{"vulnerability": "CVE-2024-4171", "sightings": [{"uuid": "30561e73-6de0-4390-8067-04841cd8c9f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41717", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-05", "content": "", "creation_timestamp": "2024-10-17T12:00:00.000000Z"}, {"uuid": "e4652fa1-6888-4492-a206-6642c1100597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113601180906534562", "content": "", "creation_timestamp": "2024-12-05T16:34:17.590638Z"}, {"uuid": "298176c4-4c37-4350-995c-f5159355f950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113601179950935485", "content": "", "creation_timestamp": "2024-12-05T16:34:03.014902Z"}, {"uuid": "511e5f86-5d88-4209-9e64-2eef73fbd7c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-41713.yaml", "content": "", "creation_timestamp": "2024-12-05T11:43:11.000000Z"}, {"uuid": "840ad3d8-185d-4c65-80b9-cb7e9926ff4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://thehackernews.com/2024/12/critical-mitel-micollab-flaw-exposes.html", "content": "", "creation_timestamp": "2024-12-05T13:56:00.000000Z"}, {"uuid": "5ae80cea-c174-4d2f-9a87-f085bd346149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfa5tloze22a", "content": "", "creation_timestamp": "2025-01-08T12:25:03.446323Z"}, {"uuid": "019725c7-230b-42ac-863c-b7acb3b113d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3049069", "content": "", "creation_timestamp": "2025-01-07T18:52:09.396368Z"}, {"uuid": "501ec083-3805-4219-8887-e1165a6a4a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lfahkzbvys2z", "content": "", "creation_timestamp": "2025-01-08T15:19:09.584313Z"}, {"uuid": "0406b706-d8c8-4ba6-a4d0-1e0a91a174c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lf67w3bkyh23", "content": "", "creation_timestamp": "2025-01-07T17:56:49.522683Z"}, {"uuid": "3416fbda-808e-4a55-9810-5f337d4a5879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lfd7dnn2uc2s", "content": "", "creation_timestamp": "2025-01-09T17:29:51.810644Z"}, {"uuid": "31554e37-ce65-4825-941a-14888b2b76f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/113792585077913343", "content": "", "creation_timestamp": "2025-01-08T11:50:52.920594Z"}, {"uuid": "375bcf85-92a0-4af6-9514-bf1edb48dce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-01-07T18:10:04.000000Z"}, {"uuid": "3d49a524-9e22-4a80-9e67-38f8c26ad4b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113787881639134332", "content": "", "creation_timestamp": "2025-01-07T15:54:44.514979Z"}, {"uuid": "0b07d79d-5060-4aa1-9ac0-d04e903fd0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3049070", "content": "", "creation_timestamp": "2025-01-07T18:52:10.985982Z"}, {"uuid": "c93b04f9-1b4a-428d-9ba2-f72f2c9d5054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lf62hz3zbk2f", "content": "", "creation_timestamp": "2025-01-07T16:19:29.653924Z"}, {"uuid": "ad5070ad-4d2b-4182-96d4-894984d01482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lf6dopw32w2w", "content": "", "creation_timestamp": "2025-01-07T19:04:17.989269Z"}, {"uuid": "e5147b70-7038-4bdc-97e9-1f3ae010445c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lftevhrgdu24", "content": "", "creation_timestamp": "2025-01-16T03:51:52.484993Z"}, {"uuid": "5629da83-db98-41d4-a8df-99c312e1cfe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lfjzivl2yk2n", "content": "", "creation_timestamp": "2025-01-12T10:34:01.990700Z"}, {"uuid": "827c5763-303c-47fd-af00-7c4538ffcd9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lf62hz3zbl2f", "content": "", "creation_timestamp": "2025-01-07T16:19:30.603932Z"}, {"uuid": "b9dab0a5-0984-46bb-901c-1eff77216421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lf6gw25mxl2y", "content": "", "creation_timestamp": "2025-01-07T20:02:04.526914Z"}, {"uuid": "41d9280b-7138-4ad3-9f48-5736cb7a5d72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lf6vrzve4l2f", "content": "", "creation_timestamp": "2025-01-08T00:28:16.047672Z"}, {"uuid": "b1ddd6c2-3f04-4e3f-803b-03390be7e88b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html", "content": "", "creation_timestamp": "2025-01-08T03:21:00.000000Z"}, {"uuid": "af1926c3-d6cc-42c1-bc4c-f350563063b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhcdghfo7s2s", "content": "", "creation_timestamp": "2025-02-03T20:00:48.022798Z"}, {"uuid": "027e632a-9c38-4241-9a3b-783c7932da05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lgw63sql4e2l", "content": "", "creation_timestamp": "2025-01-29T23:53:20.608437Z"}, {"uuid": "4eda86e7-7535-42df-a814-6f538b99b8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lgwas5pwtq2r", "content": "", "creation_timestamp": "2025-01-30T00:41:37.058999Z"}, {"uuid": "91ee7d27-a758-4e49-8b78-41b47c879790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3lgwbktrlkq2z", "content": "", "creation_timestamp": "2025-01-30T00:55:25.959569Z"}, {"uuid": "4a4b255d-6a58-4692-af95-5e720d353dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgwcbgokod2p", "content": "", "creation_timestamp": "2025-01-30T01:08:03.495489Z"}, {"uuid": "d6acbd30-c432-4738-850e-638aabc37697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://threatintel.cc/2025/01/29/aquabot-botnet-targeting-vulnerable-mitel.html", "content": "", "creation_timestamp": "2025-01-29T22:57:56.000000Z"}, {"uuid": "b30625f0-090f-4038-8a3b-86f756510f50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lgxsvhlas724", "content": "", "creation_timestamp": "2025-01-30T15:38:15.956036Z"}, {"uuid": "477d981b-8f9f-4aa5-9103-61eafaa70b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3lgxyswk6pp2w", "content": "", "creation_timestamp": "2025-01-30T17:24:12.856791Z"}, {"uuid": "3e9c1b77-bad1-455e-98b7-b3185f3a4929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-03)", "content": "", "creation_timestamp": "2025-01-03T00:00:00.000000Z"}, {"uuid": "26093669-3b00-46f9-b96f-f519b6458c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "f5a7f5c9-a66d-4c40-8b75-9ba0119452d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lgvba3e4e222", "content": "", "creation_timestamp": "2025-01-29T15:16:45.273338Z"}, {"uuid": "fc08acd2-338d-4516-9508-79ee52c01b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lgwyo26r4n2q", "content": "", "creation_timestamp": "2025-01-30T07:48:49.477910Z"}, {"uuid": "3b2e2d58-0772-4e78-945e-765ffa9ecab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "4849d7ac-16f8-4787-b0d7-983a8bea1690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lgwzf4kcbu27", "content": "", "creation_timestamp": "2025-01-30T08:01:44.486127Z"}, {"uuid": "4850978a-9e1f-4be6-a245-b10a4bba91ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgxmq2h7tc2w", "content": "", "creation_timestamp": "2025-01-30T13:47:55.264183Z"}, {"uuid": "483d1524-cf2d-4f62-8f4d-2d0fc1e8afc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://threatintel.cc/2025/01/31/new-aquabotv-botnet-malware-targets.html", "content": "", "creation_timestamp": "2025-01-31T11:36:19.000000Z"}, {"uuid": "05449fdf-15dd-4559-96b4-abc82b3fad31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-41710", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lgxajy4w36x2", "content