{"vulnerability": "CVE-2023-5038", "sightings": [{"uuid": "e5c61f85-00ca-4ebe-8174-e892894180d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "c0869a31-faee-4a6f-881f-5bb032add8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "99a143d4-7fe7-49ac-829d-3338a02b2794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:58.000000Z"}, {"uuid": "3b227297-b44b-4c31-a788-ce17024f327e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "fe3e953b-55ff-4563-b9a0-d09d6ce56da2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "bbd6a0ec-978b-486b-a846-87faadd9b55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50381", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lyy7ru6g7h2r", "content": "", "creation_timestamp": "2025-09-16T21:02:30.025894Z"}, {"uuid": "c3714e23-9ebd-4381-aa49-097cd7636ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50381", "type": "seen", "source": "https://gist.github.com/heavyscientist/de6a7c14e68b5862734b94a3c10e574c", "content": "", "creation_timestamp": "2025-10-09T20:15:59.000000Z"}, {"uuid": "925fce29-fbc2-4925-9912-bd4c52beb7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_solr_backup_restore.rb", "content": "", "creation_timestamp": "2024-04-23T18:44:39.000000Z"}, {"uuid": "0a744dfc-02be-481e-925c-763be0bbd307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/7Ml4_lMheQFWoLP8HS6G4y2kPw4O-CbsZ96PEHQtUpuC3WA", "content": "", "creation_timestamp": "2025-05-04T05:10:20.000000Z"}, {"uuid": "5728642c-9174-4457-b538-22336f1590f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50381", "type": "seen", "source": "MISP/390462c4-7cd4-4967-94d8-6f5a07d8cfd9", "content": "", "creation_timestamp": "2026-04-10T09:38:51.000000Z"}, {"uuid": "d9e82099-f716-426e-aac6-0d9ccefe4541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12433", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386).\n\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC", "creation_timestamp": "2024-03-01T19:05:37.000000Z"}, {"uuid": "a6ce6f95-c59e-4260-9faa-2b34bd5dfe48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/d29dbde5-754c-4ca2-8a8b-47f3b9e077f7", "content": "", "creation_timestamp": "2024-09-24T12:13:05.859516Z"}, {"uuid": "3fcaffa8-edd8-4a2e-9a6c-ec522a1714a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/7Ml4_lMheQFWoLP8HS6G4y2kPw4O-CbsZ96PEHQtUpuC3WA", "content": "", "creation_timestamp": "2025-05-04T05:10:20.000000Z"}, {"uuid": "6b8bd783-721f-4790-a2bb-ebd420593a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/P054ImMwjqD_rl7lBAm-hCz5MlTq06QbnDeiIVFMTFFsHy4", "content": "", "creation_timestamp": "2025-05-04T05:11:16.000000Z"}, {"uuid": "0497adcb-9248-4ff5-8d8f-0eceaa48d833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/P054ImMwjqD_rl7lBAm-hCz5MlTq06QbnDeiIVFMTFFsHy4", "content": "", "creation_timestamp": "2025-05-04T05:11:16.000000Z"}, {"uuid": "38f4ec6f-e99c-426f-9688-d068b7ec5fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/93", "content": "Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)\n\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC", "creation_timestamp": "2024-02-29T13:25:59.000000Z"}, {"uuid": "c8859a27-46f7-4c9e-9c55-8818b0ce7d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/itsec_news/4112", "content": "\u200b\u26a1\ufe0f\u0412 Windows \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u0430\u044f 24-\u043b\u0435\u0442\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\ud83d\udcac \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 Patch Tuesday \u043e\u0442 Microsoft, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u043c \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 73 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0438 \u043e\u0434\u043d\u0430 \u043f\u043e-\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0434\u0440\u0435\u0432\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Windows \u0443\u0436\u0435 24 \u0433\u043e\u0434\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 5 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0443\u0441 \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb, 65 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u00ab\u0432\u0430\u0436\u043d\u044b\u0435\u00bb, \u0430 \u0435\u0449\u0451 3 \u2014 \u043a\u0430\u043a \u00ab\u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435\u00bb. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 24 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0432 \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Microsoft \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium \u2014 Edge.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c:\n\nCVE-2024-21351 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.6), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b Windows SmartScreen;\nCVE-2024-21412 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.1), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 \u044f\u0440\u043b\u044b\u043a\u043e\u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\nMicrosoft \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-21351, \u0443\u043a\u0430\u0437\u0430\u0432 \u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0441\u0431\u043e\u044f\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0410 CVE-2024-21412 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u0435.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 Known Exploited Vulnerabilities (KEV) \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (CISA), \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0435\u0439 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430\u043c \u0421\u0428\u0410 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a 5 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\nCVE-2024-20684 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 6.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Hyper-V, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438;\nCVE-2024-21357 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Windows Pragmatic General Multicast (PGM);\nCVE-2024-21380 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.0) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Dynamics Business Central / NAV, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438;\nCVE-2024-21410 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Exchange Server;\nCVE-2024-21413 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9.8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Microsoft Outlook.\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 CVE-2023-50387 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 7.5) \u0432 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 DNSSEC, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0432\u0448\u0435\u0439 \u0432 Windows \u0446\u0435\u043b\u044b\u0445 24 \u0433\u043e\u0434\u0430 . \u041e\u043d\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 CPU \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 DNS-\u0440\u0435\u0437\u043e\u043b\u0432\u0435\u0440\u043e\u0432, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 Microsoft, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 Adobe, AMD, ASUS, Cisco, Intel, Ivanti, Lenovo \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435, \u0447\u0442\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0442\u0443 \u043f\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-14T16:13:10.000000Z"}, {"uuid": "b5012480-4f57-47db-bb87-a66920d024d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6691", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aApache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)\nURL\uff1ahttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-29T08:59:17.000000Z"}, {"uuid": "5416821b-b3dc-42bd-9ac0-9d9bde93a37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/119126", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:53.000000Z"}, {"uuid": "5266c0a6-79cd-4946-b4e3-8ed8a80e8a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50381", "type": "seen", "source": "https://t.me/cvedetector/197", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-50381 - Three os command injection vulnerabilities exist i\", \n  \"Content\": \"CVE ID : CVE-2023-50381 \nPublished : July 8, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T18:40:43.000000Z"}, {"uuid": "21b2e744-c3cd-4d46-93cd-3965d57f8478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50382", "type": "seen", "source": "https://t.me/cvedetector/196", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-50382 - Three os command injection vulnerabilities exist i\", \n  \"Content\": \"CVE ID : CVE-2023-50382 \nPublished : July 8, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `peerPin` request's parameter. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T18:40:42.000000Z"}, {"uuid": "e64edaad-4281-4d24-b064-452d0090feab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50383", "type": "seen", "source": "https://t.me/cvedetector/195", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-50383 - Three os command injection vulnerabilities exist i\", \n  \"Content\": \"CVE ID : CVE-2023-50383 \nPublished : July 8, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `localPin` request's parameter. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T18:40:41.000000Z"}, {"uuid": "22afcdda-d9c5-464d-ab2d-38e86250335b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/m7Q8Qgc84P90zbvy1Sti45h1Xeo_AYlSZWrs16888nRB1w", "content": "", "creation_timestamp": "2024-02-29T15:51:45.000000Z"}, {"uuid": "a9ac98ae-b84a-4773-ab9f-c1423450d343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/56148", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:54.000000Z"}, {"uuid": "d07a0774-d118-4d9b-9e5b-fa110f7a207f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/56148", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:54.000000Z"}, {"uuid": "cff7778d-f408-471f-921d-4e362231bf1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/119126", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:53.000000Z"}, {"uuid": "ba757a8c-d54e-4f45-9b06-166ea2da1452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/1o3RyjbxkBAdqVV1IakPcUVDj3AIfLmG662gmZzR_AzpiWSm", "content": "", "creation_timestamp": "2025-01-20T11:03:21.000000Z"}, {"uuid": "2b6f1e69-ef2e-40bd-81b3-ff8d1b352ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "Telegram/hV2GiMrU2Sm7asuyYlZ0kN6YpAqMxkZ0VCk_3gZoYtfD9Mg", "content": "", "creation_timestamp": "2024-04-02T08:29:30.000000Z"}, {"uuid": "5f222dea-efb1-48bf-95ac-245dc5d30023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "Telegram/UjWWrL9dfBZ80wZA1xwWKO0XfqZ71I9DdT4Y3Ej6-4L7XfM", "content": "", "creation_timestamp": "2024-04-02T18:45:34.000000Z"}, {"uuid": "5617cb6c-fa7d-4c5e-bd0b-510c53e8a625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/UrNq84zyBC1oMAufBesPTpXAbedIsqXaSNJFq3mfmDUScAM", "content": "", "creation_timestamp": "2024-10-04T00:51:11.000000Z"}, {"uuid": "a33652fb-83b7-498b-bfd0-ac8f4a6417bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/UrNq84zyBC1oMAufBesPTpXAbedIsqXaSNJFq3mfmDUScAM", "content": "", "creation_timestamp": "2024-10-04T00:51:11.000000Z"}, {"uuid": "3778af15-4589-420d-875b-f34e28fc1b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/V1VUnV7rs7gBAtSdtSG9YU8DOLHIzu1kUZjtLh94w5_yW5C9", "content": "", "creation_timestamp": "2024-12-22T22:15:30.000000Z"}, {"uuid": "873ab5cc-49bc-4660-af67-569d99524edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/1o3RyjbxkBAdqVV1IakPcUVDj3AIfLmG662gmZzR_AzpiWSm", "content": "", "creation_timestamp": "2025-01-20T11:03:21.000000Z"}, {"uuid": "e74054e9-4d40-4147-b6bf-4cf8f72514ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/V1VUnV7rs7gBAtSdtSG9YU8DOLHIzu1kUZjtLh94w5_yW5C9", "content": "", "creation_timestamp": "2024-12-22T22:15:30.000000Z"}, {"uuid": "9bef1f46-be95-41a4-addf-52fa77e0c338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/arpsyndicate/4918", "content": "#ExploitObserverAlert\n\nCVE-2023-50387\n\nDESCRIPTION: Exploit Observer has 86 entries in 13 file formats related to CVE-2023-50387. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.