{"vulnerability": "CVE-2023-27351", "sightings": [{"uuid": "08083706-7fa1-4dac-93ed-ea9b0c8cc28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-", "content": "", "creation_timestamp": "2026-04-07T04:00:00.000000Z"}, {"uuid": "ca98dfd6-c605-436e-a5e6-a910882de28a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3maw6vy7xg72l", "content": "", "creation_timestamp": "2025-12-26T21:03:01.025644Z"}, {"uuid": "42e578f3-cad1-447f-890b-b490bfed047c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-08T07:25:51.000000Z"}, {"uuid": "1af3b2ed-5ee1-46b9-8f6e-fdac2bcd58e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/", "content": "", "creation_timestamp": "2026-04-06T04:00:00.000000Z"}, {"uuid": "29b9bde3-d5c5-43d0-b55c-1d3c1dbf4c31", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/afc31ae0-5131-4a1e-b730-41f499c91536", "content": "", "creation_timestamp": "2026-04-20T20:00:03.307155Z"}, {"uuid": "5c9e4df6-b082-4cf5-aff0-500419de6a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "MISP/f3b16ca9-f749-4169-9a68-b159e6aaf5ed", "content": "", "creation_timestamp": "2026-04-18T13:07:25.000000Z"}, {"uuid": "8da98648-d657-4b79-9b5c-f6838dde883f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjy3x67srm2n", "content": "", "creation_timestamp": "2026-04-21T04:02:04.040454Z"}, {"uuid": "73699c20-417c-486a-8d88-1870fe161f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/papercut-multiple-vulnerabilities_20260421", "content": "", "creation_timestamp": "2026-04-20T20:00:00.000000Z"}, {"uuid": "1812e59c-2b5f-4293-aaf6-400ade200eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.html", "content": "", "creation_timestamp": "2026-04-21T04:23:00.000000Z"}, {"uuid": "3167fb22-c2b6-4b9b-8f6e-2918c6a760fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkevanrdo22s", "content": "", "creation_timestamp": "2026-04-26T06:06:44.123380Z"}, {"uuid": "427fbb8d-7ebf-4cfb-926b-deab46e7bf19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mk4aa5snoz24", "content": "", "creation_timestamp": "2026-04-22T19:29:18.681006Z"}, {"uuid": "20f44ebd-0e22-4183-847e-2c477b0419cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkgzljmjvd2z", "content": "", "creation_timestamp": "2026-04-27T02:29:41.259590Z"}, {"uuid": "e8db51c5-a338-43b6-97ac-c37311c93a28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkewbzu3fc2s", "content": "", "creation_timestamp": "2026-04-26T06:25:28.359953Z"}, {"uuid": "f4a6b3a4-f2b7-4ac7-b1bb-c87ba05cad79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "Telegram/xcfl_smbGTHA9FYvVxC3Y7zFe7S7f3NotXlwQADKNJ8ujw", "content": "", "creation_timestamp": "2026-04-21T11:08:46.000000Z"}, {"uuid": "adb1823b-ee56-49af-aa14-84f21d28549b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://t.me/GhostPrincess/11460", "content": "BlackCat (ALPHV) #Ransomware team added another huge corporate from the USA \n\nAs proof of the hack, BlackCat brought up correspondence from company executives about the attack itself, in which they talked about how the attackers managed to enter their network \n\n#BlackCat\n\nAfter GoAnywhere and Raspberry Robin attacks, now it's PaperCut turn \n\n#Ransomware attackers using new vulnerabilities in  PaperCut, CVE-2023-27350, and CVE-2023-27351.\n\nIn a quick search in Shodan, there are over 2200 potentially vulnerable servers \n\n#CLOP \n\nLockbit #ransomware team Increased the attack rate towards the end of the month and added The Moroccan \ud83c\uddf2\ud83c\udde6 Government Institute for Standardization to the victim list  \ud83d\udea8\n\n#Lockbit", "creation_timestamp": "2023-05-01T14:17:10.000000Z"}, {"uuid": "dbfcaac4-a03b-47aa-aeca-5ced3e01c61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "https://t.me/true_secator/4317", "content": "\u0412\u043e\u043f\u0440\u0435\u043a\u0438 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c Trend Micro, \u043e\u0431\u0435\u0449\u0430\u0432\u0448\u0438\u043c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 PaperCut  \u043a 10 \u043c\u0430\u044f, Horizon3 \u043d\u0430 \u043f\u0430\u0440\u0443 \u0441 Huntress \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f CVE-2023-27350 \u0438 CVE-2023-27351, \u043d\u043e \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 PoC \u0434\u043b\u044f \u043d\u0438\u0445.\n\n\u0415\u0441\u043b\u0438 \u0432\u0435\u0440\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0435\u0447\u0430\u0442\u044c\u044e PaperCut MF/NG, \u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 100 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 70 000 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0432 \u0447\u0435\u0442\u0432\u0435\u0440\u0433, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 PaperCut \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 Horizon3 RCE-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043f\u0443\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u00ab\u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430\u00bb \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u043e\u0432 \u0438 \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0430\u0435\u0442\u0441\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 CVE-2023-27350.\n\nHuntress \u0436\u0435 \u0441\u043e\u0437\u0434\u0430\u043b\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043b\u0438\u0448\u044c \u0434\u043b\u044f \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u043e \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0430 \u0435\u0433\u043e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a.\n\n\u0412 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b PaperCut \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0438 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0435\u043f\u0435\u0440\u044c \u0435\u0449\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043f\u0440\u0438\u0431\u0430\u0432\u0438\u0442\u044c\u0441\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Huntress, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 16 \u0430\u043f\u0440\u0435\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 PowerShell \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043a\u0438 \u041f\u041e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Atera \u0438 Syncro.