{"vulnerability": "CVE-2023-29552", "sightings": [{"uuid": "eb41ffea-203a-4d60-b808-c9f70a76c24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-08T18:10:02.000000Z"}, {"uuid": "d1ab2006-b306-4cbf-99fc-5ee05583b662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971913", "content": "", "creation_timestamp": "2024-12-24T20:35:34.222138Z"}, {"uuid": "64584799-8df4-4e63-b766-12b86f4eec1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "ad7d6098-1258-4348-ba23-f3c1065be666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a7b2e9e6-d290-41b3-af34-4085e8dafa7d", "content": "", "creation_timestamp": "2026-02-02T12:26:47.433070Z"}, {"uuid": "f2106d07-826f-465e-835f-5cd59121e547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cKure/10963", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 High-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP).\n\nhttps://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", "creation_timestamp": "2023-04-26T17:40:19.000000Z"}, {"uuid": "1ea6365e-ee16-4e6d-b2a3-925d2a2e97f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cyberSkolkovo/123", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552 (8,6 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437. \u0412 \u0447\u0438\u0441\u043b\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0432\u0445\u043e\u0434\u044f\u0442 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b VMWare ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, IBM IMM \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041e\u043d\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u0440\u044f\u0434\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 1000, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439, \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0441\u0442\u0440\u0430\u0445\u043e\u0432\u0430\u043d\u0438\u044f, \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432, \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430.\n\n#\u043a\u0438\u0431\u0435\u0440\u0445\u0430\u0431_\u0446\u0438\u0444\u0440\u044b", "creation_timestamp": "2023-05-28T11:01:35.000000Z"}, {"uuid": "edf9b29a-0474-4d96-8680-0a6aab7c8c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3311", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2023-04-25T16:15:09.537\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n2. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n3. https://datatracker.ietf.org/doc/html/rfc2608\n4. https://github.com/curesec/slpload\n5. https://security.netapp.com/advisory/ntap-20230426-0001/\n6. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n7. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n8. https://www.suse.com/support/kb/doc/?id=000021051\n9. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n10. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n11. https://datatracker.ietf.org/doc/html/rfc2608\n12. https://github.com/curesec/slpload\n13. https://security.netapp.com/advisory/ntap-20230426-0001/\n14. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n15. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n16. https://www.suse.com/support/kb/doc/?id=000021051", "creation_timestamp": "2025-01-28T23:18:07.000000Z"}, {"uuid": "8b4a4f62-fd30-464b-9837-9738e9c88219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/purple_medved/12", "content": "\u0412 \u0431\u043b\u043e\u0433\u0435 BitSight \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP (Service Location Protocol). \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u0432 \u0434\u0430\u043b\u0435\u043a\u043e\u043c 1997 \u0433\u043e\u0434\u0443, \u043e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 427 \u0447\u0435\u0440\u0435\u0437 TCP \u0438 UDP. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0443\u0440\u043e\u0432\u043d\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 - 8,6 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0443 CVSS. \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 SLP, \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u044f \u0430\u0434\u0440\u0435\u0441 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u044f 29-\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u0432 65,536-\u0431\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u043e\u0442\u0432\u0435\u0442 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0441\u0442\u0430\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 VMWare ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, IBM IMM \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0445 \u043c\u0435\u0440, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SLP \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u043b\u0430 \u0441 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 TCP \u0438 UDP \u043d\u0430 427 \u043f\u043e\u0440\u0442\u0443.\n\n#CVE-2023-29552 #DDoS-\u0430\u0442\u0430\u043a\u0438 #DoS_amplification", "creation_timestamp": "2023-04-27T19:23:37.000000Z"}, {"uuid": "de3e7215-4fc9-498d-a457-4eb5bc2ed43d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/ctinow/148464", "content": "https://ift.tt/mxWLcCh\nNetography Releases Detection for Actively Exploited DoS Amplification CVE-2023-29552", "creation_timestamp": "2023-11-09T21:37:02.000000Z"}, {"uuid": "dae0b1b8-6055-4265-a41a-f05a7ff9d81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/ctinow/109866", "content": "CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks\n\nhttps://ift.tt/TYqUj9l", "creation_timestamp": "2023-05-04T18:03:29.000000Z"}, {"uuid": "da0fd379-9d5f-4d32-ab87-fecc345bad97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "Telegram/j_NOQaSS6WIfk39XQXCw2qQeJoi2-3-FLwOGvgRF5EFSFfs", "content": "", "creation_timestamp": "2023-04-25T20:02:10.000000Z"}, {"uuid": "4f5a40a5-2262-451f-af48-165165537b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/arpsyndicate/1111", "content": "#ExploitObserverAlert\n\nCVE-2023-29552\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-29552. The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nFIRST-EPSS: 0.043370000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T04:17:18.000000Z"}, {"uuid": "b0a969e3-7922-4ec9-b6f5-87332f47665f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "Telegram/ITlnoIKxw8fWTwUOX0oLpzTnmNV1tK6JMvQUjg6Rza1JcQ", "content": "", "creation_timestamp": "2023-11-09T10:16:29.000000Z"}, {"uuid": "00d3cf97-4ca2-4f25-9c8a-5286f857c770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/KomunitiSiber/1047", "content": "CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation\nhttps://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday\u00a0added\u00a0a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nTracked as\u00a0CVE-2023-29552\u00a0(CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS", "creation_timestamp": "2023-11-09T07:06:05.000000Z"}, {"uuid": "192e0637-ae7c-4dfb-aab4-7ba4b7a2697f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/GhostPrincess/11578", "content": "What is SLP protocol?