{"vulnerability": "CVE-2024-2035", "sightings": [{"uuid": "5500448b-28a4-4972-b26f-83213275dd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-04-24T18:10:02.000000Z"}, {"uuid": "6ad9adff-075c-42d9-9569-1937c585cfe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-04-24T18:10:03.000000Z"}, {"uuid": "8e92d50d-80e0-4ebe-9d8b-68c651859629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/92214b3e-76c6-48b1-bf92-061c7f55e302", "content": "", "creation_timestamp": "2024-04-25T11:22:35.000000Z"}, {"uuid": "e9403c87-9a8c-471e-9401-597af240fe39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/92214b3e-76c6-48b1-bf92-061c7f55e302", "content": "", "creation_timestamp": "2024-04-25T11:25:45.000000Z"}, {"uuid": "32c8d155-57af-4715-9f62-4e51b5daa7da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/54cfe842-09c0-4257-8fcc-3c1498bbd9f2", "content": "", "creation_timestamp": "2024-04-25T13:18:02.000000Z"}, {"uuid": "d14ef2d1-dfdd-4a0e-b482-16c87b44284b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/54cfe842-09c0-4257-8fcc-3c1498bbd9f2", "content": "", "creation_timestamp": "2024-04-25T13:18:02.000000Z"}, {"uuid": "c86ab821-5f9c-49b2-9c77-fbf62dbdfd16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/da3eb576-b0a7-402d-aff2-d72dec3dce6a", "content": "", "creation_timestamp": "2024-04-24T17:36:17.000000Z"}, {"uuid": "5a572dc5-cd5d-44c4-b488-9e08fd7b9828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/ca9eb2b2-1e62-49fc-be25-6c9352140d61", "content": "", "creation_timestamp": "2024-04-24T21:48:48.000000Z"}, {"uuid": "25238b01-4f69-4574-96f5-e151eb4448ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/ca9eb2b2-1e62-49fc-be25-6c9352140d61", "content": "", "creation_timestamp": "2024-04-24T21:52:17.000000Z"}, {"uuid": "28b36455-9e18-47f5-8abf-c2c4f97a5915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:54.000000Z"}, {"uuid": "f094d50e-629f-457c-b3bf-d780a779b60c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:53.000000Z"}, {"uuid": "6b07f96a-1e89-4358-b00a-224ffb4888f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m5km2r2doqy2", "content": "", "creation_timestamp": "2025-11-14T02:11:04.532296Z"}, {"uuid": "6228a851-747f-4784-aea4-d6b72bb23862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv5sjlsu752k", "content": "", "creation_timestamp": "2025-07-30T04:40:18.025973Z"}, {"uuid": "1b834796-32d7-4f59-b289-1a70f3a2e94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv5vupkd7f23", "content": "", "creation_timestamp": "2025-07-30T05:40:12.515440Z"}, {"uuid": "eacf5ad4-3e85-4c42-a55e-d78972f0553f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115548072919219884", "content": "", "creation_timestamp": "2025-11-14T12:34:31.837365Z"}, {"uuid": "97a29909-e2f4-4170-ab08-de268beca749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://gist.github.com/Darkcrai86/59ca020982ae9de96192669e7f1c9f9d", "content": "", "creation_timestamp": "2025-11-14T08:13:12.000000Z"}, {"uuid": "d59ac89b-2cfe-4e10-acb2-2449ffd1c9a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115548072919219884", "content": "", "creation_timestamp": "2025-11-14T12:34:31.907604Z"}, {"uuid": "d26daac6-e61c-4dfd-a595-15cb23850a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3mciwwjchnm2u", "content": "", "creation_timestamp": "2026-01-16T01:25:55.454459Z"}, {"uuid": "5fe5457a-c20a-4e69-a473-a55b6abd1d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://threatintel.cc/2025/11/14/cisa-warns-feds-to-fully.html", "content": "", "creation_timestamp": "2025-11-14T11:34:55.000000Z"}, {"uuid": "a50d6a2b-1e2c-4427-ba0e-370876f354f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://threatintel.cc/2025/11/14/cisa-warns-feds-to-fully.html", "content": "", "creation_timestamp": "2025-11-14T11:34:55.000000Z"}, {"uuid": "a5804e38-e3dc-4c85-95b9-e9cdc478fb85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/RedTeamFeed/273", "content": "CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM\n#nettitude\n\nThe Cisco C195 is a Cisco Email Security Appliance device. Its role is to act as an SMTP gateway on your network perimeter. This device (and the full range of appliance devices) is heavily locked down and prevents unauthorised code from running. Source: https://www.melbourneglobal.com.au/cisco-esa-c195-k9-esa-c195-email/ I recently took one of these apart in order [...]\n\nvia Nettitude Labs Blog (author: Aaron Thacker)", "creation_timestamp": "2024-04-18T14:55:08.000000Z"}, {"uuid": "91b0118c-54ee-4fef-b96b-a4382e2afa66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2024", "content": "", "creation_timestamp": "2024-04-24T20:05:36.000000Z"}, {"uuid": "325365cb-68d9-4704-aed3-96c17fae722b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20358", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2024", "content": "", "creation_timestamp": "2024-04-24T20:05:36.000000Z"}, {"uuid": "8a4e78b7-c645-42bc-beed-b2e844362f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1278", "content": "", "creation_timestamp": "2024-04-25T04:00:00.000000Z"}, {"uuid": "cfd43108-d316-44c0-b282-d759e9030726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1278", "content": "", "creation_timestamp": "2024-04-25T04:00:00.000000Z"}, {"uuid": "5ee6681e-0af1-4adb-8322-3d3f26d3a5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0f4cd48e-b3f2-4cb5-81ea-77ddf45a56e0", "content": "", "creation_timestamp": "2024-12-20T07:12:35.208963Z"}, {"uuid": "bc31bc42-f36c-4929-bb10-a0339f1f89ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0f4cd48e-b3f2-4cb5-81ea-77ddf45a56e0", "content": "", "creation_timestamp": "2024-12-20T07:12:35.208963Z"}, {"uuid": "ca3b48b6-dc35-4b57-8fef-1db69efe972a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-20358", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0f4cd48e-b3f2-4cb5-81ea-77ddf45a56e0", "content": "", "creation_timestamp": "2024-12-20T07:12:35.208963Z"}, {"uuid": "40d85415-ca72-48db-abff-03360b2dcce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7971", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2024-20353 [Cisco] < Unauthenticated < Denial Of Service\nURL\uff1ahttps://github.com/codeb0ss/CVE-2024-20353-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-13T16:06:16.000000Z"}, {"uuid": "de704c58-a490-48f6-9fd0-421f6b5fdcb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/19631610-dc3d-4a96-a673-e19bafaf9b91", "content": "", "creation_timestamp": "2026-04-19T17:02:53.000000Z"}, {"uuid": "43fc90db-28e2-493a-9d95-addb70022d9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2035", "type": "seen", "source": "MISP/19631610-dc3d-4a96-a673-e19bafaf9b91", "content": "", "creation_timestamp": "2026-04-19T17:02:53.000000Z"}, {"uuid": "d5cda04a-bbcc-4aa3-982e-bd7bb22a9eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12767", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM.\n\nhttps://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/", "creation_timestamp": "2024-04-20T12:36:36.000000Z"}, {"uuid": "e0ef9d68-4d97-4e6a-af5d-6be28b8844fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2024", "content": "", "creation_timestamp": "2024-04-24T20:05:36.000000Z"}, {"uuid": "ea475abb-283e-466e-823c-1f61b531121f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-20359", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1c2b1901-4ff5-40c6-94ea-f9d0d95426b8", "content": "", "creation_timestamp": "2026-02-02T12:26:37.726144Z"}, {"uuid": "6dd76ace-f6a7-4cd9-aa24-9c9a929c9795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3d332800-7861-4807-a935-66af2736ab84", "content": "", "creation_timestamp": "2026-02-02T12:26:37.850253Z"}, {"uuid": "2f53420e-4146-453f-8dc8-79a39c29b4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://t.me/itsec_news/4399", "content": "\u200b\u26a1\ufe0f\u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442 \u041a\u0438\u0442\u0430\u044f \u2013 \u043e\u0440\u0443\u0436\u0438\u0435 ArcaneDoor: \u043a\u0430\u043a \u0446\u0435\u043d\u0437\u0443\u0440\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Censys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 ArcaneDoor, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u041a\u0438\u0442\u0430\u0435\u043c. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 2023 \u0433\u043e\u0434\u0430, \u0430 \u043f\u0435\u0440\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0438\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u043e\u0439 UAT4356 (Storm-1849), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0434\u0432\u0430 \u0442\u0438\u043f\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e: Line Runner \u0438 Line Dancer. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Cisco Adaptive Security Appliances, \u0443\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 ( CVE-2024-20353 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8.6 \u0438 CVE-2024-20359 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6.0).\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c Microsoft Exchange \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439. \u041f\u043e\u0441\u043b\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Censys \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u0434\u0435\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u041a\u0438\u0442\u0430\u044f. 4 \u0438\u0437 5 \u0445\u043e\u0441\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 SSL-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u044f\u0445 Tencent \u0438 ChinaNet.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0434\u0438\u043d \u0438\u0437 \u0445\u043e\u0441\u0442\u043e\u0432 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u041f\u0430\u0440\u0438\u0436\u0435 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0430\u043d\u0442\u0438\u0446\u0435\u043d\u0437\u0443\u0440\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c Marzban. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e Marzban \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, \u0447\u0442\u043e \u043e\u043d \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0412\u0435\u043b\u0438\u043a\u043e\u0433\u043e \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0424\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0430 (Great Firewall, \u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442).