{"vulnerability": "CVE-2023-2876", "sightings": [{"uuid": "f8a1351c-dd05-4775-be99-d2e1d82e5c87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28765", "type": "seen", "source": "MISP/d2c3e53d-12a4-4a0a-a211-003cfaa9ffbe", "content": "", "creation_timestamp": "2023-04-27T12:17:01.000000Z"}, {"uuid": "faed2995-ea78-4208-8150-9acd430e225d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28769", "type": "seen", "source": "MISP/1c355568-696d-46a8-b7e7-3022bb8d3143", "content": "", "creation_timestamp": "2023-06-22T12:15:21.000000Z"}, {"uuid": "eab86329-764c-423a-9cd6-6e8700cfc0c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28769", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "07445bb5-f1c7-4bf1-a02a-8cd0534d16fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28769", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:53.000000Z"}, {"uuid": "afee68f7-2101-4ce2-8e57-5735cceffc29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/207", "content": "https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760", "creation_timestamp": "2023-05-20T23:38:20.000000Z"}, {"uuid": "55df68a3-dfbb-4af5-9704-e58d4f8c0a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28769", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "3f12136c-d970-4231-b412-2ee10895ede4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "Telegram/LpF8VYXdxmMajpYLddvY-mVT50oeC0Do-nKjf25w_iuaQwE", "content": "", "creation_timestamp": "2023-03-27T19:35:02.000000Z"}, {"uuid": "e2c87aaf-6f4d-4761-b687-b019adecaf1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "Telegram/Gyrvv86AbWrB1GT84Y-sUOl1kYGUEvQAgiox85A6xDMevbQ", "content": "", "creation_timestamp": "2023-03-24T15:39:00.000000Z"}, {"uuid": "d5b902a8-e415-4728-a6fa-d3a61b6d5660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28769", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/zyxel_multiple_devices_zhttp_lan_rce.rb", "content": "", "creation_timestamp": "2023-03-21T19:23:14.000000Z"}, {"uuid": "eb06a7fb-c27b-4aec-84d8-b1d3451dddfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/223497", "content": "{\n  \"Source\": \"arvin_club\",\n  \"Content\": \"TP-Link AX1800 Memory Corruption Vulnerability (Exploit) https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760 GitHubexploits/CVE-2023-28760 at main \u00b7 TecR0c/exploits Contribute to TecR0c/exploits development by creating an account on GitHub.\", \n  \"author\": \"ARVIN\",\n  \"Detection Date\": \"24 Mar 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-03-24T16:44:56.000000Z"}, {"uuid": "2fb268db-7052-4b5f-95c9-8aff14ce8dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2821", "content": "(CVE-2023-28760, critical RCE vulnerability in TP-Link AX1800 Wi-Fi 6 Routers).\n\nExploit for CVE-2023-28760\n\nExploit: https://system32.ink/news-feed/p/271/", "creation_timestamp": "2023-03-24T12:53:44.000000Z"}, {"uuid": "9f183fc8-e388-498e-92be-353ce482c1de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/761", "content": "PWNING THE TP-LINK AX1800 WIFI 6 ROUTER: UNCOVERED AND EXPLOITED A MEMORY CORRUPTION VULNERABILITY\nBlog : https://www.tecsecurity.io/blog/tp-link_ax1800\nPOC : https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760", "creation_timestamp": "2023-07-26T14:30:49.000000Z"}, {"uuid": "1c8cee75-832f-46ca-92d7-7c99323b6e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28765", "type": "seen", "source": "https://t.me/true_secator/4281", "content": "\u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432\u0435\u043d\u0434\u043e\u0440\u0430\u043c\u0438 \u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 ICS, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u0440\u0430\u0437 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438 \u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c. \u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 FortiPresence (\u0432\u0435\u0440\u0441\u0438\u0438 1.0, 1.1 \u0438 1.2) \u043e\u0442 Fortinet \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c Redis \u0438 MongoDB. CVE-2022-41331 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 9,3 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, Fortinet \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 RCE, \u0432 FortiOS, FortiProxy, FortiSandbox, FortiDeceptor, FortiWeb, FortiClient \u0434\u043b\u044f Windows \u0438 macOS, FortiSOAR, FortiADC, FortiDDoS, FortiDDoS-F, FortiAnalyzer. \u0438 FortiManager.