{"vulnerability": "CVE-2023-46747", "sightings": [{"uuid": "9df4834b-ea9e-4e6c-b875-028961969b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:38:46.000000Z"}, {"uuid": "8f21967d-dcfc-48b6-bd56-c3b51ac58b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-31T21:10:02.000000Z"}, {"uuid": "c74229f2-d81d-42a6-a806-054d9761e190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971910", "content": "", "creation_timestamp": "2024-12-24T20:35:32.625854Z"}, {"uuid": "669325d9-d702-4aa7-a253-5637c28a96fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971909", "content": "", "creation_timestamp": "2024-12-24T20:35:31.670970Z"}, {"uuid": "ed8a9d4e-264b-4727-aacd-cf6574813508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "23d00634-fa2e-4601-80be-cabd9d196dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "0406d7fa-22af-4a12-8db5-200b91c6b5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e3ab7dc5-bf7f-49e5-a3f6-ecbe28f5e139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-10)", "content": "", "creation_timestamp": "2025-07-10T00:00:00.000000Z"}, {"uuid": "6e1d7e30-1fae-43ea-96c2-f5deef4087f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "2392e09b-c2ee-4aac-8ffa-59334fa5829b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "097a7a1f-716c-459f-a4ee-608081983323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-22)", "content": "", "creation_timestamp": "2025-04-22T00:00:00.000000Z"}, {"uuid": "af1ebf32-e8dd-455b-9e87-e33235418979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "38a0ed39-8a82-4e5d-a0f4-72f5ac36387b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "97ee06aa-1a43-4e7d-a63b-336e42a0bf68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "4c23f92e-7d0a-46ac-a5f9-7355eaa77425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures", "content": "", "creation_timestamp": "2025-05-14T05:59:49.116672Z"}, {"uuid": "245e8edf-eee9-4b74-935b-1ef5a91c8938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-08)", "content": "", "creation_timestamp": "2025-07-08T00:00:00.000000Z"}, {"uuid": "2420b463-579f-435f-8716-b7593eb7d98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-30)", "content": "", "creation_timestamp": "2025-04-30T00:00:00.000000Z"}, {"uuid": "16fbaef6-cee5-493b-afee-5b3fa43ac41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "598357ea-d6b0-44de-81c0-f4b80dd6c34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "239f7d63-b6c7-4a5a-9b7d-b7939ffee591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/3496d16f-84bf-489c-9bc1-95635a9afd36", "content": "", "creation_timestamp": "2025-10-16T12:58:47.000000Z"}, {"uuid": "447e1ab5-3a23-400d-ab85-a93f0e1d75ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lwgvnskk6c2v", "content": "", "creation_timestamp": "2025-08-15T12:55:32.576762Z"}, {"uuid": "65fb4a4f-088f-4576-b48d-33d9e798fed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "d0819ccb-5599-4328-b57f-1ab3fb4748c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lwdhd3hs7mh2", "content": "", "creation_timestamp": "2025-08-14T04:01:13.661413Z"}, {"uuid": "223e4aee-9a44-4b52-baa4-4c0892d72735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "aad7509f-07ab-4147-8c8b-5da6ba46fba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-29)", "content": "", "creation_timestamp": "2025-11-29T00:00:00.000000Z"}, {"uuid": "4d7647d3-48cb-465f-98f9-811b0cf0d981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/27727c35-f389-4626-aa10-c80dcedac9a5", "content": "", "creation_timestamp": "2025-09-01T18:42:49.000000Z"}, {"uuid": "c4500f48-9d15-404d-9efe-38e860dcd5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"}, {"uuid": "96169bb4-33fa-4bab-bd55-b43e8f1e822c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuvgtjs2b", "content": "", "creation_timestamp": "2025-12-09T07:00:03.032473Z"}, {"uuid": "b7d33876-959a-4a12-941a-0cda287ef4c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5_bigip_tmui_rce_cve_2023_46747.rb", "content": "", "creation_timestamp": "2023-11-02T16:09:41.000000Z"}, {"uuid": "40c5ae30-541a-439e-ba73-f3f6849f5186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxljrk2b", "content": "", "creation_timestamp": "2025-12-09T07:00:04.145473Z"}, {"uuid": "b32494b0-cd3f-4e3f-8e12-f50d401bf79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxllq22b", "content": "", "creation_timestamp": "2025-12-09T07:00:05.295017Z"}, {"uuid": "98b35f34-4b2e-40c5-8341-e63514a8a4ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlnok2b", "content": "", "creation_timestamp": "2025-12-09T07:00:06.465225Z"}, {"uuid": "1e583aab-38ff-44b1-9cbc-cfe3964aa1b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlons2b", "content": "", "creation_timestamp": "2025-12-09T07:00:07.591105Z"}, {"uuid": "3a18db6d-70e0-4fd3-b3bf-458272d26ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlpn22b", "content": "", "creation_timestamp": "2025-12-09T07:00:09.065316Z"}, {"uuid": "9567b2e5-2f1e-43a2-afda-d2647a70d17b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3m7jxuxlqmc2b", "content": "", "creation_timestamp": "2025-12-09T07:00:10.203538Z"}, {"uuid": "40bb8fa1-7b96-4004-9fed-0c44c6d42836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "78c06f4c-49bc-4723-9a00-1f6c78c6d35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "18ef3029-8515-49d6-b417-1aa6f1a7199c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "1b2daefc-8360-4932-9a2c-c69ee717f73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-31)", "content": "", "creation_timestamp": "2025-12-31T00:00:00.000000Z"}, {"uuid": "25ead2f0-c854-41a2-8b97-9da6999ad2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-17)", "content": "", "creation_timestamp": "2026-03-17T00:00:00.000000Z"}, {"uuid": "51ce84ed-75fa-46a9-9118-33226e39e700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:31.000000Z"}, {"uuid": "ca598809-ad7b-4c2f-ae6d-810485134c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "4a416221-2395-46da-b0a7-d9906f470b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f3947f08-c4c3-414a-9487-00f64564c00e", "content": "", "creation_timestamp": "2026-02-02T12:25:27.726540Z"}, {"uuid": "bf550c9b-1150-4989-bb8b-6c1df18e255c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1150", "content": "", "creation_timestamp": "2023-10-31T04:00:00.000000Z"}, {"uuid": "6b2cff0f-f976-40af-9a32-e1f4df348e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_24/2023", "content": "", "creation_timestamp": "2023-11-03T10:05:46.000000Z"}, {"uuid": "cf4b0e62-2039-4f36-9b2f-89ce47cd7208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "480a838a-32ff-4466-a5ea-c1d28ff7e6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f6086f88-03ef-4527-91b5-462904d2ace1", "content": "", "creation_timestamp": "2026-02-02T12:26:47.873064Z"}, {"uuid": "d10a13ef-8e38-4953-904b-51878a257b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/wG0cDJgGVfJGwd2Zjdu2U-n25YycOJf4cno9rhYGWoiytkA", "content": "", "creation_timestamp": "2025-12-03T15:00:08.000000Z"}, {"uuid": "1f65ea7c-8c6a-4d67-9452-466266e7202d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11843", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-27T19:33:18.000000Z"}, {"uuid": "27de255b-8ae4-4bbd-90d9-a994b303b90d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/179", "content": "\u2604\ufe0fCVE-2023-46747 