{"vulnerability": "CVE-2020-2883", "sightings": [{"uuid": "f2d0efb9-1ae0-4855-988b-d2c14164d00d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/113792585077913343", "content": "", "creation_timestamp": "2025-01-08T11:50:53.002090Z"}, {"uuid": "4b8721a2-240f-460c-8f12-0b40e7156d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfa5tloze22a", "content": "", "creation_timestamp": "2025-01-08T12:25:03.531499Z"}, {"uuid": "4ac946eb-dbc3-4ca0-885d-4c78cdacafd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lfahkzbvys2z", "content": "", "creation_timestamp": "2025-01-08T15:19:09.659882Z"}, {"uuid": "7c21550d-c358-4606-a492-ada9e9d6c2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lf67w3bkyh23", "content": "", "creation_timestamp": "2025-01-07T17:56:49.610246Z"}, {"uuid": "fb209bba-25cc-417c-a533-f25382456ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lfd7dnn2uc2s", "content": "", "creation_timestamp": "2025-01-09T17:29:51.905380Z"}, {"uuid": "78b18b32-862b-43d5-91de-2ab7ef60f35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-01-07T18:10:02.000000Z"}, {"uuid": "a36e294d-c6a0-45d3-a31e-e135247af000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113787881639134332", "content": "", "creation_timestamp": "2025-01-07T15:54:44.594391Z"}, {"uuid": "9cc65af0-9446-494a-aae6-98942b334144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113787934452940129", "content": "", "creation_timestamp": "2025-01-07T16:08:10.148787Z"}, {"uuid": "74c20278-8c17-467d-b4ea-8f5b59b70802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3049071", "content": "", "creation_timestamp": "2025-01-07T18:52:12.886702Z"}, {"uuid": "f20d0bef-9604-4260-98f0-110a62f1b62b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lf6dopw32w2w", "content": "", "creation_timestamp": "2025-01-07T19:04:17.957162Z"}, {"uuid": "a85f74f3-9100-4e9c-8533-e94866c7b6ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lfjzivl2yk2n", "content": "", "creation_timestamp": "2025-01-12T10:34:02.094178Z"}, {"uuid": "3bd62bcd-ffb5-4626-aba4-f276ee3f348a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lf62hz3zbk2f", "content": "", "creation_timestamp": "2025-01-07T16:19:30.105766Z"}, {"uuid": "185faa97-6066-46ce-92dd-69977da6d655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lf6gw5gwnj2o", "content": "", "creation_timestamp": "2025-01-07T20:02:08.191816Z"}, {"uuid": "ea9fb091-f4d5-4a00-a481-6978c400404e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lf62hz3zbl2f", "content": "", "creation_timestamp": "2025-01-07T16:19:31.075054Z"}, {"uuid": "a4772bcb-83e6-486c-a5e7-cf2266b77d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lf6vrzve4l2f", "content": "", "creation_timestamp": "2025-01-08T00:28:16.128667Z"}, {"uuid": "55595d6e-b172-40f8-8ec4-6ca5bab677e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "222ee0d5-8e99-449b-a75e-3437c1b71b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:27.000000Z"}, {"uuid": "8a2d82b3-cc5a-4340-9f06-ceec527e68fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/javascript/cves/2020/CVE-2020-2883.yaml", "content": "", "creation_timestamp": "2025-10-14T10:07:35.000000Z"}, {"uuid": "874b89b0-61ce-4864-8f68-89fdc2449939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "06701946-ef36-49df-b640-eb97de410f7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/f5bea0e7ad800547c3e9b5e241e2d65c", "content": "", "creation_timestamp": "2025-10-20T04:01:23.000000Z"}, {"uuid": "321e1ede-1356-4b41-abb2-cf6f3e710b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/937b4359948bbce2e6e7cefbf97e8766", "content": "", "creation_timestamp": "2025-10-20T05:01:51.000000Z"}, {"uuid": "0a054412-2c1e-4114-8d44-d85bbbd8dc97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-05", "content": "", "creation_timestamp": "2025-09-18T10:00:00.000000Z"}, {"uuid": "135e2b33-647d-4786-8944-e0f0ee96ba2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f7cd4caf7eead280dbe2c1c4eb7f9544", "content": "", "creation_timestamp": "2025-09-18T16:28:31.000000Z"}, {"uuid": "72a88a2b-5325-43b4-95e9-69e0ba28a88