\n\n\u0418\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 SAP: CVE-2023-27267, CVE-2023-28765\u00a0\u0438 CVE-2023-29186. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 11 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0432\u00a0\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0441 \u043d\u0438\u0437\u043a\u0438\u043c \u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\nCVE-2023-27267\u00a0\u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,0, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0430 \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 OSCommand Bridge \u0430\u0433\u0435\u043d\u0442\u0430 \u0434\u0438\u0430\u0433\u043d\u043e\u0441\u0442\u0438\u043a\u0438 SAP \u0432\u0435\u0440\u0441\u0438\u0438 720. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-28765\u00a0(CVSS: 9,8)- \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 SAP BusinessObjects Business Intelligence (\u0432\u0435\u0440\u0441\u0438\u0438 420 \u0438 430), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0431\u0430\u0437\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0441 CVSS 8,7 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 (CVE-2023-29186) \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 SAP NetWeaver (\u0432\u0435\u0440\u0441\u0438\u0439 707, 737, 747 \u0438 757) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 SAP.\n\nSiemens \u0438 Schneider Electric\u00a0\u043d\u0430 \u043f\u0430\u0440\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0434\u043b\u044f 38 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n26 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 Siemens,\u00a0\u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 - \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0438 \u043c\u0435\u0440\u044b \u043f\u043e \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e, \u0430 \u043f\u043e \u0440\u044f\u0434\u0443 - \u0432\u043e\u0432\u0441\u0435 \u043d\u0435 \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2023-28489, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044b (RTU) Sicam \u0441\u0435\u0440\u0438\u0438 A8000 \u0434\u043b\u044f \u0442\u0435\u043b\u0435\u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0435\u043a\u0442\u043e\u0440\u0435 \u044d\u043d\u0435\u0440\u0433\u043e\u0441\u043d\u0430\u0431\u0436\u0435\u043d\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435\n\n\u00a0Siemens\u00a0 \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 DoS \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Simatic \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Siprotec 5, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445 \u0432 \u041e\u0421 Wind River VxWorks, \u044f\u0434\u0440\u0435 Linux, OPC Foundation Local Discovery Server (LDS), Luxion KeyShot \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445.\n\n\u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u00a0Siemens,\u00a0 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0447\u0442\u043e \u0447\u0430\u0441\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 JT Open Toolkit, JT Utilities, Teamcenter Visualization, JT2Go \u0438 TIA Portal.\n\n\u00a0Schneider Electric\u00a0\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u043c\u0435\u0440\u0430\u043c\u0438 \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0439 \u0435\u0449\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u043e\u0434\u043d\u0443 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 \u041f\u041e \u0434\u043b\u044f \u043e\u043d\u043b\u0430\u0439\u043d-\u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 APC \u0438 Easy UPS. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0438\u043b\u0438 DoS.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u044b \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 RCE-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0432 InsightHome \u0438 InsightFacility. \u0412 \u041f\u041e EcoStruxure Control Expert \u0434\u043b\u044f \u041f\u041b\u041a \u0438 \u041f\u0410\u041a Modicon \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 RCE \u0438 DoS.