RCE: PoC\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\ud83d\udd13\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n#poc #exploit #cve", "creation_timestamp": "2023-11-04T17:10:02.000000Z"}, {"uuid": "724cb03a-b219-4f1f-b6c9-dc586fc91112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5615", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\nURL\uff1ahttps://github.com/AliBrTab/CVE-2023-46747-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T15:53:34.000000Z"}, {"uuid": "2d6bd1b9-d02d-4daf-8c06-518f56aa8fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6805", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aexploit for f5-big-ip RCE cve-2023-46747\nURL\uff1ahttps://github.com/rainbowhatrkn/CVE-2023-46747-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-03-15T22:49:01.000000Z"}, {"uuid": "d759b70e-b6fe-4b1a-913e-3e2e53218c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11854", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Critical Vulnerability in F5 BIG-IP Configuration Utility Allows Request Smuggling, Leads to RCE: CVE-2023-46747.\n\nhttps://socradar.io/critical-vulnerability-in-f5-big-ip-configuration-utility-allows-request-smuggling-leads-to-rce-cve-2023-46747/", "creation_timestamp": "2023-10-28T17:32:52.000000Z"}, {"uuid": "55d30778-c707-488c-bb35-b1805af174a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11913", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2023-46747 RCE: F5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability.\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-02T10:26:17.000000Z"}, {"uuid": "a949d540-7404-48c7-b70c-d9bdb357354a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/237", "content": "\u2604\ufe0fCVE-2023-46747 RCE: PoC\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\ud83d\udd13\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n#poc #exploit #cve", "creation_timestamp": "2023-11-04T17:10:02.000000Z"}, {"uuid": "099ba2b8-72bf-464a-8210-75c1b022d891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8833", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/AMELYA13/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-24T20:52:40.000000Z"}, {"uuid": "b75795cb-e65e-463f-8bd8-fd97e5293dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8841", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/MacTavish2/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-25T17:05:03.000000Z"}, {"uuid": "895b4890-840d-4250-88fe-b89a05df4ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6102", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aexploit for f5-big-ip RCE cve-2023-46747\nURL\uff1ahttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-12-07T03:12:04.000000Z"}, {"uuid": "b05bbe45-a824-4a9a-93e4-58ec54cd23f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46747\nURL\uff1ahttps://github.com/k0zulzr/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T13:30:06.000000Z"}, {"uuid": "c49ce82e-a103-4f7a-96f2-b167b26da25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5611", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1ametasploit module for CVE-2023-46747 (F5 BIG-IP) RCE and the analyze\nURL\uff1ahttps://github.com/TomArn1/CVE-2023-46747-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-30T13:23:54.000000Z"}, {"uuid": "162d0939-43f7-4597-82b7-7341c813065a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5661", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs\nURL\uff1ahttps://github.com/sanjai-AK47/CVE-2023-46747\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-03T13:38:15.000000Z"}, {"uuid": "bb133a5d-626a-4509-8f56-b7e4d709d5c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5587", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\nURL\uff1ahttps://github.com/r4pG0r/CVE-2023-46747-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-27T18:29:37.000000Z"}, {"uuid": "1d64e959-0417-4d1d-81f4-5cd6c6b5103a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5637", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-46747 Criticle Auth Bypass\nURL\uff1ahttps://github.com/fu2x2000/CVE-2023-46747\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-01T13:22:09.000000Z"}, {"uuid": "56340630-55e4-48dc-9dbc-28084f9dc518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8821", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Xanexs/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-23T13:29:54.000000Z"}, {"uuid": "4ae0ee99-78ab-4817-bdcb-0f74b9bc0b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8802", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Jumeyros/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-21T13:11:25.000000Z"}, {"uuid": "a91c89e4-2ca6-48dd-a652-f8d230740d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8813", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46747-Mass-RCE\nURL\uff1ahttps://github.com/Rizzler4562/CVE-2023-46747-Mass-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-22T13:56:30.000000Z"}, {"uuid": "0e59dace-2ae3-47a1-b171-5e12e8e502ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11842", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2023-46747 (Score 9.8); an unauthenticated remote code execution vulnerability via a side-channel from the management interface (Traffic Management User Interface (TMUI) and is closely related to CVE-2022-26377 which is a HTTP request smuggling vulnerability).