How to find industrial objects with Netlas.io? π
Short cheat sheet based on one of our articles. A few filters will allow you to make sure that nearby factories are protected.
π Read more about industrial devices search: https://medium.com/@netlas/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2
Short cheat sheet based on one of our articles. A few filters will allow you to make sure that nearby factories are protected.
π Read more about industrial devices search: https://medium.com/@netlas/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2
π₯5πΎ4π1
CVE-2024-21677: Path Traversal in Atlassian Confluence, 8.3 ratingβ
The vulnerability discovered during the Bug Bounty program allows an unauthenticated attacker to carry out actions that threaten the confidentiality and availability of the system. The patch has already been released.
Search at Netlas.io:
π Link: https://nt.ls/mghaY
π Dork: http.meta:"confluence-base-url"
Vendor's bulletin: https://confluence.atlassian.com/security/security-bulletin-march-19-2024-1369444862.html
The vulnerability discovered during the Bug Bounty program allows an unauthenticated attacker to carry out actions that threaten the confidentiality and availability of the system. The patch has already been released.
Search at Netlas.io:
π Link: https://nt.ls/mghaY
π Dork: http.meta:"confluence-base-url"
Vendor's bulletin: https://confluence.atlassian.com/security/security-bulletin-march-19-2024-1369444862.html
πΎ5β€3π₯3π1π1
CVE-2024-20767: Improper Access Control in Adobe ColdFusion, 8.2 ratingβοΈ
A new vulnerability in ColdFusion that allows an unauthenticated attacker to gain access to sensitive files. PoC is available!
Search at Netlas.io:
ππ» Link: https://nt.ls/jl0cW
ππ» Dork: tag.name:"adobe_coldfusion"
Vendor's bulletin: https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
A new vulnerability in ColdFusion that allows an unauthenticated attacker to gain access to sensitive files. PoC is available!
Search at Netlas.io:
ππ» Link: https://nt.ls/jl0cW
ππ» Dork: tag.name:"adobe_coldfusion"
Vendor's bulletin: https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
πΎ5β€4π₯2π1
CVE-2024-31136 and other: Multiple vulns in JetBrains TeamCity, 4.1 - 7.4 ratingβ
Seven new vulnerabilities in TeamCity: Improrer Validation, Neutralization and others. Install the patch quickly!
Search at Netlas.io:
π Link: https://nt.ls/HmnT2
π Dork: tag.name:"teamcity"
Vendor's advisories: https://www.jetbrains.com/privacy-security/issues-fixed/
Seven new vulnerabilities in TeamCity: Improrer Validation, Neutralization and others. Install the patch quickly!
Search at Netlas.io:
π Link: https://nt.ls/HmnT2
π Dork: tag.name:"teamcity"
Vendor's advisories: https://www.jetbrains.com/privacy-security/issues-fixed/
πΎ4π2π₯1
CVE-2024-2879: SQL injection in LayerSlider plugin for WordPress, 9.8 rating π₯
Plugin used on millions of websites had a feature that was vulnerable to blind SQL injection. If the vulnerability was successfully exploited, the attacker could gain access to any confidential information.
Search at Netlas.io:
π Link: https://nt.ls/8CmgD
π Dork: http.body:"plugins/layerslider"
Read more: https://www.wordfence.com/blog/2024/04/5500-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-layerslider-wordpress-plugin/
Plugin used on millions of websites had a feature that was vulnerable to blind SQL injection. If the vulnerability was successfully exploited, the attacker could gain access to any confidential information.
Search at Netlas.io:
π Link: https://nt.ls/8CmgD
π Dork: http.body:"plugins/layerslider"
Read more: https://www.wordfence.com/blog/2024/04/5500-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-layerslider-wordpress-plugin/
π₯6πΎ2
πΎ Netlas 0.23.1 update πΎ
π Two API endpoints added, one depricated
π API schema documentation updated
π Super annoying autocomplete bug fixed!
β We also noticed that Netlas is often used through a proxy without registration. To reduce the load on the servers, the number of requests available to unregistered users has been reduced to 10 β
Changelog: https://nt.ls/changelog
π Netlas Docs update π
π To learn more about the features of Netlas Search tools, read the recently published help topic: https://nt.ls/pPte1
π Details and examples of usage Netlas IP/Domain tool: https://nt.ls/wDuYN
π Two API endpoints added, one depricated
π API schema documentation updated
π Super annoying autocomplete bug fixed!
