{"vulnerability": "CVE-2024-1272", "sightings": [{"uuid": "3d6a8ba5-3097-4c55-8a64-f454abce5c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldq2gmagbk2x", "content": "", "creation_timestamp": "2024-12-20T09:16:14.317322Z"}, {"uuid": "aced7c52-4970-45f7-91a0-dc31bf93facd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/allthebuzz.bsky.social/post/3ldqv5c366c2q", "content": "", "creation_timestamp": "2024-12-20T17:14:13.548599Z"}, {"uuid": "88cc684b-9ea0-4577-ba8b-96419bff6ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/allthebuzz.bsky.social/post/3ldqv5c366c2q", "content": "", "creation_timestamp": "2024-12-20T17:14:13.620589Z"}, {"uuid": "93e10de0-d62f-4144-95f6-c52ebe7233ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/shadowstack.bsky.social/post/3ldtkihpum225", "content": "", "creation_timestamp": "2024-12-21T18:41:34.121820Z"}, {"uuid": "db7c593d-19f6-4990-969e-5d774c86545e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/shadowstack.bsky.social/post/3ldtkihpum225", "content": "", "creation_timestamp": "2024-12-21T18:41:34.159731Z"}, {"uuid": "5fc64b6d-cec3-40a1-8c8a-4e8f01204734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldpqtwo5322t", "content": "", "creation_timestamp": "2024-12-20T06:24:48.179221Z"}, {"uuid": "e9ad62eb-13a0-4ebe-8e65-878cdc5b1b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldq54tigj62z", "content": "", "creation_timestamp": "2024-12-20T10:04:27.174687Z"}, {"uuid": "8903ca3d-fb3c-47ec-87c4-1f22228c1718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/volk149.bsky.social/post/3ldpqyjuqdc2u", "content": "", "creation_timestamp": "2024-12-20T06:27:22.478750Z"}, {"uuid": "5fa6230b-e276-443c-b8db-bc32f96e5058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/volk149.bsky.social/post/3ldpqyjuqdc2u", "content": "", "creation_timestamp": "2024-12-20T06:27:22.582347Z"}, {"uuid": "3106f746-fdf9-4fa3-8751-d96e9d20d865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/volk149.bsky.social/post/3ldpqyjuqdc2u", "content": "", "creation_timestamp": "2024-12-20T06:27:22.535668Z"}, {"uuid": "8208fca2-f02f-4d3b-b86c-3bc1c3081a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldq5jvrhp22t", "content": "", "creation_timestamp": "2024-12-20T10:11:46.623970Z"}, {"uuid": "584bc242-013c-4a7f-ab13-a36bc7d5a6a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3ldr2obdoqk25", "content": "", "creation_timestamp": "2024-12-20T18:53:26.545883Z"}, {"uuid": "c2e4a5ae-fd76-4560-8a6d-4cd62beb0877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681389646115127", "content": "", "creation_timestamp": "2024-12-19T20:32:25.579879Z"}, {"uuid": "4d7ff2c9-879a-4564-8973-087680d5bcf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldq5jvrhp22t", "content": "", "creation_timestamp": "2024-12-20T10:11:46.672059Z"}, {"uuid": "5785f7dd-7077-40de-9ab0-50978f5c18f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldq5pz3vek2l", "content": "", "creation_timestamp": "2024-12-20T10:15:10.743933Z"}, {"uuid": "3600006b-164f-4994-acab-f8c939735de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3ldr2obdoqk25", "content": "", "creation_timestamp": "2024-12-20T18:53:26.601260Z"}, {"uuid": "f8032456-4e80-4146-b781-6cde53fa5c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ldsbcjcoy72s", "content": "", "creation_timestamp": "2024-12-21T06:24:32.094071Z"}, {"uuid": "b4221bb3-72aa-4a2e-a12e-c6e5221f4790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ldsbcjcoy72s", "content": "", "creation_timestamp": "2024-12-21T06:24:32.126460Z"}, {"uuid": "191ab3ab-6a05-4396-97aa-7076f9eb168d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681467208621916", "content": "", "creation_timestamp": "2024-12-19T20:52:09.043276Z"}, {"uuid": "2e2ac258-e333-4a8c-87a4-5d8955fd84c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3ldq5syz3ac2l", "content": "", "creation_timestamp": "2024-12-20T10:16:51.492178Z"}, {"uuid": "c68f4d69-dd0a-4397-a601-8e9b770ada27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113685992465948642", "content": "", "creation_timestamp": "2024-12-20T16:02:59.032343Z"}, {"uuid": "12d4f14d-ae8c-4b49-af4d-bcd15f331c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113685992465948642", "content": "", "creation_timestamp": "2024-12-20T16:02:59.062964Z"}, {"uuid": "5d032f96-3068-4138-a8a9-b2e0ef958c5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113685992465948642", "content": "", "creation_timestamp": "2024-12-20T16:02:59.088510Z"}, {"uuid": "168af6f9-3df4-4576-9382-53fb8a3a8a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3ldr2obdoqk25", "content": "", "creation_timestamp": "2024-12-20T18:53:26.659027Z"}, {"uuid": "189e2cbe-a9a9-4102-b6ab-bd05011d1e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ldsbcjcoy72s", "content": "", "creation_timestamp": "2024-12-21T06:24:32.168725Z"}, {"uuid": "58cdfa33-6798-4675-bfff-d75bdd5ecd06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12727", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ldpomr7a3224", "content": "", "creation_timestamp": "2024-12-20T05:44:55.945765Z"}, {"uuid": "333be13c-fc43-417d-826b-9943aefaa794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ldq77apjx22b", "content": "", "creation_timestamp": "2024-12-20T10:41:40.035072Z"}, {"uuid": "d889abf8-6a40-41b9-90e0-1dddefd75375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ldq77apjx22b", "content": "", "creation_timestamp": "2024