{"vulnerability": "CVE-2024-27130", "sightings": [{"uuid": "43b4611e-e6b2-41b6-aa06-13fa12a53fe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/7933", "content": "CVE-2024-27130\n*  \nRCE on a vulnerable QNAP device.\n*\nPOC exploit", "creation_timestamp": "2024-06-02T06:55:05.000000Z"}, {"uuid": "19199b71-6f5b-474b-8545-903fa6ea5ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9134", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27130\u662f\u5f71\u54cdQNAP\u7f51\u7edc\u9644\u52a0\u5b58\u50a8\uff08NAS\uff09\u8bbe\u5907\u7684\u4e00\u4e2a\u4e25\u91cd\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eQTS\u64cd\u4f5c\u7cfb\u7edf\u4e2dshare.cgi\u811a\u672c\u7684No_Support_ACL\u51fd\u6570\u4e2d\u4e0d\u5b89\u5168\u5730\u4f7f\u7528strcpy\u51fd\u6570\uff0c\u5bfc\u81f4\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\uff0c\u901a\u8fc7\u7cbe\u5fc3\u6784\u9020\u7684\u8bf7\u6c42\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u8fdb\u800c\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u3002 \nURL\uff1ahttps://github.com/XiaomingX/CVE-2024-36401-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-22T14:28:55.000000Z"}, {"uuid": "8fe9255a-6346-4d8f-9319-3087109065d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/DARK_SPOT_TEAM/431", "content": "CVE-2024-27130 QNAP RCE\n\nA Proof of Concept to exploit stack overflow vulnerability to obtain RCE on a vulnerable QNAP device.\n\nBlog: https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/", "creation_timestamp": "2024-05-18T01:45:02.000000Z"}, {"uuid": "2e9d5ea8-c7ba-4eff-8f9f-f242a6f27ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "Telegram/pnQlf75k51XgN0WbBtkjkkNG3n7DQVQ059MsQ0n9Vmk3", "content": "", "creation_timestamp": "2024-05-18T01:45:02.000000Z"}, {"uuid": "bf1d2c06-0807-44b8-b114-aa16e27ad158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4580", "content": "CVE-2024-27130\n*  \nRCE on a vulnerable QNAP device.\n*\nPOC exploit", "creation_timestamp": "2024-06-02T06:55:05.000000Z"}, {"uuid": "ec990ea8-7ce1-4a5a-a63e-0803b7f93881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7360", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS\nURL\uff1ahttps://github.com/d0rb/CVE-2024-27130\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-21T11:19:00.000000Z"}, {"uuid": "258b9dc8-0f9d-46eb-a139-680dd03b7234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9133", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27130\u662f\u5f71\u54cdQNAP\u7f51\u7edc\u9644\u52a0\u5b58\u50a8\uff08NAS\uff09\u8bbe\u5907\u7684\u4e00\u4e2a\u4e25\u91cd\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eQTS\u64cd\u4f5c\u7cfb\u7edf\u4e2dshare.cgi\u811a\u672c\u7684No_Support_ACL\u51fd\u6570\u4e2d\u4e0d\u5b89\u5168\u5730\u4f7f\u7528strcpy\u51fd\u6570\uff0c\u5bfc\u81f4\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\uff0c\u901a\u8fc7\u7cbe\u5fc3\u6784\u9020\u7684\u8bf7\u6c42\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u8fdb\u800c\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u3002 \nURL\uff1ahttps://github.com/XiaomingX/CVE-2024-27130-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-22T14:21:05.000000Z"}, {"uuid": "a7d7cbb2-b87c-4622-b1a4-3f71e44e3288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7326", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-27130\nURL\uff1ahttps://github.com/watchtowrlabs/CVE-2024-27130\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-17T10:46:29.000000Z"}, {"uuid": "3928136e-6b87-4866-8317-32a05df6c22c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2084", "content": "CVE-2024-27130\n*  \nRCE on a vulnerable QNAP device.\n*\nPOC exploit", "creation_timestamp": "2024-05-17T13:15:37.000000Z"}, {"uuid": "5c60b9ab-d8dc-47a3-9772-fc04afa1d60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2501", "content": "https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/\n\nCVE-2024-27130\n#\u5206\u6790", "creation_timestamp": "2024-05-20T12:32:27.000000Z"}, {"uuid": "1239bb8d-04ec-4fd1-bd62-0dc1df636a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5754", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 watchTowr Labs \u0441\u0442\u0430\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0435\u0441\u0442\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u043e\u0432\u044b\u0445 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0445 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 NAS QNAP, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u043a\u0430\u043a \u043c\u044b \u0437\u043d\u0430\u0435\u043c, \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043e\u0441\u043e\u0431\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u043c \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 APT.