\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0442\u043e\u0433\u043e, \u0441\u043f\u043e\u043d\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438, \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0430. \u0425\u043e\u0442\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u0435\u0442\u0435\u0439, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0433\u043e\u043b\u043e\u0432\u043e\u043b\u043e\u043c\u043a\u0438, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0430\u043a\u0442\u043e\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043c\u0435\u0442\u043e\u0434\u044b \u0430\u0442\u0430\u043a, \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442. \u0412\u043f\u043e\u043b\u043d\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0441\u044f \u043f\u043e \u043c\u0435\u0440\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0446\u0435\u043b\u044f\u0445 \u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Adaptive Security Appliances, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0438\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440, VPN \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u043d\u0435\u0434\u0440\u0443\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432. \u0412\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0443\u043c\u044f \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043c\u0438\u0440\u0430. \u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-07T14:36:12.000000Z"}, {"uuid": "159e7283-9775-4a20-89de-6266fa76e16a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/itsec_news/4399", "content": "\u200b\u26a1\ufe0f\u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442 \u041a\u0438\u0442\u0430\u044f \u2013 \u043e\u0440\u0443\u0436\u0438\u0435 ArcaneDoor: \u043a\u0430\u043a \u0446\u0435\u043d\u0437\u0443\u0440\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Censys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 ArcaneDoor, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u041a\u0438\u0442\u0430\u0435\u043c. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 2023 \u0433\u043e\u0434\u0430, \u0430 \u043f\u0435\u0440\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0438\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u043e\u0439 UAT4356 (Storm-1849), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0434\u0432\u0430 \u0442\u0438\u043f\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e: Line Runner \u0438 Line Dancer. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Cisco Adaptive Security Appliances, \u0443\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 ( CVE-2024-20353 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8.6 \u0438 CVE-2024-20359 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6.0).\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c Microsoft Exchange \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439. \u041f\u043e\u0441\u043b\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Censys \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u0434\u0435\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u041a\u0438\u0442\u0430\u044f. 4 \u0438\u0437 5 \u0445\u043e\u0441\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 SSL-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u044f\u0445 Tencent \u0438 ChinaNet.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0434\u0438\u043d \u0438\u0437 \u0445\u043e\u0441\u0442\u043e\u0432 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u041f\u0430\u0440\u0438\u0436\u0435 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0430\u043d\u0442\u0438\u0446\u0435\u043d\u0437\u0443\u0440\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c Marzban. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e Marzban \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, \u0447\u0442\u043e \u043e\u043d \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0412\u0435\u043b\u0438\u043a\u043e\u0433\u043e \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0424\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0430 (Great Firewall, \u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442).\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0442\u043e\u0433\u043e, \u0441\u043f\u043e\u043d\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438, \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0430. \u0425\u043e\u0442\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u0435\u0442\u0435\u0439, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0433\u043e\u043b\u043e\u0432\u043e\u043b\u043e\u043c\u043a\u0438, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0430\u043a\u0442\u043e\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043c\u0435\u0442\u043e\u0434\u044b \u0430\u0442\u0430\u043a, \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442. \u0412\u043f\u043e\u043b\u043d\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0441\u044f \u043f\u043e \u043c\u0435\u0440\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0446\u0435\u043b\u044f\u0445 \u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Adaptive Security Appliances, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0438\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440, VPN \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u043d\u0435\u0434\u0440\u0443\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432. \u0412\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0443\u043c\u044f \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043c\u0438\u0440\u0430. \u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-07T14:36:12.000000Z"}, {"uuid": "1cee63cf-77eb-487f-b7bc-0288b42bd22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20350", "type": "seen", "source": "https://t.me/ics_cert/923", "content": "\u0628\u0627\u0631 \u062f\u06cc\u06af\u0631\u060c \u0645\u0627 \u062c\u062f\u06cc \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0627\u062f\u06cc\u062f\u0647 \u0646\u0645\u06cc \u06af\u06cc\u0631\u06cc\u0645. \u0627\u0645\u0631\u0648\u0632 \u0648\u0636\u0639\u06cc\u062a \u0686\u06cc\u0632\u06cc \u0634\u0628\u06cc\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0627\u0633\u062a:\n\n1. HPE Aruba Networking \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0631\u0627 \u062f\u0631 CLI \u0646\u0642\u0627\u0637 \u062f\u0633\u062a\u0631\u0633\u06cc \u0622\u0631\u0648\u0628\u0627 \u062e\u0648\u062f \u06a9\u0647 \u0627\u0632 Instant AOS-8 \u0648 AOS-10 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06a9\u062f \u0631\u0627 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\nCVE-2024-42505\u060c CVE-2024-42506\u060c \u0648 CVE-2024-42507 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u067e\u0648\u0631\u062a PAPI UDP \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0645\u062a\u0627\u0632 \u0648 RCE \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0642\u0648\u06cc\u0627\u064b \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f.