\u00a0\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0448\u0438\u0431\u043a\u0438 DoS \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u041f\u041b\u041a \u0438 PAC Modicon.", "creation_timestamp": "2023-04-12T18:33:43.000000Z"}, {"uuid": "9a306734-b742-42f6-842d-320c678db7b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28767", "type": "seen", "source": "https://t.me/cibsecurity/66844", "content": "\u203c CVE-2023-28767 \u203c\n\nThe configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions\u00c2\u00a05.00 through 5.36,\u00c2\u00a0 USG FLEX 50(W) series firmware versions 5.10 through 5.36, USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T20:40:28.000000Z"}, {"uuid": "bf1397f4-0f17-4f1e-87d4-0f04add8fb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28766", "type": "seen", "source": "https://t.me/cibsecurity/61840", "content": "\u203c CVE-2023-28766 \u203c\n\nA vulnerability has been identified in SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.40), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions < V9.40), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.40), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.40), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.40), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.40), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.40), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.40), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.40), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.40), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions < V9.40), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service. An unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T14:23:18.000000Z"}, {"uuid": "2f289660-b4d0-474d-a7f3-f6a77a833254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28768", "type": "seen", "source": "https://t.me/cibsecurity/68453", "content": "\u203c CVE-2023-28768 \u203c\n\nImproper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version\u00c2\u00a0V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T20:19:28.000000Z"}, {"uuid": "de7dff61-6a52-4b6b-80d5-de5864706b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/498", "content": "https://github.com/TecR0c/exploits/blob/main/CVE-2023-28760/CVE-2023-28760.py", "creation_timestamp": "2023-06-13T11:57:10.000000Z"}, {"uuid": "e92d4eef-dd3e-4e31-ab7f-0e020b5e3222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28761", "type": "seen", "source": "https://t.me/cibsecurity/61833", "content": "\u203c CVE-2023-28761 \u203c\n\nIn\u00c2\u00a0SAP NetWeaver Enterprise Portal - version 7.50,\u00c2\u00a0an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and integrity.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T07:23:22.000000Z"}, {"uuid": "144e22ab-bb54-450c-8697-f28ae373218e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28763", "type": "seen", "source": "https://t.me/cibsecurity/61828", "content": "\u203c CVE-2023-28763 \u203c\n\nSAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the network without any user interaction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T07:23:17.000000Z"}, {"uuid": "fbf03a7c-5914-4a56-ad75-4bb06599e531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28765", "type": "seen", "source": "https://t.me/cibsecurity/61822", "content": "\u203c CVE-2023-28765 \u203c\n\nAn attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user\u00e2\u20ac\u2122s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T07:23:11.000000Z"}, {"uuid": "80af9a71-5732-48f8-a8fd-36fbb36154eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/ctftm/493", "content": "TP-Link AX1800\nMemory Corruption Vulnerability (Exploit)\n\nhttps://github.com/TecR0c/exploits/tree/main/CVE-2023-28760", "creation_timestamp": "2023-04-06T20:20:22.000000Z"}, {"uuid": "d2c391ea-75ac-4f83-8516-fb3a256e831c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/723", "content": "https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760\nTP-Link AX1800WiFi6\n#github", "creation_timestamp": "2023-07-16T05:17:39.000000Z"}, {"uuid": "aea7da65-aaab-4d3a-9001-a0cfc60572a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/6603", "content": "TP-Link AX1800\nMemory Corruption Vulnerability (Exploit)\nhttps://github.com/TecR0c/exploits/tree/main/CVE-2023-28760", "creation_timestamp": "2023-03-24T15:59:08.000000Z"}, {"uuid": "9d61ad9d-6da6-4b68-8e4b-acac9053528d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28760", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8006", "content": "#exploit\n1. An experimental webkit-based kernel exploit (Arb. R/W) for the PS5 on <= 4.51FW\nhttps://github.com/Cryptogenic/PS5-IPV6-Kernel-Exploit\n\n2. CVE-2023-28760:\nTP-Link AX1800 WiFi 6 Router - Memory Corruption Vulnerability\nhttps://github.com/TecR0c/exploits/tree/main/CVE-2023-28760", "creation_timestamp": "2023-03-27T11:00:54.000000Z"}]}