": "", "creation_timestamp": "2025-01-30T10:10:14.074971Z"}, {"uuid": "b4b2a49d-ee87-4ab6-98da-6bb596130d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://mastodon.social/users/cryptax/statuses/113916857482555178", "content": "", "creation_timestamp": "2025-01-30T10:34:59.662452Z"}, {"uuid": "f9c9a814-3920-4008-904d-bd8a26f5d5d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lgxdmw5uva2q", "content": "", "creation_timestamp": "2025-01-30T11:05:02.763800Z"}, {"uuid": "2d3c71b1-6b24-4ca1-beae-3a2246c15fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/rcinghio.bsky.social/post/3lgxhed6zas2r", "content": "", "creation_timestamp": "2025-01-30T12:11:41.055594Z"}, {"uuid": "c31a3933-6a1f-40d5-8b3c-d7255a252da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3lh2phrxifk26", "content": "", "creation_timestamp": "2025-01-31T19:15:01.272784Z"}, {"uuid": "7c29a838-f56f-41b7-a06a-aa0c2a6df19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html", "content": "", "creation_timestamp": "2025-01-30T05:41:00.000000Z"}, {"uuid": "88837513-c0f9-4625-9eeb-e4b669656e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lgytogabxs2n", "content": "", "creation_timestamp": "2025-01-31T01:24:53.026378Z"}, {"uuid": "7678d8be-9e47-4615-bd0a-e4262399cc47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "606494cb-ea59-49f9-a232-edf3da5a1bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lgz4osgbzs2n", "content": "", "creation_timestamp": "2025-01-31T04:06:09.033773Z"}, {"uuid": "c70aea7c-0247-4a7c-a2c4-1f27486145e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113991780823527065", "content": "", "creation_timestamp": "2025-02-12T16:08:59.446096Z"}, {"uuid": "3ee80dc6-1f89-4533-96bc-49f6d5cffd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "7c0c0bed-9a63-4609-9f1c-a0aedcc858d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "f1e33e41-adba-472c-b82d-f7b7cb7ed023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "723f8858-2735-462a-84ad-d95ce4c4e143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lgvujkapyf2c", "content": "", "creation_timestamp": "2025-01-29T21:02:07.321424Z"}, {"uuid": "2eabe08c-a3d5-46de-86fc-8bf344392380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lhyt2fkfnc2h", "content": "", "creation_timestamp": "2025-02-12T18:38:52.412764Z"}, {"uuid": "23340bd6-31dc-44e4-be80-c2e44e224d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhz2ymatac22", "content": "", "creation_timestamp": "2025-02-12T21:01:02.390569Z"}, {"uuid": "0764e13c-731f-4046-bbd6-a5c09d3b196b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lhyljevnsd2u", "content": "", "creation_timestamp": "2025-02-12T16:24:04.731131Z"}, {"uuid": "717f0a68-8b7b-4f91-a91d-a0929f104ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3327114", "content": "", "creation_timestamp": "2025-02-12T18:03:10.307584Z"}, {"uuid": "0a745df7-d955-4cd9-9c89-7048406345a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-12T18:10:02.000000Z"}, {"uuid": "a3b04d4d-cd35-4ab6-8515-57aa3795ef60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3li3lk72ngu23", "content": "", "creation_timestamp": "2025-02-13T21:02:32.412740Z"}, {"uuid": "574efe9e-9376-448a-8b4c-7edc30a7fb50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "e23d492a-cb4e-4722-8298-bac67a1b5a43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lhzkiq2gdv2c", "content": "", "creation_timestamp": "2025-02-13T01:38:29.228920Z"}, {"uuid": "fdd6c82d-9f05-46c6-894e-ac9d37a2b78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3lict6b7c322e", "content": "", "creation_timestamp": "2025-02-16T18:07:43.669491Z"}, {"uuid": "4acc0e8f-014c-4d3e-9e55-f2364f476958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "1cc02b7f-7bfb-43a5-9296-c7baddf87523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:05.000000Z"}, {"uuid": "6a94c0cf-fcda-44f1-9f40-48a21984f713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "58ccfb07-660b-44b0-a601-1ed6a603f9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "9cbe55a3-c790-4acc-88ca-ac7cc561663e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-31)", "content": "", "creation_timestamp": "2025-03-31T00:00:00.000000Z"}, {"uuid": "883a9ee5-7e22-46d0-ab56-cb9abf1ec5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-11)", "content": "", "creation_timestamp": "2025-11-11T00:00:00.000000Z"}, {"uuid": "48325388-493c-4883-b2e6-9586c8357454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-24)", "content": "", "creation_timestamp": "2025-05-24T00:00:00.000000Z"}, {"uuid": "c6990010-f947-4812-b0b3-5ef9a1225083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "64ffb937-5290-4cce-9a71-a09235a6427e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "4318e08a-8b07-4cbe-8644-cac0a890dce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "3d6e35a0-8e35-4b43-ae9b-657f92be8da5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "24956939-76c2-40da-b59f-c9d34be674e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "ec65b738-b0ba-4213-a379-67ebb3cc8e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "4af42185-7501-478a-a732-6e054ac11ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"}, {"uuid": "5c6ce4d0-8415-4f26-be34-1c50c7ca0ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "edf258db-4ed7-4e79-a9f6-94e7aa3f68ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "6e84c966-2177-4736-b085-39493ddb2e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-15)", "content": "", "creation_timestamp": "2025-09-15T00:00:00.000000Z"}, {"uuid": "5cdfbceb-063f-4886-9e03-393de59c5d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "0301899b-01a8-4330-9faf-79873236a0bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "MISP/3445a876-cced-4346-bf37-e276ba39cff4", "content": "", "creation_timestamp": "2025-09-02T18:30:14.000000Z"}, {"uuid": "57403249-e243-4079-b927-44b35da1ecf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/90419a5d-b36a-40e7-8209-dd6f753e1150", "content": "", "creation_timestamp": "2026-02-02T12:26:17.290723Z"}, {"uuid": "58b4d06c-d49e-4f97-ae4f-2ba3ed1d7ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0968961a-91c2-4449-84eb-0c177216e719", "content": "", "creation_timestamp": "2024-12-15T15:04:48.572831Z"}, {"uuid": "715c16da-c7b9-43f4-aba2-12331492ec0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/90452e6d-4365-4ec3-a2b6-79dbdbc5575a", "content": "", "creation_timestamp": "2026-02-02T12:26:13.872514Z"}, {"uuid": "9e7bdeb1-2033-45e7-b9a6-a9ca1875e713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/4912", "content": "\u200b\u26a1\ufe0f0Day \u0432 MiCollab: \u0442\u044b\u0441\u044f\u0447\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0440\u0438\u0441\u043a\u0443\u044e\u0442 \u0438\u0437-\u0437\u0430 \u0431\u0435\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Mitel\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0432\u0448\u0438\u0441\u044c \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b watchTowr \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Mitel MiCollab, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0421\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043b\u044f \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0443\u0433\u0440\u043e\u0437\u044b \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0441\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 100 \u0434\u043d\u0435\u0439 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.