{"vulnerability": "CVE-2023-49606", "sightings": [{"uuid": "1213cc21-b7c1-4079-9ae9-4671b0c00c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3miwohyqw2s2a", "content": "", "creation_timestamp": "2026-04-07T21:03:07.599078Z"}, {"uuid": "c62cec87-8b6a-4611-b4ba-11a8e2a351b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "Telegram/kJSBSrnVolNb8HA04keffCh8yTEXXzpkjxpnUdQiEULeB4A", "content": "", "creation_timestamp": "2024-05-06T17:01:06.000000Z"}, {"uuid": "3e280d90-59ac-452a-b131-75c858cf95b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/19923", "content": "\u200aOver 50,000 Tinyproxy servers vulnerable to critical RCE flaw\n\nNearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. [...]\n\nhttps://www.bleepingcomputer.com/news/security/over-50-000-tinyproxy-servers-vulnerable-to-critical-rce-flaw/", "creation_timestamp": "2024-05-07T22:56:37.000000Z"}, {"uuid": "f9588ff0-6e36-4e0c-ac9a-1656157c0da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1250", "content": "\ud83c\udf10 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 TinyProxy \u2014 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u0440\u0443\u0447\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u0441\u0431\u043e\u0440\u043a\u0443 \ud83d\ude1e\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-49606 (CVSS 9.8) \u0432 TinyProxy \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430. \u0414\u0435\u0444\u0435\u043a\u0442 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 1.11.1, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 1.10.0. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 TinyProxy \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0431\u043e\u0440\u043a\u0430\u0445 Linux \u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 IoT, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439. \u041d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0431\u043e\u043b\u0435\u0435 90 \u0442\u044b\u0441\u044f\u0447 \u0445\u043e\u0441\u0442\u043e\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d TinyProxy, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0432 \u0421\u0428\u0410, \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435, \u041a\u0438\u0442\u0430\u0435, \u0424\u0440\u0430\u043d\u0446\u0438\u0438 \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \ud83d\ude1e \n\n\u041f\u0430\u0442\u0447\u0438\u043d\u0433 \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0451\u043d \u0442\u0435\u043c, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043c\u043c\u0438\u0442 \u0432 Github \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0441\u0431\u043e\u0440\u043a\u0435.  \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-05-07T15:48:51.000000Z"}, {"uuid": "c2552f79-bc2f-4cc7-9bc2-6ed0eef9ccd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "Telegram/SDQZ6-PAvsRQAkxai7GL6a7SJBpOBkf6aKZZO6ouZlu-xw", "content": "", "creation_timestamp": "2024-05-06T19:46:37.000000Z"}, {"uuid": "4c8df8c3-7e61-4741-b898-934946185bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/HackingInsights/85", "content": "Tinyproxy Flaw Let Attackers Execute Remote Code\nhttps://gbhackers.com/tinyproxy-flaw/\n\nA security flaw has been identified in Tinyproxy, a lightweight HTTP/HTTPS proxy daemon widely used in small network environments. The vulnerability, cataloged under CVE-2023-49606, allows remote attackers to execute arbitrary code on the host machine. This flaw poses a critical risk as it could enable attackers to gain unauthorized access to network resources, potentially leading [\u2026]\nThe post Tinyproxy Flaw Let Attackers Execute Remote Code (https://gbhackers.com/tinyproxy-flaw/) appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform (https://gbhackers.com/).", "creation_timestamp": "2024-05-06T10:39:55.000000Z"}, {"uuid": "53764599-486c-462e-b68f-e15b2d3c1f1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/HackingInsights/145", "content": "Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw\nhttps://www.bleepingcomputer.com/news/security/over-50-000-tinyproxy-servers-vulnerable-to-critical-rce-flaw/\n\nNearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. [...]", "creation_timestamp": "2024-05-07T19:55:43.000000Z"}, {"uuid": "82949d4b-37d3-46eb-a931-c70fbe325f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/93", "content": "\u200aCVE-2023-49606 (CVSS 9.8): Tinyproxy Zero-Day Threatens Thousands\n\nhttps://securityonline.info/cve-2023-49606-cvss-9-8-tinyproxy-zero-day-threatens-thousands/", "creation_timestamp": "2024-05-06T13:34:11.000000Z"}, {"uuid": "b43af229-bae3-4f2f-b1f9-408c74870be0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/EgyptHackerTeam/3967", "content": "CVE-2023-49606: RCE in Tinyproxy 1.10.0, 1.11.1, 9.8 rating \ud83d\udd25\n\nA use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/vWqHD\n\ud83d\udc49 Dork: http.headers.server:\"tinyproxy/1.11.1\" OR http.headers.server:\"tinyproxy/1.10.0\"\n\nRead more: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889", "creation_timestamp": "2024-05-11T19:31:41.000000Z"}, {"uuid": "95e2d266-cfc3-4a8b-8638-cb766bef6165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "Telegram/uN_OR3FGxEA804ZIQKYC7BTk2s_igi3gP5TwqgxCYyiIcQ", "content": "", "creation_timestamp": "2024-05-06T19:28:08.000000Z"}, {"uuid": "e7890fa5-4909-4631-8a3c-33c391747641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/1314", "content": "The Hacker News\nCritical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution\n\nMore than 50% of the 90,310 hosts have been found exposing a&nbsp;Tinyproxy service&nbsp;on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool.\n\nThe issue, tracked as&nbsp;CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, which is the", "creation_timestamp": "2024-05-06T19:46:38.000000Z"}, {"uuid": "55af6c08-c5e5-4d69-a958-f3da6f0cf614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/KomunitiSiber/1899", "content": "Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution\nhttps://thehackernews.com/2024/05/critical-tinyproxy-flaw-opens-over.html\n\nMore than 50% of the 90,310 hosts have been found exposing a\u00a0Tinyproxy service\u00a0on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool.\n\nThe issue, tracked as\u00a0CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, which is the", "creation_timestamp": "2024-05-06T16:50:19.000000Z"}, {"uuid": "6b9b71c0-c53e-4aef-9351-caacb4d747ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5706", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0434\u0435\u043c\u043e\u043d\u0435 HTTP-\u043f\u0440\u043e\u043a\u0441\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Tinyproxy 1.11.1 \u0438 1.10.0 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 9.8.