{"vulnerability": "CVE-2024-20328", "sightings": [{"uuid": "2fe91af9-1655-4ee8-826d-deff5fe23f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "seen", "source": "https://gist.github.com/alon710/99f07d56e2e0fc4e47f8ca9a9fdb1443", "content": "", "creation_timestamp": "2026-01-24T21:32:14.000000Z"}, {"uuid": "78ef1e9d-e0d6-4536-b933-9495182eeff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/36", "content": "#exploit\n1. CVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\n2. CVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\n3. CVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation", "creation_timestamp": "2024-07-27T20:28:47.000000Z"}, {"uuid": "338668f5-bb2e-4fcf-8566-4d797e9cf253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "seen", "source": "https://t.me/itsec_news/4100", "content": "\u200b\u26a1\ufe0fClamAV 1.3.0: \u043d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 \u043e\u0442 Cisco \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 OneNote \u0438 Haiku\n\n\ud83d\udcac \u041f\u043e\u0441\u043b\u0435 6 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438, Cisco \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0433\u043e \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 ClamAV 1.3.0, \u0441\u0442\u0430\u0432\u0448\u0435\u0433\u043e \u0447\u0430\u0441\u0442\u044c\u044e Cisco \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0442\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Sourcefire \u0432 2013 \u0433\u043e\u0434\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043d\u0438\u043c\u0430\u043b\u0430\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 ClamAV \u0438 Snort. \u041f\u043e\u043c\u0438\u043c\u043e \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ClamAV 1.3.0 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 1.2.2 \u0438 1.0.5. \u0412\u043e\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u0432\u043d\u0435\u0441\u0435\u043d\u043d\u044b\u0435 \u0432 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\n\n\u0412\u0435\u0440\u0441\u0438\u044f 1.3.0:\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Microsoft OneNote. \u0424\u0443\u043d\u043a\u0446\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b clamd.conf, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 libclamav \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 daily.cfg.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0430 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 Haiku (BeOS-\u043f\u043e\u0434\u043e\u0431\u043d\u0430\u044f).\nClamD \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0439 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435, \u0432\u044b\u0432\u043e\u0434\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0443 \u0441 \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u0445\u043e\u0434\u0430 1 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0451 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f.\n\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a \u043f\u0440\u0438 \u0441\u0431\u043e\u0440\u043a\u0435 \u0441 CMake, \u0432\u043a\u043b\u044e\u0447\u0430\u044f libclamavrust, libclammspack, libclamunrariface, \u0438 libclamunrar.\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u043d\u0438\u0435 \u0442\u0438\u043f\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 Python (.pyc) \u0444\u0430\u0439\u043b\u043e\u0432, \u0443\u043b\u0443\u0447\u0448\u0430\u044f \u0442\u0438\u043f\u0438\u0437\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0434\u0435\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f PDF-\u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u043f\u0443\u0441\u0442\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438.\n\u0420\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u043b\u043a\u0438\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0447\u0430\u0442\u043e\u043a.\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 HTML-\u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0435\u0447\u043d\u043e\u0433\u043e \u0446\u0438\u043a\u043b\u0430 \u0432 ClamOnAcc \u043f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0433\u043e \u0441\u0431\u043e\u044f \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 VBA-\u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 HP-UX/IA 64bit.\n\u0412\u0435\u0440\u0441\u0438\u0438 1.2.2 \u0438 1.0.5:\n\nCVE-2024-20290: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 (Heap Overflow) \u0432 \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 OLE2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (Denial of Service, DoS).\nCVE-2024-20328: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044e VirusEvent \u0441\u043b\u0443\u0436\u0431\u044b ClamD. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0432 VirusEvent \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0442\u0440\u043e\u043a\u0438 '%f', \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043c\u0435\u043d\u044f\u043b\u0441\u044f \u043d\u0430 \u0438\u043c\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\u041d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 ClamAV, \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u0440\u0435\u043b\u0438\u0437\u043e\u0432 GitHub \u0438 \u0447\u0435\u0440\u0435\u0437 Docker Hub, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0440\u0430\u0437\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Alpine \u0438 Debian \u0434\u043b\u044f \u043c\u0443\u043b\u044c\u0442\u0438\u0430\u0440\u0445\u0438\u0432\u043d\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-09T17:21:56.000000Z"}, {"uuid": "c90ea4e4-e0de-47da-a038-c5247955979e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/7Ml4_lMheQFWoLP8HS6G4y2kPw4O-CbsZ96PEHQtUpuC3WA", "content": "", "creation_timestamp": "2025-05-04T05:10:20.000000Z"}, {"uuid": "970afd6c-18cc-42e8-84f9-d8a4b00a6046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/P054ImMwjqD_rl7lBAm-hCz5MlTq06QbnDeiIVFMTFFsHy4", "content": "", "creation_timestamp": "2025-05-04T05:11:16.000000Z"}, {"uuid": "9790941a-6b0e-4bf1-a147-aa7898029d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/m_uXFR_n3tw3cdqXp4eNTFp75GNkXoZP5JCdghj_BLdvWjAh", "content": "", "creation_timestamp": "2025-01-19T10:54:11.000000Z"}, {"uuid": "81de2a0c-06e1-47e7-90dc-22e5a82a8048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/sSOYy9sa0Jc9yTev23pVTCXx5ZwCCV54W3-F49CmFMjcWAGd", "content": "", "creation_timestamp": "2025-01-19T10:45:19.000000Z"}, {"uuid": "c5f7a149-4bc3-42cc-a6fb-623f2057f10e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/UrNq84zyBC1oMAufBesPTpXAbedIsqXaSNJFq3mfmDUScAM", "content": "", "creation_timestamp": "2024-10-04T00:51:11.000000Z"}, {"uuid": "a253e953-af2e-4b2b-baa7-b2adf201b798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/1o3RyjbxkBAdqVV1IakPcUVDj3AIfLmG662gmZzR_AzpiWSm", "content": "", "creation_timestamp": "2025-01-20T11:03:21.000000Z"}, {"uuid": "7c54815f-65f1-4c63-965f-8e23693aeecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/CRo72oop6ZwQnESqwzNS9o-UvXAtRRZBbTaMpkpQIbIEQGCv", "content": "", "creation_timestamp": "2025-01-19T09:05:11.000000Z"}, {"uuid": "328ed4e0-dea7-4cba-ba98-f21b7ec0d4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/56148", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:54.000000Z"}, {"uuid": "8f819b6e-7fab-4fbc-9ff7-89a52ec9c952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/610", "content": "#exploit\n1. CVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\n2. CVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\n3. CVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation", "creation_timestamp": "2024-07-27T20:30:55.000000Z"}, {"uuid": "ceeacec8-d6bb-4b42-adba-a58ea4a819df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/119126", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:53.000000Z"}, {"uuid": "29298511-4a30-4e9c-aea6-cb1eafdd7a1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/V1VUnV7rs7gBAtSdtSG9YU8DOLHIzu1kUZjtLh94w5_yW5C9", "content": "", "creation_timestamp": "2024-12-22T22:15:30.000000Z"}, {"uuid": "98e88917-d98f-409f-b697-e6c3f14fce0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/OIy-vi5ELr4cctl8ownkSK8SkQmdcofc4nGKbyP-zK6wBJzg", "content": "", "creation_timestamp": "2025-01-19T10:45:24.000000Z"}, {"uuid": "2be2ab48-654c-4512-85f1-0218e491b875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/PfifvZz7tMW-Pq-u9dIIWpX49EGHHaNBJSKvwqdUIESB65tP", "content": "", "creation_timestamp": "2025-01-19T10:54:13.000000Z"}, {"uuid": "ad9a2978-b2fb-49f7-9469-15b17b5f5c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "seen", "source": "https://t.me/ctinow/198043", "content": "https://ift.tt/HKijdXC\nCVE-2024-20328", "creation_timestamp": "2024-03-01T22:31:47.000000Z"}, {"uuid": "f05a3b35-bb70-4aa2-ab2a-a81c1528969e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/1yNdYtjM167PWJ8z4QCuhWfayRW6CDLYSnp7378ajV5EDt8", "content": "", "creation_timestamp": "2024-10-04T00:51:08.000000Z"}, {"uuid": "ee9c114e-7702-43ba-a5f7-5cd60c6d4f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/1Z5p7xYqKVRAHiS5stM6LcQjCrKKZtV6q5K3lriQD01vETjY", "content": "", "creation_timestamp": "2025-01-20T11:03:16.000000Z"}, {"uuid": "268660b4-0cb7-4da1-b6a0-181c8c963a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/MI65lLGsaGTIv40PK1J154YyMiL63QZNJWuw9XlT_YRsFb40", "content": "", "creation_timestamp": "2025-01-19T09:05:12.000000Z"}, {"uuid": "7871043a-918b-49ea-9057-8b708f4fc3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "Telegram/7b0KDMH2WfquipCst9Tv71iesbtnEU4bQJg16OEgDf9nbvsj", "content": "", "creation_timestamp": "2024-12-22T22:15:27.000000Z"}, {"uuid": "74a10c50-1071-4c16-896d-b2beba0120ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9952", "content": "#exploit\n1. CVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\n2. CVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\n3. CVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation", "creation_timestamp": "2024-02-12T00:32:41.000000Z"}, {"uuid": "597d8faf-8f59-4422-ba2a-129958fe3710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20328", "type": "seen", "source": "https://t.me/ctinow/198034", "content": "https://ift.tt/HKijdXC\nCVE-2024-20328", "creation_timestamp": "2024-03-01T22:31:38.000000Z"}]}