\n\nMitel MiCollab \u2014 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u0443\u044e \u0441\u0432\u044f\u0437\u044c, \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438, \u0447\u0430\u0442\u044b, \u043e\u0431\u043c\u0435\u043d \u0444\u0430\u0439\u043b\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438. \u0421\u0432\u044b\u0448\u0435 16 000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 MiCollab \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0412 \u043c\u0430\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-35286 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NuPoint Unified Messaging (NPM) \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b MiCollab, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0441 \u0431\u0430\u0437\u043e\u0439 \u0434\u0430\u043d\u043d\u044b\u0445. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 \u043c\u0430\u0435.\n\n\u041f\u043e\u0437\u0434\u043d\u0435\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NPM ( CVE-2024-41713 , \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.5), \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c, \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0442\u0440\u0435\u0442\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 CVE-\u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0438 \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u043d\u0435\u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u043e\u0439. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u00ab/etc/passwd\u00bb. \u0414\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b\u0438 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 CVE-2024-41713 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0432\u043e\u0435\u0433\u043e PoC.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 26 \u0430\u0432\u0433\u0443\u0441\u0442\u0430. \u0412 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 Mitel \u043e\u0431\u0435\u0449\u0430\u043b\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043d\u0435\u0434\u0435\u043b\u044e \u0434\u0435\u043a\u0430\u0431\u0440\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e. \u0412 watchTowr \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0441\u043f\u0443\u0441\u0442\u044f \u0431\u043e\u043b\u0435\u0435 100 \u0434\u043d\u0435\u0439 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0431\u044b\u043b\u0430 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-06T19:07:19.000000Z"}, {"uuid": "b3e4f58b-0789-46bc-b4b4-c7c2aca5d74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u5229\u7528\n\u63cf\u8ff0\uff1a\u8fd9\u4e2a\u4ed3\u5e93\u6536\u96c6\u4e86\u6240\u6709\u5728 GitHub \u4e0a\u80fd\u627e\u5230\u7684 CVE \u6f0f\u6d1e\u5229\u7528\u5de5\u5177\u3002 This repository collects all CVE exploits found on GitHub. \nURL\uff1ahttps://github.com/zxj-hub/CVE-2024-41713POC\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u5229\u7528", "creation_timestamp": "2024-12-21T17:13:11.000000Z"}, {"uuid": "62902343-c9e5-4129-a6d2-c62125b3518d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/four_rays/23", "content": "\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 PoC \u043d\u0430 CVE-2024-41713 \u0432 Mitel MiCollab\n\n\u0421\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043f\u043e\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-41713 \u0432 NuPoint Unified Messaging (NPM) Mitel MiCollab. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 (Path Traversal) \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b:\nNuPoint Unified Messaging (NPM) Mitel MiCollab \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 9.8 SP1 FP2 (9.8.1.201)\nCWE-22\nSeverity: High 7.5\n\n\u041d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f! \u0411\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0432\u0435\u043d\u0434\u043e\u0440\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0435 \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044e \u0432\u0438\u0434\u0430  ..;/, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u0443\u044e \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443.\n\n\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0437\u0430\u043f\u0440\u043e\u0441:\nhttps://xxxxxx/npm-pwg/..;/axis2-AWC/services/listServices \n\n\u0432\u044b\u0434\u0430\u0441\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e npm-pwg: \n\u2014 AWC_Commands;\n\u2014 Version.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 ../ \u0432\u043c\u0435\u0441\u0442\u043e ..;/ \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0442\u043e\u0447\u043d\u043e \u0442\u0430\u043a\u0443\u044e \u0436\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e. \n\n\u0412 \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 npm-pwg, \u043d\u043e \u0435\u0433\u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0442\u0430\u043a \u043a\u0430\u043a \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u044d\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u043c\u043e\u0436\u043d\u043e \u0432\u043e\u043e\u0431\u0449\u0435 \u0438\u0437 \u043b\u044e\u0431\u043e\u0433\u043e \u043c\u0435\u0441\u0442\u0430. \n\n\u041a\u0430\u043a \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f:\n\n1. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0449\u0435\u0442 \u0432 URI \u043f\u0430\u0442\u0442\u0435\u0440\u043d ../ \u0438\u043b\u0438 ..;/, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \n(\\.{2,};\\/|\\.{2,}\\/)\n\n2. \u0415\u0441\u043b\u0438 \u0436\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0430 \u043e\u0442 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 PoC \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u0441\u0442\u0432\u0430, \u043c\u043e\u0436\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0434\u043e \nnpm-pwg\\/(\\.{2,};\\/|\\.{2,}\\/)", "creation_timestamp": "2024-12-09T14:20:21.000000Z"}, {"uuid": "d432c804-0471-404b-8bef-5f662367839f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/482", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41713\n\ud83d\udd39 Description: A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.\n\ud83d\udccf Published: 2024-10-21T00:00:00\n\ud83d\udccf Modified: 2025-01-07T17:20:23.572Z\n\ud83d\udd17 References:\n1. https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029", "creation_timestamp": "2025-01-07T17:39:18.000000Z"}, {"uuid": "791b0b7c-54b8-4fe4-9649-ede6b98223b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9545", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1acve-2024-CVE-2024-41713\nURL\uff1ahttps://github.com/Sanandd/cve-2024-CVE-2024-41713\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-21T09:40:06.000000Z"}, {"uuid": "0af0e3ba-6c78-46a5-b222-7fcb6c60435c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41714", "type": "seen", "source": "https://t.me/cvedetector/8576", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41714 - Mitel MiCollab/MiVoice Business Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41714 \nPublished : Oct. 21, 2024, 9:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges within the context of the system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T00:24:20.000000Z"}, {"uuid": "a231f116-038c-40a1-988c-bd5be03f580b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "https://t.me/true_secator/7265", "content": "Mitel Networks \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0435\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 MiVoice MX-ONE.