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/weblogic_deserialize_badattr_extcomp.rb", "content": "", "creation_timestamp": "2020-06-04T01:03:57.000000Z"}, {"uuid": "f228c4a2-8ac9-4a1d-9d16-11a425e51a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lz55ee2upk2d", "content": "", "creation_timestamp": "2025-09-18T20:02:20.148397Z"}, {"uuid": "abc435d7-9409-4fa8-a86c-4fbc51bba609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/554f9393-3cf5-4347-8b83-ea23fac5b5f8", "content": "", "creation_timestamp": "2026-02-02T12:26:17.060805Z"}, {"uuid": "5dc44a78-2830-42a7-a4e4-c34b7a3f4a2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/oracle_access_manager_rce_cve_2021_35587.rb", "content": "", "creation_timestamp": "2025-04-08T14:06:04.000000Z"}, {"uuid": "815d4297-fd3c-49df-8a97-e4e1899a21c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=469", "content": "", "creation_timestamp": "2020-04-15T04:00:00.000000Z"}, {"uuid": "420dc830-47a5-4ff1-8b0f-5ece5b690a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/kriittista-oracle-weblogic-server-palvelinohjelmiston-haavoittuvuutta-hyvaksikaytetaan", "content": "", "creation_timestamp": "2020-05-02T11:46:14.000000Z"}, {"uuid": "f0589786-f692-4408-b630-ee4ef1832ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/kasperskyb2b/1580", "content": "\ud83e\ude79 Welcome back and Patch now!\n\n\u0425\u043e\u0442\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0442\u043e\u0436\u0435 \u0431\u0435\u0440\u0443\u0442 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043d\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u041d\u043e\u0432\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0438 \u0420\u043e\u0436\u0434\u0435\u0441\u0442\u0432\u0430, \u0434\u0440\u0443\u0433\u0438\u0435 \u0432 \u044d\u0442\u043e\u0442 \u043f\u0435\u0440\u0438\u043e\u0434 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u0443\u044e\u0442\u0441\u044f. \u0417\u0430 \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043d\u0438\u043a\u0443\u043b \u043d\u0430\u0431\u0440\u0430\u043b\u043e\u0441\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445.\n\nSonicWall \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0444\u0438\u043a\u0441 SonicOS, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 CVE-2024-53704 (CVSS 8.2), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u0445 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SSL VPN \u0438 SSH. \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 \u00ab\u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438\u00bb (susceptible to actual exploitation), \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0447\u0438\u0442\u0430\u0442\u044c \u0438 \u043a\u0430\u043a \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0446\u0435\u043d\u043a\u0443 exploitability, \u0438 \u043a\u0430\u043a \u0437\u0430\u0432\u0443\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u044d\u0442\u043e \u0437\u0438\u0440\u043e\u0434\u0435\u0439. \n\u041a\u0440\u043e\u043c\u0435 \u043f\u0430\u0442\u0447\u0430, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u044b \u0442\u0438\u043f\u0438\u0447\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u043e SSH.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f CVE-2024-52875, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE \u0432 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0435 GFI KerioControl, \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0412 \u0421\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0431\u043e\u043b\u0435\u0435 23 \u0442\u044b\u0441\u044f\u0447 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 KerioControl.