627\u06cc \u0648\u0628 \u0628\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0639\u0645\u0648\u0645 \u0645\u0627\u0646\u0646\u062f Adobe ColdFusion (CVE-2023-26360) \u0648 Microsoft Exchange Server (CVE-2021-34473\u060c CVE-2021-34523 \u0648 CVE-2021-31) \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f.\n\n\u0628\u0647 \u0646\u0648\u0628\u0647 \u062e\u0648\u062f\u060c Crowdoor \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u0631 \u062f\u0631 \u0698\u0648\u0626\u0646 2023 \u06a9\u0634\u0641 \u0634\u062f\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f\u0647 \u0628\u0631\u0627\u06cc \u0646\u0635\u0628 Cobalt Strike \u0648 \u062d\u0641\u0638 \u067e\u0627\u06cc\u062f\u0627\u0631\u06cc \u0631\u0648\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u0622\u0644\u0648\u062f\u0647 \u0639\u0645\u0644 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0639\u0645\u0644\u06a9\u0631\u062f Backdoor \u0631\u0627 \u0628\u0631\u0627\u06cc \u062c\u0645\u0639 \u0622\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u062d\u0631\u0645\u0627\u0646\u0647\u060c \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u067e\u0648\u0633\u062a\u0647 \u0645\u0639\u06a9\u0648\u0633\u060c \u062f\u0627\u0646\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u062f\u06cc\u06af\u0631 \u0648 \u062a\u06a9\u0645\u06cc\u0644 \u06a9\u0627\u0631 \u062e\u0648\u062f \u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u062f.\n\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u062d\u0627\u062f\u062b\u0647\u060c \u0645\u062d\u0642\u0642\u0627\u0646 LC \u0645\u062a\u0648\u062c\u0647 \u0634\u062f\u0646\u062f \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u067e\u0633 \u0627\u0632 \u0627\u0637\u0644\u0627\u0639 \u0627\u0632 \u06a9\u0634\u0641 \u062f\u0631\u0647\u0627\u06cc \u067e\u0634\u062a\u06cc\u060c \u0633\u0639\u06cc \u06a9\u0631\u062f\u0646\u062f \u0646\u0645\u0648\u0646\u0647 \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc \u0631\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f \u0648 \u062a\u0645\u0627\u0645 \u062a\u0644\u0627\u0634 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0627\u06cc \u062d\u0641\u0638 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06a9\u0627\u0631 \u06af\u0631\u0641\u062a\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0646\u0641\u0648\u0630 \u0647\u062f\u0641\u0645\u0646\u062f \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0628\u0647 \u06cc\u06a9 \u0645\u0631\u06a9\u0632 \u062f\u0648\u0644\u062a\u06cc \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647\u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0632\u06cc\u0631 \u0645\u062c\u0645\u0648\u0639\u0647 \u0627\u06cc \u0627\u0632 \u0646\u0645\u0648\u0646\u0647 \u0647\u0627\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0628\u0631\u0627\u06cc \u062d\u0645\u0644\u0647 \u0628\u0647 \u06cc\u06a9 \u0645\u0631\u06a9\u0632 \u062f\u0648\u0644\u062a\u06cc \u062f\u0631 \u0645\u0627\u0644\u0632\u06cc \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a.\n\n\u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0646\u0641\u0648\u0630 \u0647\u062f\u0641\u0645\u0646\u062f \u0646\u0634\u0627\u0646 \u062f\u0627\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u0644\u062a\u0641\u0631\u0645 \u0628\u0627 \u0646\u0634\u0631\u06cc\u0627\u062a \u062f\u0631 \u0645\u0648\u0631\u062f \u0645\u0633\u0627\u0626\u0644 \u062d\u0642\u0648\u0642 \u0628\u0634\u0631 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u062a\u0646\u0647\u0627 \u0647\u062f\u0641 \u0628\u0648\u062f \u06a9\u0647 \u0646\u0634\u0627\u0646 \u062f\u0647\u0646\u062f\u0647 \u0639\u0644\u0627\u0642\u0647 \u0627\u0633\u062a\u0631\u0627\u062a\u0698\u06cc\u06a9 \u0648\u06cc\u0698\u0647 \u0628\u0627\u0632\u06cc\u06af\u0631 \u062f\u0631 \u0631\u0627\u0628\u0637\u0647 \u0628\u0627 \u062f\u0631\u06af\u06cc\u0631\u06cc \u0628\u06cc\u0646 \u0627\u0633\u0631\u0627\u0626\u06cc\u0644 \u0648 \u062d\u0645\u0627\u0633 \u0627\u0633\u062a.\n\n\u0634\u0627\u062e\u0635 \u0647\u0627\u06cc \u0645\u0635\u0627\u0644\u062d\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0641\u0646\u06cc \u062f\u0642\u06cc\u0642 \u062f\u0631 \u0627\u06cc\u0646 \u06af\u0632\u0627\u0631\u0634 \u0622\u0645\u062f\u0647 \u0627\u0633\u062a.