\n\n\u0647\u06cc\u0686 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u06cc\u0627 PoC \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f.\n\n2. OpenPLC \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0648 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc DoS \u0648 RCE \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u062a\u0648\u0633\u0637 Cisco Talos \u0641\u0627\u0634 \u0634\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 17 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\n\n\u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-34026 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc EtherNet/IP \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0631\u0648\u06cc \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-36980\u060c CVE-2024-36981\u060c CVE-2024-39589 \u0648 CVE-2024-39590 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0646\u06cc\u0632 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0631\u0648\u0634\u06cc \u0645\u0634\u0627\u0628\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f\u060c \u0627\u0645\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u06cc\u06a9 \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u06cc \u0634\u0648\u062f.\n\n3. \u062e\u0648\u062f \u0633\u06cc\u0633\u06a9\u0648 \u0646\u06cc\u0632 11 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u062c\u0645\u0644\u0647 7 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u06a9\u0647 IOS \u0648 IOS XE \u062f\u0627\u0631\u0646\u062f \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0634\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0634\u0634 \u0645\u0634\u06a9\u0644 DoS \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0645\u0624\u0644\u0641\u0647 UTD\u060c \u0648\u06cc\u0698\u06af\u06cc RSVP\u060c \u0648\u06cc\u0698\u06af\u06cc PIM\u060c \u0648\u06cc\u0698\u06af\u06cc DHCP Snooping\u060c \u0648\u06cc\u0698\u06af\u06cc HTTP Server\u060c \u0648 \u06a9\u062f \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u062c\u062f\u062f \u0642\u0637\u0639\u0647 \u0642\u0637\u0639\u0647 IPv4 \u062f\u0631 IOS \u0648 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0628\u062f\u0648\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u060c \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u06cc\u0627 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u060c \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f.\n\n\u0647\u0641\u062a\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0648\u0628 IOS XE \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a CSRF \u0634\u0648\u062f\u060c \u0627\u06af\u0631 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647\u060c \u06a9\u0627\u0631\u0628\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a\u200c\u0634\u062f\u0647 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0631\u0641\u0639 \u062f\u0648 \u0628\u0627\u06af \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 SSH \u0645\u0631\u06a9\u0632 Catalyst (CVE-2024-20350)\u060c Crosswork Network Services Orchestrator (NSO) JSON-RPC API \u0648 ConfD (CVE-2024-20381) \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u062f\u0631 \u0645\u0648\u0631\u062f CVE-2024-20350\u060c \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0645\u06cc\u0632\u0628\u0627\u0646 SSH \u0627\u06cc\u0633\u062a\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u063a\u06cc\u0631\u0642\u0627\u0646\u0648\u0646\u06cc \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0647\u06af\u06cc\u0631\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 SSH \u0648 \u062f\u0633\u062a\u06af\u0627\u0647 Catalyst Center\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u0632\u0631\u06cc\u0642 \u0641\u0631\u0645\u0627\u0646 \u0648 \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u060c \u062d\u0645\u0644\u0647 MitM \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f.\n\nCVE-2024-20381 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0645\u062c\u0648\u0632 \u062f\u0631 JSON-RPC API \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u062a\u0623\u06cc\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f\u060c \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c CVE-2024-20381 \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0631\u0648\u062a\u0631\u0647\u0627\u06cc RV340 Dual WAN Gigabit VPN\u060c \u06a9\u0647 \u0628\u0647 EoL \u0631\u0633\u06cc\u062f\u0647 \u0627\u0646\u062f \u0648 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0646\u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627  \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert", "creation_timestamp": "2024-09-27T08:45:27.000000Z"}, {"uuid": "cc2badce-d204-4726-84b2-1fa59c9d2d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20350", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/926", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u062c\u0631\u0627\u06cc \u0633\u0631\u0648\u0631 SSH \u0633\u06cc\u0633\u062a\u0645 