\n\n\u0410 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u0430\u044f Ivanti \u0443\u0441\u043f\u0435\u043b\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c\u0441\u044f \u0432 2025 \u0433\u043e\u0434\u0443 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u043c. CVE-2025-0282 (CVSS 9.0) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0438\u0447\u044c RCE \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Connect Secure. \u0422\u043e\u0442 \u0436\u0435 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Policy Secure \u0438 Neurons, \u043d\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0430 \u043d\u0438\u0445 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 7 \u044f\u043d\u0432\u0430\u0440\u044f CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0441\u0442\u0430\u0440\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 Oracle WebLogic (CVE-2020-2883) \u0438 \u043f\u0430\u0440\u0443 \u0431\u0430\u0433\u043e\u0432 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u0449\u0435\u043d\u0438\u044f MiCollab (CVE-2024-41713, -55550). \u041d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0432\u0435\u0436\u0435\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e.\n\n\u041f\u043b\u043e\u0445\u0438\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u044b \u043d\u0430 WordPress \u0438 WooCommerce. \u041f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d Fancy Product Designer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043b\u0435\u0433\u043a\u043e \u043f\u0435\u0440\u0435\u043a\u0440\u0430\u0448\u0438\u0432\u0430\u0442\u044c \u0444\u0443\u0442\u0431\u043e\u043b\u043a\u0438 \u0438\u043b\u0438 \u043c\u0435\u043d\u044f\u0442\u044c \u0442\u0435\u043a\u0441\u0442 \u043d\u0430 \u043a\u0440\u0443\u0436\u043a\u0430\u0445, \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 9 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0434\u0432\u0435 \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043a\u0443\u043f\u0430\u0442\u0435\u043b\u0435\u0439. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0437\u0430 20 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0432\u043d\u0435\u0441\u043b\u0438 \u043d\u0443\u0436\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c 20 \u0442\u044b\u0441\u044f\u0447 \u0441\u0430\u0439\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043f\u043b\u0430\u0433\u0438\u043d, \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0434\u0443\u043c\u0430\u0442\u044c \u0437\u0430\u043c\u0435\u043d\u0443 \u044d\u0442\u043e\u0433\u043e \u0438\u0437\u0434\u0435\u043b\u0438\u044f \u043d\u0430 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u0434\u0440\u0443\u0433\u043e\u0439 \u00ab\u043a\u0430\u0441\u0442\u043e\u043c\u0438\u0437\u0430\u0442\u043e\u0440\u00bb.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-01-09T10:41:33.000000Z"}, {"uuid": "7e634b62-6dba-434e-86c6-360a3743a812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/484", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-2883\n\ud83d\udd39 Description: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2020-04-15T13:29:50\n\ud83d\udccf Modified: 2025-01-07T17:20:22.677Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2020.html\n2. https://www.zerodayinitiative.com/advisories/ZDI-20-504/\n3. https://www.zerodayinitiative.com/advisories/ZDI-20-570/\n4. http://packetstormsecurity.com/files/157950/WebLogic-Server-Deserialization-Remote-Code-Execution.html", "creation_timestamp": "2025-01-07T17:39:53.000000Z"}, {"uuid": "cb210055-01a8-4b8a-ba7d-12e5acb72448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "published-proof-of-concept", "source": "Telegram/5T9p9Zashh8_t2QaMEcrWCxGmV69ND__6VmH0ET2CJ3Gp-A", "content": "", "creation_timestamp": "2023-03-14T09:24:23.000000Z"}, {"uuid": "45ee75d4-ad0a-4e79-a2b7-364b37dfea42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/arpsyndicate/4812", "content": "#ExploitObserverAlert\n\nCVE-2020-28838\n\nDESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2020-28838. Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\nFIRST-EPSS: 0.000670000\nNVD-IS: 1.4\nNVD-ES: 2.1\nARPS-PRIORITY: 0.8656445", "creation_timestamp": "2024-04-24T20:22:07.000000Z"}, {"uuid": "51d5b3c1-fbcb-45df-a82c-90ac22499c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://t.me/arpsyndicate/1987", "content": "#ExploitObserverAlert\n\nCVE-2020-2883\n\nDESCRIPTION: Exploit Observer has 90 entries related to CVE-2020-2883. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n\nFIRST-EPSS: 0.975160000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T12:48:33.000000Z"}, {"uuid": "5f48e0f3-5473-4dc0-98ae-298e487bda4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://t.me/reconshell/599", "content": "Weblogic-Framework best tool for detecting weblogic vulnerabilities\n\n#vulnerabilities #weblogic #vulnerability \n#CVE-2020-2883 #CVE-2020-2555 #CVE-2020-2551\n\nhttps://upurl.me/rltsw", "creation_timestamp": "2021-03-27T21:09:01.000000Z"}, {"uuid": "5ede650b-93dd-4435-ac93-87788bc505ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/301", "content": "https://github.com/sp4zcmd/WeblogicExploit-GUI\nWeblogic\u6f0f\u6d1e\u5229\u7528\u56fe\u5f62\u5316\u5de5\u5177\n\nCVE-2020-2551\nCVE-2020-2555\nCVE-2020-2883\nCVE-2016-3510\nCVE-2016-0638\nCVE-2017-10271\nJdk7u21\nCVE-2017-3248\uff08JRMP\uff09\nCVE-2018-2628\uff08JRMP\uff09\nCVE-2018-2893\uff08JRMP\uff09\nCVE-2018-3245\uff08JRMP\uff09\nCVE-2018-3181\uff08JNDI\uff09\nCVE-2020-14882\u672a\u6388\u6743\u8bbf\u95ee+CVE-2021-2109\uff08JNDI\uff09", "creation_timestamp": "2023-11-11T07:49:11.000000Z"}, {"uuid": "bee9aa14-d8a6-4689-91ca-e74faf89ad64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/Cybersecuritylb/277", "content": "Oracle: Unpatched Versions of WebLogic App Server Under Active Attack\nhttps://threatpost.com/oracle-unpatched-versions-of-weblogic-app-server-under-active-attack/155420/\n\nCVE-2020-2883 was patched in Oracle's April 2020 Critical Patch Update - but proof of concept exploit code was published shortly after.", "creation_timestamp": "2020-05-04T17:28:14.000000Z"}, {"uuid": "931b38e6-ad51-47f0-a01d-580b6fb88ac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/cibsecurity/20276", "content": "\u203c CVE-2020-28838 \u203c\n\nCross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T19:25:21.000000Z"}, {"uuid": "138eb89b-5a1b-4d11-9979-85df0b505940", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/cibsecurity/20256", "content": "\u203c CVE-2020-28838 \u203c\n\nCross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T18:37:30.000000Z"}, {"uuid": "d2193166-2ff6-47b6-b085-431b3b88ed6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/techpwnews/630", "content": "Details on the Oracle WebLogic Vulnerability Being Exploited in the Wild\n\nEarlier this year, I blogged about a deserialization vulnerability in the Oracle WebLogic Server. This was patched by Oracle and assigned CVE-2020-2555. However, researcher Quynh Le of VNPT ISC submitted a bug to the ZDI that showed how the patch could be bypassed. This bug, labeled CVE-2020-2883, is now being reported by Oracle as being used in active attacks. In this blog post, we will go through the details of this recently...\n\nContinue reading at Zero Day Initiative - Blog", "creation_timestamp": "2020-05-12T00:13:56.000000Z"}, {"uuid": "b1f69313-41f8-4475-aff4-cc8de41ca407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/cibsecurity/20295", "content": "\u203c CVE-2020-28838 \u203c\n\nCross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T19:34:28.000000Z"}, {"uuid": "4d166643-540a-4dee-8fa7-79ceb4f86f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/cibsecurity/20314", "content": "\u203c CVE-2020-28838 \u203c\n\nCross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T20:24:22.000000Z"}, {"uuid": "7d33b166-3950-49f4-ad6d-9a5c506342b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/information_security_channel/37481", "content": "Oracle warned that hackers actively attempting to exploit recently patched vulnerability CVE-2020-2883, which affects multiple versions of Oracle WebLogic Server. Oracle patched the vulnerability as a part of the April 2020 Critical Patch Update which resolves more than 405 vulnerabilities, including CVE-2020-2883. WebLogic Server Flaw \u2013 CVE-2020-2883 The vulnerability allows attackers to execute arbitrary code [\u2026]\nThe post Oracle Warns Active Exploitation of Recently Patched WebLogic RCE Flaw (https://gbhackers.com/oracle-weblogic-rce-flaw/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-05-02T06:07:50.000000Z"}, {"uuid": "4daf8644-5e29-4d8d-8582-7b1c7150cb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28838", "type": "seen", "source": "https://t.me/cibsecurity/20334", "content": "\u203c CVE-2020-28838 \u203c\n\nCross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T20:25:22.000000Z"}, {"uuid": "9c323b4e-c259-4d9a-987b-1b038b83e7ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/thehackernews/6126", "content": "CISA has flagged 3 actively exploited vulnerabilities\u2014two in Mitel MiCollab and one in Oracle WebLogic Server. \n \n\u2937 CVE-2024-41713: Remote access via path traversal. \n\u2937 CVE-2024-55550: Exploited by attackers with admin privileges. \n\u2937 CVE-2020-2883: A high-severity vulnerability in Oracle WebLogic with known exploits. \n \n\ud83d\udc49 Don\u2019t wait\u2014secure your systems now: https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html", "creation_timestamp": "2025-01-08T05:58:16.000000Z"}, {"uuid": "880fbd75-9084-46d7-a3d3-971a9d421d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/information_security_channel/37471", "content": "Oracle Says Hackers Targeting Recently Patched Vulnerabilities\nhttp://feedproxy.google.com/~r/Securityweek/~3/A2quUqAB5mA/oracle-says-hackers-targeting-recently-patched-vulnerabilities\n\nOracle warned customers on Thursday that threat actors have been spotted attempting to exploit multiple recently patched vulnerabilities, including a critical WebLogic Server flaw tracked as CVE-2020-2883.\nread more (https://www.securityweek.com/oracle-says-hackers-targeting-recently-patched-vulnerabilities)", "creation_timestamp": "2020-05-01T17:05:46.000000Z"}, {"uuid": "10df09ca-350e-4e72-b2c0-b9b7953bd717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1479", "content": "https://github.com/sp4zcmd/WeblogicExploit-GUI\nWeblogic\u6f0f\u6d1e\u5229\u7528\u56fe\u5f62\u5316\u5de5\u5177\n\nCVE-2020-2551\nCVE-2020-2555\nCVE-2020-2883\nCVE-2016-3510\nCVE-2016-0638\nCVE-2017-10271\nJdk7u21\nCVE-2017-3248\uff08JRMP\uff09\nCVE-2018-2628\uff08JRMP\uff09\nCVE-2018-2893\uff08JRMP\uff09\nCVE-2018-3245\uff08JRMP\uff09\nCVE-2018-3181\uff08JNDI\uff09\nCVE-2020-14882\u672a\u6388\u6743\u8bbf\u95ee+CVE-2021-2109\uff08JNDI\uff09\n\n#github #tools #exploit", "creation_timestamp": "2023-11-10T15:34:11.000000Z"}, {"uuid": "2e36256c-86cd-4e26-a218-e7ea112d9963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1103", "content": "#exploit\n1. CVE-2020-12116:\nPoC code to exploit - Unauth arbitrary file read on ManageEngine OpManger\nhttps://github.com/BeetleChunks/CVE-2020-12116\n\n2. CVE-2020-2883:\nOracle WebLogic Server RCE Vulnerability\nhttps://github.com/Y4er/CVE-2020-2883\n]-&gt; Research:\nhttps://www.zerodayinitiative.com/blog/2020/5/8/details-on-the-oracle-weblogic-vulnerability-being-exploited-in-the-wild", "creation_timestamp": "2024-10-23T16:44:02.000000Z"}, {"uuid": "b6325b3d-d1b1-431b-9447-2f7c62330c14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7921", "content": "#exploit\n1. CVE-2020-2546, CVE-2020-2915,\nCVE-2020-2801, CVE-2020-2798,\nCVE-2020-2883, CVE-2020-2884,\nCVE-2020-2950:\nWebLogic T3 payload exploit PoC python3\nhttps://github.com/hktalent/CVE_2020_2546\n\n2. Tips, Tricks, and Scripts for Linux Post Exploitation\nhttps://github.com/regorsec/Linux-Post-Exploitation\n\n3. CVE-2023-23488:\nUnauthenticated SQL Injection - Paid Memberships Pro &lt; 2.9.8 (WordPress Plugin)\nhttps://github.com/r3nt0n/CVE-2023-23488-PoC", "creation_timestamp": "2023-03-13T22:21:06.000000Z"}, {"uuid": "4853366b-74ae-421d-9261-e8e5111ea5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2883", "type": "exploited", "source": "https://t.me/cibsecurity/11798", "content": "\u274c Oracle: Unpatched Versions of WebLogic App Server Under Active Attack \u274c\n\nCVE-2020-2883 was patched in Oracle's April 2020 Critical Patch Update - but proof of concept exploit code was published shortly after.\n\n\ud83d\udcd6 Read\n\nvia \"Threatpost\".", "creation_timestamp": "2020-05-04T17:12:22.000000Z"}]}