\n\nFIRST-EPSS: 0.036600000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7316946", "creation_timestamp": "2024-05-02T23:26:15.000000Z"}, {"uuid": "a314f0ae-080f-4c89-86f6-dddb20d4f5df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/sSOYy9sa0Jc9yTev23pVTCXx5ZwCCV54W3-F49CmFMjcWAGd", "content": "", "creation_timestamp": "2025-01-19T10:45:19.000000Z"}, {"uuid": "adefc0bd-e625-4491-b2ce-bf64d1f06a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/sSOYy9sa0Jc9yTev23pVTCXx5ZwCCV54W3-F49CmFMjcWAGd", "content": "", "creation_timestamp": "2025-01-19T10:45:19.000000Z"}, {"uuid": "18915d02-eae1-4510-9f05-6010dd66ed3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/m_uXFR_n3tw3cdqXp4eNTFp75GNkXoZP5JCdghj_BLdvWjAh", "content": "", "creation_timestamp": "2025-01-19T10:54:11.000000Z"}, {"uuid": "237380c0-710e-419d-920a-69e788536395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/m_uXFR_n3tw3cdqXp4eNTFp75GNkXoZP5JCdghj_BLdvWjAh", "content": "", "creation_timestamp": "2025-01-19T10:54:11.000000Z"}, {"uuid": "5dacfe49-50a2-4776-8435-2022f487d266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://t.me/arpsyndicate/4820", "content": "#ExploitObserverAlert\n\nCVE-2023-50386\n\nDESCRIPTION: Exploit Observer has 20 entries in 6 file formats related to CVE-2023-50386. Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.  In the affected versions, Solr ConfigSets accepted Java jar and class files to be uploaded through the ConfigSets API. When backing up Solr Collections, these configSet files would be saved to disk when using the LocalFileSystemRepository (the default for backups). If the backup was saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the jar and class files would be available to use with any ConfigSet, trusted or untrusted.  When Solr is run in a secure way (Authorization enabled), as is strongly suggested, this vulnerability is limited to extending the Backup permissions with the ability to add libraries. Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue. In these versions, the following protections have been added:    *  Users are no longer able to upload files to a configSet that could be executed via a Java ClassLoader.   *  The Backup API restricts saving backups to directories that are used in the ClassLoader.\n\nFIRST-EPSS: 0.872420000\nNVD-IS: 5.9\nNVD-ES: 2.8\nARPS-PRIORITY: 0.9796416", "creation_timestamp": "2024-04-24T21:13:06.000000Z"}, {"uuid": "abd7000a-6484-4347-a002-99ae1adc32bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/CRo72oop6ZwQnESqwzNS9o-UvXAtRRZBbTaMpkpQIbIEQGCv", "content": "", "creation_timestamp": "2025-01-19T09:05:11.000000Z"}, {"uuid": "01f0dc12-bb97-4034-9a01-7b23b5b24128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/CRo72oop6ZwQnESqwzNS9o-UvXAtRRZBbTaMpkpQIbIEQGCv", "content": "", "creation_timestamp": "2025-01-19T09:05:11.000000Z"}, {"uuid": "f922034b-2e85-4461-819c-703ae408265b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/nXNgeTXwDNOb7mIcIpPodhvZ1IUdszn-fmMhPPigxTJmI9s", "content": "", "creation_timestamp": "2024-03-29T06:57:04.000000Z"}, {"uuid": "b948c301-494e-4f95-9afa-71d3b1badc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/MI65lLGsaGTIv40PK1J154YyMiL63QZNJWuw9XlT_YRsFb40", "content": "", "creation_timestamp": "2025-01-19T09:05:12.000000Z"}, {"uuid": "f4140097-8c2a-4a52-a660-a904115e641a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/1yNdYtjM167PWJ8z4QCuhWfayRW6CDLYSnp7378ajV5EDt8", "content": "", "creation_timestamp": "2024-10-04T00:51:08.000000Z"}, {"uuid": "d60ad6e6-ccd5-4e2f-b096-9a5a26ea40b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/OIy-vi5ELr4cctl8ownkSK8SkQmdcofc4nGKbyP-zK6wBJzg", "content": "", "creation_timestamp": "2025-01-19T10:45:24.000000Z"}, {"uuid": "22b8733d-7d4d-48af-b9e2-b5fe74fb7335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/OIy-vi5ELr4cctl8ownkSK8SkQmdcofc4nGKbyP-zK6wBJzg", "content": "", "creation_timestamp": "2025-01-19T10:45:24.000000Z"}, {"uuid": "5e316fa5-6b87-49b3-87b3-c5c1b414598c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/PfifvZz7tMW-Pq-u9dIIWpX49EGHHaNBJSKvwqdUIESB65tP", "content": "", "creation_timestamp": "2025-01-19T10:54:13.000000Z"}, {"uuid": "71cc977f-4c3f-4097-ba78-321a503e92f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/PfifvZz7tMW-Pq-u9dIIWpX49EGHHaNBJSKvwqdUIESB65tP", "content": "", "creation_timestamp": "2025-01-19T10:54:13.000000Z"}, {"uuid": "eaae880c-605b-4fd8-8a3e-a5a33aeb1070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