Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 17 Jun 2026 04:28:41 +0000 588cb0fc-0398-46af-b1dc-296de1feb63d https://vulnerability.circl.lu/sighting/588cb0fc-0398-46af-b1dc-296de1feb63d/export {"uuid": "588cb0fc-0398-46af-b1dc-296de1feb63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3382", "type": "seen", "source": "https://t.me/cibsecurity/23165", "content": "\u203c CVE-2021-3382 \u203c\n\nStack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service (crash) via vectors related to a file path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-05T18:35:18.000000Z"} {"uuid": "588cb0fc-0398-46af-b1dc-296de1feb63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3382", "type": "seen", "source": "https://t.me/cibsecurity/23165", "content": "\u203c CVE-2021-3382 \u203c\n\nStack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service (crash) via vectors related to a file path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-05T18:35:18.000000Z"} https://vulnerability.circl.lu/sighting/588cb0fc-0398-46af-b1dc-296de1feb63d/export Fri, 05 Feb 2021 18:35:18 +0000 669afc26-ed5b-434e-a1dd-891f4459284a https://vulnerability.circl.lu/sighting/669afc26-ed5b-434e-a1dd-891f4459284a/export {"uuid": "669afc26-ed5b-434e-a1dd-891f4459284a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33824", "type": "seen", "source": "https://t.me/cibsecurity/25563", "content": "\u203c CVE-2021-33824 \u203c\n\nAn issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-19T00:42:21.000000Z"} {"uuid": "669afc26-ed5b-434e-a1dd-891f4459284a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33824", "type": "seen", "source": "https://t.me/cibsecurity/25563", "content": "\u203c CVE-2021-33824 \u203c\n\nAn issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-19T00:42:21.000000Z"} https://vulnerability.circl.lu/sighting/669afc26-ed5b-434e-a1dd-891f4459284a/export Sat, 19 Jun 2021 00:42:21 +0000 3d0300be-1215-4ec8-993e-9545a107865b https://vulnerability.circl.lu/sighting/3d0300be-1215-4ec8-993e-9545a107865b/export {"uuid": "3d0300be-1215-4ec8-993e-9545a107865b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33823", "type": "seen", "source": "https://t.me/cibsecurity/25562", "content": "\u203c CVE-2021-33823 \u203c\n\nAn issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-19T00:42:21.000000Z"} {"uuid": "3d0300be-1215-4ec8-993e-9545a107865b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33823", "type": "seen", "source": "https://t.me/cibsecurity/25562", "content": "\u203c CVE-2021-33823 \u203c\n\nAn issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-19T00:42:21.000000Z"} https://vulnerability.circl.lu/sighting/3d0300be-1215-4ec8-993e-9545a107865b/export Sat, 19 Jun 2021 00:42:21 +0000 1dd38ad8-bea9-4cab-94ee-2e3788b6f143 https://vulnerability.circl.lu/sighting/1dd38ad8-bea9-4cab-94ee-2e3788b6f143/export {"uuid": "1dd38ad8-bea9-4cab-94ee-2e3788b6f143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33820", "type": "published-proof-of-concept", "source": "https://t.me/forensictools/350", "content": "\u041c\u044b \u043f\u043e\u0434\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u043d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0435\u0433\u043a\u043e \u0438 \u044d\u0444\u0444\u0435\u043a\u0442\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c, \u043d\u043e \u0434\u0430\u0432\u0430\u0439\u0442\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043f\u0440\u0430\u0432\u0434\u0435 \u0432 \u0433\u043b\u0430\u0437\u0430 - \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0442\u043e\u0440\u044b \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438- \u043d\u0430\u043a\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a\u2026\n\n!!!\u0412\u0441\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0443\u0433\u0443\u0431\u043e \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0438 \u0443\u0447\u0435\u0431\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445!!!\n\n\u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043e\u0442 RCE \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Geutebruck. \n\u0422\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a\u0430\u043c\u0435\u0440\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u043e\u0439 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 UDP Technology (Ganz, Visualint, Cap, \nTHRIVE Intelligence, Sophus, VCA, TripCorps, Sprinx Technologies, Smartec, Riva) - \n[https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities] ;\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0438\u0434\u0435\u043e\u043f\u043e\u0442\u043e\u043a (\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 ThroughTek) -\n[https://www.securitylab.ru/news/521235.php]\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445 AvertX (\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u044f\u0442\u044c \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \n\u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 IP-\u043a\u0430\u043c\u0435\u0440, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u043c\u0435\u0440\u0435 \u0441 \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e,\n\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u0435\u043c\u043d\u0438\u043a\u0430-\u043f\u0435\u0440\u0435\u0434\u0430\u0442\u0447\u0438\u043a\u0430 (UART)\n\u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c \u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0438\u0445, \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0438 \u0434\u0430\u0436\u0435 \u0432\u044b\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u0430\u043c\u0435\u0440\u0443 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f) -\n[https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/]\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DVR \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 LILIN - \n[https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day-en/]\n\nDenver IP Camera SHO-110 - \n[https://github.com/enty8080/denver-camera-backdoor]\n\nSony IPELA Network Camera 1.82.01 (\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430) - \n[https://www.exploit-db.com/exploits/48842];\n\nCOMMAX Smart Home Ruvie CCTV - \n[https://www.zeroscience.mk/codes/commax_cctvwrite.txt] ; \n[https://www.zeroscience.mk/codes/commax_cctvcreds.txt]\n\nPanasonic Sanyo CCTV Network Camera 2.03-0x - \n[https://www.exploit-db.com/exploits/50172]\n\nUniFi Protect G3 FLEX Camera (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438) - \n[https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md]\n\nHiSilicon DVR/NVR hi3520d firmware (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \n\u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0438 \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c) - \n[https://habr.com/ru/post/486856/]\n[https://github.com/tothi/pwn-hisilicon-dvr]\n\nAmcrest/Dahua NVR Camera - \n[https://github.com/tenable/poc/tree/master/amcrest]", "creation_timestamp": "2021-08-22T11:10:18.000000Z"} {"uuid": "1dd38ad8-bea9-4cab-94ee-2e3788b6f143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33820", "type": "published-proof-of-concept", "source": "https://t.me/forensictools/350", "content": "\u041c\u044b \u043f\u043e\u0434\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u043d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0435\u0433\u043a\u043e \u0438 \u044d\u0444\u0444\u0435\u043a\u0442\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c, \u043d\u043e \u0434\u0430\u0432\u0430\u0439\u0442\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043f\u0440\u0430\u0432\u0434\u0435 \u0432 \u0433\u043b\u0430\u0437\u0430 - \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0442\u043e\u0440\u044b \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438- \u043d\u0430\u043a\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a\u2026\n\n!!!\u0412\u0441\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0443\u0433\u0443\u0431\u043e \u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0438 \u0443\u0447\u0435\u0431\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445!!!\n\n\u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043e\u0442 RCE \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Geutebruck. \n\u0422\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a\u0430\u043c\u0435\u0440\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u043e\u0439 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 UDP Technology (Ganz, Visualint, Cap, \nTHRIVE Intelligence, Sophus, VCA, TripCorps, Sprinx Technologies, Smartec, Riva) - \n[https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities] ;\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0438\u0434\u0435\u043e\u043f\u043e\u0442\u043e\u043a (\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 ThroughTek) -\n[https://www.securitylab.ru/news/521235.php]\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 IP-\u043a\u0430\u043c\u0435\u0440\u0430\u0445 AvertX (\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u044f\u0442\u044c \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \n\u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 IP-\u043a\u0430\u043c\u0435\u0440, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u043c\u0435\u0440\u0435 \u0441 \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e,\n\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u0435\u043c\u043d\u0438\u043a\u0430-\u043f\u0435\u0440\u0435\u0434\u0430\u0442\u0447\u0438\u043a\u0430 (UART)\n\u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c \u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0438\u0445, \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0438 \u0434\u0430\u0436\u0435 \u0432\u044b\u0432\u043e\u0434\u0438\u0442\u044c \u043a\u0430\u043c\u0435\u0440\u0443 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f) -\n[https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/]\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 DVR \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 LILIN - \n[https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day-en/]\n\nDenver IP Camera SHO-110 - \n[https://github.com/enty8080/denver-camera-backdoor]\n\nSony IPELA Network Camera 1.82.01 (\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430) - \n[https://www.exploit-db.com/exploits/48842];\n\nCOMMAX Smart Home Ruvie CCTV - \n[https://www.zeroscience.mk/codes/commax_cctvwrite.txt] ; \n[https://www.zeroscience.mk/codes/commax_cctvcreds.txt]\n\nPanasonic Sanyo CCTV Network Camera 2.03-0x - \n[https://www.exploit-db.com/exploits/50172]\n\nUniFi Protect G3 FLEX Camera (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438) - \n[https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33820.md]\n\nHiSilicon DVR/NVR hi3520d firmware (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \n\u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0438 \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c) - \n[https://habr.com/ru/post/486856/]\n[https://github.com/tothi/pwn-hisilicon-dvr]\n\nAmcrest/Dahua NVR Camera - \n[https://github.com/tenable/poc/tree/master/amcrest]", "creation_timestamp": "2021-08-22T11:10:18.000000Z"} https://vulnerability.circl.lu/sighting/1dd38ad8-bea9-4cab-94ee-2e3788b6f143/export Sun, 22 Aug 2021 11:10:18 +0000 063740b3-0b82-49ea-bace-d8f761ec0943 https://vulnerability.circl.lu/sighting/063740b3-0b82-49ea-bace-d8f761ec0943/export {"uuid": "063740b3-0b82-49ea-bace-d8f761ec0943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33828", "type": "seen", "source": "https://t.me/cibsecurity/35647", "content": "\u203c CVE-2021-33828 \u203c\n\nThe files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-16T00:20:58.000000Z"} {"uuid": "063740b3-0b82-49ea-bace-d8f761ec0943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33828", "type": "seen", "source": "https://t.me/cibsecurity/35647", "content": "\u203c CVE-2021-33828 \u203c\n\nThe files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-16T00:20:58.000000Z"} https://vulnerability.circl.lu/sighting/063740b3-0b82-49ea-bace-d8f761ec0943/export Sun, 16 Jan 2022 00:20:58 +0000 6293eb8b-9ef4-45ae-9d96-0f4d9d411e88 https://vulnerability.circl.lu/sighting/6293eb8b-9ef4-45ae-9d96-0f4d9d411e88/export {"uuid": "6293eb8b-9ef4-45ae-9d96-0f4d9d411e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33827", "type": "seen", "source": "https://t.me/cibsecurity/35649", "content": "\u203c CVE-2021-33827 \u203c\n\nThe files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-16T00:21:00.000000Z"} {"uuid": "6293eb8b-9ef4-45ae-9d96-0f4d9d411e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33827", "type": "seen", "source": "https://t.me/cibsecurity/35649", "content": "\u203c CVE-2021-33827 \u203c\n\nThe files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-16T00:21:00.000000Z"} https://vulnerability.circl.lu/sighting/6293eb8b-9ef4-45ae-9d96-0f4d9d411e88/export Sun, 16 Jan 2022 00:21:00 +0000 db7e674d-1dde-4c0d-8e92-540bb9aafa7d https://vulnerability.circl.lu/sighting/db7e674d-1dde-4c0d-8e92-540bb9aafa7d/export {"uuid": "db7e674d-1dde-4c0d-8e92-540bb9aafa7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33829", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-33829.yaml", "content": "", "creation_timestamp": "2025-12-17T07:54:34.000000Z"} {"uuid": "db7e674d-1dde-4c0d-8e92-540bb9aafa7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33829", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-33829.yaml", "content": "", "creation_timestamp": "2025-12-17T07:54:34.000000Z"} https://vulnerability.circl.lu/sighting/db7e674d-1dde-4c0d-8e92-540bb9aafa7d/export Wed, 17 Dec 2025 07:54:34 +0000 70d0015f-5824-41a2-a760-116a47138a24 https://vulnerability.circl.lu/sighting/70d0015f-5824-41a2-a760-116a47138a24/export {"uuid": "70d0015f-5824-41a2-a760-116a47138a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33829", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mac36lna2n2f", "content": "", "creation_timestamp": "2025-12-18T21:03:03.154574Z"} {"uuid": "70d0015f-5824-41a2-a760-116a47138a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33829", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mac36lna2n2f", "content": "", "creation_timestamp": "2025-12-18T21:03:03.154574Z"} https://vulnerability.circl.lu/sighting/70d0015f-5824-41a2-a760-116a47138a24/export Thu, 18 Dec 2025 21:03:03 +0000