\n\nService Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the Internet Engineering Task Force (IETF) and defined in RFC 2608, SLP eliminates the need for users or administrators to manually configure clients with the addresses of available network services. Instead, it allows devices and applications to automatically find and connect to services in their local area networks (LANs). Since the SLP protocol doesn\u2019t require authentication, anyone can register new services, which is why it wasn\u2019t intended to be publicly available over the Internet.\n\nHow Does SLP Work?\n\nSLP operates based on a request-response model that involves three primary components: User Agents (UAs), Service Agents (SAs), and Directory Agents (DAs).\n\nUser Agents (UAs): UAs are clients seeking network services. They send out service requests to discover the available services in the network.\n\nService Agents (SAs): SAs represent the network services themselves. They advertise the services they offer and respond to service requests from UAs.\n\nDirectory Agents (DAs): DAs act as a centralized repository for service information. They cache the advertisements from SAs, and UAs can query them to find the desired services more efficiently. Although DAs are optional, their presence improves the overall performance of the SLP system.\n\nUnderstanding How CVE-2023-29552 Works\n\nThe attack technique allows an unauthenticated, remote attacker to register arbitrary services. This would enable the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nAn Ghost Clan channel:\nhttps://t.me/TheGrayHats\n\n#cybersec #infosec #hacking #hack #cybersecurity #hackers #grayhats", "creation_timestamp": "2023-05-09T03:31:51.000000Z"}, {"uuid": "e88ddcc6-2962-4ea4-a12f-3f48208e11c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/5741", "content": "What is SLP protocol?\n\nService Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the Internet Engineering Task Force (IETF) and defined in RFC 2608, SLP eliminates the need for users or administrators to manually configure clients with the addresses of available network services. Instead, it allows devices and applications to automatically find and connect to services in their local area networks (LANs). Since the SLP protocol doesn\u2019t require authentication, anyone can register new services, which is why it wasn\u2019t intended to be publicly available over the Internet.\n\nHow Does SLP Work?\n\nSLP operates based on a request-response model that involves three primary components: User Agents (UAs), Service Agents (SAs), and Directory Agents (DAs).\n\nUser Agents (UAs): UAs are clients seeking network services. They send out service requests to discover the available services in the network.\n\nService Agents (SAs): SAs represent the network services themselves. They advertise the services they offer and respond to service requests from UAs.\n\nDirectory Agents (DAs): DAs act as a centralized repository for service information. They cache the advertisements from SAs, and UAs can query them to find the desired services more efficiently. Although DAs are optional, their presence improves the overall performance of the SLP system.\n\nUnderstanding How CVE-2023-29552 Works\n\nThe attack technique allows an unauthenticated, remote attacker to register arbitrary services. This would enable the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nhttps://t.me/GrayHatsHack\n\n#cybersec #infosec #hacking #hack #cybersecurity #hackers #grayhats", "creation_timestamp": "2024-05-29T23:44:40.000000Z"}, {"uuid": "9f61d6a0-0d6c-442e-b34b-67ea23f7f511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/true_secator/5071", "content": "\u041a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 KEV \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u043b\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b SLP \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-29552 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 7,5 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u0438\u043f\u0430 DoS, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a \u0441 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435\u043c, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 Bitsight\u00a0\u0438 Curesec.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 SLP \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 UDP-\u0442\u0440\u0430\u0444\u0438\u043a \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Bitsight \u0438 Curesec, \u0443 SLP \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f DDoS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u00a02200, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440.\n\nDDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c SLP \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u043d\u0430 GitHub, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0447\u043d\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-11-10T12:27:23.000000Z"}, {"uuid": "01a594b0-4abb-4ac3-b608-2882c4bac273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/true_secator/4325", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SLP \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c DDoS-\u0430\u0442\u0430\u043a\u0430\u043c \u0441 2200-\u043a\u0440\u0430\u0442\u043d\u044b\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435\u043c.