{"vulnerability": "CVE-2024-21111", "sightings": [{"uuid": "42d54455-cecd-44eb-9ed2-7dd3779f9439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3loqkfdcazb2x", "content": "", "creation_timestamp": "2025-05-09T13:38:59.441924Z"}, {"uuid": "a1331414-7208-4f70-a9e4-15ba9cb2be60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9201", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21111\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2024-04-16T21:26:35.907Z\n\ud83d\udccf Modified: 2025-03-27T20:11:49.887Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2024.html", "creation_timestamp": "2025-03-27T20:27:19.000000Z"}, {"uuid": "be75878b-a1c3-40c6-a754-99dfbcc5c9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lottmvh44p2l", "content": "", "creation_timestamp": "2025-05-10T21:02:15.536457Z"}, {"uuid": "472b7669-eec4-486b-b0da-904a6136f866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/4647", "content": "CVE-2024-21111\nOracle VirtualBox Prior to 7.0.16 is vulnerable to Local Privilege Escalation via Symbolic Link Following leading to Arbitrary File Delete and Arbitrary File Move.\n\nVirtualBox attempts to move log files as NT AUTHORITY\\SYSTEM in C:\\ProgramData\\VirtualBox (which all users can write to) to backup themselves by an ordinal, but MAX 10 logs. VirtualBox will also try to delete the 11th log as NT AUTHORITY\\SYSTEM exposing itself to 2 bugs that lead to privilege escalation. Finding this bug was very interesting :)\n\nhttps://github.com/mansk1es/CVE-2024-21111", "creation_timestamp": "2024-04-24T13:43:07.000000Z"}, {"uuid": "5dd5eca7-29b5-478e-a226-15b216ae6a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/RedTeamFeed/278", "content": "CVE-2024-21111 \u2013 Local Privilege Escalation in Oracle VirtualBox\n#mdsec\n\nVirtualBox is popular open source, cross-platform, virtualization software developed by Oracle Corporation. Earlier this year we identified an arbitrary file move vulnerability in the VirtualBox system service service that could...\n\nvia MDSec Blog (author: Admin)", "creation_timestamp": "2024-04-25T14:07:09.000000Z"}, {"uuid": "fde819bc-62f8-43d7-b055-a5273ca42069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "Telegram/jxCPEumYEvGWSe9nODKLv4wXiEkcSQNbm4EhUstBgqbc7Bol", "content": "", "creation_timestamp": "2024-07-28T18:50:39.000000Z"}, {"uuid": "6dba37be-42bd-46b0-9f69-42216e530590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "Telegram/DZ2J8fFYxn-Dus8nZjbMD24oYT3pt8uzrlBRTnecUVpQ", "content": "", "creation_timestamp": "2024-05-18T19:35:56.000000Z"}, {"uuid": "5d44b0b1-1464-4b9e-8894-44d0bfc4fb82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21852", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:19.000000Z"}, {"uuid": "d0bb19ae-5264-4261-a245-95e26df14a43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/166", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:09:47.000000Z"}, {"uuid": "3b7eff85-732c-438a-95ab-d80860023451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/94", "content": "CVE ID : CVE-2024-21111\nSystem : Oracle (Windows hosts) \nType : Local Privilege Escalation\n\nExploit :\n\n\ud83d\udd3b Github \ud83d\udd3b\nhttps://github.com/mansk1es/CVE-2024-21111\n\u0627\u0633\u062a\u063a\u0644\u0627\u0644 :\n\n\ud83d\udd3b Github \ud83d\udd3b\nhttps://github.com/mansk1es/CVE-2024-21111\n\n#bug\n#\u062b\u063a\u0631\u0629", "creation_timestamp": "2024-04-24T11:19:22.000000Z"}, {"uuid": "be03c3c2-3a56-4fdc-bf14-f939f9ba149f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7899", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:14.000000Z"}, {"uuid": "eb0c2a76-e814-41c8-9032-b549e0d59e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3269", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T09:36:25.000000Z"}, {"uuid": "c0ed7673-e721-4e37-a40d-c65ab5a92bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "Telegram/ssSKCeEeP-TE_5bAXDPzYG7XpCpj_kio6GxplpQJSfFEJ0M", "content": "", "creation_timestamp": "2024-05-27T10:58:22.000000Z"}, {"uuid": "811d021c-50fb-461b-aec8-5860149d14df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/proxy_bar/2014", "content": "CVE-2024-21111  VirtualBox (Local Privilege Escalation) \n\nexploit\n\n#virtualbox #windows #lpe", "creation_timestamp": "2024-04-22T12:12:20.000000Z"}, {"uuid": "ad6dbc9e-2a81-400b-a29c-b61d43bd5a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3653", "content": "https://www.mdsec.co.uk/2024/04/cve-2024-21111-local-privilege-escalation-in-oracle-virtualbox", "creation_timestamp": "2024-04-29T09:25:54.000000Z"}, {"uuid": "75f23de4-01dd-4f08-91a4-6832d378d462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6681", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:14.000000Z"}, {"uuid": "c0c93fb7-a3f6-4edc-8b8c-f98499a3ff2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/844", "content": "[+] CVE-2024-21111\n\n\u2022 Increase access to SYSTEM using VirtualBox. Writing/deleting arbitrary files using symbolic links, \\RPC Control\\, in connection with DLL Hijacking.\n\n- Research: https://www.mdsec.co.uk/2024/04/cve-2024-21111-local-privilege-escalation-in-oracle-virtualbox/\n-   -   -   -   -   -   -   -   -\n\u2022 @Old_Unclee\n\u2022 @ZeroDay_TM", "creation_timestamp": "2024-05-02T01:13:13.000000Z"}, {"uuid": "1c50cbb2-d10e-4dae-b866-5f16fa9a0b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/4706", "content": "CVE-2024-21111\n\n\u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e SYSTEM \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e VirtualBox. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f Arbitrary File Write/Delete \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0438\u043c\u043b\u0438\u043d\u043a\u043e\u0432, \\RPC Control\\, \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 DLL Hijacking.\n\n\u0420\u0435\u0441\u0435\u0440\u0447: https://www.mdsec.co.uk/2024/04/cve-2024-21111-local-privilege-escalation-in-oracle-virtualbox/", "creation_timestamp": "2024-04-26T19:04:39.000000Z"}, {"uuid": "08204a87-6c46-409e-bb06-8775d8e87e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/Russian_OSINT/4074", "content": "\ud83d\uddf3\u2757\ufe0fhttps://www.mdsec.co.uk/2024/04/cve-2024-21111-local-privilege-escalation-in-oracle-virtualbox/\n\n\u270b @Russian_OSINT", "creation_timestamp": "2024-04-30T17:21:32.000000Z"}, {"uuid": "b50f2981-c4fd-4d50-86a4-cc7d64f619c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/S_E_Reborn/5335", "content": "\u0412\u0441\u0435\u043c \u043f\u0440\u0438\u0432\u0435\u0442! \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u043e\u0433\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441\u043b\u0435\u0436\u0435\u043d\u0438\u044f, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0438\u0433\u0440\u0443\u0448\u043a\u0438. \u0412 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0432\u043e\u0435\u043c \u043e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u0440\u0430\u0431\u043e\u0442\u0430\u044f \u043e\u0442 \u043b\u0438\u0446\u0430 NT AUTHORITY\\SYSTEM. \n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u043a\u0430\u043a \u044f \u043f\u043e\u043d\u0438\u043c\u0430\u044e, \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0430\u0435\u0442 \u043d\u0430\u043c \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u0432\u0435\u043a\u0442\u043e\u0440 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \n\n\u0415\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u041f\u041e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435:\n# \u0418\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u0437 \u0440\u0435\u0435\u0441\u0442\u0440\u0430\nGet-ChildItem \"HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\" | Get-ItemProperty | Where-Object {$_.DisplayName -ne $null} | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate\n\n# wmi\nwmic product get name,version,vendor  \n\n# Seatbelt\n.\\SeatBelt.exe InstalledProducts\n\n\u0425\u043e\u0447\u0443 \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0441 \u0432\u0430\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c \u0441\u043f\u0438\u0441\u043e\u0447\u043a\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u043b\u0443\u0436\u0431, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043c\u043e\u0447\u044c \u0432\u0437\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u0430\u0447\u043a\u0435. \u041e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043d\u0443\u0436\u043d\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 Exploit-Street, \u043d\u043e \u044f \u0447\u0442\u043e-\u0442\u043e \u043d\u0435 \u043c\u043e\u0433\u0443 \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u0442\u044c \u043a\u0430\u043a. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443 \u0432\u0430\u0441 \u0435\u0441\u0442\u044c \u0438\u0434\u0435\u0438?\n\nManageEngine ServiceDesk\n- https://github.com/horizon3ai/CVE-2021-44077\n\nManageEngine ADSelfService\n- https://github.com/synacktiv/CVE-2021-40539\n- CVE-2022-47966\n- CVE-XXXX-XXXX (\u0441 \u0432\u0435\u0440\u0441\u0438\u0438 ADSelfService Plus 4.2.9, 2012 \u0438 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.3 Build 6301)\n\nUserManager\n- CVE-2023-36047\n\nITunes\n- CVE-2024-44193\n\nRazer ( \u0434\u043e 3.7.1209.121307)\n- RazerEoP\n\nDatacard XPS Card Printer Driver \n- CVE-2024-34329\n\nAppGate\n- CVE-2019-19793\n\nSeagate\n- CVE-2022-40286\n\nAWS VPN Client\n- CVE-2022-25165\n\nAIDA (\u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0438\u0436\u0435 7.00.6742)\n- AIDA64DRIVER-EOP\n\nVboxSDS\n- CVE-2024-21111\n\nTeamViewer\n- CVE-2024-7479 CVE-2024-7481\n\nGamingService \u043e\u0442 XBOX\n- GamingServiceEoP\n- GamingServiceEoP5\n\nChrome Updater\n- CVE-2023-7261\n\nPlantronics Desktop Hub\n- CVE-2024-27460", "creation_timestamp": "2024-12-26T13:38:29.000000Z"}, {"uuid": "25058238-502c-43bf-9c72-2b10228e05c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2365", "content": "https://github.com/mansk1es/CVE-2024-21111\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability\n#github #\u63d0\u6743", "creation_timestamp": "2024-04-23T09:13:18.000000Z"}, {"uuid": "f71c90a4-07c1-4338-9553-5222a49b8d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10389", "content": "#exploit\n1. CVE-2024-2389:\nCommand Injection Vulnerability in Progress Flowmon\nhttps://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon\n\n2. CVE-2024-21111:\nOracle VirtualBox\u00a0EoP\nhttps://github.com/mansk1es/CVE-2024-21111", "creation_timestamp": "2024-04-25T18:07:08.000000Z"}, {"uuid": "96896e5c-30ce-480a-a4cc-57a691e08d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/96", "content": "https://github.com/mansk1es/CVE-2024-21111\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability\n#github #\u63d0\u6743", "creation_timestamp": "2024-12-21T15:48:34.000000Z"}]}