{"vulnerability": "CVE-2023-48365", "sightings": [{"uuid": "2508418b-c831-4131-bb23-1be6d7df0456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/d7168461-fec2-4f03-a1ae-005f581e0546", "content": "", "creation_timestamp": "2023-12-22T11:44:34.000000Z"}, {"uuid": "cfc7231d-32e9-4fbc-bc08-317fd5031292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113623927561712873", "content": "", "creation_timestamp": "2024-12-09T16:59:03.956829Z"}, {"uuid": "8426f182-9d7d-460f-8d32-8f50405b8d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113623940738642550", "content": "", "creation_timestamp": "2024-12-09T17:02:24.982933Z"}, {"uuid": "17d7b2dc-40e1-45ab-8863-e6822b38977f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpvvjn6vw25", "content": "", "creation_timestamp": "2025-01-14T18:45:29.173733Z"}, {"uuid": "2404eb5b-9e3a-4192-a0f8-938e40f1b3f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-01-13T21:10:02.000000Z"}, {"uuid": "315d4659-6b69-435d-a71b-7049575d4387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3092047", "content": "", "creation_timestamp": "2025-01-13T15:16:13.368973Z"}, {"uuid": "391d98f2-492b-4bc8-8069-2acf906a81e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113821744720960181", "content": "", "creation_timestamp": "2025-01-13T15:26:34.157164Z"}, {"uuid": "305f8e1a-e905-48ff-91ab-a8a642f7d817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://bsky.app/profile/redvello.bsky.social/post/3lgpejmauvc2w", "content": "", "creation_timestamp": "2025-01-27T06:59:50.452396Z"}, {"uuid": "fd44b04f-5879-48c1-bc28-13acc65c0130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-48365", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19c6acfb-6c90-4513-9e47-7d19fa8e81de", "content": "", "creation_timestamp": "2026-02-02T12:26:16.718481Z"}, {"uuid": "44b99d80-fea3-4100-98da-d2fb056e6b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "4f414eaa-75a9-4713-befb-b0da78d10905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_28/2023", "content": "", "creation_timestamp": "2023-11-30T08:45:23.000000Z"}, {"uuid": "80bc83fd-b6e1-4de4-b229-7bd3d344a474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "MISP/d7168461-fec2-4f03-a1ae-005f581e0546", "content": "", "creation_timestamp": "2025-06-19T20:17:38.000000Z"}, {"uuid": "9e1df743-6cfe-4b2f-b587-3ecc56bfc070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/true_secator/5149", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Arctic Wolf \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u043f\u0435\u0440\u0432\u043e\u043c \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f CACTUS \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Qlik Sense (\u043e\u0431\u043b\u0430\u0447\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0438 \u0431\u0438\u0437\u043d\u0435\u0441-\u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0430).\n\n\u041a\u0430\u043a \u0441\u0447\u0438\u0442\u0430\u044e\u0442 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b, \u0430\u0442\u0430\u043a\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u0440\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b:\n- CVE-2023-41265\u00a0(CVSS: 9.9) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c\u0441\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c;\n- CVE-2023-41266 (CVSS: 6.5) \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c;\n- CVE-2023-48365 (CVSS: 9.9) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2023-48365 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c\u00a0\u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430\u00a0\u0434\u043b\u044f CVE-2023-41265, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 CVE-2023-41266 \u0431\u044b\u043b\u00a0\u0440\u0430\u0441\u043a\u0440\u044b\u0442 Praetorian \u0432\u00a0\u043a\u043e\u043d\u0446\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 CVE-2023-48365 \u0431\u044b\u043b\u043e\u00a0\u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e\u00a020 \u043d\u043e\u044f\u0431\u0440\u044f.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0442 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 Qlik Sense \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 ManageEngine Unified Endpoint Management and Security (UEMS), AnyDesk \u0438 Plink \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u0434\u0430\u043b\u044f\u043b\u0438 \u041f\u041e Sophos, \u043c\u0435\u043d\u044f\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438 RDP-\u0442\u0443\u043d\u043d\u0435\u043b\u044c \u0447\u0435\u0440\u0435\u0437 Plink.\n\n\u041d\u0443, \u0438 \u0432 \u043a\u0443\u043b\u044c\u043c\u0438\u043d\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u0433\u0434\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 rclone \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445.", "creation_timestamp": "2023-11-30T17:55:24.000000Z"}, {"uuid": "d899526a-e77a-48ef-b812-04befde505ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/redfoxsec/24", "content": "\ud83d\udd3bZeroQlik + DoubleQlik (CVE-2023-41265, CVE-2023-41266, CVE-2023-48365)\n\n\u0414\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043f\u0430\u043b\u0430\u0441\u044c \u043c\u043d\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043d\u0430 \u0433\u043b\u0430\u0437\u0430. \u041a \u043c\u043e\u0435\u043c\u0443 \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044e, \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u0433\u0434\u0435 \u043e \u043d\u0435\u0439 \u043d\u0435 \u043f\u0438\u0441\u0430\u043b\u043e\u0441\u044c \u0434\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043f\u0440\u043e \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Cactus \u043d\u0430 xakep.