CVE-2023-49103: Exposure of Sensitive Information in ownCloud, 10.0 rating π₯π₯π₯
Due to the owncloud/graphapi component, important configuration facts such as license keys, admin credentials may be exposed.
Search at Netlas.io:
ππ» Link: https://nt.ls/Igs48
ππ» Dork: http.title:"ownCloud"
Vendor's advisory: https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
Due to the owncloud/graphapi component, important configuration facts such as license keys, admin credentials may be exposed.
Search at Netlas.io:
ππ» Link: https://nt.ls/Igs48
ππ» Dork: http.title:"ownCloud"
Vendor's advisory: https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
πΎ6π1
CVE-2023-48121: Auth Bypass in Hikvision, 8.2 rating βοΈ
Some Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices.
Search at Netlas.io:
ππ» Link: https://nt.ls/hbCPs
ππ» Dork: http.favicon.hash_sha256:7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527
Vendor's advisory: https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
Some Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices.
Search at Netlas.io:
ππ» Link: https://nt.ls/hbCPs
ππ» Dork: http.favicon.hash_sha256:7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527
Vendor's advisory: https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
πΎ4π₯3π2
CVE-2023-34060: Authentication Bypass in VMware Cloud Director Appliance, 9.8 rating π₯
Devices running version 10.5 and using authentication on ports 22 or 5480 may be vulnerable. The recommended protection method is to update to version 10.5.1.
Search at Netlas.io:
ππ» Link: https://nt.ls/H5pYN
ππ» Dork: http.title:"Cloud Director"
Vendor's advisory: https://www.vmware.com/security/advisories/VMSA-2023-0026.html
Devices running version 10.5 and using authentication on ports 22 or 5480 may be vulnerable. The recommended protection method is to update to version 10.5.1.
Search at Netlas.io:
ππ» Link: https://nt.ls/H5pYN
ππ» Dork: http.title:"Cloud Director"
Vendor's advisory: https://www.vmware.com/security/advisories/VMSA-2023-0026.html
π₯8πΎ3
CVE-2023-22522, -25524: Two RCE in Atlassian Confluence Data&Server, 9.0 rating π₯
More problems with Atlassian software. This time, an authorized attacker (even an anonymous one) can inject code and achieve RCE. We recommend updating.
Search at Netlas.io:
ππ» Link (tag, more results): https://nt.ls/DZHaW
ππ» Link (no tag, less results): https://nt.ls/Siajm
ππ» Dork β1: tag.name:"atlassian_confluence"
ππ» Dork β2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/december-2023-security-advisories-overview-1318892103.html
More problems with Atlassian software. This time, an authorized attacker (even an anonymous one) can inject code and achieve RCE. We recommend updating.
Search at Netlas.io:
ππ» Link (tag, more results): https://nt.ls/DZHaW
ππ» Link (no tag, less results): https://nt.ls/Siajm
ππ» Dork β1: tag.name:"atlassian_confluence"
ππ» Dork β2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/december-2023-security-advisories-overview-1318892103.html
πΎ4π3π₯1
Full attack surface reconnaissance with reNgine & Netlas.io π₯
New article on our blog, in which we will talk about using the reNgine intelligence framework in conjunction with Netlas.io. Subdomains, endpoints, OSINT information and much more will be found π
π Read here: https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495
Enjoy reading!
New article on our blog, in which we will talk about using the reNgine intelligence framework in conjunction with Netlas.io. Subdomains, endpoints, OSINT information and much more will be found π
π Read here: https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495
Enjoy reading!
Medium
Using reNgine with Netlas.io module
reNgine is a fairly powerful intelligence framework. In this article I will tell you how to configure it for use in conjunction withβ¦
πΎ5π3π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
Dear Netlas users,
We have been experiencing problems with the site for the last two days. We sincerely apologize for this.
This is because we are migrating our application to new hardware, doubling the computing power. We promise that after the move is completed, Netlas will work faster and more stable.
Thank you for your patience β€οΈ
We have been experiencing problems with the site for the last two days. We sincerely apologize for this.
This is because we are migrating our application to new hardware, doubling the computing power. We promise that after the move is completed, Netlas will work faster and more stable.
Thank you for your patience β€οΈ
π12π2
CVE-2023-45316, -45847, -46701 and other: Multiple vuln in Mattermost, 3.7 - 7.3 rating βοΈ
DoS, Path Traversal, Improper Access Control and much more: seven fresh vulnerabilities in the Mattermost chat application.
Search at Netlas.io:
ππ» Link: https://nt.ls/83sLi
ππ» Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
DoS, Path Traversal, Improper Access Control and much more: seven fresh vulnerabilities in the Mattermost chat application.
Search at Netlas.io:
ππ» Link: https://nt.ls/83sLi
ππ» Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
πΎ4π1
CVE-2023-42325, -42326, -42327: XSS and RCE in pfSense Security, 5.4 - 8.8 rating π₯
By combining vulnerabilities, an attacker can force a user to activate XSS payload and thereby achieve RCE. pfSense CE 2.7.0 and below, pfSense Plus 23.05.1 and below are vulnerable.