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-49606 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u044b\u0445 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 PoC \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f \u043c\u043e\u0449\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u0448\u043b\u043e, \u0430 Tinyproxy \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u0435\u043d \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435, \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0421\u0428\u0410.\n\n\u0422\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Censys, \u043f\u043e\u0447\u0442\u0438 90 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Tinyproxy \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0441\u0435\u0442\u0438, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 51 000, \u043f\u043e\u0445\u043e\u0436\u0435, \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u043d\u0430 GitHub \u0441\u0435\u0442\u0443\u044e\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Talos \u043f\u0435\u0440\u0435\u0434 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u043d\u0435 \u0443\u0434\u043e\u0441\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f.\n\n\u041d\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u044b \u043f\u043e\u0442\u0440\u0443\u0434\u0438\u043b\u0438\u0441\u044c \u0438 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043a \u0430\u0440\u0445\u0438\u0432\u0443 1.11.1. \u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0438\u043b\u044f\u0442 1.11.2.", "creation_timestamp": "2024-05-06T18:30:05.000000Z"}, {"uuid": "f2753517-7f84-42f3-8197-18a9b29770e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/ctinow/216871", "content": "https://ift.tt/nHhFyEW\nMost Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606", "creation_timestamp": "2024-05-08T12:11:34.000000Z"}, {"uuid": "b1cc2be8-5c3b-4791-acee-4f1e519b41a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "exploited", "source": "https://t.me/xakep_ru/15793", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 Tinyproxy \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 50 000 \u0441\u0438\u0441\u0442\u0435\u043c\n\n\u0411\u043e\u043b\u0435\u0435 52 000 \u0445\u043e\u0441\u0442\u043e\u0432 \u0441 Tinyproxy, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2023-49606, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u043e\u043c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\nhttps://xakep.ru/2024/05/08/tinyproxy-rce/", "creation_timestamp": "2024-05-08T14:41:58.000000Z"}, {"uuid": "17bafc46-9cca-4b5c-8652-35401de07952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "exploited", "source": "https://t.me/SecLabNews/15169", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Tinyproxy \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 50 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432\n\n\u2620\ufe0f \u0411\u043e\u043b\u0435\u0435 50% \u0438\u0437 90 310 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u043a\u0441\u0438-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Tinyproxy, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0438\u0437-\u0437\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-49606 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432 9,8 \u0438\u0437 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u041e\u0448\u0438\u0431\u043a\u0430 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 \u00abUse-After-Free\u00bb \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Tinyproxy 1.10.0 \u0438 1.11.1.\n\n\ud83c\udf1a \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443 Cisco Talos, \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u0436\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0435\u0435 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\ud83d\ude32 \u0425\u043e\u0442\u044f Talos \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 22 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430, \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Tinyproxy \u0443\u0437\u043d\u0430\u043b\u0430 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0442\u043e\u043b\u044c\u043a\u043e 5 \u043c\u0430\u044f 2024 \u0433\u043e\u0434\u0430 \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043f\u043e\u0447\u0442\u0438 \u043f\u043e\u043b\u0433\u043e\u0434\u0430 \u0438\u0437-\u0437\u0430 \u0441\u0431\u043e\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f.\n\n#Tinyproxy #RCE #0day #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u0412\u041f\u041e\n\n@ZerodayAlert", "creation_timestamp": "2024-05-08T07:56:35.000000Z"}, {"uuid": "2dbd738e-a001-425f-adcb-d250d63f2766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10464", "content": "#Threat_Research\n1. TunnelVision (CVE-2024-3661):\nHow Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak\nhttps://www.leviathansecurity.com/blog/tunnelvision\n2. Tiny Proxy Vulnerability (CVE-2023-49606)\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2023-1889", "creation_timestamp": "2024-05-07T23:31:43.000000Z"}, {"uuid": "ec941d50-0d20-4b0c-a56a-3e7570e003ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49606", "type": "seen", "source": "https://t.me/sysodmins/21883", "content": "\u00ab\u041f\u043e\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0439\u00bb \u043a\u0430\u043d\u0430\u043b \u0441\u0432\u044f\u0437\u0438 \u0441\u0442\u0430\u043b \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 50 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \ud83d\udda5\n\n\u041e\u043a\u043e\u043b\u043e 57% \u0438\u0437 90 310 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u043a\u0441\u0438-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Tinyproxy, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0438\u0437-\u0437\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-49606 (9,8 \u0438\u0437 10 \u0431\u0430\u043b\u043b\u043e\u0432 CVSS). \u041e\u0448\u0438\u0431\u043a\u0430 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 \u00abUse-After-Free\u00bb \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Tinyproxy 1.10.0 \u0438 1.11.1.\n\nCisco Talos \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c Tinyproxy \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u043d\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0439 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0439 \u0430\u0434\u0440\u0435\u0441. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u044d\u0442\u0438\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u043b\u0438\u0448\u044c \u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434. \u0422\u0430\u043a, \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0431\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u043b\u0433\u043e\u0434\u0430. \u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u044d\u0442\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432  \u0437\u0430\u0434\u0443\u043c\u0430\u0442\u044c\u0441\u044f \u043e\u0431 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-05-07T01:07:57.000000Z"}]}