{"vulnerability": "CVE-2024-20353", "sightings": [{"uuid": "5500448b-28a4-4972-b26f-83213275dd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-04-24T18:10:02.000000Z"}, {"uuid": "8e92d50d-80e0-4ebe-9d8b-68c651859629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/92214b3e-76c6-48b1-bf92-061c7f55e302", "content": "", "creation_timestamp": "2024-04-25T11:22:35.000000Z"}, {"uuid": "32c8d155-57af-4715-9f62-4e51b5daa7da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/54cfe842-09c0-4257-8fcc-3c1498bbd9f2", "content": "", "creation_timestamp": "2024-04-25T13:18:02.000000Z"}, {"uuid": "25238b01-4f69-4574-96f5-e151eb4448ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/ca9eb2b2-1e62-49fc-be25-6c9352140d61", "content": "", "creation_timestamp": "2024-04-24T21:52:17.000000Z"}, {"uuid": "6b07f96a-1e89-4358-b00a-224ffb4888f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m5km2r2doqy2", "content": "", "creation_timestamp": "2025-11-14T02:11:04.532296Z"}, {"uuid": "f094d50e-629f-457c-b3bf-d780a779b60c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:53.000000Z"}, {"uuid": "6228a851-747f-4784-aea4-d6b72bb23862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv5sjlsu752k", "content": "", "creation_timestamp": "2025-07-30T04:40:18.025973Z"}, {"uuid": "eacf5ad4-3e85-4c42-a55e-d78972f0553f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115548072919219884", "content": "", "creation_timestamp": "2025-11-14T12:34:31.837365Z"}, {"uuid": "97a29909-e2f4-4170-ab08-de268beca749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://gist.github.com/Darkcrai86/59ca020982ae9de96192669e7f1c9f9d", "content": "", "creation_timestamp": "2025-11-14T08:13:12.000000Z"}, {"uuid": "d26daac6-e61c-4dfd-a595-15cb23850a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3mciwwjchnm2u", "content": "", "creation_timestamp": "2026-01-16T01:25:55.454459Z"}, {"uuid": "5fe5457a-c20a-4e69-a473-a55b6abd1d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://threatintel.cc/2025/11/14/cisa-warns-feds-to-fully.html", "content": "", "creation_timestamp": "2025-11-14T11:34:55.000000Z"}, {"uuid": "e0ef9d68-4d97-4e6a-af5d-6be28b8844fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2024", "content": "", "creation_timestamp": "2024-04-24T20:05:36.000000Z"}, {"uuid": "bc31bc42-f36c-4929-bb10-a0339f1f89ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0f4cd48e-b3f2-4cb5-81ea-77ddf45a56e0", "content": "", "creation_timestamp": "2024-12-20T07:12:35.208963Z"}, {"uuid": "cfd43108-d316-44c0-b282-d759e9030726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1278", "content": "", "creation_timestamp": "2024-04-25T04:00:00.000000Z"}, {"uuid": "40d85415-ca72-48db-abff-03360b2dcce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7971", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2024-20353 [Cisco] &lt; Unauthenticated &lt; Denial Of Service\nURL\uff1ahttps://github.com/codeb0ss/CVE-2024-20353-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-13T16:06:16.000000Z"}, {"uuid": "6dd76ace-f6a7-4cd9-aa24-9c9a929c9795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3d332800-7861-4807-a935-66af2736ab84", "content": "", "creation_timestamp": "2026-02-02T12:26:37.850253Z"}, {"uuid": "de704c58-a490-48f6-9fd0-421f6b5fdcb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "MISP/19631610-dc3d-4a96-a673-e19bafaf9b91", "content": "", "creation_timestamp": "2026-04-19T17:02:53.000000Z"}, {"uuid": "159e7283-9775-4a20-89de-6266fa76e16a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/itsec_news/4399", "content": "\u200b\u26a1\ufe0f\u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442 \u041a\u0438\u0442\u0430\u044f \u2013 \u043e\u0440\u0443\u0436\u0438\u0435 ArcaneDoor: \u043a\u0430\u043a \u0446\u0435\u043d\u0437\u0443\u0440\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Censys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 ArcaneDoor, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u041a\u0438\u0442\u0430\u0435\u043c. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 2023 \u0433\u043e\u0434\u0430, \u0430 \u043f\u0435\u0440\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0438\u0441\u044c \u0433\u0440\u0443\u043f\u043f\u043e\u0439 UAT4356 (Storm-1849), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0434\u0432\u0430 \u0442\u0438\u043f\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e: Line Runner \u0438 Line Dancer. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Cisco Adaptive Security Appliances, \u0443\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 ( CVE-2024-20353 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8.6 \u0438 CVE-2024-20359 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6.0).\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c Microsoft Exchange \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439. \u041f\u043e\u0441\u043b\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Censys \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u0434\u0435\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u041a\u0438\u0442\u0430\u044f. 4 \u0438\u0437 5 \u0445\u043e\u0441\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 SSL-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0441\u0435\u0442\u044f\u0445 Tencent \u0438 ChinaNet.