{"vulnerability": "CVE-2023-3231", "sightings": [{"uuid": "a93a6db9-55e4-4869-847b-be90ce39eb0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-08-24T18:10:02.000000Z"}, {"uuid": "c823aeff-3bb0-4a32-89cc-7afaf469f340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971872", "content": "", "creation_timestamp": "2024-12-24T20:35:04.809319Z"}, {"uuid": "3d7b059b-7704-413d-9463-aaeb28559d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:45.000000Z"}, {"uuid": "6dff338e-630b-4434-833e-2bc5dd567c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "2e4d70be-83dd-49ef-8cd0-1e737df32d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:53.000000Z"}, {"uuid": "e9fc0d66-0c2e-41bc-a8af-197a26b08051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "f3d2f3db-5382-4c4d-9fbd-822eebc21b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "MISP/4ad9ed67-5cc3-5de2-849d-1a1910431785", "content": "", "creation_timestamp": "2025-09-09T11:33:07.000000Z"}, {"uuid": "414e61b5-54c0-48fa-84e2-6726c0fd69a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4705", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-32315-Openfire-Bypass\nURL\uff1ahttps://github.com/izzz0/CVE-2023-32315-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-07T07:54:58.000000Z"}, {"uuid": "47aadb60-b376-433f-bfbc-c3b04c43c94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "Telegram/f1xIU64BPtqCo4e41cDGT7tZSg0C7tQkRZ1CwemdWGzLseM", "content": "", "creation_timestamp": "2025-12-21T09:00:05.000000Z"}, {"uuid": "9ba371b8-03c6-4906-be8e-a8280e921cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/openfire_auth_bypass_rce_cve_2023_32315.rb", "content": "", "creation_timestamp": "2023-07-18T23:40:14.000000Z"}, {"uuid": "1c43ab21-0150-459e-bfd0-947fb18efa32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b5d080f8-4eac-404f-884e-120f53241976", "content": "", "creation_timestamp": "2026-02-02T12:26:51.819969Z"}, {"uuid": "a80fda73-fbf7-4b01-ba85-365027c03c5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "Telegram/mhxkLegikJu7syAQ-topaxjK7UZED4kUzp87E1-mVUTqL1w", "content": "", "creation_timestamp": "2023-07-13T12:34:12.000000Z"}, {"uuid": "e84f1f40-1f25-49f1-966e-f77310ab8282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "Telegram/O1ZalrnhHxYznvMcmxUbyoFGlSwn-ftcOEc78LO95gjX88E", "content": "", "creation_timestamp": "2023-07-13T12:31:47.000000Z"}, {"uuid": "58f91536-c423-4aaf-ab5d-4b553acf99cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/cKure/11618", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2023-32315 | Hackers actively exploiting Openfire flaw to encrypt servers.\n\nhttps://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-openfire-flaw-to-encrypt-servers/", "creation_timestamp": "2023-09-27T14:33:54.000000Z"}, {"uuid": "48e0e431-57ed-477e-99d8-da517af544d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5344", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aOpenfire\u672a\u6388\u6743\u5230RCE(CVE-2023-32315)\u590d\u73b0\nURL\uff1ahttps://github.com/CN016/Openfire-RCE-CVE-2023-32315-\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-10T08:59:27.000000Z"}, {"uuid": "f88e49d0-55b4-48de-bb6f-7abc10ac0b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5050", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aScanner for CVE-2023-32315.py\nURL\uff1ahttps://github.com/gibran-abdillah/CVE-2023-32315\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-31T08:51:00.000000Z"}, {"uuid": "2dacff7d-65c2-4e56-8ccf-aed61d74caa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6196", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA PoC exploit for CVE-2023-23752 - Openfire Authentication Bypass\nURL\uff1ahttps://github.com/K3ysTr0K3R/CVE-2023-32315-EXPLOIT\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-15T17:41:28.000000Z"}, {"uuid": "46f7b633-e189-430c-87a1-62cb490a3f8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/ics_cert/1099", "content": "\u0628\u0647 \u06af\u0641\u062a\u0647 VulnCheck\u060c \u0628\u06cc\u0634 \u0627\u0632 3000 \u0633\u0631\u0648\u0631 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u062c\u062f\u06cc\u062f \u0628\u0631\u0627\u06cc \u0648\u0635\u0644\u0647\u200c\u0634\u062f\u0647 CVE-2023-32315 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u062d\u0645\u0644\u0627\u062a \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u0646\u062f.\n\nOpenfire \u06a9\u0647 \u062a\u0648\u0633\u0637 Ignite Realtime \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u0647\u0645\u06a9\u0627\u0631\u06cc \u0628\u0644\u0627\u062f\u0631\u0646\u06af \u0628\u06cc\u0646 \u067e\u0644\u062a\u0641\u0631\u0645\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0632\u0628\u0627\u0646 \u062c\u0627\u0648\u0627 \u0646\u0648\u0634\u062a\u0647 \u0634\u062f\u0647 \u0648 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0631\u0648\u062a\u06a9\u0644 XMPP \u0648 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0631\u0627\u0628\u0637 \u0648\u0628 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u06cc \u0634\u0648\u062f.