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f 12 \u0430\u043f\u0440\u0435\u043b\u044f \u0434\u043e\u043c\u0435\u043d\u0430\u00a0windowservicecenter[.]com, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 TrueBot, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Silence \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0434\u043b\u044f\u00a0\u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Clop ransomware.\n\n\u041d\u043e \u043d\u0430\u0434\u043e \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c, \u0447\u0442\u043e \u0434\u043e\u0441\u0442\u0443\u043f, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 PaperCut, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c\u0430 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u044b \u0438, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435, \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f, \u043d\u0430 \u0447\u0442\u043e \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0438\u043c\u0435\u044e\u0449\u0438\u0435\u0441\u044f \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Huntress \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442  \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0430 \u0442\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b PaperCut, \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0443 \u0432\u0441\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0430 \u043f\u043e\u0440\u0442 \u0432\u0435\u0431-\u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f (\u043f\u043e\u0440\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e 9191) \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u043d\u0430 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0430 \u0442\u043e\u0442 \u0436\u0435 \u043f\u043e\u0440\u0442 \u043d\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430.", "creation_timestamp": "2023-04-24T20:42:54.000000Z"}, {"uuid": "4769a4d7-3351-4138-bc7d-b8ac3904e6a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "exploited", "source": "https://t.me/true_secator/4334", "content": "\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0437\u0430 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2023-27350 \u0438 CVE-2023-27351) \u043d\u0430 PaperCut MF/NG, \u043f\u043e\u0445\u043e\u0436\u0435, \u0441\u0442\u043e\u044f\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 Clop \u0438 LockBit.\n\n\u0421\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0443\u0445\u0443\u0434\u0448\u0430\u0435\u0442\u0441\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0432\u043e\u043f\u0440\u0435\u043a\u0438 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b Trend Micro \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043a 10 \u043c\u0430\u044f, Horizon3 \u043d\u0430 \u043f\u0430\u0440\u0443 \u0441 Huntress \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043d\u043e \u0438 PoC \u0434\u043b\u044f \u043d\u0438\u0445.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 PaperCut \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e PaperCut, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044e \u0441\u043e 100% \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e.\n\n\u0410 \u0435\u0441\u043b\u0438 \u0432\u0435\u0440\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0435\u0447\u0430\u0442\u044c\u044e PaperCut MF/NG, \u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 100 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 70 000 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0413\u0438\u043f\u043e\u0442\u0435\u0437\u0443 \u043e \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 Clop \u0438 LockBit \u043e\u0437\u0432\u0443\u0447\u0438\u043b\u0438 \u0432 Microsoft Threat Intelligence, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0445\u043e\u0436\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\n\n\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043e\u0431\u0435 \u0431\u0430\u043d\u0434\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0434\u043b\u044f \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u0430\u043d\u0434\u044b \u0438\u043c\u0435\u044e\u0442 \u0441\u0445\u043e\u0436\u0443\u044e \u0432\u0438\u043a\u0442\u0438\u043c\u043e\u043b\u043e\u0433\u0438\u044e \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043d\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0421\u0428\u0410 \u0438 \u0417\u0430\u043f\u0430\u0434\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u0435.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u044f\u043c\u044b\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0445 Clop \u0438\u043b\u0438 LockBit \u0441 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Papercut, \u043f\u043e\u043a\u0430 \u043d\u0435\u0442.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0432 \u0441\u0442\u043e\u0442\u044b\u0441\u044f\u0447\u043d\u044b\u0439 \u0440\u0430\u0437 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Papercut \u043e \u0441\u0440\u043e\u0447\u043d\u043e\u0439 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0431\u0443\u0434\u0443\u0442 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432 \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0433\u0443\u043b\u044f\u0435\u0442 PoC, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0443\u0436\u0435 \u0443\u043f\u0440\u0430\u0436\u043d\u044f\u044e\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u044b.\n\n\u0410 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0449\u0438\u043c, \u0447\u0442\u043e \u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0434\u0435\u043b\u0430\u0442\u044c \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0435 \u043a\u043e\u043f\u0438\u0438, \u0441\u0442\u0438\u0440\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0438\u0437 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2023-04-28T12:35:36.000000Z"}, {"uuid": "a3b90f2f-69a7-4408-8a77-2ab85a8f4771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27351", "type": "seen", "source": "https://t.me/cibsecurity/62538", "content": "\u203c CVE-2023-27351 \u203c\n\nThis vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T20:30:51.000000Z"}]}