\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution by running arbitrary commands. This only affects the control plane and not the data plane.\n\nApparently, at the management console; sending requests to the \u201cbackend\u201d service that assumes the \u201cfrontend\u201d handled authentication is leading to this issue using HRS.\n\nTrack this issue at: http://ckure.esy.es/archives/13495\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/\n\nhttps://my.f5.com/manage/s/article/K000137353\n\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T19:50:20.000000Z"}, {"uuid": "efbe92d6-6700-419e-84b2-c646e809fa52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/51", "content": "#CVE-2023-46747-#RCE\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-01T15:44:22.000000Z"}, {"uuid": "274eae09-74dd-4006-936e-b0c9e3536807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/3549", "content": "\u200b\u26a1\ufe0f\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u0432 BIG-IP \u043e\u0442 F5 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\ud83d\udcac \u0422\u0440\u0430\u043d\u0441\u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 \u0443\u0441\u043b\u0443\u0433\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0430\u0439\u0442\u0430\u043c\u0438 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-46747 \u0438 \u0431\u044b\u043b\u0430 \u043e\u0446\u0435\u043d\u0435\u043d\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0432 9,8 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0431\u0430\u043b\u043b\u043e\u0432.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u041c\u0430\u0439\u043a\u043b\u0443 \u0412\u0435\u0431\u0435\u0440\u0443 \u0438 \u0422\u043e\u043c\u0430\u0441\u0443 \u0425\u0435\u043d\u0434\u0440\u0438\u043a\u0441\u043e\u043d\u0443 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Praetorian, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0451\u0442 \u0441 \u043d\u044e\u0430\u043d\u0441\u0430\u043c\u0438 \u0440\u0430\u0431\u043e\u0442\u044b CVE-2023-46747.\n\nF5 \u0443\u0442\u043e\u0447\u043d\u0438\u043b\u0430: \u00ab\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BIG-IP \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 / \u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b\u00bb. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0431\u044b\u043b\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 BIG-IP:\n\n17.1.0 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 17.1.0.3 + Hotfix-BIGIP-17.1.0.3.0.75.4-ENG);\n\n16.1.0 - 16.1.4 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 16.1.4.1 + Hotfix-BIGIP-16.1.4.1.0.50.5-ENG);\n\n15.1.0 - 15.1.10 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 15.1.10.2 + Hotfix-BIGIP-15.1.10.2.0.44.2-ENG);\n\n14.1.0 - 14.1.5 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 14.1.5.6 + Hotfix-BIGIP-14.1.5.6.0.10.6-ENG);\n\n13.1.0 - 13.1.5 (\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 13.1.5.1 + Hotfix-BIGIP-13.1.5.1.0.20.2-ENG);\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0432 F5 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 , \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 14.1.0. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u0430\u043a\u0446\u0435\u043d\u0442, \u0447\u0442\u043e \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 BIG-IP \u043d\u0438\u0436\u0435 14.1.0 \u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0435\u0449\u0451 \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c\u0438 BIG-IP. \u0421\u0430\u043c \u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0441\u043e\u0432\u0435\u0442\u044b:\n\n\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430 ;\n\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f .\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e CVE-2023-46747 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0436\u0435 \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u043f\u043e \u0441\u0447\u0451\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 BIG-IP TMUI \u043f\u043e\u0441\u043b\u0435 CVE-2020-5902 \u0438 CVE-2022-1388 .\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-27T14:49:00.000000Z"}, {"uuid": "f57ec742-93b7-4335-bfd4-e3e5843e10d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/itsec_news/3579", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T10:48:35.000000Z"}, {"uuid": "57f8cc1f-ebe5-4be9-9aca-3d9079b0afb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/itsec_news/3578", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u043a\u043e\u0440\u0435\u0435: \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 BIG-IP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438. \u0414\u0430\u043d\u043d\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-46747 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430 \u0441 \u0431\u0430\u043b\u043b\u043e\u043c 9.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 BIG-IP, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 13.1.0 \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f 17.1.0, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u0445 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-46748 . \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 BIG-IP.\n\n\u0414\u043b\u044f \u043e\u0431\u043e\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u0431\u044b\u043b\u0430 \u043b\u0438 \u0432\u044b\u0448\u0435\u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Shadowserver \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 , \u0447\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Honeypot-\u0441\u0435\u043d\u0441\u043e\u0440\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0442\u043e \u0438 \u0434\u0435\u043b\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-46747. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-01T09:43:20.000000Z"}, {"uuid": "a24b0d60-77ea-4e24-b137-898a0c935f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/192", "content": "Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747\n\n\ud83d\udc64 by Michael Weber and Thomas Hendrickson\n\nAs a result of the research researchers were able to identify an authentication bypass issue that led to complete compromise of an F5 system with the Traffic Management User Interface (TMUI) exposed. The bypass was assigned CVE-2023-46747, and is closely related to CVE-2022-26377. Like they recently reported Qlik RCE, the F5 vulnerability was also a request smuggling issue. In this blog authors will discuss their methodology for identifying the vulnerability, walk through the underlying issues that caused the bug, and explain the steps they took to turn the request smuggling into a critical risk issue. They will conclude with remediation steps and their thoughts on the overall process.