{"vulnerability": "CVE-2024-4166", "sightings": [{"uuid": "de7b0591-4972-42fc-8d4e-960ab65165f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/206", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T04:20:02.000000Z"}, {"uuid": "1a241a11-be43-4861-b1a4-d343d12a0499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/77", "content": "\ud83d\udccc **CVE ID**: GHSA-vp3x-9qpg-q385\n\ud83d\udd17 **Aliases**: CVE-2024-41766\n\ud83d\udd39 **Details**: IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3  could allow a remote attacker to cause a denial of service using a complex regular expression.\n\ud83d\udd22 **Severity**: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\ud83d\uddd3\ufe0f **Modified**: 2025-01-04T15:30:45Z\n\ud83d\uddd3\ufe0f **Published**: 2025-01-04T15:30:45Z\n\ud83c\udff7\ufe0f **CWE IDs**: CWE-1333\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4166\n2. https://www.ibm.com/support/pages/node/180203", "creation_timestamp": "2025-01-05T01:35:24.000000Z"}, {"uuid": "41669c3d-0712-4a9f-b487-08360e1025c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41662", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8061", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aMarkdown XSS leads to RCE in VNote version <=3.18.1\nURL\uff1ahttps://github.com/sh3bu/CVE-2024-41662\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-23T17:25:57.000000Z"}, {"uuid": "197f759a-6790-422f-b299-84e8bfdb010b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/55", "content": "\ud83d\udccc **CVE ID**: GHSA-vp3x-9qpg-q385\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4166\n2. https://www.ibm.com/support/pages/node/180203", "creation_timestamp": "2025-01-05T01:32:44.000000Z"}, {"uuid": "8d3cb2ff-49e8-4ede-a0e8-f4261bc838ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/99", "content": "\ud83d\udccc **CVE ID**: GHSA-vp3x-9qpg-q385\n\ud83d\udd17 **Aliases**: CVE-2024-41766\n\ud83d\udd39 **Details**: IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3  could allow a remote attacker to cause a denial of service using a complex regular expression.\n\ud83d\udd22 **Severity**: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\ud83d\uddd3\ufe0f **Modified**: 2025-01-04T15:30:45Z\n\ud83d\uddd3\ufe0f **Published**: 2025-01-04T15:30:45Z\n\ud83c\udff7\ufe0f **CWE IDs**: CWE-1333\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4166\n2. https://www.ibm.com/support/pages/node/180203", "creation_timestamp": "2025-01-05T01:38:11.000000Z"}, {"uuid": "7e1010df-b235-4c8a-83cd-2326fdcb204e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41666", "type": "seen", "source": "https://t.me/cvedetector/1582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41666 - \"Argo CD Web Terminal Persistent Authority Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2024-41666 \nPublished : July 24, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD has a Web-based terminal that allows users to get a shell inside a running pod, just as they would with kubectl exec. Starting in version 2.6.0, when the administrator enables this function and grants permission to the user `p, role:myrole, exec, create, */*, allow`, even if the user revokes this permission, the user can still perform operations in the container, as long as the user keeps the terminal view open for a long time. Although the token expiration and revocation of the user are fixed, however, the fix does not address the situation of revocation of only user `p, role:myrole, exec, create, */*, allow` permissions, which may still lead to the leakage of sensitive information. A patch for this vulnerability has been released in Argo CD versions 2.11.7, 2.10.16, and 2.9.21. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T20:49:54.000000Z"}, {"uuid": "e5576cf4-56e3-43ef-90ef-affc3f0dce3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41664", "type": "seen", "source": "https://t.me/cvedetector/1520", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41664 - Canarytokens SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41664 \nPublished : July 23, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Canarytokens help track activity and actions on a network. Prior to `sha-8ea5315`, Canarytokens.org was vulnerable to a blind SSRF in the Webhook alert feature. When a Canarytoken is created, users choose to receive alerts either via email or via a webhook. If a webhook is supplied when a  Canarytoken is first created, the site will make a test request to the supplied URL to ensure it accepts alert notification HTTP requests. No safety checks were performed on the URL, leading to a Server-Side Request Forgery vulnerability. The SSRF is Blind because the content of the response is not displayed to the creating user; they are simply told whether an error occurred in making the test request. Using the Blind SSRF, it was possible to map out open ports for IPs inside the Canarytokens.org infrastructure. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T19:44:46.000000Z"}, {"uuid": "d30f2c19-d151-43ce-bdd6-2af74793cec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41663", "type": "seen", "source": "https://t.me/cvedetector/1517", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41663 - Canarytokens Self-XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41663 \nPublished : July 23, 2024, 4:15 p.m. | 36\u00a0minutes ago \nDescription : Canarytokens help track activity and actions on a network.  A Cross-Site Scripting vulnerability was identified in the \"Cloned Website\" Canarytoken, whereby the Canarytoken's creator can attack themselves. The creator of a slow-redirect Canarytoken can insert Javascript into the destination URL of their slow redirect token. When the creator later browses the management page for their own Canarytoken, the Javascript executes. This is a self-XSS. An attacker could create a Canarytoken with this self-XSS, and send the management link to a victim. When they click on it, the Javascript would execute. However, no sensitive information (ex. session information) will be disclosed to the malicious actor. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T18:54:37.000000Z"}, {"uuid": "af670582-dbe8-4529-af9a-0d104ac507a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41667", "type": "seen", "source": "https://t.me/cvedetector/1581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41667 - OpenAM Template Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41667 \nPublished : July 24, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : OpenAM is an open access management solution. In versions 15.0.3 and prior, the `getCustomLoginUrlTemplate` method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to override the default PingOne Advanced Identity Cloud login page,they did not restrict the `CustomLoginUrlTemplate`, allowing it to be set freely. Commit fcb8432aa77d5b2e147624fe954cb150c568e0b8 introduces `TemplateClassResolver.SAFER_RESOLVER` to disable the resolution of commonly exploited classes in FreeMarker template injection. As of time of publication, this fix is expected to be part of version 15.0.4. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T20:49:53.000000Z"}, {"uuid": "11697a32-707f-4c40-ada1-49a11f829a07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41662", "type": "seen", "source": "https://t.me/cvedetector/1577", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41662 - VNote XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41662 \nPublished : July 24, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which remote code execution can be achieved. A patch for this issue is available at commit f1af78573a0ef51d6ef6a0bc4080cddc8f30a545. Other mitigation strategies include implementing rigorous input sanitization for all Markdown content and utilizing a secure Markdown parser that appropriately escapes or strips potentially dangerous content. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T19:59:42.000000Z"}, {"uuid": "08f6a6c8-7576-4691-821d-2f7ef4f700de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41668", "type": "seen", "source": "https://t.me/cvedetector/1525", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41668 - \"CBioPortal Server Side Request Forgery (SSRF)\"\", \n  \"Content\": \"CVE ID : CVE-2024-41668 \nPublished : July 23, 2024, 7:15 p.m. | 39\u00a0minutes ago \nDescription : The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF) attack. Logged in users could do the same on private instances. A fix has been released in version 6.0.12. As a workaround, one might be able to disable `/proxy` endpoint entirely via, for example, nginx. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T22:15:13.000000Z"}, {"uuid": "11ad5b74-32e0-4ef1-9f39-5da4c0baec0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41661", "type": "seen", "source": "https://t.me/cvedetector/1522", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41661 - reNgine Root Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41661 \nPublished : July 23, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : reNgine is an automated reconnaissance framework for web applications. In versions 1.2.0 through 2.1.1, an authenticated command injection vulnerability in the WAF detection tool allows an authenticated attacker to remotely execute arbitrary commands as root user. The URL query parameter `url` is passed to `subprocess.check_output` without any sanitization, resulting in a command injection vulnerability. This API endpoint is accessible by authenticated users with any use role. Because the process runs as `root`, an attacker has root access. Commit edd3c85ee16f93804ad38dac5602549d2d30a93e contains a patch for the issue. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T20:34:58.000000Z"}, {"uuid": "07f046fd-74a7-463a-94c8-d4360a6a4e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41665", "type": "seen", "source": "https://t.me/cvedetector/1521", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41665 - Ampache Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-41665 \nPublished : July 23, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting (XSS) vulnerability in versions prior to 6.6.0. This vulnerability exists in the \"Playlists - Democratic - Configure Democratic Playlist\" feature. An attacker with Content Manager permissions can set the Name field to ``. When any administrator or user accesses the Democratic functionality, they will be affected by this stored XSS vulnerability. The attacker can exploit this vulnerability to obtain the cookies of any user or administrator who accesses the `democratic.php` file. Version 6.6.0 contains a patch for the issue. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T20:34:56.000000Z"}, {"uuid": "2231f7c1-ae01-4325-91ed-d2337b68427d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "seen", "source": "https://t.me/CyberBulletin/410", "content": "\u26a1\ufe0fCVE-2024-41660: A Critical Vulnerability in OpenBMC.\n\n#CyberBulletin", "creation_timestamp": "2024-08-17T06:15:28.000000Z"}, {"uuid": "7aa3f7d9-349d-4597-bf24-77b87a0a6d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "seen", "source": "https://t.me/cvedetector/2168", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41660 - OpenBMC slpd-lite UDP Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41660 \nPublished : July 31, 2024, 8:15 p.m. | 22\u00a0minutes ago \nDescription : slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon on the BMC. Patches will be available in the latest openbmc/slpd-lite repository. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T22:41:33.000000Z"}, {"uuid": "674deff1-0efd-4f05-a4f6-04cb273cda8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41667", "type": "seen", "source": "https://t.me/HackingInsights/8271", "content": "\u200aCVE-2024-41667: OpenAM Vulnerability Exposes Authentication Systems to Critical Risk\n\nhttps://securityonline.info/cve-2024-41667-openam-vulnerability-exposes-authentication-systems-to-critical-risk/", "creation_timestamp": "2024-08-01T10:18:46.000000Z"}, {"uuid": "1355c6e2-5ecf-4136-8ad2-2eb385bb8b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/208", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T20:54:36.000000Z"}, {"uuid": "0c57d2d6-8794-4861-a323-5dd754e268f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41662", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1868", "content": "\ud83d\udea8PoC Released - CVE-2024-41662 Markdown XSS leads to RCE in VNote version <=3.18.1.\n\nhttps://darkwebinformer.com/poc-released-cve-2024-41662-markdown-xss-leads-to-rce-in-vnote-version-3-18-1/\n\nCredit: @_sh3bu", "creation_timestamp": "2024-07-25T20:17:31.000000Z"}, {"uuid": "a1837560-76cd-4479-9c09-ad853176bb2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6105", "content": "Tetrel Security \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenBMC, \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043b\u0430\u0442\u0430\u043c\u0438.\n\n\u041f\u0440\u043e\u0435\u043a\u0442\u00a0OpenBMC \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043b\u0430\u0442\u043e\u0439 (BMC) \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, BMC \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438\u00a0\u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 OpenBMC\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0438rity \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u00a0\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435\u00a0slpd-lite, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u0432\u043e \u0432\u0441\u0435\u0445 \u0441\u0431\u043e\u0440\u043a\u0430\u0445.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 SLP \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-41660 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSSv3.1 9,8.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 Tetrel, \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 BMC, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0438\u043b\u0438 \u0441\u0435\u0442\u044c.\n\n\u0412 \u0442\u0438\u043f\u0438\u0447\u043d\u043e\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f BMC, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c BMC.\n\n\u0410\u0442\u0430\u043a\u0430 \u043f\u0440\u043e\u0441\u0442\u0430 \u0432 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 SLP \u043d\u0430 \u043f\u043e\u0440\u0442 BMC 427.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c UDP-\u043f\u043e\u0440\u0442 427 \u0432  \u0441\u0435\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a BMC. \n\n\u0415\u0441\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d ssh-\u0434\u043e\u0441\u0442\u0443\u043f \u043a BMC, slpd-lite.service \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0447\u0435\u0440\u0435\u0437 systemctl.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-19T15:20:05.000000Z"}, {"uuid": "f6f7e181-41c5-4d47-bbe2-947632429743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11030", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-25T00:15:33.000000Z"}, {"uuid": "07cacb27-829d-44d0-8490-e4d6a10cdf85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41660", "type": "seen", "source": "https://t.me/Rootsec_2/4225", "content": "#exploit\n1. CVE-2024-41660:\nVulnerability in OpenBMC\nhttps://tetrelsec.com/posts/cve-2024-41660-slpd-lite\n\n2. CVE-2024-43403:\nKanister Vulnerability\nhttps://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp", "creation_timestamp": "2024-08-24T20:12:36.000000Z"}]}