\n\nhttps://securelist.com/new-tropic-trooper-web-shell-infection/113737/\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2024-09-08T21:55:02.000000Z"}, {"uuid": "cca1b585-6d69-49ef-a6da-d68fcfbe4949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2869", "content": "\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CISA warns of an ongoing cyber threat targeting government servers via an Adobe ColdFusion vulnerability (CVE-2023-26360). \n \nLearn more: https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html \n \nUpdate your software now.", "creation_timestamp": "2023-12-06T12:20:53.000000Z"}, {"uuid": "16a1634d-3b43-47b6-8e15-20aae19dca31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/1898", "content": "CVE-2023-26360 \u2705\n\nBy Neo )\n\nPoC\n\nDork (Google) : inurl:/CFIDE", "creation_timestamp": "2024-01-17T01:09:57.000000Z"}, {"uuid": "904c0a9a-005c-4a7f-9449-557a2c000b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/KomunitiSiber/65", "content": "CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild\nhttps://thehackernews.com/2023/03/cisa-issues-urgent-warning-adobe.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15\u00a0added\u00a0a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe critical flaw in question is\u00a0CVE-2023-26360\u00a0(CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution.\n\"Adobe ColdFusion", "creation_timestamp": "2023-03-16T06:41:59.000000Z"}, {"uuid": "cf8a0545-84b8-48b2-b3e9-7974388d9912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/BABATATASASA/5510", "content": "JsonWebToken (CVE-2022-23529).\nChatGPT (CVE-2023-28858).\nApache Superset (CVE-2023-27524).\nPaperCut NG/MF (CVE-2023-27350).\nFortinet FortiOS (CVE-2022-41328).\nAdobe ColdFusion (CVE-2023-26360).\nMOVEit vulnerability (CVE-2023-34362).", "creation_timestamp": "2023-09-25T15:05:09.000000Z"}, {"uuid": "181235f3-5514-4c5b-a84e-226bcac1dd79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "Telegram/C-jsq21TYNuba4SaYfo3E07uDhZBHa0eVi8vNZzbPXww4Q8", "content": "", "creation_timestamp": "2023-12-06T12:58:30.000000Z"}, {"uuid": "1619b377-e57b-41c5-a4f4-9c8dc8ade41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9702", "content": "#exploit\n1. CVE-2023-26360:\nAdobe Coldfusion File Read Arbrtary Exploit\nhttps://github.com/yosef0x01/CVE-2023-26360\n\n2. CVE-2023-42406:\nSQL injection in D-Link DAR-7000\nhttps://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md\n]-> https://github.com/1dreamGN/CVE/blob/main/D-LINK%20-DAR-7000_sql__sysmanage_editrole.php.md\n\n3. Out-of-memory happened in TIFFOpen via a craft file\nhttps://gitlab.com/libtiff/libtiff/-/issues/614", "creation_timestamp": "2024-01-03T14:27:37.000000Z"}, {"uuid": "fcf43379-2aa1-40f7-bd16-f5172d88b01b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/true_secator/6588", "content": "Adobe \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-53961 \u0441 CVSS 7.4 \u0432 ColdFusion.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Adobe ColdFusion \u0432\u0435\u0440\u0441\u0438\u0439 2023 \u0438 2021 \u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0442\u0438 \u043a \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u043c\u0443 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0447\u0442\u0435\u043d\u0438\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c ma4ter. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c Adobe \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 PoC \u0434\u043b\u044f CVE-2024-53961.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e Adobe \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043b\u0438 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0435 \u0430\u0442\u0430\u043a \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Wddx.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0430\u0445\u00a0ColdFusion 2023 \u0438 ColdFusion 2021.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0443\u0441\u0442\u043e\u044f\u0432\u0448\u0443\u044e\u0441\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0443 \u0430\u0442\u0430\u043a \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 Adobe ColdFusion (CVE-2023-29298, CVE-2023-38205, CVE-2023-26360), \u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u043f\u0440\u0438\u0441\u043b\u0443\u0448\u0430\u0442\u044c\u0441\u044f.", "creation_timestamp": "2024-12-26T16:00:06.000000Z"}, {"uuid": "6de25d28-2529-4e0b-84f1-80b63d583112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/information_security_channel/51114", "content": "Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency\u00a0\nhttps://www.securityweek.com/adobe-coldfusion-vulnerability-exploited-in-attacks-on-us-government-agency/\n\nUS government agency was targeted in attacks that involved exploitation of an Adobe ColdFusion vulnerability tracked as CVE-2023-26360.