/1Z5p7xYqKVRAHiS5stM6LcQjCrKKZtV6q5K3lriQD01vETjY", "content": "", "creation_timestamp": "2025-01-20T11:03:16.000000Z"}, {"uuid": "45a78d47-6d32-4d0e-bb86-18fa9a77bfaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/1Z5p7xYqKVRAHiS5stM6LcQjCrKKZtV6q5K3lriQD01vETjY", "content": "", "creation_timestamp": "2025-01-20T11:03:16.000000Z"}, {"uuid": "43d638cf-2945-4528-8a22-0e0e44416535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/MI65lLGsaGTIv40PK1J154YyMiL63QZNJWuw9XlT_YRsFb40", "content": "", "creation_timestamp": "2025-01-19T09:05:12.000000Z"}, {"uuid": "e8e1d55b-8fc6-48cd-a717-55544b229b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/7b0KDMH2WfquipCst9Tv71iesbtnEU4bQJg16OEgDf9nbvsj", "content": "", "creation_timestamp": "2024-12-22T22:15:27.000000Z"}, {"uuid": "9f0e3bf9-2f62-48bb-a46b-db1f5a18ce74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "Telegram/7b0KDMH2WfquipCst9Tv71iesbtnEU4bQJg16OEgDf9nbvsj", "content": "", "creation_timestamp": "2024-12-22T22:15:27.000000Z"}, {"uuid": "75a8f88d-b13c-4f65-a9a7-c2f0be15ab43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "Telegram/1yNdYtjM167PWJ8z4QCuhWfayRW6CDLYSnp7378ajV5EDt8", "content": "", "creation_timestamp": "2024-10-04T00:51:08.000000Z"}, {"uuid": "dd4b14fd-c70b-4132-84ae-6689865cf714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/LockBitRaasRansomware/14242", "content": "KeyTrap in DNS (CVE-2023-50387)\n*\nLink", "creation_timestamp": "2024-04-02T18:45:36.000000Z"}, {"uuid": "7e34a012-532d-49ab-896e-58342d4d604b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/LockBitRaasRansomware/13998", "content": "KeyTrap in DNS (CVE-2023-50387)\n*\nLink", "creation_timestamp": "2024-04-02T08:29:31.000000Z"}, {"uuid": "cf48e581-75ee-4830-b5fc-a5b3cf79d9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/proxy_bar/1908", "content": "KeyTrap in DNS (CVE-2023-50387)\n*\nLink", "creation_timestamp": "2024-02-19T06:25:00.000000Z"}, {"uuid": "dd237bc4-ae19-4eab-82a3-22ca9e3c5159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/MrVGunz/1206", "content": "\ud83d\udccd\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc pdns-recursor: \u0631\u0641\u0639 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\n\n\u062f\u0631 19 \u0641\u0648\u0631\u06cc\u0647 2024\u060c \u062f\u0628\u06cc\u0627\u0646 \u0627\u0632 \u0648\u062c\u0648\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc CVE-2023-50387 \u0648 CVE-2023-50868 \u062f\u0631 pdns-recursor \u062e\u0628\u0631 \u062f\u0627\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a DoS \u0634\u0648\u0646\u062f. \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644\u0627\u062a \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 7.5 \u062f\u0631 \u0646\u0633\u062e\u0647 4.8.6-1 \u0628\u0631\u0627\u06cc \u062a\u0648\u0632\u06cc\u0639 \u067e\u0627\u06cc\u062f\u0627\u0631 \u062f\u0628\u06cc\u0627\u0646 (bookworm) \u0631\u0641\u0639 \u0634\u062f\u0647\u200c\u0627\u0646\u062f. \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc pdns-recursor \u062e\u0648\u062f \u0631\u0627 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u0646\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647: \u0644\u06cc\u0646\u06a9\n\n\ud83d\udccd Security Update for pdns-recursor: Addressing Serious Vulnerabilities\n\nOn February 19, 2024, Debian announced the presence of vulnerabilities CVE-2023-50387 and CVE-2023-50868 in pdns-recursor. These vulnerabilities can lead to DoS attacks. The issues, with a CVSS score of 7.5, have been resolved in version 4.8.6-1 for the stable Debian distribution (bookworm). Users are advised to update their pdns-recursor packages promptly.