{"vulnerability": "CVE-2020-9484", "sightings": [{"uuid": "1ac6b4b3-d8cd-408d-a56b-6376e840e63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/cKure/776", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Apache Tomcat RCE by deserialization (CVE-2020-9484) \u2013 write-up and exploit\n\nhttps://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit/ #CodeExecution", "creation_timestamp": "2020-06-04T13:51:41.000000Z"}, {"uuid": "28a17f4c-3c0a-42a2-98b8-44a15c9e6ae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6476", "content": "Apache Tomcat RCE by deserialization (CVE-2020-9484) \u2013 write-up and exploit\nhttps://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit/", "creation_timestamp": "2020-06-04T15:34:17.000000Z"}, {"uuid": "62b63071-37c5-40c1-b831-b5bb6a93f269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/cybred/138", "content": "\u0420\u0430\u0437\u0431\u043e\u0440 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e RCE \u0432 Apache Tomcat.\n\nhttps://telegra.ph/Apache-Tomcat-RCE-CVE-2020-9484---Rajtap-i-EHksplojt-06-04", "creation_timestamp": "2020-06-04T19:10:01.000000Z"}, {"uuid": "c7e623c4-e41a-4b99-b27f-3e8adb9fc8d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1044", "content": "\ud83d\udd30 \u0623\u0647\u0645 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641\u00a0 \u0645\u0639 POC\n\nCVE-2020-17530 |\u00a0 \u0623\u0628\u0627\u062a\u0634\u064a \u0627\u0644\u062f\u0639\u0627\u0645\u0627\u062a RCE\n\nhttps://youtu.be/MUAAwijvAe8\n\n\u0633\u0627\u0644\u062a\u0633\u062a\u0627\u0643 \u0622\u0631 \u0633\u064a \u0625\u064a |\u00a0 CVE-2020-16846\n\nhttps://youtu.be/5cV9wh2w-O8\n\n\u0623\u0628\u0627\u062a\u0634\u064a \u0623\u0648\u0646\u0648\u0645\u064a RCE |\u00a0 CVE-2020-13942\n\nhttps://youtu.be/iz6wjdGnpds\n\n\u0634\u0628\u062d \u0627\u0644\u0642\u0637 |\u00a0 CVE-2020-1938\n\nhttps://youtu.be/3TGIg1x4XwU\n\n\u0623\u0648\u0631\u0627\u0643\u0644 \u0648\u064a\u0628 \u0644\u0648\u062c\u064a\u0643 RCE |\u00a0 CVE-2020-14882\n\nhttps://youtu.be/t-sxvcZNFZo\n\n\u0623\u0628\u0627\u062a\u0634\u064a \u062a\u0648\u0645\u0643\u0627\u062a RCE |\u00a0 CVE-2020-9484\n\nhttps://youtu.be/nF8tfsY74ws\n\n\u0645\u0648\u062f\u0644 \u0622\u0631 \u0633\u064a \u0625\u064a |\u00a0 CVE-2020-14321\n\nhttps://youtu.be/BkEInFI4oIU\n\n\u0633\u064a\u0633\u0643\u0648 CVE-2020-3452 \u0635\n\nhttps://youtu.be/-UldKwwVgHE\n\n\u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u0627\u0644\u0645\u0633\u0627\u0639\u062f \u0644\u0642\u0627\u0639\u062f\u0629 \u0628\u064a\u0627\u0646\u0627\u062a \u0648\u0648\u0631\u062f\u0628\u0631\u064a\u0633 |\u00a0 CVE-2020-7048\n\nhttps://youtu.be/nj_dqcvrwp4\n\nCVE-2020-5902 F5 \u0639\u0646\u0648\u0627\u0646 IP \u0643\u0628\u064a\u0631\n\nhttps://youtu.be/-ppzdYDk-ZM\n\n\u0645\u0642\u0627\u0637\u0639 \u0641\u064a\u062f\u064a\u0648 \u0623\u062e\u0631\u0649 \u062d\u0648\u0644 CVE PoC\n\nhttps://youtube.com/playlist?list=PLiVfOzljj-46iFcif16qMaPP84ZxCZ4Mb\n\n\u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0645\u062e\u062a\u0628\u0631 \u0645\u0643\u0627\u0641\u062d\u0629 \u0627\u0644\u062a\u0637\u0631\u0641 \u0627\u0644\u0639\u0646\u064a\u0641: https://www.vulnmachines.com", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "45a00d3a-e59d-440c-930a-fd892acf52d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "Telegram/k6hHUJVRmEVte2QfNLuU8-v67rBZSq4t8lJINPEEK3muAg", "content": "", "creation_timestamp": "2023-11-22T10:48:36.000000Z"}, {"uuid": "e36a6062-b100-4edc-89a5-3e1a5d01c12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "seen", "source": "https://t.me/arpsyndicate/1687", "content": "#ExploitObserverAlert\n\nCVE-2020-9484\n\nDESCRIPTION: Exploit Observer has 114 entries related to CVE-2020-9484. When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter=\"null\" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.