\n\nMX-ONE - \u044d\u0442\u043e \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u0431\u0430\u0437\u0435 SIP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 MiVoice MX-ONE Provisioning Manager, \u0438 \u0435\u0439 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0451\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0431\u0435\u0437 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mitel, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MiVoice MX-ONE, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0439 7.3 (7.3.0.0.50) - 7.8 SP1 (7.8.1.0.14). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.8 (MXO-15711_78SP0) \u0438 7.8 SP1 (MXO-15711_78SP1).\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c MX-ONE \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 MX-ONE \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0420\u0438\u0441\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u0442\u044c, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0443 Provisioning Manager.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c MiVoice MX-ONE \u0432\u0435\u0440\u0441\u0438\u0438 7.3 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e \u0447\u0435\u0440\u0435\u0437 \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u0433\u043e \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430.\n\nMitel \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-52914) \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b MiCollab, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 SQL \u043d\u0430 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0431\u0435\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 MiCollab (CVE-2024-55550 \u0438 CVE-2024-41713) \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0427\u0442\u043e \u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0432\u0435\u0434\u044c \u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u044e Mitel \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 60 000 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0431\u043e\u043b\u0435\u0435 75 \u043c\u043b\u043d. \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435, \u0444\u0438\u043d\u0430\u043d\u0441\u044b, \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0438 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440.", "creation_timestamp": "2025-07-24T17:29:30.000000Z"}, {"uuid": "25cc7421-4c81-4ae4-b7b1-c47bdd60f4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/DarkWebInformer_News/277", "content": "\ud83d\udea8 News Alert!\n\nSource: The Hacker News\nTitle: New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks\nLink: https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html", "creation_timestamp": "2025-01-30T07:43:30.000000Z"}, {"uuid": "409f0b77-c391-4751-aeb9-0d2d28d5cc80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "https://t.me/kasperskyb2b/1580", "content": "\ud83e\ude79 Welcome back and Patch now!\n\n\u0425\u043e\u0442\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0442\u043e\u0436\u0435 \u0431\u0435\u0440\u0443\u0442 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043d\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u041d\u043e\u0432\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0438 \u0420\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u0430, \u0434\u0440\u0443\u0433\u0438\u0435 \u0432 \u044d\u0442\u043e\u0442 \u043f\u0435\u0440\u0438\u043e\u0434 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u0443\u044e\u0442\u0441\u044f. \u0417\u0430 \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043d\u0438\u043a\u0443\u043b \u043d\u0430\u0431\u0440\u0430\u043b\u043e\u0441\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445.\n\nSonicWall \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0444\u0438\u043a\u0441 SonicOS, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 CVE-2024-53704 (CVSS 8.2), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u0445 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SSL VPN \u0438 SSH. \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 \u00ab\u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb (susceptible to actual exploitation), \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0447\u0438\u0442\u0430\u0442\u044c \u0438 \u043a\u0430\u043a \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0446\u0435\u043d\u043a\u0443 exploitability, \u0438 \u043a\u0430\u043a \u0437\u0430\u0432\u0443\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u044d\u0442\u043e \u0437\u0438\u0440\u043e\u0434\u0435\u0439. \n\u041a\u0440\u043e\u043c\u0435 \u043f\u0430\u0442\u0447\u0430, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u044b \u0442\u0438\u043f\u0438\u0447\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u043e SSH.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f CVE-2024-52875, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE \u0432 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0435 GFI KerioControl, \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0412 \u0421\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0431\u043e\u043b\u0435\u0435 23 \u0442\u044b\u0441\u044f\u0447 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 KerioControl.\n\n\u0410 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u0430\u044f Ivanti \u0443\u0441\u043f\u0435\u043b\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c\u0441\u044f \u0432 2025 \u0433\u043e\u0434\u0443 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u043c. CVE-2025-0282 (CVSS 9.0) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0438\u0447\u044c RCE \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Connect Secure. \u0422\u043e\u0442 \u0436\u0435 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Policy Secure \u0438 Neurons, \u043d\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0430 \u043d\u0438\u0445 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 7 \u044f\u043d\u0432\u0430\u0440\u044f CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0441\u0442\u0430\u0440\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 Oracle WebLogic (CVE-2020-2883) \u0438 \u043f\u0430\u0440\u0443 \u0431\u0430\u0433\u043e\u0432 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u0449\u0435\u043d\u0438\u044f MiCollab (CVE-2024-41713, -55550). \u041d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e.