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u0634\u0628\u06a9\u0647 Cisco Catalyst Center (Cisco DNA Center \u0633\u0627\u0628\u0642) \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0644\u06af\u0648\u0631\u06cc\u062a\u0645\u200c\u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0631\u0645\u0632\u0646\u06af\u0627\u0631\u06cc \u0634\u062f\u0647 \u0628\u0627 \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0633\u062e\u062a\u200c\u06a9\u062f \u0634\u062f\u0647 \u0645\u0631\u062a\u0628\u0637 \u0627\u0633\u062a. \n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06cc\u06a9 \u062d\u0645\u0644\u0647 \u062c\u0639\u0644 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u062f\n\nBDU: 2024-07524\nCVE-2024-20350\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN) \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-09-29T04:48:43.000000Z"}, {"uuid": "3725f594-cc6e-4f4d-92b1-d06e5c63381b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7342", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA oxidized version of https://github.com/nettitude/CVE-2024-20356/blob/main/CVE-2024-20356.py\nURL\uff1ahttps://github.com/SherllyNeo/CVE_2024_20356\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T01:00:41.000000Z"}, {"uuid": "1b5b1e08-c018-469e-9625-03cb11cf7626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20351", "type": "seen", "source": "https://t.me/cvedetector/8730", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20351 - Cisco Firepower Threat Defense TCP/IP Traffic Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-20351 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition.  \n  \nThis vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:28.000000Z"}, {"uuid": "0f182ded-fb1c-4b2a-b725-b682b14d97f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/20800", "content": "https://github.com/nettitude/CVE-2024-20356\n\nThis is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.\n#github #exploit", "creation_timestamp": "2024-11-23T16:58:04.000000Z"}, {"uuid": "ea3062cf-8c9d-43a0-8ba7-3eb73cb6ad45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20350", "type": "seen", "source": "https://t.me/cvedetector/6350", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20350 - \"Cisco Catalyst Center SSH Host Key Impersonation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20350 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.  \n  \nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:23.000000Z"}, {"uuid": "c4fb6320-3a68-4d55-96da-c93954734294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/5270", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:10.000000Z"}, {"uuid": "ebc53057-8cde-4aca-a897-7ad428bffc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1808", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:11.000000Z"}, {"uuid": "f61a3d51-3e15-4811-9031-c8b99eb4b0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1773", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-19T08:29:59.000000Z"}, {"uuid": "4273cc3e-5f49-46be-93b4-f565b65909ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/684", "content": "#exploit\n1. CVE-2024-20356:\nhttps://github.com/nettitude/CVE-2024-20356\n\n2. \"Randar\" Minecraft Exploit:\nExplanation and Information\nhttps://github.com/spawnmason/randar-explanation\n\n3. CVE-2023-20198:\nCisco IOS XE\u00a0Privilege Escalation\nhttps://github.com/XiaomingX/CVE-2023-20198-poc", "creation_timestamp": "2024-12-31T06:28:27.000000Z"}, {"uuid": "ea451bf4-55c1-4559-8f1e-b439f954d5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1060", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:26.000000Z"}, {"uuid": "9637e941-baba-4ee6-ac11-e6c931cb2d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "Telegram/X1XGaX2zUJfZQX1mIckcJZ_9DGvp9ENiz4f48qr3xBA2ibI", "content": "", "creation_timestamp": "2024-06-05T05:24:55.000000Z"}, {"uuid": "efed1e16-5b69-4ab8-b4fc-2324975e79bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3790", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:32.000000Z"}, {"uuid": "b8819219-dba6-49a3-8560-03a3b76a189c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24064", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:52.000000Z"}, {"uuid": "13b6ce39-079e-48df-85ac-df8cae81566f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8876", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "b93a4cc4-95c9-4c87-8124-1f4f83c25053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2012", "content": "CVE-2024-20356\nJailbreaking a Cisco appliance to run DOOM\n*\n\u0421\u0430\u043c POC exploit\n*\n\u041d\u0443 \u043a\u0430\u043a \u0441\u0430\u043c DOOM \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430 \u0446\u0438\u0441\u043a\u0435 \u043f\u043e\u0434\u043e\u0434\u0435\u044f\u043b\u044c\u043d\u0438\u043a\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0442\u0443\u0442\n\n#IDDQD #IDKFA", "creation_timestamp": "2024-04-22T10:03:51.000000Z"}, {"uuid": "f6d5944b-1a15-43f5-ac5b-1e93bad85593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20350", "type": "seen", "source": "https://t.me/true_secator/6254", "content": "\u0418 \u0432\u043d\u043e\u0432\u044c \u043d\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c \u0431\u0435\u0437 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043a\u0430\u043a-\u0442\u043e \u0442\u0430\u043a:\n\n1. HPE Aruba Networking \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 CLI \u0441\u0432\u043e\u0438\u0445 \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Aruba, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Instant AOS-8 \u0438 AOS-10, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\nCVE-2024-42505, CVE-2024-42506 \u0438 CVE-2024-42507 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 UDP-\u043f\u043e\u0440\u0442 PAPI \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 RCE \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 PoC \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e.