\n\nFIRST-EPSS: 0.883600000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-12-11T01:58:16.000000Z"}, {"uuid": "c3d3dff4-caf6-4c9e-9509-044d6d3d2912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "seen", "source": "https://t.me/cibsecurity/24286", "content": "\u203c CVE-2021-25329 \u203c\n\nThe fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-01T14:42:50.000000Z"}, {"uuid": "c391467d-6bbc-44a9-ac74-90c1be9c6fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1896", "content": "CVE-2020-9484\nApache Tomcat RCE by deserialization (CVE-2020-9484)\nhttps://github.com/VICXOR/CVE-2020-9484\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-03T13:01:29.000000Z"}, {"uuid": "32d42675-09cd-4808-84e1-4984f5b71be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "seen", "source": "https://t.me/arpsyndicate/91", "content": "#ExploitObserverAlert\n\nCVE-2020-9484\n\nDESCRIPTION: Exploit Observer has 112 entries related to CVE-2020-9484. When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter=\"null\" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.\n\nFIRST-EPSS: 0.883600000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-11-11T18:19:42.000000Z"}, {"uuid": "272d6aea-c667-41b3-ad02-00040a1065fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1218", "content": "#exploit\n1. CVE-2020-9484:\nApache Tomcat (10.x <10.0.0-M5, 9.x <9.0.35, 8.x <8.5.55, 7.x <7.0.104) Vulnerability in NetApp Products\nhttps://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit\n]-> PoC: https://github.com/masahiro331/CVE-2020-9484\n\n2. CVE-2020-10136:\nA flaw in the IP-in-IP tunneling protocol that can be exploited for DoS attacks/bypass security controls impact devices from Cisco and other vendors\nhttps://securityaffairs.co/wordpress/104192/security/ip-in-ip-flaw-cisco.html\n]-> PoC: https://github.com/CERTCC/PoC-Exploits/tree/master/cve-2020-10136", "creation_timestamp": "2024-10-26T00:35:24.000000Z"}, {"uuid": "9daff0cd-c7b4-4785-bf1d-ca86ff120d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/4315", "content": "Apache Tomcat RCE by deserialization (CVE-2020-9484) \u2013 write-up and exploit https://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit/", "creation_timestamp": "2020-06-04T15:34:54.000000Z"}, {"uuid": "d8368f66-e313-4a66-9b79-f3fdb850e823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9484", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/4886", "content": "Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020\u20139484)\n\nhttps://medium.com/@romnenko/apache-tomcat-deserialization-of-untrusted-data-rce-cve-2020-9484-afc9a12492c4", "creation_timestamp": "2020-11-12T00:28:45.000000Z"}, {"uuid": "49f8b4d1-a4d4-4eb2-92c3-b8f684b4db60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-948444", "type": "seen", "source": "https://t.me/bhhub/27", "content": "#BugBountyTips of the Day\nI just published about why getting too many Duplicates in Bug Hunting and how can I overcome that #bugbounty #bugbountytips #infosec @Alra3ees @sillydadddy @stokfredrik @theXSSrat #100DaysOfCode   https://t.co/GwFkH5IJrj\n---\nNew tool release! urlhunter - a recon tool that allows searching on URLs that are exposed via shortener services such as bitly and googl #BugBounty #bugbountytips   https://t.co/ksmoxBPbAT\n---\nImportant message to all bug bounty hunters!   #bugbountytip #Pentesting #Security #Hacking  https://t.co/m6Mers7LwR\n---\nloading a big bounty \ud83d\ude0e #tips mix between  1)Amass-Httpx-Nuclei 2)Dirsearch with specific wordlist 3)Github search in Language bash and python   #BugBounty #bugbountytips  https://t.co/MSTYvt4RPs\n---\nRank: 229 worked for more than a year on bugcrowd. never exposed or chetaed any bugcrowd system. is arguing about  priority to progroam owner crime? support and some nice bugcrowd community guys dont care at all. @Bugcrowd #bugbounty  https://t.co/5CzVLwATd5\n---\n1) #CVE-2020-948444 #bug #exploit #BugBounty   cat targets.txt | while read host do;do curl --insecure --silent -X GET $host/index.jsp -H 'Cookie: JSESSIONID=../../../../../usr/local/tomcat/groovy' | grep -qs \"PersistentManagerBase\" && \\printf \"$host \\033[0;31mCVE-2020-948444\\n\"", "creation_timestamp": "2020-11-23T13:37:04.000000Z"}]}