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0434\u0438\u043d \u0438\u0437 \u0445\u043e\u0441\u0442\u043e\u0432 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u041f\u0430\u0440\u0438\u0436\u0435 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0430\u043d\u0442\u0438\u0446\u0435\u043d\u0437\u0443\u0440\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c Marzban. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e Marzban \u0431\u044b\u043b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, \u0447\u0442\u043e \u043e\u043d \u0431\u044b\u043b \u0441\u043e\u0437\u0434\u0430\u043d \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0412\u0435\u043b\u0438\u043a\u043e\u0433\u043e \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0424\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0430 (Great Firewall, \u0417\u043e\u043b\u043e\u0442\u043e\u0439 \u0429\u0438\u0442).\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0442\u043e\u0433\u043e, \u0441\u043f\u043e\u043d\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438, \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0430. \u0425\u043e\u0442\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u0435\u0442\u0435\u0439, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0433\u043e\u043b\u043e\u0432\u043e\u043b\u043e\u043c\u043a\u0438, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0430\u043a\u0442\u043e\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043c\u0435\u0442\u043e\u0434\u044b \u0430\u0442\u0430\u043a, \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442. \u0412\u043f\u043e\u043b\u043d\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0441\u044f \u043f\u043e \u043c\u0435\u0440\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0446\u0435\u043b\u044f\u0445 \u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Adaptive Security Appliances, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0438\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440, VPN \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u043d\u0435\u0434\u0440\u0443\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432. \u0412\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0443\u043c\u044f \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043c\u0438\u0440\u0430. \u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-05-07T14:36:12.000000Z"}, {"uuid": "f61a3d51-3e15-4811-9031-c8b99eb4b0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1773", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-19T08:29:59.000000Z"}, {"uuid": "ebc53057-8cde-4aca-a897-7ad428bffc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1808", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:11.000000Z"}, {"uuid": "13b6ce39-079e-48df-85ac-df8cae81566f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8876", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "c4fb6320-3a68-4d55-96da-c93954734294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/5270", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:10.000000Z"}, {"uuid": "ea451bf4-55c1-4559-8f1e-b439f954d5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1060", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:26.000000Z"}, {"uuid": "b8819219-dba6-49a3-8560-03a3b76a189c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24064", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:52.000000Z"}, {"uuid": "efed1e16-5b69-4ab8-b4fc-2324975e79bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3790", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:32.000000Z"}, {"uuid": "f57e775d-8599-4be8-9434-a5c86b2bd828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "Telegram/RwY6Qx7q79BGFkuYNtskNo4YfaA4RR8J0sppT16Si3kAhAp8", "content": "", "creation_timestamp": "2024-10-19T08:21:04.000000Z"}, {"uuid": "ceab24f8-15d8-4290-a7f2-d36095f69269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7512", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "0956a879-da11-4798-a3fd-d474e37d97e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1504", "content": "https://nvd.nist.gov/vuln/detail/CVE-2024-20353\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:05.000000Z"}, {"uuid": "e508fa26-de55-4ff1-a4cc-9d27d964b209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/true_secator/5676", "content": "\u0410 \u0432\u043e\u0442 Cisco, \u043d\u0430\u043f\u0440\u043e\u0442\u0438\u0432, \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043d\u0435 \u043f\u043e\u0440\u0430\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0445\u043e\u0440\u043e\u0448\u0438\u043c\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ArcaneDoor.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 UAT4356 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 0-day \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Adaptive Security Appliance (ASA) \u0438 Firepower Threat Defense (FTD).