\n\n\ud83d\udcdd Contents:\n\u25cf Overview\n\u25cf Mapping out the F5 BIG-IP Attack Surface\n\u25cf F5 Traffic Management User Interface (TMUI) Overview\n\u25cf Verifying AJP Smuggling\n\u25cf AJP Smuggling and Server Interpretation\n\u25cf But What To Do With the Smuggling?\n\u25cf Remediation\n\u25cf Conclusion\n\u25cf Disclosure Timeline\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-27T05:50:12.000000Z"}, {"uuid": "49469891-8bfd-41fe-9e91-cb054e864646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/18744", "content": "\u200aF5 fixes BIG-IP auth bypass allowing remote code execution attacks\n\nA critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. [...]\n\nhttps://www.bleepingcomputer.com/news/security/f5-fixes-big-ip-auth-bypass-allowing-remote-code-execution-attacks/", "creation_timestamp": "2023-10-27T18:00:34.000000Z"}, {"uuid": "a6b784a0-3f7e-4ea6-9d41-5c7b91326ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/BleepingComputer/18751", "content": "Latest news and stories from BleepingComputer.com\nF5 fixes BIG-IP auth bypass allowing remote code execution attacks\n\nA critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. [...]", "creation_timestamp": "2023-10-27T19:09:29.000000Z"}, {"uuid": "53756336-a3eb-400a-9453-057d89b06caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/383", "content": "Top Security News for 27/10/2023\n\nWhy cybersecurity training isn\u2019t working (and how to fix it)\nhttps://securityintelligence.com/articles/why-cybersecurity-training-isnt-working-and-how-to-fix-it/ \n\n6 steps to accelerate cybersecurity incident response\nhttps://malware.news/t/6-steps-to-accelerate-cybersecurity-incident-response/75002#post_1 \n\nF5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html \n\nCVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling\nhttps://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/ \n\nA cascade of compromise: unveiling Lazarus\u2019 new campaign\nhttps://malware.news/t/a-cascade-of-compromise-unveiling-lazarus-new-campaign/75004#post_1 \n\nA cascade of compromise: unveiling Lazarus\u2019 new campaign\nhttps://securelist.com/unveiling-lazarus-new-campaign/110888/ \n\nWorkflow of a zkSync Era transaction: from generation to finalization\nhttp://blog.quarkslab.com/zksync-transaction-workflow.html \n\nCritical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data\nhttps://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html \n\nCVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling\nhttps://www.reddit.com/r/netsec/comments/17h253u/cve202346747_preauth_remote_code_execution_in/ \n\nStripedFly reclassified from petty larceny to APT.\nhttps://thecyberwire.com/stories/e41efe29905a42dc86888a014624baf9/stripedfly-reclassified-from-petty-larceny-to-apt \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-10-27T07:00:06.000000Z"}, {"uuid": "9988d7f8-7df6-44a6-8356-79c36e9b5718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/ctinow/146805", "content": "https://ift.tt/alR0eTU\nThreat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748", "creation_timestamp": "2023-11-01T19:19:56.000000Z"}, {"uuid": "51ee1a81-d123-4ea4-8fdc-49b726accd80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/188", "content": "\ud83d\udcd5 \u041f\u043e\u0434\u0431\u043e\u0440\u043e\u0447\u043a\u0430 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u042d\u0442\u043e \u043f\u0440\u043e\u0431\u043d\u0438\u043a.\n\n\ud83d\udca1 F5 BIG-IP Unauth RCE via AJP Smuggling\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46747\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BIG-IP \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438/\u0438\u043b\u0438 \u0441\u0430\u043c\u043e\u043f\u0438\u0441\u043d\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\n\ud83d\udca1 ActiveMQ Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-46604\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: \n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0440\u043e\u043a\u0435\u0440\u0443, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u0438\u043f\u0430\u043c\u0438 \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 OpenWire, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440 \u0438\u043d\u0441\u0442\u0430\u043d\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441 \u0432 \u043f\u0443\u0442\u0438 \u043a\u043b\u0430\u0441\u0441\u0430.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 \u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 UI Cisco IOS XE\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\n- CVE-2023-20198\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x: \n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 15.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Microsoft Exchange Server Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-36745\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0436\u0435\u0440\u0442\u0432\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0441\u0442\u043e\u044e \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\n#poc", "creation_timestamp": "2023-11-10T10:57:44.000000Z"}, {"uuid": "7587e580-ee01-4e09-98d6-db1b3fc486a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/140", "content": "\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u043b\u0438\u0441\u044c F5 Networks, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u0434\u0432\u0443\u043c\u044f \u0431\u0430\u0433\u0430\u043c\u0438: CVE-2023-46747 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=9.8) \u0438 CVE-2023-46748 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=8.8)\n\nF5 BIG-IP - \u044d\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u0445\u043e\u0434\u044f\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\ud83d\ude0e\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46748 \u0432 BIG-IP Configuration utility \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0443\u044e SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.  \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46747 Unauth RCE via AJP Smuggling - \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Request Smuggling \u0432 Apache JServ (AJP).\n\nRequest Smuggling \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 Content-Length/Transfer-Encoding \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043e\u0442 Apache HTTPd \u043a Tomcat \u043f\u043e AJP, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c POST-\u0437\u0430\u043f\u0440\u043e\u0441 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 516 bytes (0x204 bytes) \u043d\u0430 \u0440\u0443\u0447\u043a\u0443 /tmui/Control/form/ \u0441 AJP \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u043e\u043c remote_user = admin \u0438 \u0441\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c null \u0434\u043b\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 REMOTEROLE \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\ud83d\udc4d\n\u0414\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 CSRF \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0447\u0442\u043e\u0431\u044b \u043a\u043e\u043d\u043a\u0430\u0442\u0435\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 _bufvalue \u0438 _timenow \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044e base64 SHA1 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 Tmui-Dubbuf \u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0443 516 bytes (0x204 bytes).\n\n\u0414\u0430\u043b\u0435\u0435, \u0441 \u043d\u043e\u0432\u043e\u0439 \u0443\u0447\u0435\u0442\u043a\u043e\u0439 \u0430\u0434\u043c\u0438\u043d\u0430, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 /mgmt/tm/util/bash \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c RCE\ud83d\ude0e\ncurl -sk -u 'USER:PASS' -H 'Content-Type: application/json' -X POST \\ \n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'\nhttps://$IP:8443/mgmt/tm/util/bash\n\n\ud83d\udd0eShodan & Fofa: title=\"BIG-IP®- Redirect\"\n\u2699\ufe0fPOC: https://github.com/W01fh4cker/CVE-2023-46747-RCE\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\nPS: \u0416\u0435\u043b\u0430\u044e \u0432\u0441\u0435\u043c \u0443\u0434\u0430\u0447\u043d\u043e\u0439 \u043f\u044f\u0442\u043d\u0438\u0446\u044b \u0438 \u0445\u043e\u0440\u043e\u0448\u0438\u0445 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445!", "creation_timestamp": "2023-11-03T11:57:25.000000Z"}, {"uuid": "7ee7a947-459d-499c-b2a7-50362a37a209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/kasperskyb2b/976", "content": "\u26a1\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Citrix NetScaler \u0438 F5 BIG-IP \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438\n\n\u0422\u044f\u0436\u0451\u043b\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u2014 \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0440\u0430\u0441\u043a\u0430\u0447\u043a\u0443. \u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u044b\u0440\u0430\u043c\u0438 \u0432 Netscaler ADC \u0438 BIG-IP \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0433\u0440\u0443\u043f\u043f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 ransomware.\n\nCVE-2023-4966 (CitrixBleed, CVSS 9.4) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0443\u0442\u0430\u0449\u0438\u0442\u044c \u0441\u0435\u0441\u0441\u0438\u043e\u043d\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0441\u043b\u0435\u0434\u043e\u0432 \u0432 \u043b\u043e\u0433\u0430\u0445, \u0438, \u043f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u0438\u043c\u0438, \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0442\u044c \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u043e\u0431\u0445\u043e\u0434 MFA. \u0412 \u043e\u0431\u0449\u0435\u043c, \u0431\u044b\u0441\u0442\u0440\u043e \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438. \n \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0435\u044e \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u0432\u0441\u0435, \u043a\u043e\u043c\u0443 \u043d\u0435 \u043b\u0435\u043d\u044c \u0434\u0430\u0436\u0435 \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b. \n\u0412\u0430\u0436\u043d\u043e, \u0447\u0442\u043e \u043f\u0440\u043e\u0441\u0442\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0443\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430, \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b. \u041d\u0443\u0436\u043d\u043e \u0438\u0441\u043a\u0430\u0442\u044c \u0441\u043b\u0435\u0434\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0441\u043b\u0435\u0434\u043e\u0432 \u2014 \u0437\u0434\u0435\u0441\u044c \u0438 \u0437\u0434\u0435\u0441\u044c (\u0441\u043f\u043e\u0439\u043b\u0435\u0440 \u2014 \u0432\u0430\u043c \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u043c\u043e\u0436\u0435\u0442 SIEM). \n\n\u0420\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u044b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a \u0434\u044b\u0440\u044b \u0432 F5 BIG-IP (CVE-2023-46747 \u0438 -46748, CVSS 9.8, 8.8) \u0442\u043e\u0436\u0435 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0438\u0441\u044c \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\u043c \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u0435\u0440\u0432\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0439 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439.  \n\u041b\u044e\u0431\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0430 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438, \u043f\u0435\u0441\u0441\u0438\u043c\u0438\u0441\u0442\u0438\u0447\u043d\u043e \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 F5 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0441\u043b\u0435\u0434\u043e\u0432 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0438\u0441\u0442\u0435\u043c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-11-02T10:58:10.000000Z"}, {"uuid": "92ad4db8-34bb-4de5-8be7-14356bfd278b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/146644", "content": "https://ift.tt/aEKtoBN\nF5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification - Security