\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 Openfire Administration Console \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u067e\u06cc\u0645\u0627\u06cc\u0634 \u0645\u0633\u06cc\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0645\u062d\u06cc\u0637 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u06cc\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0628\u0647 \u0635\u0641\u062d\u0627\u062a \u0645\u062d\u062f\u0648\u062f \u0634\u062f\u0647 \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0645\u062d\u0627\u0641\u0638\u062a Openfire \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc URL \u063a\u06cc\u0631 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u062e\u0627\u0635 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0627\u06a9\u062a\u0631\u0647\u0627\u06cc UTF-16 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 \u0648\u0628 \u0633\u0631\u0648\u0631 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u062f - \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0628\u062f\u0648\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u062d\u0641\u0627\u0638\u062a \u0627\u0636\u0627\u0641\u0647 \u0634\u062f.\n\n\u0647\u0645\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc Openfire \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0632 \u0646\u0633\u062e\u0647 3.10.0 \u06a9\u0647 \u062f\u0631 \u0622\u0648\u0631\u06cc\u0644 2015 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f \u0648 \u0628\u0627 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 4.7.5 \u0648 4.6.8 \u06a9\u0647 \u062f\u0631 \u0645\u06cc 2023 \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0646\u062a\u0634\u0631 \u0634\u062f \u060c \u067e\u0627\u06cc\u0627\u0646 \u0645\u06cc\u200c\u06cc\u0627\u0628\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u06cc\u0634 \u0627\u0632 \u062f\u0648 \u0645\u0627\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u062e\u0631\u0628 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a.\n\n\u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u062d\u0633\u0627\u0628\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a \u062c\u062f\u06cc\u062f\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0635\u0628 \u0627\u0641\u0632\u0648\u0646\u0647\u200c\u0627\u06cc \u0628\u0627 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0622\u0646\u0647\u0627 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \u0648 \u0628\u0647 \u0647\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u06cc \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f.\n\n\u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0647\u0627\u06cc \u0645\u0648\u062c\u0648\u062f \u062a\u0627 \u0628\u0647 \u0627\u0645\u0631\u0648\u0632 \u06a9\u0647 CVE-2023-32315 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u0646\u062f\u060c \u0647\u0645\u06af\u06cc \u06cc\u06a9 \u0637\u0631\u062d \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc \u06a9\u0646\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c VulnCheck \u06cc\u06a9 \u0646\u0648\u0639 \u062c\u062f\u06cc\u062f \u0627\u0632 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f \u06a9\u0647 \u0646\u06cc\u0627\u0632\u06cc \u0628\u0647 \u0627\u06cc\u062c\u0627\u062f \u062d\u0633\u0627\u0628 \u0645\u062f\u06cc\u0631 \u0646\u062f\u0627\u0631\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0628\u06cc\u0634 \u0627\u0632 6300 \u0633\u0631\u0648\u0631 Openfire \u0631\u0627 \u062f\u0631 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u062d\u062f\u0648\u062f 50 \u062f\u0631\u0635\u062f \u0627\u0632 \u0633\u0631\u0648\u0631\u0647\u0627 \u0627\u0632 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0631\u062f\u0646\u062f.\n\n\u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u06cc \u06a9\u0647 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u067e\u0644\u0627\u06af\u06cc\u0646 \u0631\u0627 \u0645\u06cc \u062f\u0647\u062f\u060c \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0641\u0632\u0648\u0646\u0647 \u0631\u0627 \u0645\u0633\u062a\u0642\u06cc\u0645\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0631\u062f\u0647 \u0648 \u0633\u067e\u0633 \u0628\u0647 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a.\n\n\u0627\u06cc\u0646 \u0631\u0648\u06cc\u06a9\u0631\u062f \u0647\u06cc\u0686 \u0627\u062b\u0631\u06cc \u0627\u0632 \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u062f\u0631 \u06af\u0632\u0627\u0631\u0634 \u0647\u0627\u06cc \u0645\u0645\u06cc\u0632\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0627\u0642\u06cc \u0646\u0645\u06cc \u06af\u0630\u0627\u0631\u062f \u0648 \u0627\u0632 \u062b\u0628\u062a \u0627\u0639\u0644\u0627\u0646 \u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0641\u0632\u0648\u0646\u0647 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0645\u06cc \u06a9\u0646\u062f.