\nThe post Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency\u00a0 (https://www.securityweek.com/adobe-coldfusion-vulnerability-exploited-in-attacks-on-us-government-agency/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-12-06T15:01:48.000000Z"}, {"uuid": "5bdaf5d5-5ebd-4d25-a90c-cb93d858b08e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/xakep_ru/15092", "content": "\u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u0421\u0428\u0410 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Adobe ColdFusion\n\n\u0412 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0435 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Adobe ColdFusion (CVE-2023-26360) \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c.\n\nhttps://xakep.ru/2023/12/07/adobe-coldfusion-attacks/", "creation_timestamp": "2023-12-07T18:35:16.000000Z"}, {"uuid": "7a0580ea-8f6a-4883-a054-6347b6b089b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8218", "content": "Unauthenticated RCE in Adobe Coldfusion \u2013 CVE-2023-26360\n\nhttps://blog.securelayer7.net/unauthorized-rce-in-adobe-coldfusion/", "creation_timestamp": "2024-01-10T17:20:31.000000Z"}, {"uuid": "4773a1ec-e320-4ef7-9600-5184ae150e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6178", "content": "\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u043c\u0438 \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT-\u0433\u0440\u0443\u043f\u043f\u044b Tropic Trooper, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043f\u0440\u0430\u0432 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435.\n\n\u0414\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0441 2011, Tropic Trooper, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a APT23, Earth Centaur, KeyBoy \u0438 Pirate Panda, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435, \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u0438\u0435, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u0435, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u043d\u0430 \u0424\u0438\u043b\u0438\u043f\u043f\u0438\u043d\u0430\u0445. \n\n\u0418\u043c\u0435\u0435\u0442 \u0442\u0435\u0441\u043d\u044b\u0435 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a FamousSparrow.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430, Tropic Trooper \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0438 \u0432 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438.\n\n\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 China Chopper - \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u043c\u0438 APT \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c, - \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u043e\u0439 Umbraco CMS.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Crowdoor, \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u00a0SparrowDoor, \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e ESET \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438, \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0431\u043e\u043a\u043e\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL (Fscan, Swor, Neo-reGeorg, ByPassGodzilla).\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Adobe ColdFusion (CVE-2023-26360) \u0438 Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31207).\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Crowdoor, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0432 \u0438\u044e\u043d\u0435 2023 \u0433\u043e\u0434\u0430, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Cobalt Strike \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u0430\u0445.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b.\n\n\u041a\u0430\u0441\u0430\u0435\u043c\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0437\u043d\u0430\u043b\u0438 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0440\u0430\u0437\u0446\u044b, \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u044f \u0432\u0441\u0435 \u0443\u0441\u0438\u043b\u0438\u044f \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u0432 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0434\u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0441 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0435 \u043f\u0440\u0430\u0432 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0431\u044b\u043b\u0430 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e, \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044f \u043e\u0431 \u043e\u0441\u043e\u0431\u043e\u0439 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u043e\u0440\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u0430 \u043c\u0435\u0436\u0434\u0443 \u0418\u0437\u0440\u0430\u0438\u043b\u0435\u043c \u0438 \u0425\u0410\u041c\u0410\u0421.