Boulevard", "creation_timestamp": "2023-11-01T07:02:10.000000Z"}, {"uuid": "fa198a49-67c4-4df0-8358-1daf7e481a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "Telegram/cDnMH4YbZFfIIqtTxoOirX-XeJzHKYG1rqqgjWGd4IpzHg", "content": "", "creation_timestamp": "2023-11-01T11:43:00.000000Z"}, {"uuid": "f2ef3082-ae02-4c16-887f-a90dca54b8de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/Teamx1945x/3642", "content": "https://nvd.nist.gov/vuln/detail/CVE-2023-46747", "creation_timestamp": "2024-04-20T16:31:36.000000Z"}, {"uuid": "9c6f223d-6366-4dc4-9a83-b6bbeb8b66ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/146275", "content": "https://ift.tt/A9h1H8R\nF5 fixes critical BIG-IP vulnerability (CVE-2023-46747)", "creation_timestamp": "2023-10-30T17:12:49.000000Z"}, {"uuid": "db9deea0-b110-4fa3-a4df-95ee1e066560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/223OFSMmLUdP7f4yTdbWxDK9P9UYsPDh697eB18UtwZouQ", "content": "", "creation_timestamp": "2023-11-01T16:34:19.000000Z"}, {"uuid": "9ca426d6-bc95-43f0-8671-5ee33a3475e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/rn2U4Qh8Rvq9YZvL_mMenCW-EdpDwkxJoElVzVUJSV8lUg", "content": "", "creation_timestamp": "2023-10-30T23:55:07.000000Z"}, {"uuid": "d1e70a31-8b97-4ab2-bb79-b79f8ce3d539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/UvfOaXPYVyIIcBkplEjtKRimhd7owHzf0Znm1nXbcyV1iQ", "content": "", "creation_timestamp": "2023-11-01T11:36:55.000000Z"}, {"uuid": "b31a0f47-ad82-4591-83be-275d65741efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/bmWIY_GqWw71T7V6bxvZDT0JRVgiLfgI8QZx449as8Diug", "content": "", "creation_timestamp": "2023-11-06T19:03:15.000000Z"}, {"uuid": "68393fae-c5d4-4b9e-9b6b-1f3a7438cad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1031", "content": "\u200b\u200bCVE-2023-46747-RCE\n\n F5 BIG-IP \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0627\u062f\u0642 \u0639\u0644\u064a\u0647\u0627 (RCE) \u0648\u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0644\u062a\u062c\u0627\u0648\u0632 \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629.\n\n https://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2024-03-29T18:27:12.000000Z"}, {"uuid": "1292e223-4583-43f5-a9df-24585bf0de37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/INDb5cqMLavLbTSmj78o79O7AUDKsjdh5BFSIUF1_h7XSA", "content": "", "creation_timestamp": "2024-04-19T21:24:10.000000Z"}, {"uuid": "436733b4-2ca0-4cc4-b316-7d53f832515e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/LsZq0JqGAyHoIWFAVUN6Osha41-oM1qq9XNS_wmhKmhg7A", "content": "", "creation_timestamp": "2023-11-02T20:51:48.000000Z"}, {"uuid": "9f59a962-582f-4a78-9782-569d61ebede7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2190", "content": "\u26a1 Urgent \u2014 F5 warns of a critical vulnerability (CVE-2023-46747) in BIG-IP, allowing unauthenticated remote code execution. \n \nLearn more: https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-10-27T12:49:19.000000Z"}, {"uuid": "4fcba0cb-e954-45a5-b949-577ede997f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2663", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-02T17:24:04.000000Z"}, {"uuid": "50af8bcd-010e-4503-8dae-8942f6fd24c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/KomunitiSiber/993", "content": "F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution\nhttps://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html\n\nF5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution.\nThe issue, rooted in the configuration utility component, has been assigned the CVE identifier\u00a0CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10.\n\"This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP", "creation_timestamp": "2023-10-27T06:51:15.000000Z"}, {"uuid": "c4e2a40c-c366-499d-a8cf-e5b6bc298652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "Telegram/g6bw7nvLSQI4Xs7_7rVjc9Q806-zTo6NekpA9NHKfFdivg", "content": "", "creation_timestamp": "2023-11-01T07:25:30.000000Z"}, {"uuid": "e18c533c-24e1-4d11-9387-c7c009418ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/wSIaHz15J2XvqH3VYVco9LhsFVSPcgPHfmG8rsQwPqyP9w", "content": "", "creation_timestamp": "2023-10-27T08:28:40.000000Z"}, {"uuid": "8ead009c-c731-4654-bde5-e25cf1f1de4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/arpsyndicate/147", "content": "#ExploitObserverAlert\n\nCVE-2023-46747\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-46747. \n\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\nFIRST-EPSS: 0.969840000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T02:31:48.000000Z"}, {"uuid": "560a3684-1017-49d6-b879-0a4b2de166e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3502", "content": "CVE-2023-46747-POC\n\ncurl -sk -u 'ali:ali' -H 'Content-Type: application/json' -X POST \\\n\n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'  \\\n\nhttps:///$IP:$PORT/mgmt/tm/util/bash", "creation_timestamp": "2023-10-31T10:12:16.000000Z"}, {"uuid": "7ca35ef7-ec80-42fb-9af0-a90006349314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/221", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-02T17:24:04.000000Z"}, {"uuid": "fe7271a2-e3eb-4f10-b702-46df25b1bb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/195", "content": "\u26a1 Urgent \u2014 F5 warns of a critical vulnerability (CVE-2023-46747) in BIG-IP, allowing unauthenticated remote code execution. \n \nLearn more: https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html", "creation_timestamp": "2023-12-07T05:20:16.000000Z"}, {"uuid": "6f4383bb-de0e-4b80-8ed8-5bde056727c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/KomunitiSiber/1010", "content": "Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability\nhttps://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html\n\nF5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain.\nTracked as\u00a0CVE-2023-46747\u00a0(CVSS score: 9.8), the\u00a0vulnerability\u00a0allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution", "creation_timestamp": "2023-11-01T07:33:03.000000Z"}, {"uuid": "a4686ac6-8396-47a4-84cd-d56a345f5e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3507", "content": "https://github.com/W01fh4cker/CVE-2023-46747-RCE", "creation_timestamp": "2023-11-02T04:09:37.000000Z"}, {"uuid": "05474dd1-9191-44de-a33c-a34d743e97be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/375332", "content": "{\n  \"Source\": \"https://demonforums.net/\",\n  \"Content\": \"exploit for cve-2023-46747 | Bypass Vulnerability in F5 BIG-IP\", \n  \"author\": \"Herleifr\",\n  \"Detection Date\": \"10 Nov 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-11-10T20:32:32.000000Z"}, {"uuid": "1703e7c8-a11d-4179-993e-7212d1111e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3219", "content": "Hackers Factory \n\ncheck_cve_2023_22518.py\n\nhttps://github.com/RootUp/PersonalStuff/blob/master/check_cve_2023_22518.py\n\nVitogate300_RCE.md\n\nhttps://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md\n\nunwyze - a Wyze Cam v3 RCE Exploit\n\nhttps://github.com/blasty/unwyze\n\nPoC CVE-2023-5044\n\nhttps://github.com/r0binak/CVE-2023-5044\n\nExploit for CVE-2023-36802 targeting MSKSSRV.SYS driver\n\nhttps://github.com/Nero22k/cve-2023-36802\n\nexploit for cve-2023-46747\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\nRCE Exploit For Maltrail-v0.53\n\nhttps://github.com/spookier/Maltrail-v0.53-Exploit\n\nAdded CVE-2023-46747 (5 BIG-IP - Unauthenticated RCE via AJP Smuggling\n\nhttps://github.com/projectdiscovery/nuclei-templates/pull/8496\n\ncisco-webui-detection.yaml\n\nhttps://github.com/xscorp/Notes/blob/master/PublicTemplates/cisco-webui-detection.yaml\n\nF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\n\nhttps://github.com/AliBrTab/CVE-2023-46747-POC\n\nCVE-2023-22515: Confluence Broken Access Control Exploit\n\nhttps://github.com/Chocapikk/CVE-2023-22515\n\nImage horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode\n\nhttps://github.com/RandomRobbieBF/CVE-2023-5412\n\nCVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC\n\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\nBoltWire v6.03 vulnerable to \"Improper Access Control\"\n\nhttps://github.com/Cyber-Wo0dy/CVE-2023-46501\n\nhttps://www.kitploit.com/2023/10/looneypwner-exploit-tool-for-cve-2023.html?m=1\n\n#HackersFactory \ud83d\ude0f#GHOSTS\ud83d\ude0f", "creation_timestamp": "2023-11-09T05:43:54.000000Z"}, {"uuid": "45fc573d-48b1-4142-aaa5-cc7050906f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1807", "content": "exploit for cve-2023-46747 \nF5 BIG-IP unauthenticated remote code execution \n*\nexploit", "creation_timestamp": "2023-11-02T10:32:54.000000Z"}, {"uuid": "f30746f7-e0bd-4e40-bcf9-0e0058235219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1294", "content": "if you exploited any, the user:codeb0ss / pass:codeb0ss", "creation_timestamp": "2024-11-17T03:13:55.000000Z"}, {"uuid": "0b4abffa-d78f-48ae-ae0a-1bd3612b5186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "Telegram/7SbUVmPARfahi-4FimIWn71gUMTBHRPYbIdVGXNMI6h-3K0", "content": "", "creation_timestamp": "2023-10-30T16:56:06.000000Z"}, {"uuid": "0343d11e-ea06-49fe-9009-74813593101c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/cibsecurity/73013", "content": "\u203c CVE-2023-46747 \u203c\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.\u00c2\u00a0\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T00:18:12.000000Z"}, {"uuid": "52680a6f-9203-44f4-bf6a-849a3cb6aef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/true_secator/5033", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 F5 BIG-IP \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\nCVE-2023-46747\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c BIG-IP \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n26 \u043e\u043a\u0442\u044f\u0431\u0440\u044f F5 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f BIG-IP \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 13.x \u043f\u043e 17.x, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0445 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\u00a0\u043e\u0442 30 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044f \u0435\u0435 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u043e\u0432\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 BIG-IP,\u00a0CVE-2023-46748\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8,8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL-\u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0440\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f BIG-IP \u0438/\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 IoC \u0434\u043b\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430  \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0421\u0430\u043c PoC, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2023-46747, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 Project Discovery, \u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Praetorian Security, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0431\u043b\u043e\u0433, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u044b\u0441\u044f\u0447\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 BIG-IP \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u0430\u0442\u0430\u043a\u0430\u043c, \u043f\u0440\u0438\u0447\u0435\u043c \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c\u0443 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0443.", "creation_timestamp": "2023-11-01T12:01:02.000000Z"}, {"uuid": "e0e681e8-66f2-42b0-9e24-a39ea75fe54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/ctinow/212618", "content": "https://ift.tt/FhflT3i\nBringing Access Back \u2014 Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect", "creation_timestamp": "2024-03-23T05:56:30.000000Z"}, {"uuid": "c6ab0055-41e3-43c7-b124-923782b58f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/xakep_ru/14911", "content": "F5 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 BIG-IP\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 F5 BIG-IP (CVE-2023-46747), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 UI Traffic Management \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 9,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVSS.\n\nhttps://xakep.ru/2023/10/30/f5-big-ip-new-rce/", "creation_timestamp": "2023-10-30T15:44:50.000000Z"}, {"uuid": "475af837-063e-4bba-b069-482427541023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/theninjaway1337/1475", "content": "Bringing Access Back \u2014 Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect\n\nDuring the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, we observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed with moderate confidence to be unique to a People's Republic of China (PRC) threat actor, UNC5174.