\n\n\u062f\u0631 \u062d\u0627\u0644\u06cc \u06a9\u0647 \u0641\u0639\u0627\u0644\u06cc\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0631 openfire.log \u0642\u0627\u0628\u0644 \u0645\u0634\u0627\u0647\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u067e\u06cc\u0645\u0627\u06cc\u0634 \u0645\u0633\u06cc\u0631 \u0628\u0631\u0627\u06cc \u062d\u0630\u0641 \u06af\u0632\u0627\u0631\u0634 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f \u0648 \u062e\u0648\u062f \u0627\u0641\u0632\u0648\u0646\u0647 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u062a\u0646\u0647\u0627 \u0646\u0634\u0627\u0646\u06af\u0631 \u0633\u0627\u0632\u0634 \u0628\u0627\u0642\u06cc \u0628\u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u0645\u062d\u0642\u0642\u0627\u0646 \u062e\u0627\u0637\u0631\u0646\u0634\u0627\u0646 \u0645\u06cc \u06a9\u0646\u0646\u062f\u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0642\u0628\u0644\u0627\u064b \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a\u060c \u0627\u062d\u062a\u0645\u0627\u0644\u0627\u064b \u062d\u062a\u06cc \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u0628\u0627\u062a \u0646\u062a \u0645\u0639\u0631\u0648\u0641\u060c \u0648 \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0641\u0631\u0627\u0648\u0627\u0646 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0634\u0628\u06a9\u0647\u060c \u0641\u0631\u0636 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u062f\u0631 \u0622\u06cc\u0646\u062f\u0647 \u0627\u062f\u0627\u0645\u0647 \u062e\u0648\u0627\u0647\u062f \u062f\u0627\u0634\u062a.\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-11T16:31:53.000000Z"}, {"uuid": "7ded9927-6fcc-4308-a0a1-07f798d96a43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2666", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32313\n\ud83d\udd39 Description: vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm.\n\ud83d\udccf Published: 2023-05-15T19:45:13.963Z\n\ud83d\udccf Modified: 2025-01-22T21:42:56.955Z\n\ud83d\udd17 References:\n1. https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v\n2. https://github.com/patriksimek/vm2/commit/5206ba25afd86ef547a2c9d48d46ca7a9e6ec238\n3. https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550\n4. https://github.com/patriksimek/vm2/releases/tag/3.9.18", "creation_timestamp": "2025-01-22T22:02:31.000000Z"}, {"uuid": "fed7cf8e-5362-44c0-9e9b-d32262764de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32314", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2667", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32314\n\ud83d\udd39 Description: vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2023-05-15T19:46:32.834Z\n\ud83d\udccf Modified: 2025-01-22T21:42:31.793Z\n\ud83d\udd17 References:\n1. https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5\n2. https://github.com/patriksimek/vm2/commit/d88105f99752305c5b8a77b63ddee3ec86912daf\n3. https://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac\n4. https://github.com/patriksimek/vm2/releases/tag/3.9.18", "creation_timestamp": "2025-01-22T22:02:32.000000Z"}, {"uuid": "f97e27d1-165e-4d5c-9958-dcbb7a13029a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5475", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aOpenfire Console Authentication Bypass Vulnerability with RCE plugin\nURL\uff1ahttps://github.com/miko550/CVE-2023-32315\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-18T00:54:16.000000Z"}, {"uuid": "b78a2fca-bc6d-48a7-8128-ae9e6cad3466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/271", "content": "\u0648\u0642\u062a\u06cc \u06af\u0641\u062a\u0647 \u0645\u06cc\u0634\u0647 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u062c\u0627\u0628\u0631 \u0647\u0645 \u0645\u0634\u06a9\u0644\u0627\u062a \u062e\u0648\u062f\u0634\u0648\u0646 \u0631\u0648 \u062f\u0627\u0631\u0646 \u0627\u06cc\u0646\u0647\nCVE-2023-32315\nhttp://localhost:9090/setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp\nhttps://github.com/advisories/GHSA-gw42-f939-fhvm", "creation_timestamp": "2023-05-29T11:08:45.000000Z"}, {"uuid": "38da8ee8-ebe8-4037-8993-23c1a30ea066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/BleepingComputer/17904", "content": "Latest news and stories from BleepingComputer.com\nOver 3,000 Openfire servers vulnerable to takover attacks\n\nThousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...]", "creation_timestamp": "2023-08-23T22:24:07.000000Z"}, {"uuid": "b7f80308-e43c-4b96-bc2d-ab9ca1c160b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/BleepingComputer/17900", "content": "\u200aOver 3,000 Openfire servers vulnerable to takover attacks\n\nThousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...]\n\nhttps://www.bleepingcomputer.com/news/security/over-3-000-openfire-servers-vulnerable-to-takover-attacks/", "creation_timestamp": "2023-08-23T22:17:42.000000Z"}, {"uuid": "7e98778a-051c-40ca-aaac-a8645ef523f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/688", "content": "Exploitation of Openfire CVE-2023-32315\nhttps://youtu.be/VUGG1rCDVMY?feature=shared", "creation_timestamp": "2023-08-25T08:53:25.000000Z"}, {"uuid": "428aba7a-e18d-4deb-8d98-a154ec4df570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "Telegram/hc2dIHHMpdUSQ5y3pkUagEIur6hOtLIqyI8eVnWVLdzw", "content": "", "creation_timestamp": "2023-09-25T20:26:56.000000Z"}, {"uuid": "cb29881d-fc1a-4b7f-b888-47ddeb710fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "Telegram/iKZC9S3luWej7tbCHfMOUopQAEtDNRlIo0z1FYRa63nc", "content": "", "creation_timestamp": "2023-09-25T18:23:31.000000Z"}, {"uuid": "dfaa9241-7c1e-4da9-9235-5585dc672532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "Telegram/jHwfzAhuXE7Ge4gghiguuIpLe5vUUTovG_Zsj0zyiHgb", "content": "", "creation_timestamp": "2023-09-25T15:25:20.000000Z"}, {"uuid": "15735095-2eb4-4824-b349-ba9bf7cdbcab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "https://t.me/KomunitiSiber/697", "content": "Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw\nhttps://thehackernews.com/2023/08/thousands-of-unpatched-openfire-xmpp.html\n\nThousands of\u00a0Openfire XMPP servers\u00a0are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a\u00a0new report\u00a0from VulnCheck.