\n\n2. \u0412 OpenPLC \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f DoS \u0438 RCE.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 Cisco Talos. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 17 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2024-34026 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 EtherNet/IP.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 CVE-2024-36980, CVE-2024-36981, CVE-2024-39589 \u0438 CVE-2024-39590 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e DoS.\n\n3. \u0421\u0430\u043c\u0430 Cisco \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 7 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c IOS \u0438 IOS XE.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0448\u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 DoS, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 UTD, \u0444\u0443\u043d\u043a\u0446\u0438\u044e RSVP, \u0444\u0443\u043d\u043a\u0446\u0438\u044e PIM, \u0444\u0443\u043d\u043a\u0446\u0438\u044e DHCP Snooping, \u0444\u0443\u043d\u043a\u0446\u0438\u044e HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u043a\u043e\u0434 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0439 \u0441\u0431\u043e\u0440\u043a\u0438 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 IPv4 \u0432 IOS \u0438 IOS XE.\n\n\u0412\u0441\u0435 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0438\u043b\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u0421\u0435\u0434\u044c\u043c\u0430\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f IOS XE \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a CSRF-\u0430\u0442\u0430\u043a\u0430\u043c, \u0435\u0441\u043b\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0431\u0435\u0434\u0438\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043f\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 SSH-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Catalyst Center (CVE-2024-20350), JSON-RPC API Crosswork Network Services Orchestrator (NSO) \u0438 ConfD (CVE-2024-20381).\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 CVE-2024-20350 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043a\u043b\u044e\u0447 \u0445\u043e\u0441\u0442\u0430 SSH \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 MitM, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0432 \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 SSH \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c Catalyst Center, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043a\u0440\u0430\u0436\u0443 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\nCVE-2024-20381 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430\u043c\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 API JSON-RPC \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2024-20381 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b RV340 Dual WAN Gigabit VPN, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0438\u0433\u043b\u0438 EoL \u0438 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.", "creation_timestamp": "2024-09-26T19:30:05.000000Z"}, {"uuid": "f57e775d-8599-4be8-9434-a5c86b2bd828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "Telegram/RwY6Qx7q79BGFkuYNtskNo4YfaA4RR8J0sppT16Si3kAhAp8", "content": "", "creation_timestamp": "2024-10-19T08:21:04.000000Z"}, {"uuid": "ceab24f8-15d8-4290-a7f2-d36095f69269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7512", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "0956a879-da11-4798-a3fd-d474e37d97e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1504", "content": "https://nvd.nist.gov/vuln/detail/CVE-2024-20353\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:05.000000Z"}, {"uuid": "e508fa26-de55-4ff1-a4cc-9d27d964b209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/true_secator/5676", "content": "\u0410 \u0432\u043e\u0442 Cisco, \u043d\u0430\u043f\u0440\u043e\u0442\u0438\u0432, \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0435 \u043f\u043e\u0440\u0430\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0445\u043e\u0440\u043e\u0448\u0438\u043c\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UAT4356 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 0-day \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Adaptive Security Appliance (ASA) \u0438 Firepower Threat Defense (FTD).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0442\u0435 \u0441\u0430\u043c\u044b\u0435 \u043d\u0443\u043b\u0438: CVE-2024-20353 (CVSS: 8,6, DoS) \u0438 CVE-2024-20359 (CVSS: 6,0, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430).\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043a PSIRT \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 ASA.