Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 24 Jun 2026 23:14:52 +0000 2c171968-82c2-4e85-b009-a186ba5029fd https://vulnerability.circl.lu/sighting/2c171968-82c2-4e85-b009-a186ba5029fd/export {"uuid": "2c171968-82c2-4e85-b009-a186ba5029fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23471", "type": "seen", "source": "https://t.me/cvedetector/1089", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23471 - SolarWinds Access Rights Manager Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2024-23471 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:10.000000Z"} {"uuid": "2c171968-82c2-4e85-b009-a186ba5029fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23471", "type": "seen", "source": "https://t.me/cvedetector/1089", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23471 - SolarWinds Access Rights Manager Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2024-23471 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:10.000000Z"} https://vulnerability.circl.lu/sighting/2c171968-82c2-4e85-b009-a186ba5029fd/export Wed, 17 Jul 2024 18:13:10 +0000 f7570d9f-b49c-4a24-b0c7-3cfd704a8110 https://vulnerability.circl.lu/sighting/f7570d9f-b49c-4a24-b0c7-3cfd704a8110/export {"uuid": "f7570d9f-b49c-4a24-b0c7-3cfd704a8110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23470", "type": "seen", "source": "https://t.me/cvedetector/1090", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23470 - SolarWinds Access Rights Manager Stored Command Execution\", \n \"Content\": \"CVE ID : CVE-2024-23470 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:14.000000Z"} {"uuid": "f7570d9f-b49c-4a24-b0c7-3cfd704a8110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23470", "type": "seen", "source": "https://t.me/cvedetector/1090", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23470 - SolarWinds Access Rights Manager Stored Command Execution\", \n \"Content\": \"CVE ID : CVE-2024-23470 \nPublished : July 17, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T18:13:14.000000Z"} https://vulnerability.circl.lu/sighting/f7570d9f-b49c-4a24-b0c7-3cfd704a8110/export Wed, 17 Jul 2024 18:13:14 +0000 fcd00c7e-4b10-478b-9fd7-1effa7b7401a https://vulnerability.circl.lu/sighting/fcd00c7e-4b10-478b-9fd7-1effa7b7401a/export {"uuid": "fcd00c7e-4b10-478b-9fd7-1effa7b7401a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} {"uuid": "fcd00c7e-4b10-478b-9fd7-1effa7b7401a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} https://vulnerability.circl.lu/sighting/fcd00c7e-4b10-478b-9fd7-1effa7b7401a/export Mon, 22 Jul 2024 12:54:50 +0000 92d8b159-f9d4-4eec-9bee-00e47e3ae908 https://vulnerability.circl.lu/sighting/92d8b159-f9d4-4eec-9bee-00e47e3ae908/export {"uuid": "92d8b159-f9d4-4eec-9bee-00e47e3ae908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23477", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} {"uuid": "92d8b159-f9d4-4eec-9bee-00e47e3ae908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23477", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} https://vulnerability.circl.lu/sighting/92d8b159-f9d4-4eec-9bee-00e47e3ae908/export Mon, 22 Jul 2024 12:54:50 +0000 456c2221-2c95-4c31-90c2-0571279289b8 https://vulnerability.circl.lu/sighting/456c2221-2c95-4c31-90c2-0571279289b8/export {"uuid": "456c2221-2c95-4c31-90c2-0571279289b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23478", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} {"uuid": "456c2221-2c95-4c31-90c2-0571279289b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23478", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} https://vulnerability.circl.lu/sighting/456c2221-2c95-4c31-90c2-0571279289b8/export Mon, 22 Jul 2024 12:54:50 +0000 4dbd4d28-a506-4736-ae30-48679176d5dc https://vulnerability.circl.lu/sighting/4dbd4d28-a506-4736-ae30-48679176d5dc/export {"uuid": "4dbd4d28-a506-4736-ae30-48679176d5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23479", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} {"uuid": "4dbd4d28-a506-4736-ae30-48679176d5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23479", "type": "seen", "source": "https://t.me/MrVGunz/1211", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 SolarWinds Arms\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f9 \u0641\u0648\u0631\u06cc\u0647 \u06f2\u06f0\u06f2\u06f4\u060c Eskil S\u00f8rensen \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0634\u0631\u06a9\u062a SolarWinds \u067e\u0646\u062c \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u0635\u0648\u0644 Access Rights Manager (ARM) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0633\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0634\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE)\u060c \u0639\u0628\u0648\u0631 \u0645\u0633\u06cc\u0631 (Path Traversal) \u0648 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23476 \u0648 CVE-2024-23479 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c \u0627\u0632 \u0641\u0636\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f. CVE-2023-40057 \u0646\u06cc\u0632 \u0627\u0632 \u0646\u0648\u0639 \u0633\u0631\u06cc\u0627\u0644\u200c\u0633\u0627\u0632\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0633\u062a.