-12-20T10:41:40.084747Z"}, {"uuid": "32820798-750a-4e1b-b618-d8d4f27346c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3ldslu3agq22z", "content": "", "creation_timestamp": "2024-12-21T09:33:23.695226Z"}, {"uuid": "660be1d0-5ff3-4b3a-8e2f-3228fb1c0a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ldq77apjx22b", "content": "", "creation_timestamp": "2024-12-20T10:41:40.152730Z"}, {"uuid": "819c4c47-e06e-4aae-aa40-aba5e1129c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12721", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113689695587554104", "content": "", "creation_timestamp": "2024-12-21T07:44:44.259437Z"}, {"uuid": "183b2ddb-1598-4e5a-b680-75f8ad24611e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3ldslu3agq22z", "content": "", "creation_timestamp": "2024-12-21T09:33:23.738763Z"}, {"uuid": "4cb07ac3-851b-4f45-8257-7426fd816ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/ajxchapman.bsky.social/post/3lduzkeysuk2x", "content": "", "creation_timestamp": "2024-12-22T08:43:44.400099Z"}, {"uuid": "79a9b591-757d-457a-943a-73da41b73186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681515115617439", "content": "", "creation_timestamp": "2024-12-19T21:04:20.082079Z"}, {"uuid": "25ab4126-4a3b-4aec-846c-c32dfec13145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3ldslu3agq22z", "content": "", "creation_timestamp": "2024-12-21T09:33:23.794350Z"}, {"uuid": "9b87dea9-52db-4b9b-a76e-4ec8ae4c1afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12721", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldse6bwlvk2i", "content": "", "creation_timestamp": "2024-12-21T07:15:51.660620Z"}, {"uuid": "6625be47-180a-4a2f-949c-d212a2e56c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldos66bptg2a", "content": "", "creation_timestamp": "2024-12-19T21:15:43.833590Z"}, {"uuid": "6c541b5c-b9d9-442b-a534-9c26b19115ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3ldr5c2b5f425", "content": "", "creation_timestamp": "2024-12-20T19:40:01.806396Z"}, {"uuid": "7e1bd797-e6e5-4a9e-977a-ecd406ee2628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3ldr5c2b5f425", "content": "", "creation_timestamp": "2024-12-20T19:40:01.847052Z"}, {"uuid": "2817df4e-9756-4bce-925e-627eacb7704f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldos5xymum2s", "content": "", "creation_timestamp": "2024-12-19T21:15:36.824310Z"}, {"uuid": "e51b1849-d5e3-48f6-858b-1ef65b4e8d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3ldr5c2b5f425", "content": "", "creation_timestamp": "2024-12-20T19:40:01.889669Z"}, {"uuid": "8bac96dd-a8eb-4731-934d-e122b05fcec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldos634iqp2s", "content": "", "creation_timestamp": "2024-12-19T21:15:40.214860Z"}, {"uuid": "3d3421c1-b61a-48ac-9b70-d6f4fed271ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldxuwyenwd2l", "content": "", "creation_timestamp": "2024-12-23T11:59:19.418856Z"}, {"uuid": "2f619499-7ca9-4af4-82f0-7d8fc5506583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/volk149.bsky.social/post/3le6win26uc2g", "content": "", "creation_timestamp": "2024-12-26T07:15:43.949135Z"}, {"uuid": "41af54a5-3a15-4bb3-bb67-039af44a44be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3letnnryie22k", "content": "", "creation_timestamp": "2025-01-03T13:03:26.611893Z"}, {"uuid": "4de6ba21-49d9-4821-b2a6-30e6cf855cc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113904500113068387", "content": "", "creation_timestamp": "2025-01-28T06:12:21.146240Z"}, {"uuid": "eeae4fe3-d7a6-404c-9959-f22e399b7117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgrsjvjego2n", "content": "", "creation_timestamp": "2025-01-28T06:15:48.545611Z"}, {"uuid": "59360161-16b0-4a32-bea6-0b25713227a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgsjg5lhke2e", "content": "", "creation_timestamp": "2025-01-28T13:05:22.421830Z"}, {"uuid": "ec1cd236-90f2-4bc3-af4c-b120d7de93fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12722", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17069", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12722\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.\n\ud83d\udccf Published: 2025-05-15T20:06:53.961Z\n\ud83d\udccf Modified: 2025-05-20T19:32:23.866Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c3be5990-ca89-4ac4-baae-49af55df9d57/", "creation_timestamp": "2025-05-20T19:43:29.000000Z"}, {"uuid": "277cbd63-52d5-4b3a-8b82-b6a089b84b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12723\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-28T06:30:40Z\n\ud83d\udccf Modified: 2025-01-28T06:30:40Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12723\n2. https://wpscan.com/vulnerability/d9053b8b-c05c-42fd-913e-f85c799df807", "creation_timestamp": "2025-01-28T07:08:39.000000Z"}, {"uuid": "37813976-0cb6-44ab-abf9-738d7f6dcb97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3244", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12723\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-28T06:15:31.370\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/d9053b8b-c05c-42fd-913e-f85c799df807/", "creation_timestamp": "2025-01-28T07:17:10.000000Z"}, {"uuid": "9787ccd8-59da-4b26-92da-e0fd6587cc8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12724", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-12724.yaml", "content": "", "creation_timestamp": "2026-02-06T16:21:41.000000Z"}, {"uuid": "fc38a5a8-663d-47f3-ac93-15d113b76355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1450", "content": "", "creation_timestamp": "2024-12-23T04:00:00.000000Z"}, {"uuid": "f3962d37-6295-4093-9507-b4ae0fbf59bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1450", "content": "", "creation_timestamp": "2024-12-23T04:00:00.000000Z"}, {"uuid": "4ef952fc-a654-4c42-9259-2bdaf11e20b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1450", "content": "", "creation_timestamp": "2024-12-23T04:00:00.000000Z"}, {"uuid": "fe1d956c-d78c-4138-b3d0-44237457f032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12723", "type": "seen", "source": "https://t.me/cvedetector/16581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12723 - \"Infility Global WordPress Reflected Cross-Site Scripting\"\", \n  \"Content\": \"CVE ID : CVE-2024-12723 \nPublished : Jan. 28, 2025, 6:15 a.m. | 55\u00a0minutes ago \nDescription : The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T08:45:34.000000Z"}, {"uuid": "d10d4f46-a1f5-4d15-80e0-6e3f97cc310a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://t.me/cvedetector/13379", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12727 - Sophos Firewall SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12727 \nPublished : Dec. 19, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T23:11:05.000000Z"}, {"uuid": "fbdff33d-fd13-4620-ac93-517376a3e39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://t.me/cvedetector/13380", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12728 - Sophos Firewall Weak Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12728 \nPublished : Dec. 19, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T23:11:06.000000Z"}, {"uuid": "cdca3177-9391-4cb4-ae71-dc32d6e5c4ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://t.me/cvedetector/13374", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12729 - Sophos Firewall Remote Code Execution SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12729 \nPublished : Dec. 19, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T23:10:58.000000Z"}, {"uuid": "97780513-035b-4166-b588-425c97a1d7fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12727", "type": "seen", "source": "https://t.me/true_secator/6568", "content": "Sophos \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Sophos Firewall, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 SSH-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Sophos Firewall \u0432\u0435\u0440\u0441\u0438\u0438 21.0 GA (21.0.0) \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n\n- CVE-2024-12727: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b. \u0415\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f Secure PDF eXchange (SPX) \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0440\u0435\u0436\u0438\u043c\u043e\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 (HA), \u043e\u043d\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442\u0447\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE.\n\n- CVE-2024-12728: \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u043c\u0430\u044f \u043d\u0435\u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0430\u044f \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0430\u044f \u0444\u0440\u0430\u0437\u0430 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 SSH \u0434\u043b\u044f \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d SSH, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437-\u0437\u0430 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n- CVE-2024-12729: \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 User Portal. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c -\u00a0KBA-000010084.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Sophos \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2024-12728 \u0438 CVE-2024-12729, \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2024-12728 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u0430\u043d\u0430\u043b\u043e\u043c HA, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0442\u0434\u0435\u043b\u0435\u043d \u043e\u0442 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 HA, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u0438\u043d\u043d\u0443\u044e \u0438 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0443\u044e \u0444\u0440\u0430\u0437\u0443.\n\n\u0414\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SSH \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 WAN \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Sophos Central \u0438\u043b\u0438 VPN.\n\n\u0414\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 CVE-2024-12729 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0440\u0442\u0430\u043b\u0430 \u0438 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2024-12-23T15:40:05.000000Z"}, {"uuid": "35fbf8a2-0d1e-4ab9-b2a3-47942cf3ad93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12728", "type": "seen", "source": "https://t.me/true_secator/6568", "content": "Sophos \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Sophos Firewall, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 SSH-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Sophos Firewall \u0432\u0435\u0440\u0441\u0438\u0438 21.0 GA (21.0.0) \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n\n- CVE-2024-12727: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b. \u0415\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f Secure PDF eXchange (SPX) \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0440\u0435\u0436\u0438\u043c\u043e\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 (HA), \u043e\u043d\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442\u0447\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE.\n\n- CVE-2024-12728: \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u043c\u0430\u044f \u043d\u0435\u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0430\u044f \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0430\u044f \u0444\u0440\u0430\u0437\u0430 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 SSH \u0434\u043b\u044f \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d SSH, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437-\u0437\u0430 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n- CVE-2024-12729: \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 User Portal. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c -\u00a0KBA-000010084.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Sophos \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2024-12728 \u0438 CVE-2024-12729, \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2024-12728 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u0430\u043d\u0430\u043b\u043e\u043c HA, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0442\u0434\u0435\u043b\u0435\u043d \u043e\u0442 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 HA, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u0438\u043d\u043d\u0443\u044e \u0438 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0443\u044e \u0444\u0440\u0430\u0437\u0443.\n\n\u0414\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SSH \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 WAN \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Sophos Central \u0438\u043b\u0438 VPN.\n\n\u0414\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 CVE-2024-12729 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0440\u0442\u0430\u043b\u0430 \u0438 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2024-12-23T15:40:05.000000Z"}, {"uuid": "5abd8f20-6152-4ebe-9ec7-24efad2274a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12721", "type": "seen", "source": "https://t.me/cvedetector/13483", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12721 - WooCommerce Custom Product Tabs PHP Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12721 \nPublished : Dec. 21, 2024, 7:15 a.m. | 15\u00a0minutes ago \nDescription : The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-21T08:38:37.000000Z"}, {"uuid": "40ad4958-ad41-410e-8ddd-c9811903d91d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12729", "type": "seen", "source": "https://t.me/true_secator/6568", "content": "Sophos \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Sophos Firewall, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 SSH-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Sophos Firewall \u0432\u0435\u0440\u0441\u0438\u0438 21.0 GA (21.0.0) \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n\n- CVE-2024-12727: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b. \u0415\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f Secure PDF eXchange (SPX) \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0440\u0435\u0436\u0438\u043c\u043e\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 (HA), \u043e\u043d\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442\u0447\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE.\n\n- CVE-2024-12728: \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u043c\u0430\u044f \u043d\u0435\u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0430\u044f \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0430\u044f \u0444\u0440\u0430\u0437\u0430 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 SSH \u0434\u043b\u044f \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d SSH, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437-\u0437\u0430 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n- CVE-2024-12729: \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 User Portal. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c -\u00a0KBA-000010084.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Sophos \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2024-12728 \u0438 CVE-2024-12729, \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2024-12728 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u0430\u043d\u0430\u043b\u043e\u043c HA, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0442\u0434\u0435\u043b\u0435\u043d \u043e\u0442 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 HA, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u0438\u043d\u043d\u0443\u044e \u0438 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0443\u044e \u0444\u0440\u0430\u0437\u0443.\n\n\u0414\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SSH \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 WAN \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Sophos Central \u0438\u043b\u0438 VPN.\n\n\u0414\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 CVE-2024-12729 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0440\u0442\u0430\u043b\u0430 \u0438 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2024-12-23T15:40:05.000000Z"}]}