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0441 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430: Line Runner \u0438 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0437\u0430\u0445\u0432\u0430\u0442 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435  \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u043e\u0432, Line Dancer, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c\u00a0Line Runner, \u043e\u0441\u043d\u0430\u0449\u0435\u043d \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 Lua \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044f Cisco \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441\u0440\u0435\u0434\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 Cisco \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Microsoft \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0443 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 \u043d\u0443\u043b\u0435\u0439 \u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043b\u044e\u0431\u044b\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043d\u0435\u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445\u00a0Cisco \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u0440\u0430\u0437\u0438\u043b\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e\u00a0\u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ASA \u0438\u043b\u0438 FTD.", "creation_timestamp": "2024-04-25T12:15:05.000000Z"}, {"uuid": "72e3b077-f0e8-4c18-97fa-d8d64c312778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "seen", "source": "https://t.me/true_secator/5676", "content": "\u0410 \u0432\u043e\u0442 Cisco, \u043d\u0430\u043f\u0440\u043e\u0442\u0438\u0432, \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0435 \u043f\u043e\u0440\u0430\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0445\u043e\u0440\u043e\u0448\u0438\u043c\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UAT4356 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 0-day \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Adaptive Security Appliance (ASA) \u0438 Firepower Threat Defense (FTD).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0442\u0435 \u0441\u0430\u043c\u044b\u0435 \u043d\u0443\u043b\u0438: CVE-2024-20353 (CVSS: 8,6, DoS) \u0438 CVE-2024-20359 (CVSS: 6,0, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430).\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043a PSIRT \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 ASA.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0441 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430: Line Runner \u0438 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0437\u0430\u0445\u0432\u0430\u0442 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435  \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u043e\u0432, Line Dancer, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c\u00a0Line Runner, \u043e\u0441\u043d\u0430\u0449\u0435\u043d \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 Lua \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044f Cisco \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441\u0440\u0435\u0434\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 Cisco \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Microsoft \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0443 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 \u043d\u0443\u043b\u0435\u0439 \u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043b\u044e\u0431\u044b\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043d\u0435\u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445\u00a0Cisco \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u0440\u0430\u0437\u0438\u043b\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e\u00a0\u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ASA \u0438\u043b\u0438 FTD.", "creation_timestamp": "2024-04-25T12:15:05.000000Z"}, {"uuid": "337e1c14-8198-4aa7-9adf-15b06a9f370f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/ctftm/655", "content": "#exploit\n1. CVE-2024-20356:\nhttps://github.com/nettitude/CVE-2024-20356\n\n2. \"Randar\" Minecraft Exploit:\nExplanation and Information\nhttps://github.com/spawnmason/randar-explanation\n\n3. CVE-2023-20198:\nCisco IOS XE\u00a0Privilege Escalation\nhttps://github.com/XiaomingX/CVE-2023-20198-poc", "creation_timestamp": "2024-12-14T21:15:02.000000Z"}, {"uuid": "f84ad46b-2882-4ee7-bc45-553a51626ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2349", "content": "https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/\n\nCVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM\n#\u5206\u6790 #poc", "creation_timestamp": "2024-04-20T02:10:24.000000Z"}, {"uuid": "3911bb46-0c3b-448f-a070-f1e359b64fc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://t.me/thehackernews/4917", "content": "New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359) and others may be linked to China-based actors.\n\nRead: https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html\n\nThe attacks used custom Line Runner and Line Dancer malware.", "creation_timestamp": "2024-05-06T15:51:16.000000Z"}, {"uuid": "a10dde44-8497-4847-a725-8fd7b6acde8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "exploited", "source": "https://t.me/thehackernews/4917", "content": "New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359) and others may be linked to China-based actors.\n\nRead: https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html\n\nThe attacks used custom Line Runner and Line Dancer malware.", "creation_timestamp": "2024-05-06T15:51:16.000000Z"}, {"uuid": "e37c8ef5-571e-4fe4-975e-99fc698a7b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2364", "content": "https://github.com/nettitude/CVE-2024-20356\n\nThis is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.