\n\n\ud83d\udd17 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c ZeroQlik \u043d\u0430\u0448\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Praetorian\n\n\ud83d\udcd1 \u0417\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u043d\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043a CL.TE \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0443 HTTP Request Smuggle \u043f\u0440\u043e\u043a\u0441\u0438 Qlik Sense, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0444\u0440\u043e\u043d\u0442\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0441\u0442\u0430\u043b\u0430 Path Traversal \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043c\u043d\u0435 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c - \u043a\u0430\u043a \u043f\u043e\u0434\u0445\u043e\u0434 (Grey box \u0430\u043d\u0430\u043b\u0438\u0437), \u0442\u0430\u043a \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE. \u042d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0433\u0434\u0435 \u043a\u0430\u043a \u0440\u0430\u0437 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 HTTP Request Smuggling. \n\n\ud83d\udd17 \u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u043a\u0441\u0430 DoubleQlik\n\n\ud83d\udcd1 \u0422\u0430\u043a \u043a\u0430\u043a \u0432 \u0444\u0438\u043a\u0441\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b\u043e\u0441\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 Transfer-encoding: chunked, \u0430 \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 chunked, \u0442\u043e Praetorian \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u043e \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u044d\u0442\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u043c \u0442\u0430\u0431\u0443\u043b\u044f\u0446\u0438\u0438: \nTransfer-encoding: ,\\tchunked,\\r\\n\n\n\u0428\u0430\u0431\u043b\u043e\u043d\u044b \u0434\u043b\u044f \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u043f\u043e\u0434 Nuclei \u0437\u0430\u0441\u0442\u0440\u044f\u043b\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u0443 Nuclei-templates, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043e\u0442 \u0441\u0441\u044b\u043b\u043a\u0438:\n\n\ud83d\udd38 CVE-2023-41265\n\ud83d\udd38 CVE-2023-41266\n\ud83d\udd38 CVE-2023-48365 (DoubleQlik \u043e\u0431\u0445\u043e\u0434)\n\n\ud83d\udd3b\u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0430\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c Qlik Sense \u043a\u0430\u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0434\u043b\u044f NTLM \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 /internal_windows_authentication/?targetId=$GUID, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0434\u0431\u0438\u0440\u0430\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0438\u043b\u0438 \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 Active Directory \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. Red Team \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443!\n\n\ud83d\udc40 \u041d\u0430 Shodan \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e 6576 (\u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0434\u043d\u044f 3 \u043d\u0430\u0437\u0430\u0434 \u0431\u044b\u043b\u043e 7000+) \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 Qlik. \u041a\u0430\u043a \u0438\u0441\u043a\u0430\u0442\u044c:\n\ud83d\udd39http.title:\"Qlik\"\n\ud83d\udd39http.favicon.hash:-1730722660\n\n\u0412\u043e\u0442 \u0442\u0430\u043a\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u0431\u044d\u043a\u0435\u043d\u0434 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u044c\u0441\u044f \u043f\u0440\u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u043e\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.", "creation_timestamp": "2023-12-03T17:01:28.000000Z"}, {"uuid": "eb154d34-bf4c-41ad-9062-907791b5d925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48365", "type": "seen", "source": "https://t.me/arpsyndicate/2349", "content": "#ExploitObserverAlert\n\nCVE-2023-48365\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48365. Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backend server that hosts the repository application. The fixed versions are August 2023 Patch 2, May 2023 Patch 6, February 2023 Patch 10, November 2022 Patch 12, August 2022 Patch 14, May 2022 Patch 16, February 2022 Patch 15, and November 2021 Patch 17. NOTE: this issue exists because of an incomplete fix for CVE-2023-41265.\n\nFIRST-EPSS: 0.000820000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2024-01-03T19:47:04.000000Z"}]}