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0432\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c \u041f\u041e NAS \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 15 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0412 \u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0438\u043b\u0438\u0441\u044c \u043d\u0430 \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043d\u0438\u0445 \u2014\u00a0CVE-2024-27130, \u043e\u0448\u0438\u0431\u043a\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434\u00a0(\u0445\u043e\u0442\u044f \u0438 \u0441 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c).\n\n\u0421\u0430\u043c\u043e\u0435 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e\u0435 \u0442\u043e, \u0447\u0442\u043e \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0435\u0440\u0432\u044b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u00a0\u0438\u0437 \u043f\u044f\u0442\u043d\u0430\u0434\u0446\u0430\u0442\u0438, \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-27130, \u0434\u043b\u044f \u043d\u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 QTS 5.1.6.2722, \u0441\u0431\u043e\u0440\u043a\u0430 20240402 \u0438 QuTS Hero h5.1.6.2734, \u0441\u0431\u043e\u0440\u043a\u0430 20240414.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0434\u0430\u0447\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u0440\u044f\u0434 \u043f\u0440\u043e\u0434\u043b\u0435\u043d\u0438\u0439 \u0441\u0440\u043e\u043a\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 PoC \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u043d\u0430\u0431\u043e\u0440\u0435.\n\n\u0412\u0441\u0435\u043c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438\u043b\u0438 \u0441\u0442\u0440\u043e\u0433\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0410 \u0431\u0443\u0434\u0443\u0442 \u043e\u043d\u0438 \u043d\u0435 \u0441\u043a\u043e\u0440\u043e, \u0432\u0435\u0434\u044c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 watchTowr, \u0443 QNAP \u043c\u044f\u0433\u043a\u043e \u0441\u043a\u0430\u0437\u0430\u0442\u044c \u0437\u0430\u043c\u0443\u0434\u0440\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u0434\u043e\u0432\u0430\u044f \u0431\u0430\u0437\u0430 \u043d\u0430 \u043b\u044e\u0431\u0438\u043c\u043e\u043c \u044f\u0437\u044b\u043a\u0435 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 C \u0441 \u0442\u044f\u0436\u0435\u043b\u044b\u043c\u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u043c\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u043c\u0438.\n\n\u041d\u043e \u044d\u0442\u043e \u043d\u0435 \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u043e\u0442\u0447\u0435\u0442\u044b \u043f\u043e \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441 \u043d\u0435\u0442\u0435\u0440\u043f\u0435\u043d\u0438\u0435\u043c \u0442\u0430\u043a\u0436\u0435 \u0431\u0443\u0434\u0443\u0442 \u0436\u0434\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b DeadBolt, Checkmate \u0438 Qlocker.", "creation_timestamp": "2024-05-20T16:40:05.000000Z"}, {"uuid": "2387008e-1971-4d24-9b14-8dbcd1a066f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "Telegram/DlLZj9MSjE6IBwAOSF_tcWDS7dzlP-Co9-Phk0g44QZcRQU", "content": "", "creation_timestamp": "2024-07-08T17:59:13.000000Z"}, {"uuid": "767282bc-1fea-4d31-8a01-313e940b9ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/club31337/2089", "content": "https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:18:31.000000Z"}, {"uuid": "d60aad4b-4f58-4a2a-81f3-f42971262262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10529", "content": "#exploit\n1. CVE-2024-25641:\nCacti RCE when importing packages\nhttps://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88\n]-&gt; https://karmainsecurity.com/KIS-2024-04\n\n2. CVE-2024-30163:\nInvision Community &lt;=4.7.15 (store .php) SQL Injection\nhttps://karmainsecurity.com/KIS-2024-02\n\n3. CVE-2024-27130:\nQNAP RCE PoC\nhttps://github.com/watchtowrlabs/CVE-2024-27130", "creation_timestamp": "2024-05-19T15:31:55.000000Z"}]}