\n\n\ud83d\udd17 For more information, please visit: Link", "creation_timestamp": "2024-07-16T17:05:20.000000Z"}, {"uuid": "c80284b0-d2e6-469b-93aa-b40cb050d7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50380", "type": "seen", "source": "https://t.me/ctinow/194722", "content": "https://ift.tt/BzTHRkt\nCVE-2023-50380", "creation_timestamp": "2024-02-27T18:36:50.000000Z"}, {"uuid": "e5ef5c67-0bd4-4745-8c0e-481d82496611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://t.me/ctinow/203117", "content": "https://ift.tt/tu9EPhn\nCVE-2023-50386 Exploit", "creation_timestamp": "2024-03-08T08:16:52.000000Z"}, {"uuid": "db273f88-4c85-4175-a983-e539b32aa157", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://t.me/ctinow/198635", "content": "https://ift.tt/G4pEYdT\nCVE-2023-50386 | Apache Solr up to 8.11.2/9.4.0 dynamically-managed code resources", "creation_timestamp": "2024-03-03T09:46:42.000000Z"}, {"uuid": "f43f4cf4-2f12-4183-bf65-84dbd320b547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/201424", "content": "https://ift.tt/B4bHqid\nCVE-2023-50387 | DNSSEC resource consumption (DLA 3736-1)", "creation_timestamp": "2024-03-06T15:16:54.000000Z"}, {"uuid": "c3fd3b47-69a8-4a57-a6c2-b9e249fd6c51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/true_secator/5421", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041d\u0418\u0426 \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 ATHENE \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 DNS-\u0430\u0442\u0430\u043a\u0438, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0439 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\n\n\u041d\u043e, \u043a \u0441\u0447\u0430\u0441\u0442\u044c\u044e \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u00a0KeyTrap, \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-50387 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043c\u0435\u043d DNSSEC, \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u044e\u0449\u0435\u0439 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u044e \u0438\u043b\u0438 \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u0438\u0435 \u043e\u0442\u0432\u0435\u0442\u043e\u0432 \u043d\u0430 DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u041d\u0435\u043c\u0435\u0446\u043a\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0441\u0431\u043e\u0438 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043e\u0434\u0438\u043d \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 DNS-\u043f\u0430\u043a\u0435\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0426\u041f.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0441\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c DNS \u0441 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 DNSSEC, \u0438 \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430 \u0431\u043e\u043b\u0435\u0435 31% \u0432\u0435\u0431-\u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043a\u0430\u043a \u0440\u0430\u0437 \u0442\u0430\u043a\u0438\u0435 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0441 KeyTrap \u0431\u0443\u0434\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0434\u043b\u044f \u043b\u044e\u0431\u043e\u0433\u043e \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u043d\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u0432\u0441\u0435\u043c\u0438\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0410\u0442\u0430\u043a\u0430 \u0441 KeyTrap \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 DNS, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u0442\u0430\u043a\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0443\u0441\u043b\u0443\u0433 DNS, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Google \u0438\u043b\u0438 Cloudflare.\n\n\u0412\u0441\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u0431\u044b\u043b\u0438 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u043d\u0430\u0437\u0430\u0434 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d 13 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u0421 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a KeyTrap \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0435\u0440\u0435\u0438\u043d\u0430\u0447\u0438\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u0444\u0438\u043b\u043e\u0441\u043e\u0444\u0438\u044e \u043f\u0440\u043e\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f DNSSEC.