\n\n\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-23477 \u0648 CVE-2024-23478 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0634\u0627\u0645\u0644 ARM 2023.2.2 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0647\u0633\u062a\u0646\u062f. DKCERT \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0637\u0628\u0642 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc SolarWinds \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms\n\n\ud83d\udccd Critical Vulnerabilities in SolarWinds Arms\n\nOn February 19, 2024, Eskil S\u00f8rensen reported that SolarWinds released five updates for the Access Rights Manager (ARM) product to address three critical vulnerabilities, including Remote Code Execution (RCE), Path Traversal, and Input Validation.\n\nCVE-2024-23476 and CVE-2024-23479 allow access to information outside the defined space. CVE-2023-40057 involves the serialization of untrusted data.\n\nTwo other vulnerabilities, CVE-2024-23477 and CVE-2024-23478, are also used to execute malicious code. Affected versions include ARM 2023.2.2 and earlier. DKCERT recommends updating your products according to SolarWinds' guidelines.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://www.cert.dk/da/news/2024-02-19/Kritiske-saarbarheder-i-SolarWinds-Arms", "creation_timestamp": "2024-07-22T12:54:50.000000Z"} https://vulnerability.circl.lu/sighting/4dbd4d28-a506-4736-ae30-48679176d5dc/export Mon, 22 Jul 2024 12:54:50 +0000 51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb https://vulnerability.circl.lu/sighting/51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb/export {"uuid": "51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1718", "content": "https://securityonline.info/cve-2024-23476-23479-pre-authentication-rce-flaws-found-in-solarwinds-arm/", "creation_timestamp": "2024-11-11T01:49:13.000000Z"} {"uuid": "51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23476", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1718", "content": "https://securityonline.info/cve-2024-23476-23479-pre-authentication-rce-flaws-found-in-solarwinds-arm/", "creation_timestamp": "2024-11-11T01:49:13.000000Z"} https://vulnerability.circl.lu/sighting/51a6c95d-fe05-4b3b-81cd-b9bc5df2e6bb/export Mon, 11 Nov 2024 01:49:13 +0000 ebf48310-1042-4f66-8156-4b697d8d887f https://vulnerability.circl.lu/sighting/ebf48310-1042-4f66-8156-4b697d8d887f/export {"uuid": "ebf48310-1042-4f66-8156-4b697d8d887f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/11/solarwinds-access-rights-manager-one-vulnerability-to-lpe-them-all", "content": "", "creation_timestamp": "2024-12-12T15:50:56.000000Z"} {"uuid": "ebf48310-1042-4f66-8156-4b697d8d887f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/11/solarwinds-access-rights-manager-one-vulnerability-to-lpe-them-all", "content": "", "creation_timestamp": "2024-12-12T15:50:56.000000Z"} https://vulnerability.circl.lu/sighting/ebf48310-1042-4f66-8156-4b697d8d887f/export Thu, 12 Dec 2024 15:50:56 +0000 98e5f141-6f24-4588-97ce-76cd2db85762 https://vulnerability.circl.lu/sighting/98e5f141-6f24-4588-97ce-76cd2db85762/export {"uuid": "98e5f141-6f24-4588-97ce-76cd2db85762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113642105586074489", "content": "", "creation_timestamp": "2024-12-12T22:01:59.114937Z"} {"uuid": "98e5f141-6f24-4588-97ce-76cd2db85762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23474", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113642105586074489", "content": "", "creation_timestamp": "2024-12-12T22:01:59.114937Z"} https://vulnerability.circl.lu/sighting/98e5f141-6f24-4588-97ce-76cd2db85762/export Thu, 12 Dec 2024 22:01:59 +0000 4253e6e7-0ad5-4f56-b9db-c29e368aa09f https://vulnerability.circl.lu/sighting/4253e6e7-0ad5-4f56-b9db-c29e368aa09f/export {"uuid": "4253e6e7-0ad5-4f56-b9db-c29e368aa09f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2347", "type": "seen", "source": "Telegram/v9gbFEAqNZEgz7ZIGOJ_YrbX01sQky6aq79d4ZJeTyCqXIZW", "content": "", "creation_timestamp": "2025-06-13T22:35:36.000000Z"} {"uuid": "4253e6e7-0ad5-4f56-b9db-c29e368aa09f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2347", "type": "seen", "source": "Telegram/v9gbFEAqNZEgz7ZIGOJ_YrbX01sQky6aq79d4ZJeTyCqXIZW", "content": "", "creation_timestamp": "2025-06-13T22:35:36.000000Z"} https://vulnerability.circl.lu/sighting/4253e6e7-0ad5-4f56-b9db-c29e368aa09f/export Fri, 13 Jun 2025 22:35:36 +0000