\nTracked as\u00a0CVE-2023-32315\u00a0(CVSS score: 7.5), the vulnerability relates to a path traversal vulnerability in Openfire's administrative console that could permit an unauthenticated attacker to access otherwise restricted", "creation_timestamp": "2023-08-24T11:26:12.000000Z"}, {"uuid": "f29a7a63-e2e2-4f7c-acd4-7eda41205a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "Telegram/3XN12dEiV8JfAZm8nYijw17IG6AtlTmywEEnqtFHAlEyBA", "content": "", "creation_timestamp": "2023-08-24T11:34:25.000000Z"}, {"uuid": "aecc67ed-f8e9-4aac-afdf-78f896b51c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3072", "content": "Tools - Hackers Factory \n\nLink-X \n\nA Hack-Via-Link ToolKit. Including: Camera, Voice, Location Etc*4\n\nhttps://github.com/Toxic-Noob/Link-X\n\n#infosec #pentesting #redteam\n\nStorm-Breaker\n\nSocial engineering tool [Access Webcam & Microphone & Location Finder] With Python.\n\nhttps://github.com/ultrasecurity/Storm-Breaker\n\n#infosec #pentesting #redteam\n\njsFinder\n\nA command-line tool written in Go that scans web pages to find JavaScript files linked in the HTML source code. It searches for any attribute that can contain a JavaScript file (e.g., src, href, data-main, etc.) and extracts the URLs of the files to a text file. The tool is designed to be simple to use, and it supports reading URLs from a file or from standard input.\n\nhttps://github.com/kacakb/jsfinder\n\n#infosec #pentesting #bugbounty\n\nCVE-2023-32315\n\nAdministration Console authentication bypass in openfire xmppserver.\n\nhttps://github.com/advisories/GHSA-gw42-f939-fhvm\n\n#cve #cybersecurity #infosec\n\nCrowdSec\n\nThe open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.\n\nhttps://github.com/crowdsecurity/crowdsec\n\n#cybersecurity #infosec\n\nLookyloo \n\nLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.\n\nhttps://github.com/Lookyloo/lookyloo\n\n#cybersecurity #infosec #pentesting\n\n\ud83e\udd96Velociraptor Docker\n\nDocker image for Velocidex Velociraptor.\n\nhttps://github.com/weslambert/velociraptor-docker\n\n#infosec #pentesting #bugbounty\n\nGato\n\nGitHub Attack Toolkit is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization.\n\nhttps://github.com/praetorian-inc/gato\n\n#cybersecurity #infosec #pentesting\n\nOSINT QuickStart\n\nIncludes quick start guides for #Shodan and Censys #OSINT search engines.\n\nhttps://github.com/utilsec/osint\n\n#cybersecurity #infosec\n\nCookie-Graber-BOF\n\nC or BOF file to extract WebKit master key to decrypt user cookie. The C code can be used to compile an executable or a bof script for #CobaltStrike.\n\nhttps://github.com/Mr-Un1k0d3r/Cookie-Graber-BOF\n\n#infosec #pentesting #redteam\n\nGeacon\n\nPractice Go programming and implement #CobaltStrike's Beacon in Go\n\nhttps://github.com/darkr4y/geacon\n\n#infosec #pentesting #redteam\n\nRepeaterSearch\n\nThis #burpsuite plugin adds a search bar to Repeater that allows you to search Requests and/or Responses for a string. Regex is also supported.\n\nhttps://github.com/Static-Flow/RepeaterSearch\n\n#infosec #infosec #bugbounty\n\nPractical Windows Forensics\n\nA quick DIY approach for performing a digital forensic analysis on a Windows 10 system.\n\nhttps://github.com/bluecapesecurity/PWF\n\n#cybersecurity #infosec #forensic\n\nOWASP Domain Protect\n\nPrevent subdomain takeover...\n\nhttps://github.com/domain-protect/domain-protect\n\n#cybersecurity #infosec\n\nawesome-oracle-manipulation\n\nAwesome list of all things oracle manipulation. Creating to help spread a better understanding of oracles and oracle manipulation.\n\nhttps://github.com/0xcacti/awesome-oracle-manipulation\n\n#cybersecurity #infosec\n\nCheckov\n\nPrevent #cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.\n\nhttps://github.com/bridgecrewio/checkov\n\n#cybersecurity #infosec\n\namd-lm32-smu-exploit\n\nGeneric #exploit for all version 7 (maybe others) LM32-based AMD SMU's used in APUs (and probably works on GPUs too)\n\nhttps://github.com/jevinskie/amd-lm32-smu-exploit\n\n#cybersecurity #infosec\n\nGretchen\n\nCisco TCL tool to stop Responder attacks.\n\nhttps://github.com/c4s73r/Gretchen\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-30T15:18:17.000000Z"}, {"uuid": "f3235c7c-87d8-4d55-91dd-0ca0d89ef3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1694", "content": "Exploitation of Openfire CVE-2023-32315\nFull WriteUp\nOpenfire-Bypass exploit", "creation_timestamp": "2023-08-22T22:08:58.000000Z"}, {"uuid": "d59b1305-6973-42f1-b6a9-1eb949757ff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "Telegram/6wovPbMsAsvhboKDczEbAGs11dP27buMhrAkJq8ScHBORQ", "content": "", "creation_timestamp": "2023-08-23T04:58:40.000000Z"}, {"uuid": "149439e5-1132-4147-aab9-e2e87ef8ec23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3086", "content": "CVE2023-1829\n\nThe exploitation is tested on Ubuntu22.04 official source code 5.15.0-25.25\n\nhttps://github.com/lanleft/CVE2023-1829\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-34830\n\ni-doit Open v24 and below are vulnerable to Reflected XSS vulnerability. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML.\n\nhttps://github.com/leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below\n\n#cve #cybersecurity #infosec\n\nEvilCrowRF + Flipper Zero\n\nThis firmware is an alternative to the EvilCrowRF default firmware. Module: CC1101 - Compatible Flipper Zero file.\n\nhttps://github.com/h-RAT/EvilCrowRF_Custom_Firmware_CC1101_FlipperZero\n\n#infosec #pentesting #redteam\n\n\u200b\u200bConan \n\nHelping you delete your old accounts.\n\nhttps://github.com/Nenaff/Conan\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32315\n\nOpenfire Bypass\n\nhttps://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass\n\n#cve #cybersecurity #infosec\n\nhttps://t.me/dilagrafie\n\n2/2", "creation_timestamp": "2023-06-18T11:04:58.000000Z"}, {"uuid": "8cec44db-3fd5-437e-a6b6-16735de009f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32314", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3008", "content": "Cybersecurity News - Hackers Factory \n\n\n\u200aFlaw in Telegram Gives Attackers Access to macOS Camera\n\nhttps://restoreprivacy.com/flaw-in-telegram-gives-attackers-access-to-macos-camera/\n\n\u200aStealthy MerDoor malware uncovered after five years of attacks\n\nhttps://www.bleepingcomputer.com/news/security/stealthy-merdoor-malware-uncovered-after-five-years-of-attacks/\n\n\u200aTransportation Department breach exposes data of federal employees\n\nhttps://fedscoop.com/transerve-data-breach/\n\n\u200aRansomware gang steals data of 5.8 million PharMerica patients\n\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-steals-data-of-58-million-pharmerica-patients/\n\n\u200aWhatsApp now lets you lock chats with a password or fingerprint\n\nhttps://www.bleepingcomputer.com/news/security/whatsapp-now-lets-you-lock-chats-with-a-password-or-fingerprint/\n\n\u200aNovel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations\n\nhttps://latesthackingnews.com/2023/05/15/novel-malware-strain-pipedream-deployed-by-russian-linked-hackers-against-us-energy-corporations/\n\n\u200aVirusTotal AI code analysis expands Windows, Linux script support\n\nhttps://www.bleepingcomputer.com/news/security/virustotal-ai-code-analysis-expands-windows-linux-script-support/\n\n\u200aThe new info-stealing malware operations to watch out for\n\nhttps://www.bleepingcomputer.com/news/security/the-new-info-stealing-malware-operations-to-watch-out-for/\n\n\u200aPhiladelphia Inquirer operations disrupted after cyberattack\n\nhttps://www.bleepingcomputer.com/news/security/philadelphia-inquirer-operations-disrupted-after-cyberattack/\n\n\u200aExploit available for critical RCE (CVE-2023-32314) bug in VM2 sandbox library\n\nhttps://securityonline.info/exploit-available-for-critical-rce-cve-2023-32314-bug-in-vm2-sandbox-library/\n\n\u200aAuthentication Bypass Flaw CVE-2023-2499 in WordPress Plugin With Over 10,000 Installations\n\nhttps://securityonline.info/authentication-bypass-flaw-cve-2023-2499-in-wordpress-plugin-with-over-10000-installations/\n\n\u200aEntropyReducer: Reduce Entropy And Obfuscate Your Payload\n\nhttps://securityonline.info/entropyreducer-reduce-entropy-and-obfuscate-your-payload/\n\n\u200aPoC Released for Linux Kernel Privilege Escalation (CVE-2023-32233) Vulnerability\n\nhttps://securityonline.info/poc-released-for-linux-kernel-privilege-escalation-cve-2023-32233-vulnerability/\n\n\u200aMultiple Vulnerabilities Uncovered in Kiddoware Kids Place Parental Control Android App\n\nhttps://securityonline.info/multiple-vulnerabilities-uncovered-in-kiddoware-kids-place-parental-control-android-app/\n\n\u200aHow the A-GPS in your smartphone works, and whether Qualcomm is tracking you | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/gps-agps-supl-tracking-protection/48175/\n\n\u200aThe nature of cyberincidents in 2022\n\nhttps://securelist.com/kaspersky-incident-response-report-2022/109680/\n\n\u200aFormer Ubiquiti employee gets 6 years in jail for stealing confidential data and extorting company\n\nhttps://securityaffairs.com/146228/cyber-crime/uiti-employee-sentenced-6-years.html\n\n\u200aIntroducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware\n\nhttps://securityaffairs.com/146241/malware/drm-dashboard-ransomware-monitor-q1-2023.html\n\n\u200aNew RA Group ransomware gang is the latest group using leaked Babuk source code\n\nhttps://securityaffairs.com/146248/cyber-crime/new-ra-group.html\n\n\u200aMicrosoft Security highlights from RSA Conference 2023\n\nhttps://www.microsoft.com/en-us/security/blog/2023/05/15/microsoft-security-highlights-from-rsa-conference-2023/\n\n\u200aFerrari Website Flaw Exposes Their Database Credentials\n\nhttps://gbhackers.com/ferrari-website-flaw-exposes-their-database-credentials/\n\n\u200aHackers Adapting New Unique Way to Overcome Microsoft