\n\n\u041f\u043b\u043e\u0445\u0438\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u044b \u043d\u0430 WordPress \u0438 WooCommerce. \u041f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d Fancy Product Designer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043b\u0435\u0433\u043a\u043e \u043f\u0435\u0440\u0435\u043a\u0440\u0430\u0448\u0438\u0432\u0430\u0442\u044c \u0444\u0443\u0442\u0431\u043e\u043b\u043a\u0438 \u0438\u043b\u0438 \u043c\u0435\u043d\u044f\u0442\u044c \u0442\u0435\u043a\u0441\u0442 \u043d\u0430 \u043a\u0440\u0443\u0436\u043a\u0430\u0445, \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 9 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u0432\u0435 \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043a\u0443\u043f\u0430\u0442\u0435\u043b\u0435\u0439. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0437\u0430 20 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0432\u043d\u0435\u0441\u043b\u0438 \u043d\u0443\u0436\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c 20 \u0442\u044b\u0441\u044f\u0447 \u0441\u0430\u0439\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043f\u043b\u0430\u0433\u0438\u043d, \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0434\u0443\u043c\u0430\u0442\u044c \u0437\u0430\u043c\u0435\u043d\u0443 \u044d\u0442\u043e\u0433\u043e \u0438\u0437\u0434\u0435\u043b\u0438\u044f \u043d\u0430 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u0434\u0440\u0443\u0433\u043e\u0439 \u00ab\u043a\u0430\u0441\u0442\u043e\u043c\u0438\u0437\u0430\u0442\u043e\u0440\u00bb.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-01-09T10:41:33.000000Z"}, {"uuid": "981b175f-97be-4f1e-82d5-cba153ef91c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41717", "type": "seen", "source": "https://t.me/cvedetector/8665", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41717 - Kieback & Peter's DDC4000 series Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41717 \nPublished : Oct. 22, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Kieback & Peter's DDC4000 series\u00a0is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T00:40:04.000000Z"}, {"uuid": "2305ed1e-51af-4fe7-95d0-b7d469d47456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "https://t.me/CyberBulletin/2008", "content": "\u26a1\ufe0fCISA has flagged 3 actively exploited vulnerabilities\u2014two in Mitel MiCollab and one in Oracle WebLogic Server.\n\n\u2937 CVE-2024-41713: Remote access via path traversal.\n\u2937 CVE-2024-55550: Exploited by attackers with admin privileges.\n\u2937 CVE-2020-2883: A high-severity vulnerability in Oracle WebLogic with known exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-08T15:44:05.000000Z"}, {"uuid": "2d9f8c5e-7551-48ad-96ba-e7be49fc42ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/BleepingComputer/21458", "content": "\u200aNew Aquabotv3 botnet malware targets Mitel command injection flaw\n\nA new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]\n\nhttps://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/", "creation_timestamp": "2025-01-30T01:32:56.000000Z"}, {"uuid": "83eb8a3f-e74b-4029-b419-610577c3a874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "Telegram/yaRRF354Ygu4wAwdZLiZFlJ3d4I86LY0KmRJv0c9BGXTfSM", "content": "", "creation_timestamp": "2025-02-24T15:51:22.000000Z"}, {"uuid": "b9c01808-b3f8-4c11-b19e-4067accd9f56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/CyberBulletin/1692", "content": "\u26a1\ufe0fWhere There\u2019s Smoke, There\u2019s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day.\n\n#CyberBulletin", "creation_timestamp": "2024-12-05T17:07:42.000000Z"}, {"uuid": "e7490a5e-27f6-47a4-83eb-c5b72beac9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/cibsecurity/82384", "content": "\ud83d\udd8b\ufe0f New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks \ud83d\udd8b\ufe0f\n\nA Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a mediumseverity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denialofservice DDoS attacks. The vulnerability in question is CVE202441710 CVSS score 6.8, a case of command injection in the boot process that could allow a malicious actor.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-01-30T08:58:45.000000Z"}, {"uuid": "4307b3d9-ee31-439f-9e0d-a1cb5a1bbfc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/cvedetector/8572", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41713 - Mitel MiCollab NuPoint Unified Messaging Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41713 \nPublished : Oct. 21, 2024, 9:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T00:24:14.000000Z"}, {"uuid": "d8307795-0e4e-451c-a066-321aff89f607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41712", "type": "seen", "source": "https://t.me/cvedetector/8571", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41712 - Mitel MiCollab Web Conferencing Component Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41712 \nPublished : Oct. 21, 2024, 9:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system within the context of the user. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T00:24:13.000000Z"}, {"uuid": "8ae953a3-0bc0-476c-83bf-e138ef50a16f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41716", "type": "seen", "source": "https://t.me/cvedetector/4735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41716 - WindLDR WindO/I-NV4 Sensitive Information Storage Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-41716 \nPublished : Sept. 4, 2024, 1:15 a.m. | 40\u00a0minutes ago \nDescription : Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate and/or suspend the PLC and Operator Interfaces by accessing or hijacking them. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T04:21:32.000000Z"}, {"uuid": "ce8d5370-6c51-488e-bcf7-5159203f712f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41718", "type": "seen", "source": "https://t.me/cvedetector/4680", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41718 - Apache doubled-sided authentication bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41718 \nPublished : Sept. 3, 2024, 11:15 a.m. | 42\u00a0minutes ago \nDescription : Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID. ConsultIDs: CVE-2024-39771. Reason: This CVE ID is a reservation duplicate of CVE-2024-39771. Notes: All CVE users should reference CVE-2024-39771 instead of this CVE ID. All references and descriptions in this CVE ID have been removed to prevent accidental usage. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T14:07:50.000000Z"}, {"uuid": "7331251e-7c1b-44f8-9500-3ef34bc4cc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/CyberBulletin/1153", "content": "\u26a1\ufe0fCVE-2024-41713 (CVSS 9.8): Unpatched MiCollab Vulnerability Allows Unauthorized Access.