\n\nSLP \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0432 1997 \u0433\u043e\u0434\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c (\u041f\u041a, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u0430\u043c, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c) \u043b\u0435\u0433\u043a\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433 \u0434\u0440\u0443\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0432 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0435\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u043c \u0441\u043f\u0435\u043a\u0442\u0440\u0435 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0438 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0422\u0430\u043a, \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0431\u043e\u043b\u0435\u0435\u00a070 000\u00a0\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438\u043c\u0435\u044e\u0442 \u043e\u0442\u0435\u0440\u0442\u044b\u0435 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043f\u043e\u0440\u0442\u044b SLP (427 \u043a\u0430\u043a \u0434\u043b\u044f UDP, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f TCP), \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043a\u0430\u043a \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b VMware ESXi, \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b Konica Minolta, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b Planex, \u0441\u0435\u0440\u0432\u0435\u0440\u044b Supermicro IPMI \u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0435\u0434\u0438\u043d\u0438\u0446 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f IBM.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438\u0437\u00a0Bitsight\u00a0\u0438\u00a0Curesec. \n\n\u041e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-29552 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 SLP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u044b \u0432 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0431\u043e\u043b\u044c\u0448\u0435\u043c \u0440\u0430\u0437\u043c\u0435\u0440\u0435.\n\n\u042d\u0442\u043e\u0442 \u0442\u0440\u044e\u043a \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 SLP, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0435\u0447\u0435\u0440\u043e\u0432, \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0435 2200x, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 SLP \u0442\u0440\u0435\u0442\u044c\u0438\u043c \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e.\n\nCloudflare\u00a0\u0438\u00a0Netscout\u00a0\u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f SLP \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a \u0431\u0443\u0434\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0443\u0447\u0430\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0431\u0430\u0433\u0443.\u00a0\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u0443\u0447\u0435\u0441\u0442\u044c, \u0447\u0442\u043e SLP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f ESXiArgs ransomware\u00a0\u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 VMWare. \n\n\u0411\u0443\u0434\u0435\u043c \u043d\u0430\u0434\u0435\u044f\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u0441\u043b\u0443\u0447\u0430\u044f \u0445\u043e\u0442\u044f \u0431\u044b \u043a\u0430\u043a\u0430\u044f-\u0442\u043e \u0447\u0430\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0437\u0430\u0434\u0443\u043c\u044b\u0432\u0430\u043b\u0430\u0441\u044c \u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0432\u043e\u0438\u0445 \u043f\u043e\u0440\u0442\u043e\u0432 SLP.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-04-26T17:04:39.000000Z"}, {"uuid": "0fd79227-5a82-484a-9822-c143f73de24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/cibsecurity/62820", "content": "\u203c CVE-2023-29552 \u203c\n\nThe Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T20:24:58.000000Z"}, {"uuid": "de34d1a4-4a4e-414b-9f93-c1f0c34e1872", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/thehackernews/4126", "content": "CISA adds high-severity flaw (CVE-2023-29552) in SLP to Known Exploited Vulnerabilities list. This flaw is being actively exploited to launch massive DoS amplification attacks. \n \nRead: https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html", "creation_timestamp": "2023-11-09T07:16:19.000000Z"}, {"uuid": "d6aa0e94-8966-4ab7-849c-a79aa40f08b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/thehackernews/3282", "content": "\ud83d\udd25 New SLP protocol vulnerability (CVE-2023-29552) could be weaponized for massive DoS amplification attacks with an amplification factor of up to 2,200.\n\nLearn more: https://thehackernews.com/2023/04/new-slp-vulnerability-could-let.html\n\nMore than 2,000 global organizations and 54,000 SLP instances are said to be affected.", "creation_timestamp": "2023-04-25T15:36:49.000000Z"}, {"uuid": "10219d87-a14b-42e8-981a-8cd6a5e3ef7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/xakep_ru/13966", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0435\u0442 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0432 2200 \u0440\u0430\u0437\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b BitSight \u0438 Curesec \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-29552, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 SLP (Service Location Protocol), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c DDoS-\u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 2200 \u0440\u0430\u0437. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0431\u043e\u043b\u0435\u0435 2000 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 54 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 SLP, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0441\u0442\u0430\u0442\u044c \u043c\u0438\u0448\u0435\u043d\u044f\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\nhttps://xakep.ru/2023/04/26/slp-ddos/", "creation_timestamp": "2023-04-26T16:50:44.000000Z"}, {"uuid": "3eb1a60b-65ff-43d7-bcbd-5da0c738b57f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8192", "content": "#exploit\n1. CVE-2023-29552:\nAmplifying SLP Traffic\nhttps://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n\n2. Telegram: RCE via WebView\nhttps://davtur19.medium.com/telegram-bug-bounties-rce-privacy-issues-and-more-b1f06a641c1b\n\n3. CVE-2022-29804:\nA directory traversal vulnerability hidden in the Go language standard library\nhttps://tttang.com/archive/1884", "creation_timestamp": "2023-04-27T11:05:13.000000Z"}, {"uuid": "5dffc557-ad32-4370-bcb9-676e1e7db1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "Telegram/hfwgAwOr-I2NY7E1jCzKYP-osK24R_uQmKQfV3N5WixAHog", "content": "", "creation_timestamp": "2023-04-27T23:02:35.000000Z"}, {"uuid": "56057f71-d290-4616-8ad0-d6061f58ab34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/secmedia/1076", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-29552 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 SLP. \u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 BitSight \u0438 Curesec, \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u0430, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0432 2200 \u0440\u0430\u0437.", "creation_timestamp": "2023-04-26T08:38:19.000000Z"}]}