Default Macro Block\n\nhttps://gbhackers.com/microsoft-default-macro-block/\n\n\u200aToyota Data Breach \u2013 Over 2 Million Customers Data Exposed\n\nhttps://gbhackers.com/toyota-data-breach/\n\n\u200aWhatsApp \u2013 Now you Can Lock & Hide Chats with a Password\n\nhttps://gbhackers.com/whatsapp-chat-lock/\n\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-05-16T11:19:44.000000Z"}, {"uuid": "34e7c521-f2f4-458e-aff0-7369e0f1c80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1546", "content": "CVE-2023-32315\nopenfire xmppserver \nAdministration Console authentication bypass\n\npath traversal - \u0442\u043e\u043b\u044c\u043a\u043e \u0432 UTF-16 \nhttp://localhost:9090/setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp\n\n\u0410 \u043a\u0442\u043e \u0432\u043e\u043e\u0431\u0449\u0435 \u0432 \u0437\u0434\u0440\u0430\u0432\u043e\u043c \u0443\u043c\u0435, \u043f\u043e\u0441\u043b\u0435 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u0430 \u0434\u0435\u0440\u0436\u0438\u0442 \u043f\u0430\u043f\u043a\u0443 setup \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 ? \nread\n\n#jabber", "creation_timestamp": "2023-05-29T08:24:40.000000Z"}, {"uuid": "f4fb8030-8f40-4fa7-9c9a-0e2be5fd472d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/true_secator/4902", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Dr.Web \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Openfire \u0432 \u0430\u043a\u0442\u0430\u0445 \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432.\n\nOpenfire \u2014 \u044d\u0442\u043e \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 XMPP \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 9 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u043c\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043c\u0435\u0436\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u044b\u0445 \u0447\u0430\u0442\u043e\u0432.\n\nCVE-2023-32315 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Openfire, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043d\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b Java (\u0444\u0430\u0439\u043b\u044b JAR), \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b GET \u0438 POST.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Openfire \u043e\u0442 3.10.0, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 2015 \u0433\u043e\u0434\u0430, \u0434\u043e 4.6.7 \u0438 \u043e\u0442 4.7.0 \u0434\u043e 4.7.4.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 4.6.8, 4.7.5 \u0438 4.8.0 \u0435\u0449\u0435 \u0432 \u043c\u0430\u0435 2023 \u0433\u043e\u0434\u0430, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u043a \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 3000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Openfire, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u041f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Dr. Web \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 \u0438\u044e\u043d\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 ransomnware, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-32315 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432 Openfire, \u0432\u043e\u0448\u043b\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430 JAR, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u043b \u0432 POST-\u0437\u0430\u043f\u0440\u043e\u0441\u0435 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 Java \u043a\u043e\u0434.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 JAVA-\u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 Dr. Web, \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0438: helloworld-openfire-plugin-assembly.jar, Product.jar \u0438 bookmarks-openfire-plugin-assembly.jar.\n\n\u0414\u0430\u043b\u0435\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438 Dr. Web \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0440\u043e\u044f\u043d\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a - \u0442\u0440\u043e\u044f\u043d \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442 \u043d\u0430 \u0431\u0430\u0437\u0435 Go, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043a\u0430\u043a Kinsing.\n\n\u0415\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c OpenfireSupport, \u0430 \u0437\u0430\u0442\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c plugin.jar, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043c\u0430\u0439\u043d\u0435\u0440\u0430 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0435\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u0412 \u0434\u0440\u0443\u0433\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u043c\u0435\u0441\u0442\u043e \u043d\u0435\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u0431\u044d\u043a\u0434\u043e\u0440 \u043d\u0430 \u0431\u0430\u0437\u0435 C, \u0443\u043f\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432 UPX, \u0441\u043b\u0435\u0434\u0443\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f.\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438, \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430 Openfire \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 (\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u0445, IP-\u0430\u0434\u0440\u0435\u0441\u0430\u0445, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0432\u0435\u0440\u0441\u0438\u0438 \u044f\u0434\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b).