Search at Netlas.io:
π Link (tag, more results): https://nt.ls/BRDDo
π Link (no tag): https://nt.ls/Mr8WD
π Dork: http.favicon.hash_sha256:b2dd935235013a51fde0a2afc12ba965952e384b7ab43fe1746cc21c7eafc38c
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc
By combining vulnerabilities, an attacker can force a user to activate XSS payload and thereby achieve RCE. pfSense CE 2.7.0 and below, pfSense Plus 23.05.1 and below are vulnerable.
Search at Netlas.io:
π Link (tag, more results): https://nt.ls/BRDDo
π Link (no tag): https://nt.ls/Mr8WD
π Dork: http.favicon.hash_sha256:b2dd935235013a51fde0a2afc12ba965952e384b7ab43fe1746cc21c7eafc38c
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc
πΎ6π1
A great guide to using Netlas π₯
A few days ago, ZeusCybersec released a cool article dedicated to our application π
For anyone who still doubts whether they should use Netlas, we recommend reading it!
Article: https://sparshjazz.medium.com/netlas-io-best-osint-tool-in-cybersecurity-industry-0e9e2e28bfee
A few days ago, ZeusCybersec released a cool article dedicated to our application π
For anyone who still doubts whether they should use Netlas, we recommend reading it!
Article: https://sparshjazz.medium.com/netlas-io-best-osint-tool-in-cybersecurity-industry-0e9e2e28bfee
Medium
Netlas.io β Best OSINT Tool in Cybersecurity Industry
Discover, research and monitor any assets available online!
πΎ4π1
CVE-2023-35384, -36710: RCE and Bypass in Microsoft Outlook, 5.4 - 7.8 rating π₯
Despite the fact that only one of the vulnerabilities has a Network attack vector, combining them could allow an attacker to carry out a full-fledged 0-click RCE against Outlook users.
Search at Netlas.io:
ππ» Link: https://nt.ls/imL2R
ππ» Dork: http.favicon.hash_sha256:cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Read more: https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one
Despite the fact that only one of the vulnerabilities has a Network attack vector, combining them could allow an attacker to carry out a full-fledged 0-click RCE against Outlook users.
Search at Netlas.io:
ππ» Link: https://nt.ls/imL2R
ππ» Dork: http.favicon.hash_sha256:cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Read more: https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one
πΎ4π2
CVE-2023-7102: vulnerability in Barracuda ESG, 8.8 ratingπ₯
An ACE vulnerability in the third-party library Spreadsheet::ParseExcel allowed hackers to deploy a backdoor on an unknown number of devices.
Search at Netlas.io:
π Link: https://nt.ls/fJ3H9
π Dork: http.favicon.hash_sha256:555e2bc263107f6869c0e1f6b907369b2dff25d001ebd8432d60062dc9699197
Vendor's advisory: https://www.barracuda.com/company/legal/esg-vulnerability
An ACE vulnerability in the third-party library Spreadsheet::ParseExcel allowed hackers to deploy a backdoor on an unknown number of devices.
Search at Netlas.io:
π Link: https://nt.ls/fJ3H9
π Dork: http.favicon.hash_sha256:555e2bc263107f6869c0e1f6b907369b2dff25d001ebd8432d60062dc9699197
Vendor's advisory: https://www.barracuda.com/company/legal/esg-vulnerability
πΎ5π2
How to detect unprotected databases? About this in our new article π₯
Databases accessible from the Internet are an attractive target for attackers. In new article, we will tell you how to find them using Netlas and make sure that you are invulnerable to this.
π Article: https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d
Databases accessible from the Internet are an attractive target for attackers. In new article, we will tell you how to find them using Netlas and make sure that you are invulnerable to this.
π Article: https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d
Medium
How to find unprotected databases with Netlas.io?
Databases accessible from the Internet are an attractive target for attackers. How to make sure you are invulnerable?
π6πΎ6
Tomorrow the new year begins, and Netlas.io wants to share with you the results of the outgoing year! π
Are you ready to little statistic?
π Total requests: > 3.447.000
π New users: 8.970
π Total coins spent: > 11.300.000
π Total graphs saved: 515
π Most popular article: https://medium.com/osint-ambition/how-to-find-online-cameras-with-netlas-io-c68cdf5f327f
β Most popular CVE post: CVE-2023-3128 (https://twitter.com/Netlas_io/status/1672167625617727488)
Thank you for being with us. Stay in touch, conduct reconnaissance, read about vulnerabilities. See you next year!
Are you ready to little statistic?
π Total requests: > 3.447.000
π New users: 8.970
π Total coins spent: > 11.300.000
π Total graphs saved: 515
π Most popular article: https://medium.com/osint-ambition/how-to-find-online-cameras-with-netlas-io-c68cdf5f327f
β Most popular CVE post: CVE-2023-3128 (https://twitter.com/Netlas_io/status/1672167625617727488)
Thank you for being with us. Stay in touch, conduct reconnaissance, read about vulnerabilities. See you next year!