\n\n#CyberBulletin", "creation_timestamp": "2024-10-11T06:14:28.000000Z"}, {"uuid": "ba06c1b9-ccbe-45ab-a807-893020908ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41711", "type": "seen", "source": "https://t.me/cvedetector/3035", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41711 - Mitel SIP Phones Arbitrary Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41711 \nPublished : Aug. 13, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an unauthenticated attacker with physical access to the phone to conduct an argument injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T20:27:52.000000Z"}, {"uuid": "3432f16f-6951-4ec3-8b2a-31af6d0153ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41719", "type": "seen", "source": "https://t.me/cvedetector/3172", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41719 - F5 BIG-IP Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-41719 \nPublished : Aug. 14, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM),  F5 iHealth credentials will be logged in the BIG-IP Central Manager logs.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T18:13:52.000000Z"}, {"uuid": "fb055d21-8905-412c-85fc-6824da6c7dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://t.me/cvedetector/2885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41710 - Mitel SIP Phones Insufficient Parameter Sanitization Argument Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41710 \nPublished : Aug. 12, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an authenticated attacker with administrative privilege to conduct an argument injection attack, due to insufficient parameter sanitization during the boot process. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T21:51:10.000000Z"}, {"uuid": "e1afbf34-17ee-4592-ab22-528de18aebeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "Telegram/VuZPxTaj8sX3kyV3UbRUBY78YCESFRIXLfegnJg6r7xEnDQ", "content": "", "creation_timestamp": "2025-01-30T09:03:40.000000Z"}, {"uuid": "ac8fba88-231d-4356-9648-9ceb157951cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41714", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7886", "content": "\u200aCVE-2024-41714 (CVSS 9.9): Command Injection Flaw Discovered in Mitel MiCollab and MiVB SVI\n\nhttps://securityonline.info/cve-2024-41714-cvss-9-9-command-injection-flaw-discovered-in-mitel-micollab-and-mivb-svi/", "creation_timestamp": "2024-07-30T12:37:31.000000Z"}, {"uuid": "6024683a-6159-4188-884b-cbdbbf8c0bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "Telegram/7QLe63I9RKUf4WyhjQ_jW6v9ceXGNFv0G1k2T1cz9MSEfsQn", "content": "", "creation_timestamp": "2025-02-14T10:06:08.000000Z"}, {"uuid": "1f95e121-b272-4e59-b2ce-ea58dd5f27d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/MalaysiaHacktivistz/7743", "content": "New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks \u2013 thehackernews.com\n\nThu, 30 Jan 2025 14:41:00", "creation_timestamp": "2025-01-30T09:03:43.000000Z"}, {"uuid": "f43a6443-3dcd-4a45-9b40-7992d904f396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/MalaysiaHacktivistz/1555", "content": "New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks \u2013 thehackernews.com\n\nThu, 30 Jan 2025 14:41:00", "creation_timestamp": "2025-01-30T09:03:43.000000Z"}, {"uuid": "3e1d77f5-bff7-449a-8600-abfccc048ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "Telegram/KnEOt5rjYNWhgYsUI6D839rfk_ONOfmk--AadO6K2G_oG1w", "content": "", "creation_timestamp": "2025-01-11T10:00:06.000000Z"}, {"uuid": "7a3b3b39-4e53-45ad-b91d-e8bf926bc316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "Telegram/CgtMp99s8IVrfA6dAfD7nZra4Ge6dUYlZCAqWYcA5TVh1g", "content": "", "creation_timestamp": "2025-01-30T12:47:17.000000Z"}, {"uuid": "ffb112b8-d8f4-43fe-bbba-041afddc842a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "Telegram/un7ROmPmmdAsSIhgKnwddb4sJBe7gYSTwdDLnBs6cT39Dw", "content": "", "creation_timestamp": "2024-12-05T23:17:44.000000Z"}, {"uuid": "1e18e307-bd53-4822-b48b-79191a2dd9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "Telegram/FhWlCHq4175BsrgCdjqiWe9kicFq8UQYPhjo2isc1t_W8w", "content": "", "creation_timestamp": "2025-01-08T05:57:06.000000Z"}, {"uuid": "a927d939-e493-4129-abc9-43bee05d8694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/true_secator/6680", "content": "\u041d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Aquabot \u043d\u0430 \u0431\u0430\u0437\u0435 Mirai \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-41710, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 SIP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b Mitel.\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Akamai (SIRT) \u0447\u0435\u0440\u0435\u0437 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044f\u043d\u0432\u0430\u0440\u044f 2025 \u0433\u043e\u0434\u0430, \u043e\u0442\u043c\u0435\u0447\u0430\u044f, \u0447\u0442\u043e \u044d\u0442\u043e \u0443\u0436\u0435 \u0442\u0440\u0435\u0442\u0438\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 Aquabot, \u043f\u043e\u043f\u0430\u0432\u0448\u0438\u0439 \u0432 \u043f\u043e\u043b\u0435 \u0438\u0445 \u0437\u0440\u0435\u043d\u0438\u044f.\n\n\u0412 \u0442\u0440\u0435\u0442\u0438\u0435\u043c \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0435, Aquabotv3, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0430 C2, \u0447\u0442\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433.\n\nCVE-2024-41710 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 SIP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b Mitel \u0441\u0435\u0440\u0438\u0439 6800, 6900 \u0438 6900w, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u0438 \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\nMitel \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 17 \u0438\u044e\u043b\u044f 2024 \u0433\u043e\u0434\u0430. \u0414\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u0441\u043f\u0443\u0441\u0442\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041a\u0430\u0439\u043b \u0411\u0435\u0440\u043d\u0441 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u043d\u0430 GitHub.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0434\u043b\u044f \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0431\u043e\u0442\u043d\u0435\u0442, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u0440\u0443\u0442 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u044e\u0442 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 POST, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 8021xsupport.html, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0443\u044e \u0437\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 802.1x \u0432 SIP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430\u0445 Mitel.\n\n\u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 (/nvdata/etc/local.cfg).\n\n\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u043a\u043e\u043d\u0446\u0430 \u0441\u0442\u0440\u043e\u043a\u0438 (%dt \u2192 %0d) \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u0443\u044e\u0442 \u0442\u0435\u043c, \u043a\u0430\u043a \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 (bin.sh) \u0441\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0441\u043a\u0440\u0438\u043f\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 Aquabot \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b (x86, ARM, MIPS \u0438 \u0442.\u0434.), \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0435\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u00abchmod 777\u00bb, \u0430 \u0437\u0430\u0442\u0435\u043c \u0437\u0438\u0447\u0438\u0449\u0430\u0435\u0442 \u0432\u0441\u0435 \u0441\u043b\u0435\u0434\u044b.