Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-24T23:14:51.538218+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/2c171968-82c2-4e85-b009-a186ba5029fd/export 2c171968-82c2-4e85-b009-a186ba5029fd 2026-06-24T23:14:51.562168+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "2c171968-82c2-4e85-b009-a186ba5029fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23471", "type": "seen", "source": "https://t.me/cvedetector/1089", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23471 - SolarWinds Access Rights Manager Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2024-23471 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:10.000000Z"} 2024-07-17T18:13:10+00:00 https://vulnerability.circl.lu/sighting/f7570d9f-b49c-4a24-b0c7-3cfd704a8110/export f7570d9f-b49c-4a24-b0c7-3cfd704a8110 2026-06-24T23:14:51.562062+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f7570d9f-b49c-4a24-b0c7-3cfd704a8110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23470", "type": "seen", "source": "https://t.me/cvedetector/1090", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23470 - SolarWinds Access Rights Manager Stored Command Execution\", \n \"Content\": \"CVE ID : CVE-2024-23470 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:14.000000Z"} 2024-07-17T18:13:14+00:00 https://vulnerability.circl.lu/sighting/fcd00c7e-4b10-478b-9fd7-1effa7b7401a/export fcd00c7e-4b10-478b-9fd7-1effa7b7401a 2026-06-24T23:14:51.561950+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fcd00c7e-4b10-478b-9fd7-1effa7b7401a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} 2024-07-22T12:54:50+00:00 https://vulnerability.circl.lu/sighting/92d8b159-f9d4-4eec-9bee-00e47e3ae908/export 92d8b159-f9d4-4eec-9bee-00e47e3ae908 2026-06-24T23:14:51.561830+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "92d8b159-f9d4-4eec-9bee-00e47e3ae908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23477", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} 2024-07-22T12:54:50+00:00 https://vulnerability.circl.lu/sighting/456c2221-2c95-4c31-90c2-0571279289b8/export 456c2221-2c95-4c31-90c2-0571279289b8 2026-06-24T23:14:51.561707+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "456c2221-2c95-4c31-90c2-0571279289b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23478", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} 2024-07-22T12:54:50+00:00 https://vulnerability.circl.lu/sighting/4dbd4d28-a506-4736-ae30-48679176d5dc/export 4dbd4d28-a506-4736-ae30-48679176d5dc 2026-06-24T23:14:51.561567+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4dbd4d28-a506-4736-ae30-48679176d5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23479", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} 2024-07-22T12:54:50+00:00 https://vulnerability.circl.lu/sighting/51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb/export 51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb 2026-06-24T23:14:51.561456+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1718", "content": "https://securityonline.info/cve-2024-23476-23479-pre-authentication-rce-flaws-found-in-solarwinds-arm/", "creation_timestamp": "2024-11-11T01:49:13.000000Z"} 2024-11-11T01:49:13+00:00 https://vulnerability.circl.lu/sighting/ebf48310-1042-4f66-8156-4b697d8d887f/export ebf48310-1042-4f66-8156-4b697d8d887f 2026-06-24T23:14:51.561338+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ebf48310-1042-4f66-8156-4b697d8d887f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/11/solarwinds-access-rights-manager-one-vulnerability-to-lpe-them-all", "content": "", "creation_timestamp": "2024-12-12T15:50:56.000000Z"} 2024-12-12T15:50:56+00:00 https://vulnerability.circl.lu/sighting/98e5f141-6f24-4588-97ce-76cd2db85762/export 98e5f141-6f24-4588-97ce-76cd2db85762 2026-06-24T23:14:51.561197+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "98e5f141-6f24-4588-97ce-76cd2db85762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113642105586074489", "content": "", "creation_timestamp": "2024-12-12T22:01:59.114937Z"} 2024-12-12T22:01:59.114937+00:00 https://vulnerability.circl.lu/sighting/4253e6e7-0ad5-4f56-b9db-c29e368aa09f/export 4253e6e7-0ad5-4f56-b9db-c29e368aa09f 2026-06-24T23:14:51.559482+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4253e6e7-0ad5-4f56-b9db-c29e368aa09f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2347", "type": "seen", "source": "Telegram/v9gbFEAqNZEgz7ZIGOJ_YrbX01sQky6aq79d4ZJeTyCqXIZW", "content": "", "creation_timestamp": "2025-06-13T22:35:36.000000Z"} 2025-06-13T22:35:36+00:00