\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Dr. Web \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u0447\u0435\u0442\u044b\u0440\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-32315. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-09-27T19:20:05.000000Z"}, {"uuid": "90d4ea67-a076-4947-9055-0f900dc8d416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "Telegram/lkClufF-GFiKfd1u8hBBFNIpsNZxzvyNF6UElFxMqURbP0g", "content": "", "creation_timestamp": "2023-07-24T16:23:05.000000Z"}, {"uuid": "a2d288b7-9a44-4657-b5f5-728513db82ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1089", "content": "Successive / repetition\nCVE-2023-27532 : Veeam Backup and Replication\nPOC : https://github.com/horizon3ai/CVE-2023-27532\nPOC : https://github.com/sfewer-r7/CVE-2023-27532\nCVE-2023-32315 : Openfire\nPOC : https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass\nCVE-2021-21974 & CVE-2020-3992: VMware ESXi OpenSLP\n1 : https://straightblast.medium.com/my-poc-walkthrough-for-cve-2021-21974-a266bcad14b9\n2 : https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/\n3 : https://www.zerodayinitiative.com/blog/2021/3/1/cve-2020-3992-amp-cve-2021-21974-pre-auth-remote-code-execution-in-vmware-esxi\nPOC : https://github.com/Shadow0ps/CVE-2021-21974\nPOC : https://github.com/straightblast/My-PoC-Exploits/blob/master/CVE-2021-21974.py", "creation_timestamp": "2024-05-09T11:31:16.000000Z"}, {"uuid": "12040c44-8aea-4200-b411-30e01d8275f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/831", "content": "CVE-2023-32315 : Openfire xmppserver Administration Console -  authentication bypass\nPOC : https://github.com/Pari-Malam/CVE-2023-32315\nPOC : https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass", "creation_timestamp": "2023-08-17T14:30:17.000000Z"}, {"uuid": "4e1af5a7-2008-4dcb-8340-0b7360e9a047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/true_secator/4765", "content": "\u0411\u043e\u043b\u0435\u0435 3000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c VulnCheck, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0440\u0438\u0441\u043a\u0443 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u043e\u0432\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 CVE-2023-32315.\n\nOpenfire, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 Ignite Realtime, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 Java, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b XMPP \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Openfire \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043f\u0443\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u043c \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438\u00a0\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0432 Openfire \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0434\u043b\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 UTF-16, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c - \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0431\u044b\u043b\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0431\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Openfire, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 3.10.0, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2015 \u0433\u043e\u0434\u0430, \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 4.7.5 \u0438 4.6.8,\u00a0\u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u043c\u0430\u0435 2023 \u0433\u043e\u0434\u0430\u00a0\u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0431\u043e\u043b\u0435\u0435 \u0434\u0432\u0443\u0445 \u043c\u0435\u0441\u044f\u0446\u0435\u0432.\n\n\u0411\u044b\u043b\u043e\u00a0\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438\u00a0\u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 CVE-2023-32315, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u043e\u0434\u043d\u0443 \u0438 \u0442\u0443 \u0436\u0435 \u0441\u0445\u0435\u043c\u0443.\n\n\u041e\u0434\u043d\u0430\u043a\u043e VulnCheck \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438\u00a0\u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 6300 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Openfire \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u043f\u0440\u0438\u0447\u0435\u043c \u043e\u043a\u043e\u043b\u043e 50% \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u0435\u0444\u0435\u043a\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435, \u0442\u0430\u043a\u0436\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0422\u0430\u043a\u043e\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043b\u0435\u0434\u043e\u0432 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445 \u0430\u0443\u0434\u0438\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044c \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u0438\u0434\u043d\u0430 \u0432 openfire.log, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0430\u043c \u043f\u043b\u0430\u0433\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0434\u0430\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c, \u0438 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0441\u044f \u0438 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.", "creation_timestamp": "2023-08-24T09:59:15.000000Z"}, {"uuid": "5ec49260-e968-48e6-9eea-49bc12b71401", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32318", "type": "seen", "source": "https://t.me/cibsecurity/64729", "content": "\u203c CVE-2023-32318 \u203c\n\nNextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other account the previous session would be continued and the attacker would be authenticated as the previously logged in user. It is recommended that the Nextcloud Server is upgraded to 25.0.6 or 26.