π11π4
CVE-2023-39336: SQL injection and RCE in Ivanti EPM, 9.6 rating π₯
An attacker can use SQL injection without authentication. Additionally, if the core server is configured to use Microsoft SQL Express, this might lead to RCE on the core server.
Search at Netlas.io:
ππ» Link: https://nt.ls/fSOY9
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor's advisory: https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US
An attacker can use SQL injection without authentication. Additionally, if the core server is configured to use Microsoft SQL Express, this might lead to RCE on the core server.
Search at Netlas.io:
ππ» Link: https://nt.ls/fSOY9
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor's advisory: https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US
π₯6πΎ4π2
CVE-2023-7028, -5356, -2030 and other: Multiple vuln in GitLab, 3.5 - 10.0 rating π₯π₯π₯
Five vulnerabilities whose severity level ranges from Critical to Low. Account takeover, executing commands as another user and more.
Search at Netlas.io:
ππ» Link: https://nt.ls/IZZxE
ππ» Dork: http.meta:"Gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
Five vulnerabilities whose severity level ranges from Critical to Low. Account takeover, executing commands as another user and more.
Search at Netlas.io:
ππ» Link: https://nt.ls/IZZxE
ππ» Dork: http.meta:"Gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
πΎ5π3π1
CVE-2023-46805, CVE-2024-21887: Auth bypass & command injection in Ivanti Connect Secure, 8.2 & 9.1 rating π₯
Two 0-days in Ivanti product. Vulns allow to access restricted resources and execute arbitrary commands by sending special requests.
Search at Netlas.io:
ππ» Link: https://nt.ls/I0nJC
ππ» Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Two 0-days in Ivanti product. Vulns allow to access restricted resources and execute arbitrary commands by sending special requests.
Search at Netlas.io:
ππ» Link: https://nt.ls/I0nJC
ππ» Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
πΎ5π3π₯1
Unprotected databases with Netlas.io: Chapter 2 π₯
Since the publication of the previous article, databases have not ceased to be an important target for hackers. This is confirmed by our new publication, during the writing of which already hacked databases were found. Hurry up and check is your data save! π
ππ» Read here: https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630
Since the publication of the previous article, databases have not ceased to be an important target for hackers. This is confirmed by our new publication, during the writing of which already hacked databases were found. Hurry up and check is your data save! π
ππ» Read here: https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630
Medium
How to find unprotected databases with Netlas.io: Chapter 2
Continue to study the importance of database security using the examples of Netlas searches. This time youβll even see hacked databases!
π₯5πΎ3
CVE-2023-22527: RCE in Atlassian Confluence, 10.0 rating π₯
A template injection vulnerability allows attackers to perform RCE on vulnerable devices. Thousands of exploitation attempts by hackers have already been recordedβ
Search at Netlas.io:
π Link: https://nt.ls/e0S6w
π Dork: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
A template injection vulnerability allows attackers to perform RCE on vulnerable devices. Thousands of exploitation attempts by hackers have already been recordedβ
Search at Netlas.io:
π Link: https://nt.ls/e0S6w
π Dork: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
π₯4πΎ4
Our data just got better! π₯
The Netlas team is pleased to announce that the DNS resolver* have been modified. The error is now less than 0.5% for any DNS record, which gives you much more accurate results.
In addition, improvements made it possible to collect a great number of records - almost 2.5 billion π
π Check it out in new datasets: https://app.netlas.io/datastore/
*DNS resolver - Netlas module responsible for collecting Domain Name System data.
The Netlas team is pleased to announce that the DNS resolver* have been modified. The error is now less than 0.5% for any DNS record, which gives you much more accurate results.
In addition, improvements made it possible to collect a great number of records - almost 2.5 billion π
π Check it out in new datasets: https://app.netlas.io/datastore/
*DNS resolver - Netlas module responsible for collecting Domain Name System data.
app.netlas.io
Discover, Research and Monitor any Assets Available Online
Internet intelligence apps that provide accurate technical information on IP addresses, domain names, websites, web applications, IoT devices, and other online assets.
πΎ4π₯2π1
CVE-2024-23897: Critical vulnerability in Jenkins π₯
Jenkins instances versions earlier than 2.441 are susceptible to a vulnerability that allows an attacker to read arbitrary files via the command line.
Search at Netlas.io:
π Link: https://nt.ls/z5QU0
π Dork: http.headers.x_jenkins:[0 TO 2.441]
Vendor's advisory: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314
Jenkins instances versions earlier than 2.441 are susceptible to a vulnerability that allows an attacker to read arbitrary files via the command line.
Search at Netlas.io:
π Link: https://nt.ls/z5QU0
π Dork: http.headers.x_jenkins:[0 TO 2.441]
Vendor's advisory: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314
πΎ4β€2π₯2π1π1