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0434\u0432\u0443\u0445 \u0434\u0435\u0441\u044f\u0442\u0438\u043b\u0435\u0442\u0438\u0439, \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e KeyTrap \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f CVE-2023-50387 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b Microsoft, BIND, PowerDNS \u0438 NLnet (Unbound).", "creation_timestamp": "2024-02-15T16:00:07.000000Z"}, {"uuid": "89e93654-eea8-4ff2-8a71-ce4fd4020b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/202629", "content": "https://ift.tt/zVjDFOk\nCVE-2023-50387 ISC BIND Vulnerability in NetApp Products", "creation_timestamp": "2024-03-07T18:32:27.000000Z"}, {"uuid": "1bb5c1e4-7c13-4436-8d0b-749892e5715a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50380", "type": "seen", "source": "https://t.me/ctinow/194707", "content": "https://ift.tt/BzTHRkt\nCVE-2023-50380", "creation_timestamp": "2024-02-27T18:31:29.000000Z"}, {"uuid": "0d6e619c-a226-43e1-bb30-bb90fdf4d1dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://t.me/ctinow/182335", "content": "https://ift.tt/7RISqL9\nCVE-2023-50386", "creation_timestamp": "2024-02-09T23:41:58.000000Z"}, {"uuid": "c35bf9aa-57c3-416b-a5e5-974fa8981482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/187500", "content": "https://ift.tt/lHSidkj\nCVE-2023-50387 Exploit", "creation_timestamp": "2024-02-19T08:16:46.000000Z"}, {"uuid": "35d05654-43f1-49ee-9daa-90dc989360d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/184834", "content": "https://ift.tt/xaI8RNv\nCVE-2023-50387", "creation_timestamp": "2024-02-14T17:26:55.000000Z"}, {"uuid": "43b844ed-746c-4e33-ae64-b90cc5400ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/185353", "content": "https://ift.tt/5p1iMAg\nCVE-2023-50387 | Unbound up to 1.19.0 DNSSEC Validator denial of service", "creation_timestamp": "2024-02-15T09:16:36.000000Z"}, {"uuid": "d3f3b4e0-0ef0-4acb-bc67-5ce27b73e897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/xakep_ru/15408", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c KeyTrap, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 DNSSEC, \u043d\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0445\u0443\u0434\u0448\u0435\u0439 \u0438\u0437 \u0432\u0441\u0435\u0445 DNS-\u0430\u0442\u0430\u043a\n\n\u0413\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 DNS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-50387), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0443\u044e \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 KeyTrap. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u044d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\n\nhttps://xakep.ru/2024/02/19/keytrap/", "creation_timestamp": "2024-02-19T09:36:22.000000Z"}, {"uuid": "a33e6a1d-7e14-468d-a870-005b9fcfa852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/ctinow/184084", "content": "https://ift.tt/K9a3Vyq\nCVE-2023-50387 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 DNSSEC Verification denial of service", "creation_timestamp": "2024-02-13T19:36:31.000000Z"}, {"uuid": "d5398654-2484-4e9b-b982-76707db425f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "seen", "source": "https://t.me/ctinow/182212", "content": "https://ift.tt/YPazLXn\nCVE-2023-50386", "creation_timestamp": "2024-02-09T19:26:59.000000Z"}, {"uuid": "2399c44a-540e-46e7-89a7-dad820cddc48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1999", "content": "https://github.com/knqyf263/CVE-2023-50387\nCVE-2023-50387\n#github", "creation_timestamp": "2024-02-21T04:15:19.000000Z"}, {"uuid": "03d22a4f-ef79-4161-a477-0f3a35086f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10008", "content": "#exploit\n1. CVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\n2. CVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\n3. CVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369", "creation_timestamp": "2024-02-20T14:41:20.000000Z"}, {"uuid": "ee8dfae4-ef1e-4631-b68a-780bd34e3fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50386", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10069", "content": "#exploit\n1. CVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\n2. Buffer Overflow:\nExploiting Easy RM to MP3 Converter\nhttps://vandanpathak.com/kernels-and-buffers/buffer-overflow-exploiting-easy-rm-to-mp3-converter", "creation_timestamp": "2024-03-26T14:32:38.000000Z"}]}