\n\nMandiant assesses UNC5174 (believed to use the persona \"Uteus\") is a former member of Chinese hacktivist collectives that has since shown indications of acting as a contractor for China's Ministry of State Security (MSS) focused on executing access operations. UNC5174 has been observed attempting to sell access to U.S. defense contractor appliances, UK government entities, and institutions in Asia in late 2023 following CVE-2023-46747 exploitation. In February 2024, UNC5174 was observed exploiting ConnectWise ScreenConnect vulnerability (CVE-2024-1709) to compromise hundreds of institutions primarily in the U.S. and Canada.\n\nhttps://www.mandiant.com/resources/blog/initial-access-brokers-exploit-f5-screenconnect", "creation_timestamp": "2024-03-22T17:55:44.000000Z"}, {"uuid": "03c0393f-a5ad-4581-abae-ac891c21e12c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/thehackernews/4084", "content": "\ud83d\udea8 Security Alert \u279c F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands. \n \nLearn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html \n \nProtect your network\u2014patch now!", "creation_timestamp": "2023-11-01T10:27:24.000000Z"}, {"uuid": "f378e18b-c68e-47e0-8c5a-d10f6dd00251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "seen", "source": "https://t.me/information_security_channel/50909", "content": "F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP\nhttps://www.securityweek.com/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/\n\nA critical-severity vulnerability in F5 BIG-IP CVE-2023-46747 allows unauthenticated attackers to execute code remotely.\nThe post F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP (https://www.securityweek.com/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-27T17:19:52.000000Z"}, {"uuid": "0f5ebd4c-2d13-4156-a90d-6daeb9c5865e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "exploited", "source": "https://t.me/information_security_channel/50922", "content": "Attackers Exploiting Critical F5 BIG-IP Vulnerability\nhttps://www.securityweek.com/attackers-exploiting-critical-f5-big-ip-vulnerability/\n\nExploitation of a critical vulnerability (CVE-2023-46747) in F5\u2019s\u00a0 BIG-IP product started less than five days after public disclosure and PoC exploit code was published.\nThe post Attackers Exploiting Critical F5 BIG-IP Vulnerability (https://www.securityweek.com/attackers-exploiting-critical-f5-big-ip-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-31T17:29:08.000000Z"}, {"uuid": "894b9565-6242-4668-ac95-c98bc0bba275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7935", "content": "Compromising F5 BIGIP with Request Smuggling -\n\nhttps://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/", "creation_timestamp": "2023-10-26T23:26:24.000000Z"}, {"uuid": "2ea607ae-244e-43a7-9d67-97808ac2b060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7966", "content": "F5 BIG-IP Unauth RCE via AJP Smuggling (CVE-2023-46747) - Technical Analysis\n\nhttps://blog.projectdiscovery.io/cve-2023-46747-5-big-ip-unauthenticated-rce-via-ajp-smuggling/", "creation_timestamp": "2023-11-03T09:30:49.000000Z"}, {"uuid": "e64f703c-d0e2-494e-99e4-4e3a41c1baee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1389", "content": "https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747", "creation_timestamp": "2023-11-03T14:36:19.000000Z"}, {"uuid": "85fdb15d-d852-4c62-86a3-d668a33e25ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1403", "content": "CVE-2023-46747-POC\n\ncurl -sk -u 'ali:ali' -H 'Content-Type: application/json' -X POST \\\n\n-d '{\"command\": \"run\", \"utilCmdArgs\": \"-c \\\"whoami\\\"\"}'  \\\n\nhttps:///$IP:$PORT/mgmt/tm/util/bash\n\n#poc #exploit", "creation_timestamp": "2023-10-31T10:11:17.000000Z"}, {"uuid": "8af0ba89-5af0-48d0-b335-57fedb429ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1413", "content": "https://github.com/W01fh4cker/CVE-2023-46747-RCE\n#github", "creation_timestamp": "2023-11-02T03:56:10.000000Z"}, {"uuid": "585107e2-a63a-4379-b8a8-a27641fbe014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9295", "content": "#exploit\n1. Wyze Cam v3 RCE Exploit\nhttps://github.com/blasty/unwyze\n\n2. CVE-2023-5044:\nKubernetes ingress-nginx <1.9.0 - API command injection\nhttps://raesene.github.io/blog/2023/10/29/exploiting-CVE-2023-5044\n]-> https://github.com/r0binak/CVE-2023-5044\n\n3. CVE-2023-46747:\nF5 BIG-IP Unauthenticated RCE/Authentication bypass\nhttps://github.com/AliBrTab/CVE-2023-46747-POC\n]-> https://github.com/fu2x2000/CVE-2023-46747", "creation_timestamp": "2023-11-08T12:37:14.000000Z"}, {"uuid": "025b038d-31db-442b-bee2-a62220e9e8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9325", "content": "#tools\n#Offensive_security\n1. UAC Bypass program\nhttps://github.com/justhyak/UAC-Bypass-FUD\n2. Python script to test if a F5 BIG-IP is vulnerable for CVE-2023-46747\nhttps://github.com/nvansluis/test_cve-2023-46747\n3. The art of indirect exfiltration\nhttps://thecontractor.io/data-bouncing", "creation_timestamp": "2023-11-04T18:42:05.000000Z"}, {"uuid": "2452e5b5-8459-495a-87ac-f1a6aa56b579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1595", "content": "#exploit\n1. Wyze Cam v3 RCE Exploit\nhttps://github.com/blasty/unwyze\n\n2. CVE-2023-5044:\nKubernetes ingress-nginx <1.9.0 - API command injection\nhttps://raesene.github.io/blog/2023/10/29/exploiting-CVE-2023-5044\n]-> https://github.com/r0binak/CVE-2023-5044\n\n3. CVE-2023-46747:\nF5 BIG-IP unauthenticated RCE and authentication bypass\nhttps://github.com/AliBrTab/CVE-2023-46747-POC", "creation_timestamp": "2024-08-16T08:43:26.000000Z"}, {"uuid": "08e19690-a79a-4ca5-9ae3-f4d310c408e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1589", "content": "https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747", "creation_timestamp": "2024-08-16T08:43:26.000000Z"}, {"uuid": "7c5252a8-40d2-46ec-acba-13489109d3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "Telegram/K0f-j-gack7mEbq0v5q9zf3FeKuqj9Z-q5xmBuR-W-zC", "content": "", "creation_timestamp": "2024-11-11T18:25:20.000000Z"}, {"uuid": "bbde1074-0d34-49fc-900c-38a6ba64bc05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46747", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1633", "content": "#tools\n#Offensive_security\n1. UAC Bypass program\nhttps://github.com/justhyak/UAC-Bypass-FUD\n2. Python script to test if a F5 BIG-IP is vulnerable for CVE-2023-46747\nhttps://github.com/nvansluis/test_cve-2023-46747\n3. The art of indirect exfiltration\nhttps://thecontractor.io/data-bouncing", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}]}