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-26T22:28:45.000000Z"}, {"uuid": "202bc33e-ae6e-41a5-9b06-c9f57d48f17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4173", "content": "\ud83d\udd30Untun - Tunnel Your Local HTTP(s) Server To The World : https://system32.ink/untun-tunnel-your-local-https-server-to-the-world/\n\n\ud83d\udc40Eyes - OSINT Tool To Get Existing Accounts From An Email : https://system32.ink/eyes-osint-tool-to-get-existing-accounts-from-an-email/\n\n\ud83e\uddd1\u200d\ud83c\udf93Cetus Legal NZ Data Leak : https://system32.ink/cetus-legal-nz-data-leak/\n\n\ud83d\udd25Openfire CVE-2023-32315 Exploit : https://system32.ink/openfire-cve-2023-32315-exploit/\n\n\u26f9\ufe0fTuttur.com Turkey Sports Data Leak : https://system32.ink/tuttur.com-turkey-sports-data-leak/\n\n\ud83e\uddd1\u200d\ud83d\udcbbProtemps Employment Services Pte Ltd Data Leak : https://system32.ink/protemps-employment-services-pte-ltd-data-leak/\n\n\ud83d\udca9Institute of Space Technology (IST) Porkistan Data Leak : https://system32.ink/institute-of-space-technology-ist-porkistan-data-leak/", "creation_timestamp": "2023-08-23T04:57:49.000000Z"}, {"uuid": "b7c10076-e059-49f6-bbfe-49c41fd22878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/943", "content": "https://youtu.be/VUGG1rCDVMY?feature=shared\nExploitation of Openfire CVE-2023-32315", "creation_timestamp": "2023-08-26T05:51:07.000000Z"}, {"uuid": "da2ceb01-f2f5-47f2-ad88-feac11b65ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32310", "type": "seen", "source": "https://t.me/cibsecurity/64864", "content": "\u203c CVE-2023-32310 \u203c\n\nDataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-01T20:25:24.000000Z"}, {"uuid": "3cfff6c0-b829-4a3c-acf7-0c36fa70b07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32314", "type": "seen", "source": "https://t.me/cibsecurity/64174", "content": "\u203c CVE-2023-32314 \u203c\n\nvm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T00:29:53.000000Z"}, {"uuid": "a674a3a3-b8dd-42f8-9108-2e5ea069fb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32313", "type": "seen", "source": "https://t.me/cibsecurity/64172", "content": "\u203c CVE-2023-32313 \u203c\n\nvm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T00:29:50.000000Z"}, {"uuid": "c632ffd0-1ef1-4634-8314-a7f2bb753954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/thehackernews/3781", "content": "\ud83d\udd25 Thousands of Openfire XMPP servers remain unpatched against a high-severity flaw, CVE-2023-32315, exposing them to exploits. \n \nRead details: https://thehackernews.com/2023/08/thousands-of-unpatched-openfire-xmpp.html \n \nDon't wait \u2013 update now to prevent potential breaches.", "creation_timestamp": "2023-08-24T10:31:08.000000Z"}, {"uuid": "fb9e1b1a-bbc5-4763-9113-50f473612568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "exploited", "source": "https://t.me/xakep_ru/14574", "content": "\u0411\u043e\u043b\u0435\u0435 3000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Openfire \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u0441\u0432\u0435\u0436\u0438\u0439 \u0431\u0430\u0433\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b VulnCheck \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 3000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Openfire \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 CVE-2023-32315, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043c\u0430\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0438\u043f\u0430 path traversal \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nhttps://xakep.ru/2023/08/24/openfire-bug/", "creation_timestamp": "2023-08-24T19:33:22.000000Z"}, {"uuid": "139b66f2-9817-498f-963d-47765d8db495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "seen", "source": "https://t.me/thebugbountyhunter/7693", "content": "https://vulncheck.com/blog/openfire-cve-2023-32315", "creation_timestamp": "2023-08-22T16:58:58.000000Z"}, {"uuid": "b38b5901-8c92-4e57-a350-848cab68fc2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32315", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8503", "content": "#exploit\n1. CVE-2023-34830:\nReflected XSS found in i-doit Open <= v.24\nhttps://github.com/leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below\n\n2. CVE-2023-32315:\nOpenfire Bypass\nhttps://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass", "creation_timestamp": "2023-06-17T12:45:34.000000Z"}]}