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-09-06T18:10:05.000000Z"}, {"uuid": "7fe5614a-c706-47b9-aefb-d56f6098bb1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/true_secator/5968", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cloudflare \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0437\u0430 2024 \u0433\u043e\u0434, \u043e\u0442\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u0439 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0442\u0440\u0435\u043d\u0434\u044b \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u044f\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e \u043f\u0440\u0438\u0437\u0430\u0434\u0443\u043c\u0430\u0442\u044c\u0441\u044f.\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441 \u043c\u0430\u044f 2023 \u0433\u043e\u0434\u0430 \u043f\u043e \u043c\u0430\u0440\u0442 2024 \u0433\u043e\u0434\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u0436\u0435 \u0447\u0435\u0440\u0435\u0437 22 \u043c\u0438\u043d\u0443\u0442\u044b \u043f\u043e\u0441\u043b\u0435 \u0438\u0445 \u0440\u0435\u043b\u0438\u0437\u0430.\n\n\u041e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044f \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c 57 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443, Cloudflare \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 CVE, \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 PoC \u0434\u043b\u044f \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f.\n\n\u0412 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u043c\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u0441\u043a\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c CVE-2023-50164 \u0438 CVE-2022-33891 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Apache, CVE-2023-29298, CVE-2023-38203 \u0438 CVE-2023-26360 \u0432 Coldfusion \u0438 CVE-2023-35082 \u0432 MobileIron.\n\n\u0425\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u044b\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u043c \u0440\u043e\u0441\u0442\u0430 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2024-27198, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0432 JetBrains TeamCity.\n\nCloudflare \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0441\u043b\u0443\u0447\u0430\u0439, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PoC \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 22 \u043c\u0438\u043d\u0443\u0442\u044b \u043f\u043e\u0441\u043b\u0435 \u0435\u0433\u043e \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0437\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438.\n\nCloudflare \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u044b \u0443\u0433\u0440\u043e\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u0445 CVE, \u0438\u043c\u0435\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0433\u043b\u0443\u0431\u043e\u043a\u043e\u0435 \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0431\u044b\u0441\u0442\u0440\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0442\u0430\u043a\u043e\u0439 \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 - \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0418\u0418 \u0434\u043b\u044f \u0443\u0441\u043a\u043e\u0440\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0430\u0432\u0438\u043b WAF \u0441 \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c \u0431\u0430\u043b\u0430\u043d\u0441\u0430 \u043c\u0435\u0436\u0434\u0443 \u043d\u0438\u0437\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043b\u043e\u0436\u043d\u044b\u0445 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u0439 \u0438 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c\u044e \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0414\u0440\u0443\u0433\u0438\u043c \u043e\u0448\u0435\u043b\u043e\u043c\u043b\u044f\u044e\u0449\u0438\u043c \u0432\u044b\u0432\u043e\u0434\u043e\u043c \u0438\u0437 \u043e\u0442\u0447\u0435\u0442\u0430 Cloudflare \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e, \u0447\u0442\u043e 6,8% \u0432\u0441\u0435\u0433\u043e \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e\u0433\u043e \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u2014 \u044d\u0442\u043e \u0442\u0440\u0430\u0444\u0438\u043a \u0442\u0438\u043f\u0430 DDoS, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043e\u043d\u043b\u0430\u0439\u043d-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u042d\u0442\u043e \u0437\u0430\u043c\u0435\u0442\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 6%, \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 (2022\u20132023 \u0433\u0433.), \u0447\u0442\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u043e\u0431 \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0438 \u043e\u0431\u0449\u0435\u0433\u043e \u043e\u0431\u044a\u0435\u043c\u0430 DDoS-\u0430\u0442\u0430\u043a.