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0442\u0435 \u0441\u0430\u043c\u044b\u0435 \u043d\u0443\u043b\u0438: CVE-2024-20353 (CVSS: 8,6, DoS) \u0438 CVE-2024-20359 (CVSS: 6,0, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430).\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e\u043f\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043a PSIRT \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 ASA.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0441 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430: Line Runner \u0438 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u0437\u0430\u0445\u0432\u0430\u0442 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435  \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u043e\u0432, Line Dancer, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c\u00a0Line Runner, \u043e\u0441\u043d\u0430\u0449\u0435\u043d \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 Lua \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044f Cisco \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441\u0440\u0435\u0434\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 Cisco \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Microsoft \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0443 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 \u043d\u0443\u043b\u0435\u0439 \u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043b\u044e\u0431\u044b\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043d\u0435\u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0412 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445\u00a0Cisco \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u0440\u0430\u0437\u0438\u043b\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e\u00a0\u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 ASA \u0438\u043b\u0438 FTD.", "creation_timestamp": "2024-04-25T12:15:05.000000Z"}, {"uuid": "3911bb46-0c3b-448f-a070-f1e359b64fc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://t.me/thehackernews/4917", "content": "New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359) and others may be linked to China-based actors.\n\nRead: https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html\n\nThe attacks used custom Line Runner and Line Dancer malware.", "creation_timestamp": "2024-05-06T15:51:16.000000Z"}, {"uuid": "efaf2186-ed43-4f9c-9f13-20d3e759eac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "https://t.me/S_E_Reborn/4711", "content": "ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices\n\n\u041a\u0442\u043e-\u0442\u043e \u043b\u043e\u043c\u0430\u0435\u0442 Cisco, Cisco Talos \u0431\u044c\u0435\u0442 \u0442\u0440\u0435\u0432\u043e\u0433\u0443. \u041d\u0435\u043a\u0438\u0439 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0430\u043a\u0442\u043e\u0440 (\u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u043a\u0438\u0442\u0430\u0439\u0446\u044b \u0438\u043b\u0438 \u0440\u043e\u0441\u0441\u0438\u044f\u043d\u0435) \u0443\u0436\u0435 \u043f\u044f\u0442\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0442\u0435\u0440\u0440\u043e\u0440\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u044b ASA (CVE-2024-20353) \u0438 FTD (CVE-2024-20359).\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f, \u0432\u043d\u0443\u0442\u0440\u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u0441\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442 Line Dancer, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043b\u043e\u0433\u0438, \u0445\u0443\u043a\u0430\u0435\u0442 hash dump \u043f\u0440\u043e\u0446\u0435\u0441\u0441 (\u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0430\u043c\u043f\u0430), \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0431\u0435\u043a\u0434\u043e\u0440, \u2014 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 host-scan-reply (\u0443\u0447\u0430\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 SSL VPN) \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 \u0443\u0436\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Ivanti Connect Secure, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u0441 \u044d\u0442\u043e\u0439 \u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.", "creation_timestamp": "2024-04-29T11:49:54.000000Z"}, {"uuid": "a655a95e-b9b2-46ca-a972-0634b3d45e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11248", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-07T18:09:24.000000Z"}, {"uuid": "41e76705-4441-47a1-ad23-4fc10565eee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "exploited", "source": "Telegram/GTt1IIq5bcjEgKMO7Ej61BWUZwwoYSe21m2slARUqmFoJNE", "content": "", "creation_timestamp": "2024-04-29T15:27:26.000000Z"}, {"uuid": "f6ead25a-982a-46f4-bef9-121a0e39ff46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20353", "type": "seen", "source": "https://t.me/InfoSecInsider/495", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:53.000000Z"}]}