\n\n\u041f\u043e\u0441\u043b\u0435 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 Aquabotv3 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a C2 \u0447\u0435\u0440\u0435\u0437 TCP \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439, \u043a\u043e\u043c\u0430\u043d\u0434 \u0430\u0442\u0430\u043a\u0438, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a.\n\n\u0417\u0430\u0442\u0435\u043c \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 IoT, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Mitel, CVE-2018-17532 (TP-Link), CVE-2023-26801 (RCE \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 IoT), CVE-2022-31137 (RCE \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f), RCE Linksys E-series, Hadoop YARN \u0438 CVE-2018-10562 - 10561 (\u0432 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Dasan).\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u0442\u0430\u043a\u0436\u0435 \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0438\u043b\u0438 \u0441\u043b\u0430\u0431\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 SSH/Telnet, \u0447\u0442\u043e\u0431\u044b \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u043f\u043b\u043e\u0445\u043e \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e Aquabotv3 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 DDoS, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u0445 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a TCP SYN, TCP ACK, UDP, GRE IP \u0438 \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u043f\u0440\u043e\u0434\u0432\u0438\u0433\u0430\u0435\u0442 \u0441\u0432\u043e\u0438 \u0443\u0441\u043b\u0443\u0433\u0438 \u0432 Telegram \u043f\u043e\u0434 \u0431\u0440\u0435\u043d\u0434\u0430\u043c\u0438 Cursinq Firewall, The Eye Services \u0438 The Eye Botnet, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0435\u0433\u043e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 Aquabotv3 IoC, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 Snort \u0438 YARA \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-01-30T18:40:05.000000Z"}, {"uuid": "b5b21757-d703-499a-b36e-481f88bd3aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "Telegram/-kzXFXF9rWWrCuG5b7uXqGrpJw2UhJ_G_5H4IuvDFR0YxB4", "content": "", "creation_timestamp": "2025-02-01T13:23:52.000000Z"}, {"uuid": "c9452ae8-2ef0-42e8-b0c5-ff75126451c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2412", "content": "CVE-2024-41713\n*\nMitel MiCollab Authentication Bypass to Arbitrary File Read\n*\nExploit", "creation_timestamp": "2024-12-07T06:33:08.000000Z"}, {"uuid": "5a747aa6-a168-4655-973c-a5f01a18a216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/true_secator/6517", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438 \u0438\u0437 \u043c\u0438\u0440\u0430 CVE. \u041f\u043e\u0434 \u043a\u043e\u043d\u0435\u0446 \u043d\u0435\u0434\u0435\u043b\u0438 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442\u00a0\u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 0-day, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 VoIP Mitel MiCollab, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 CVE \u043d\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0430 \u0438 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043d\u043e\u043b\u044c \u0443\u0434\u0430\u043b\u043e\u0441\u044c, \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u044f \u0441 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u0432\u0432\u043e\u0434\u043e\u043c.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f CVE-2024-35286, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 23 \u043c\u0430\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2024-41713, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 9 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u0412\u044b\u0436\u0434\u0430\u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 100 \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f Mitel, watchTowr \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438 PoC \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 \u0441 CVE-2024-41713.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0431\u043e\u043b\u0435\u0435 16\u00a0000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 MiCollab, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 MiCollab 9.8 SP2 (9.8.2.12), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 CVE-2024-41713, \u0441\u043c\u044f\u0433\u0447\u0430\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432.\u00a0\n\n2. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rapid7 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438 \u043f\u043e\u0441\u0438\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043c\u043e\u0449\u044c \u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u0430\u043c\u0435\u0440\u0430\u0445 \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f Lorex\u00a02K Wi-Fi.\n\n\u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0431\u044b\u043b\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0446\u0435\u043b\u0435\u0439 \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Pwn2Own IoT 2024 \u0433\u043e\u0434\u0430, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e Rapid7 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u044f\u0442\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0432 \u0434\u0432\u0430 \u044d\u0442\u0430\u043f\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n3. Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f NX-OS, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u043e\u0431\u0445\u043e\u0434 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Google Cloud.\n\n\u041e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2024-20397, \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0435\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f, \u043d\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 100 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u0441\u0435\u0440\u0438\u0438 MDS 9000, Nexus 3000 \u0438 7000, Nexus 9000 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 ACI, Nexus 9000 \u0432 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 NX-OS, UCS 6400 \u0438 6500.\n\n4. \u0417\u0430\u0445\u0430\u0440 \u0424\u0435\u0434\u043e\u0442\u043a\u0438\u043d \u0438\u0437 PortSwigger \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c WAF \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0430 $Version \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 cookie.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 JFrog \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0438 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0438 \u043c\u0430\u0448\u0438\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u044f (\u041c\u041e) \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a MLflow, H2O, PyTorch \u0438 MLeap, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0443\u0442\u044c \u0434\u043b\u044f RCE.