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cloudflare, \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0442\u044c \u0434\u043e 12% \u0432\u0441\u0435\u0433\u043e HTTP-\u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\u041e\u0442\u0447\u0435\u0442 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 PDF \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438.", "creation_timestamp": "2024-07-15T14:33:14.000000Z"}, {"uuid": "feceb5d8-7c07-4540-8433-f0a3c4552d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/ctinow/153762", "content": "https://ift.tt/9kXS6ZK\nCISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)", "creation_timestamp": "2023-12-06T15:46:48.000000Z"}, {"uuid": "316b03ed-403b-4e1b-8ac3-9cd0e7c5f414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/thehackernews/3153", "content": "Heads up to all Adobe ColdFusion users! A critical flaw, CVE-2023-26360, has been found and exploited in the wild.\n\nLearn more: https://thehackernews.com/2023/03/cisa-issues-urgent-warning-adobe.html", "creation_timestamp": "2023-03-16T06:47:18.000000Z"}, {"uuid": "e9b9cd27-fc77-44d6-83d5-a4369c075f2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "exploited", "source": "https://t.me/thehackernews/4241", "content": "\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CISA warns of an ongoing cyber threat targeting government servers via an Adobe ColdFusion vulnerability (CVE-2023-26360). \n \nLearn more: https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html \n \nUpdate your software now.", "creation_timestamp": "2023-12-06T11:12:54.000000Z"}, {"uuid": "b714dc8c-d8c0-4121-b476-16c9d0afe0c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9712", "content": "#exploit\n#Analytics\nTop 10 Vulnerabilities of 2023:\n\n1. CVE-2023-34362: MOVEit Vulnerability\n2. CVE-2023-23397: MS Outlook PE\n3. CVE-2023-43641: 1-Click RCE on GNOME\n4. CVE-2023-28252: Windows CLFS PE\n5. CVE-2023-2868: Barracuda ESG CI\n6. CVE-2023-26360: Adobe ColdFusion\n7. CVE-2023-4966: Citrix Bleed\n8. CVE-2023-22952: SugarCRM RCE\n9. CVE-2023-24880: Win Smart Screen Bypass\n10. CVE-2022-42475: FortiOS heap-based BoF in sslvpnd\n]-> https://github.com/scrt/cve-2022-42475", "creation_timestamp": "2024-10-11T02:08:15.000000Z"}, {"uuid": "7ba36541-8a5e-4e0c-b0f7-c0ce6cfdc3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "seen", "source": "https://t.me/Rootsec_2/2414", "content": "#exploit\n#Analytics\nTop 10 Vulnerabilities of 2023:\n\n1. CVE-2023-34362: MOVEit Vulnerability\nhttps://t.me/CyberSecurityTechnologies/8493\n2. CVE-2023-23397: MS Outlook PE\nhttps://t.me/CyberSecurityTechnologies/8677\n3. CVE-2023-43641: 1-Click RCE on GNOME\nhttps://t.me/CyberSecurityTechnologies/9175\n4. CVE-2023-28252: Windows CLFS PE\nhttps://t.me/CyberSecurityTechnologies/8595\n5. CVE-2023-2868: Barracuda ESG CI\nhttps://t.me/CyberSecurityTechnologies/8627\n6. CVE-2023-26360: Adobe ColdFusion\nhttps://t.me/CyberSecurityTechnologies/9702\n7. CVE-2023-4966: Citrix Bleed\nhttps://t.me/CyberSecurityTechnologies/9257\n8. CVE-2023-22952: SugarCRM RCE\nhttps://t.me/CyberSecurityTechnologies/7907\n9. CVE-2023-24880: Win Smart Screen Bypass\nhttps://www.vicarius.io/vsociety/posts/windows-smartscreen-security-feature-bypass-cve-2023-24880\n10. CVE-2022-42475:\nFortiOS heap-based buffer overflow in sslvpnd\nhttps://bishopfox.com/blog/exploit-cve-2022-42475\n]-> https://github.com/scrt/cve-2022-42475", "creation_timestamp": "2024-08-16T08:59:55.000000Z"}, {"uuid": "0446ef5b-2553-47b2-9153-56d3adc4c1d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2402", "content": "#exploit\n1. CVE-2023-26360:\nAdobe Coldfusion File Read Arbrtary Exploit\nhttps://github.com/yosef0x01/CVE-2023-26360\n\n2. CVE-2023-42406:\nSQL injection in D-Link DAR-7000\nhttps://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md\n]-> https://github.com/1dreamGN/CVE/blob/main/D-LINK%20-DAR-7000_sql__sysmanage_editrole.php.md", "creation_timestamp": "2024-08-16T08:59:54.000000Z"}, {"uuid": "5a24500a-c4e6-499b-9ca0-8d8ef2aa4f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26360", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/6042", "content": "CVE-2023-26360 - Unauthenticated RCE in Adobe Coldfusion\n\nPOC \n\n#CVE #POC #RCE \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2024-01-19T01:15:36.000000Z"}]}