{"vulnerability": "CVE-2024-25153", "sightings": [{"uuid": "d7a850e6-8e91-42b9-90ec-e7050a0e97ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/97", "content": "This is a proof of concept for #CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-14T12:58:53.000000Z"}, {"uuid": "428a7368-e3c3-476f-81be-c9e8e0874e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12526", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Proof-of-concept exploit for CVE-2024-25153.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-15T07:47:37.000000Z"}, {"uuid": "040e2a9e-4f49-4136-ad1f-3f7298b74880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6810", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aProof-of-concept exploit for CVE-2024-25153.\nURL\uff1ahttps://github.com/rainbowhatrkn/CVE-2024-25153\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-18T09:07:22.000000Z"}, {"uuid": "dff16508-6f4f-443a-b554-06f96f6e073f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "Telegram/BLjW2ymz1yoxdCcgiBg403svN1PQ1w0_l_KpeYzyzvQ-Tw", "content": "", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "15a80851-042e-4d1d-977c-7d77c4e486f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "Telegram/LbI7RB13PekjQJl1G9ESsJHkP4bxLATouS9B-vwMSo3_9g", "content": "", "creation_timestamp": "2024-03-18T16:12:35.000000Z"}, {"uuid": "39e6931f-48a3-4471-9654-5a86741ead6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "Telegram/GYZD-Wu8jWV1Vm3YjqS1gNokm8LMWU3g2g6s4i92mCqfQg", "content": "", "creation_timestamp": "2024-03-14T15:30:46.000000Z"}, {"uuid": "c2927b14-21e3-47e3-898a-76b36058a298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4212", "content": "The Hacker News\nFortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\n\nFortra has released details of a now-patched critical security flaw impacting its&nbsp;FileCatalyst&nbsp;file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "a37574fc-0032-461a-9edd-de14d98d6489", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/712", "content": "The Hacker News\nFortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\n\nFortra has released details of a now-patched critical security flaw impacting its&nbsp;FileCatalyst&nbsp;file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T15:13:15.000000Z"}, {"uuid": "ad3c6d6a-f3b6-44f1-a694-8444a1c3b9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1939", "content": "CVE-2024-25153: Remote Code Execution\nFortra FileCatalyst\n*\nPOC\n*", "creation_timestamp": "2024-03-14T13:02:23.000000Z"}, {"uuid": "2e02a404-5fa8-4122-a83d-053c3ee6c0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/KomunitiSiber/1646", "content": "Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool\nhttps://thehackernews.com/2024/03/fortra-patches-critical-rce.html\n\nFortra has released details of a now-patched critical security flaw impacting its\u00a0FileCatalyst\u00a0file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.\nTracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.\n\"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow", "creation_timestamp": "2024-03-18T16:15:36.000000Z"}, {"uuid": "fe9a1973-f7e9-4e8e-9024-d6d57df936bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "exploited", "source": "https://t.me/true_secator/5539", "content": "Fortra \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (MFT) FileCatalyst, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u043f\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-25153 \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 ftpservlet \u043f\u043e\u0440\u0442\u0430\u043b\u0430 FileCatalyst Workflow, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 uploadtemp \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST.\n\n\u0412 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0444\u0430\u0439\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0432 DocumentRoot \u0432\u0435\u0431-\u043f\u043e\u0440\u0442\u0430\u043b\u0430, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b JSP \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u041f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 9 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430 \u043e\u0442 LRQA Nettitude, \u0430 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0430 \u0434\u043d\u044f \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 FileCatalyst Workflow \u0432\u0435\u0440\u0441\u0438\u0438 5.1.6 \u0441\u0431\u043e\u0440\u043a\u0438 114 \u0431\u0435\u0437 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 CVE, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u043d\u0430 \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC, \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortra \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FileCatalyst Direct (CVE-2024-25154 \u0438 CVE-2024-25155), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0434\u043b\u0435\u0447\u0438\u043b\u0438 \u0438 GoAnywhere MFT \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 7.4.2, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u0435\u0434\u0443\u0449\u0438\u0435 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 MFT-\u0440\u0435\u0448\u0435\u043d\u0438\u0438 Fortra GoAnywhere \u0438 \u0438\u0445 \u043f\u0440\u0435\u043f\u0430\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Cl0p, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 SOCRadar, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f PoC \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\u00a0", "creation_timestamp": "2024-03-19T14:50:05.000000Z"}, {"uuid": "5591bfee-bab9-441d-9b97-4b107ab0e050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "Telegram/2GfGABMbOj_dUBupi29NMP8w73zh7k5WLTAkbKXAwN8qAS8", "content": "", "creation_timestamp": "2024-05-12T10:44:05.000000Z"}, {"uuid": "c8997b72-4946-4a80-958c-d3ef8c9fdecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/211487", "content": "https://ift.tt/nesKuQP\nPoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)", "creation_timestamp": "2024-03-19T13:46:53.000000Z"}, {"uuid": "fabe4287-0b1f-4ed9-9d19-7a2fa5747048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/ctinow/207391", "content": "https://ift.tt/n6T4OcV\nCVE-2024-25153 Exploit", "creation_timestamp": "2024-03-14T03:16:27.000000Z"}, {"uuid": "44dcd2a6-fbeb-4644-a003-2847cab078f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/ctinow/206863", "content": "https://ift.tt/hXqbyaK\nCVE-2024-25153", "creation_timestamp": "2024-03-13T16:27:16.000000Z"}, {"uuid": "e7912113-a1d2-4d2c-bfd5-3f99b9db5836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1441", "content": "CVE-2024-25153\n\nThis is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.\n\nhttps://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-14T18:38:46.000000Z"}, {"uuid": "b5b9afa2-99f1-4726-94f2-f07326e3517a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "seen", "source": "https://t.me/thehackernews/4694", "content": "Fortra has patched a critical flaw (CVE-2024-25153) in FileCatalyst file transfer, preventing unauthorized remote code execution and blocking attackers from taking full control of vulnerable servers. \n \nRead details: https://thehackernews.com/2024/03/fortra-patches-critical-rce.html \n \nPatch immediately.", "creation_timestamp": "2024-03-18T14:02:22.000000Z"}, {"uuid": "021c0865-21f6-4952-9fdd-7f06c347a2f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2125", "content": "https://github.com/nettitude/CVE-2024-25153\n#poc", "creation_timestamp": "2024-03-14T11:30:00.000000Z"}, {"uuid": "87592929-9061-40ab-8582-79c8181085d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/4596", "content": "CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0433\u043e\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortra, \u043e\u043d\u0438 \u0436\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Cobalt Strike. \n\n\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u043a\u0435 FileCatalyst Workflow \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u043b\u0438\u0442\u044c JSP-\u0448\u0435\u043b\u043b \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0441 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c, \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n\u041f\u043e \u0434\u0435\u0444\u043e\u043b\u0442\u0443 \u0432\u0441\u0435 \u0433\u0440\u0443\u0437\u0438\u0442\u0441\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043f\u0430\u043f\u043a\u0443. \u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u043f\u0443\u0442\u044c, \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u0439\u0442\u0438, \u0440\u0430\u0437\u0440\u0435\u0432\u0435\u0440\u0441\u0438\u0432 Jar'\u043d\u0438\u043a \u0441 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c. \n\n\u0427\u0442\u043e \u0437\u0430\u0431\u0430\u0432\u043d\u043e, \u0442\u043e\u0436\u0435 \u0441\u0430\u043c\u043e\u0435 \u043d\u0430\u0448\u043b\u043e\u0441\u044c \u0438 \u0432 FileCatalyst Direct, \u0438, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0432\u0441\u043f\u043b\u044b\u0432\u0435\u0442 \u0433\u0434\u0435-\u0442\u043e \u0435\u0449\u0435.\n\nPoC: https://github.com/nettitude/CVE-2024-25153", "creation_timestamp": "2024-03-15T06:53:58.000000Z"}, {"uuid": "523f5765-1776-42a5-b8ca-7f12e7296b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25153", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10150", "content": "#exploit\n1. CVE-2024-25153:\nRCE in Fortra FileCatalyst Workflow\nhttps://github.com/nettitude/CVE-2024-25153\n\n2. CVE-2023-34060:\nhttps://packetstormsecurity.com/files/177554\n\n3. Mali GPU Kernel LPE Exploit\nhttps://github.com/0x36/Pixel_GPU_Exploit\n]-&gt; https://github.com/0x36/Pixel_GPU_Exploit/blob/main/poc.cpp", "creation_timestamp": "2024-03-22T09:56:15.000000Z"}]}