\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u043d\u0430\u0431\u043e\u0440\u0443 \u0440\u0430\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, JFrog \u043f\u0440\u0438\u0441\u043e\u0432\u043e\u043a\u0443\u043f\u0438\u043b\u0430: CVE-2024-27132\u00a0(7,2), CVE-2024-6960\u00a0(7,5), CVE-2023-5245\u00a0(7,5), \u043e\u0434\u043d\u0430 \u0431\u0435\u0437 CVE (\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 TorchScript \u0432 PyTorch).", "creation_timestamp": "2024-12-06T18:30:05.000000Z"}, {"uuid": "b1353b70-576f-4ccf-b9eb-df4bea97d052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/CyberBulletin/26067", "content": "\u26a1\ufe0fCVE-2024-41713 (CVSS 9.8): Unpatched MiCollab Vulnerability Allows Unauthorized Access.\n\n#CyberBulletin", "creation_timestamp": "2024-10-11T06:14:27.000000Z"}, {"uuid": "2811599b-ecdf-416c-9f60-1e07da157888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/ctinow/230110", "content": "New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks\nhttps://ift.tt/ijtRWBM", "creation_timestamp": "2025-01-30T08:49:24.000000Z"}, {"uuid": "c1be5c32-82eb-4aa2-91f9-5753049bf0d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "exploited", "source": "https://t.me/thehackernews/6126", "content": "CISA has flagged 3 actively exploited vulnerabilities\u2014two in Mitel MiCollab and one in Oracle WebLogic Server. \n \n\u2937 CVE-2024-41713: Remote access via path traversal. \n\u2937 CVE-2024-55550: Exploited by attackers with admin privileges. \n\u2937 CVE-2020-2883: A high-severity vulnerability in Oracle WebLogic with known exploits. \n \n\ud83d\udc49 Don\u2019t wait\u2014secure your systems now: https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html", "creation_timestamp": "2025-01-08T05:58:16.000000Z"}, {"uuid": "dc9a0849-6d54-4c86-8b24-dd4fae7e4e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/thehackernews/5994", "content": "\ud83d\udea8 A critical vulnerability (CVE-2024-41713) in Mitel MiCollab could let attackers access sensitive system files and potentially perform unauthorized administrative actions without authentication. \n \nFull details here: https://thehackernews.com/2024/12/critical-mitel-micollab-flaw-exposes.html", "creation_timestamp": "2024-12-05T16:01:07.000000Z"}, {"uuid": "9e80d66b-3aaa-4580-a592-11394d0265ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/thehackernews/6254", "content": "\u26a0\ufe0f New Mirai Botnet Variant Aquabot Targets CVE-2024-41710 in Mitel Phones for DDoS Attacks.\n\nThe flaw affects Mitel 6800, 6900, 6900w phones and Mitel 6970 Conference Units. Attackers have been exploiting CVE-2024-41710 since January 2025.\n\nAttackers are using Telegram to sell DDoS services\u2014this threat is already commercialized.\n\nLearn more: https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html", "creation_timestamp": "2025-01-30T07:51:51.000000Z"}, {"uuid": "0ae79d7a-6fe5-4083-8498-5454c16c6082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "seen", "source": "https://t.me/CyberBulletin/26710", "content": "\u26a1\ufe0fWhere There\u2019s Smoke, There\u2019s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day.\n\n#CyberBulletin", "creation_timestamp": "2024-12-05T17:07:42.000000Z"}, {"uuid": "a0b66c02-204d-468a-bdb0-a4f89c329e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/xakep_ru/17029", "content": "\u0411\u043e\u0442\u043d\u0435\u0442 Aquabot \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b Mitel\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043c\u0430\u043b\u0432\u0430\u0440\u0438 Aquabot, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u043a\u043e\u0434\u0435 Mirai. \u0411\u043e\u0442\u043d\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 CVE-2024-41710, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044f\u043c\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 SIP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430\u0445 Mitel.\n\nhttps://xakep.ru/2025/01/30/new-aquabot/", "creation_timestamp": "2025-01-30T18:32:18.000000Z"}, {"uuid": "444b13b1-4671-41be-89dd-f7727605cb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11522", "content": "#exploit\n1. CVE-2024-46538:\nPfSense Stored XSS\nhttps://github.com/LauLeysen/CVE-2024-46538\n\n2. CVE-2024-35286/41713:\nMitel MiCollab SQLI / Path Traversal\nhttps://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day\n\n3. CVE-2023-6200:\nLinux Kernel ICMPv6 Race Condtion\nhttps://u1f383.github.io/linux/2024/12/04/linux-kernel-icmpv6-and-cve-2023-6200.html", "creation_timestamp": "2024-12-06T11:00:37.000000Z"}, {"uuid": "2cf4823c-4545-41e9-a351-9e52706debd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9404", "content": "Where There\u2019s Smoke, There\u2019s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day\n\nhttps://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day/", "creation_timestamp": "2024-12-05T14:44:20.000000Z"}, {"uuid": "bea34772-9c86-47f3-a7d4-10d47fbe114b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11757", "content": "#exploit \n1. CVE-2024-12847:\nExposing an Old Netgear Vulnerability Still Active in 2025\n\n2. RCE in Lightning AI-development platform\n\n3. CVE-2024-41710:\nMitel phones Argument Injection\n\n3. CVE-2024-46507:\nYETI platform SSTI", "creation_timestamp": "2025-03-18T12:15:38.000000Z"}, {"uuid": "216ed06f-1a47-4596-9597-42e779299448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41710", "type": "exploited", "source": "https://t.me/CybNux/7572", "content": "\u26a0\ufe0f \u064a\u0633\u062a\u0647\u062f\u0641 \u0645\u062a\u063a\u064a\u0631 \u062c\u062f\u064a\u062f \u0645\u0646 \u0634\u0628\u0643\u0629 Mirai Botnet \u0628\u0631\u0646\u0627\u0645\u062c Aquabot CVE-2024-41710 \u0641\u064a \u0647\u0648\u0627\u062a\u0641 Mitel \u0644\u0647\u062c\u0645\u0627\u062a DDoS.\n\n\u064a\u0624\u062b\u0631 \u0627\u0644\u062e\u0644\u0644 \u0639\u0644\u0649 \u0647\u0648\u0627\u062a\u0641 Mitel 6800 \u06486900 \u06486900w \u0648\u0648\u062d\u062f\u0627\u062a \u0627\u0644\u0645\u0624\u062a\u0645\u0631\u0627\u062a Mitel 6970. \u0648\u0642\u062f \u0627\u0633\u062a\u063a\u0644 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 CVE-2024-41710 \u0645\u0646\u0630 \u064a\u0646\u0627\u064a\u0631 2025.\n\n\u064a\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u062a\u0637\u0628\u064a\u0642 Telegram \u0644\u0628\u064a\u0639 \u062e\u062f\u0645\u0627\u062a DDoS\u060c \u0648\u0642\u062f \u062a\u0645 \u0628\u0627\u0644\u0641\u0639\u0644 \u062a\u0633\u0648\u064a\u0642 \u0647\u0630\u0627 \u0627\u0644\u062a\u0647\u062f\u064a\u062f.\n\n#\u0623\u062e\u0628\u0627\u0631", "creation_timestamp": "2025-01-30T07:57:51.000000Z"}, {"uuid": "b49d89da-e86d-4a8c-9cba-9ef53b30a700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41713", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/5389", "content": "#exploit\n1. CVE-2024-46538:\nPfSense Stored XSS\nhttps://github.com/LauLeysen/CVE-2024-46538\n\n2. CVE-2024-35286/41713:\nMitel MiCollab SQLI / Path Traversal\nhttps://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day\n\n3. CVE-2023-6200:\nLinux Kernel ICMPv6 Race Condtion\nhttps://u1f383.github.io/linux/2024/12/04/linux-kernel-icmpv6-and-cve-2023-6200.html", "creation_timestamp": "2024-12-06T10:12:49.000000Z"}]}