\n#github #poc", "creation_timestamp": "2024-04-23T09:13:21.000000Z"}, {"uuid": "efaf2186-ed43-4f9c-9f13-20d3e759eac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://t.me/S_E_Reborn/4711", "content": "ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices\n\n\u041a\u0442\u043e-\u0442\u043e \u043b\u043e\u043c\u0430\u0435\u0442 Cisco, Cisco Talos \u0431\u044c\u0435\u0442 \u0442\u0440\u0435\u0432\u043e\u0433\u0443. \u041d\u0435\u043a\u0438\u0439 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0430\u043a\u0442\u043e\u0440 (\u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u043a\u0438\u0442\u0430\u0439\u0446\u044b \u0438\u043b\u0438 \u0440\u043e\u0441\u0441\u0438\u044f\u043d\u0435) \u0443\u0436\u0435 \u043f\u044f\u0442\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0442\u0435\u0440\u0440\u043e\u0440\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b ASA (CVE-2024-20353) \u0438 FTD (CVE-2024-20359).\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f, \u0432\u043d\u0443\u0442\u0440\u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u0441\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043b\u043e\u0433\u0438, \u0445\u0443\u043a\u0430\u0435\u0442 hash dump \u043f\u0440\u043e\u0446\u0435\u0441\u0441 (\u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0430\u043c\u043f\u0430), \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0431\u0435\u043a\u0434\u043e\u0440, \u2014 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 host-scan-reply (\u0443\u0447\u0430\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 SSL VPN) \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 \u0443\u0436\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Ivanti Connect Secure, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u0441 \u044d\u0442\u043e\u0439 \u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.", "creation_timestamp": "2024-04-29T11:49:54.000000Z"}, {"uuid": "79922668-05fc-4a0e-bb1f-c13e3e4fa692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "exploited", "source": "https://t.me/S_E_Reborn/4711", "content": "ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices\n\n\u041a\u0442\u043e-\u0442\u043e \u043b\u043e\u043c\u0430\u0435\u0442 Cisco, Cisco Talos \u0431\u044c\u0435\u0442 \u0442\u0440\u0435\u0432\u043e\u0433\u0443. \u041d\u0435\u043a\u0438\u0439 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0430\u043a\u0442\u043e\u0440 (\u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u043a\u0438\u0442\u0430\u0439\u0446\u044b \u0438\u043b\u0438 \u0440\u043e\u0441\u0441\u0438\u044f\u043d\u0435) \u0443\u0436\u0435 \u043f\u044f\u0442\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0442\u0435\u0440\u0440\u043e\u0440\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b ASA (CVE-2024-20353) \u0438 FTD (CVE-2024-20359).\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f, \u0432\u043d\u0443\u0442\u0440\u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u0441\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043b\u043e\u0433\u0438, \u0445\u0443\u043a\u0430\u0435\u0442 hash dump \u043f\u0440\u043e\u0446\u0435\u0441\u0441 (\u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0430\u043c\u043f\u0430), \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0431\u0435\u043a\u0434\u043e\u0440, \u2014 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 host-scan-reply (\u0443\u0447\u0430\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 SSL VPN) \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 \u0443\u0436\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Ivanti Connect Secure, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u0441 \u044d\u0442\u043e\u0439 \u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.", "creation_timestamp": "2024-04-29T11:49:54.000000Z"}, {"uuid": "a655a95e-b9b2-46ca-a972-0634b3d45e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11248", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-07T18:09:24.000000Z"}, {"uuid": "f6ead25a-982a-46f4-bef9-121a0e39ff46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/InfoSecInsider/495", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:53.000000Z"}, {"uuid": "c997f6aa-09e1-419e-8281-e715f0f92459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11470", "content": "#exploit\n1. CVE-2024-20356:\nhttps://github.com/nettitude/CVE-2024-20356\n\n2. \"Randar\" Minecraft Exploit:\nExplanation and Information\nhttps://github.com/spawnmason/randar-explanation\n\n3. CVE-2023-20198:\nCisco IOS XE\u00a0Privilege Escalation\nhttps://github.com/XiaomingX/CVE-2023-20198-poc", "creation_timestamp": "2024-11-25T11:41:33.000000Z"}, {"uuid": "41e76705-4441-47a1-ad23-4fc10565eee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "Telegram/GTt1IIq5bcjEgKMO7Ej61BWUZwwoYSe21m2slARUqmFoJNE", "content": "", "creation_timestamp": "2024-04-29T15:27:26.000000Z"}, {"uuid": "c37054f7-0b43-4279-8044-097dba35aab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20359", "type": "exploited", "source": "Telegram/GTt1IIq5bcjEgKMO7Ej61BWUZwwoYSe21m2slARUqmFoJNE", "content": "", "creation_timestamp": "2024-04-29T15:27:26.000000Z"}, {"uuid": "b2f6416c-2e5a-4503-ac00-727015fe07e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20356", "type": "seen", "source": "https://t.me/Rootsec_2/5231", "content": "#exploit\n1. CVE-2024-20356:\nhttps://github.com/nettitude/CVE-2024-20356\n\n2. \"Randar\" Minecraft Exploit:\nExplanation and Information\nhttps://github.com/spawnmason/randar-explanation\n\n3. CVE-2023-20198:\nCisco IOS XE\u00a0Privilege Escalation\nhttps://github.com/XiaomingX/CVE-2023-20198-poc", "creation_timestamp": "2024-11-24T05:25:14.000000Z"}]}