β We also noticed that Netlas is often used through a proxy without registration. To reduce the load on the servers, the number of requests available to unregistered users has been reduced to 10 β
Changelog: https://nt.ls/changelog
π Netlas Docs update π
π To learn more about the features of Netlas Search tools, read the recently published help topic: https://nt.ls/pPte1
π Details and examples of usage Netlas IP/Domain tool: https://nt.ls/wDuYN
π4πΎ3
CVE-2024-3273: RCE in D-Link NAS, 7.3 rating π₯
The vulnerability can be exploited due to a combination of two weaknesses: a hardcoded account and the ability to inject commands through the βsystemβ parameter. There are many devices affected that have reached the end of their lifespan.
According to GreyNoise, hackers are already carrying out attacks! π¨
Search at Netlas.io:
π Link: https://nt.ls/TyD6H
π Dork: http.body:"Text:In order to access the ShareCenter"
Read more: https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-92-000-d-link-nas-devices-now-exploited-in-attacks/
The vulnerability can be exploited due to a combination of two weaknesses: a hardcoded account and the ability to inject commands through the βsystemβ parameter. There are many devices affected that have reached the end of their lifespan.
According to GreyNoise, hackers are already carrying out attacks! π¨
Search at Netlas.io:
π Link: https://nt.ls/TyD6H
π Dork: http.body:"Text:In order to access the ShareCenter"
Read more: https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-92-000-d-link-nas-devices-now-exploited-in-attacks/
π₯4πΎ3π2
βοΈCookie consent updateβοΈ
To improve usability and functionality of the site, as well as in connection with new requirements from Google, we are changing the mechanism for obtaining cookie consent.
After the update, consent will be consistent across all of our resources, including the website, app, and help portal.
We would be grateful if you check the box again β
To improve usability and functionality of the site, as well as in connection with new requirements from Google, we are changing the mechanism for obtaining cookie consent.
After the update, consent will be consistent across all of our resources, including the website, app, and help portal.
We would be grateful if you check the box again β
πΎ5π€1
CVE-2024-3400: command injection in Palo Alto Networks PAN-OS, 10.0 rating π₯π₯π₯
A 0-day vulnerability in PAN-OS that allows an unauthenticated attacker to execute arbitrary code on the firewall with root rights. According to Palo Alto Networks, attacks have already been carried out that exploit this vulnerability!
Search at Netlas.io:
π Link: https://nt.ls/eprag
π Dork: tag.name:"palo_alto"
Vendor's advisory: https://security.paloaltonetworks.com/CVE-2024-3400
A 0-day vulnerability in PAN-OS that allows an unauthenticated attacker to execute arbitrary code on the firewall with root rights. According to Palo Alto Networks, attacks have already been carried out that exploit this vulnerability!
Search at Netlas.io:
π Link: https://nt.ls/eprag
π Dork: tag.name:"palo_alto"
Vendor's advisory: https://security.paloaltonetworks.com/CVE-2024-3400
π₯5πΎ2
π₯ Netlas.io Discord server π₯
Engage in live chat with our community on Discord!
Here you can quickly get answers to important questions, talk with other users, and read the latest news in a new convenient format.
π Follow the link: https://nt.ls/discord
Engage in live chat with our community on Discord!
Here you can quickly get answers to important questions, talk with other users, and read the latest news in a new convenient format.
π Follow the link: https://nt.ls/discord
Discord
Join the Netlas.io Community Server Discord Server!
Connect for support and engage in cybersecurity discussions to enhance your skills and knowledge. | 377 members
πΎ6π5
CVE-2024-21006: Vulnerability in Oracle WebLogic Server, 7.5 ratingβ
Vulnerability from the report on the new Oracle patch. Allows an unauthenticated attacker to gain unauthorized access to critical activities. According to NVD, exploitation is quite simple.
Search at Netlas.io:
π Link: https://nt.ls/RrPD2
π Dork: port:7001 AND protocol:t3
Read more: https://nvd.nist.gov/vuln/detail/CVE-2024-21006
Vulnerability from the report on the new Oracle patch. Allows an unauthenticated attacker to gain unauthorized access to critical activities. According to NVD, exploitation is quite simple.
Search at Netlas.io:
π Link: https://nt.ls/RrPD2
π Dork: port:7001 AND protocol:t3
Read more: https://nvd.nist.gov/vuln/detail/CVE-2024-21006
πΎ5π₯4π3
Business-focused OSINT with Netlas.io π
Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!
π Read here: https://nt.ls/osint
Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!
π Read here: https://nt.ls/osint
Medium
Netlas.io β Medium
Read writing from Netlas.io on Medium. Discover, research and monitor any assets available online. Every day, Netlas.io and thousands of other voices read, write, and share important stories on Medium.
πΎ5π₯3π1
Good news π₯
Yesterday we fixed three bugs in subscription system that were discovered during the penetration testing.
Now Netlas has become even safer!
ππ» Changelog: https://docs.netlas.io/changelog/
Yesterday we fixed three bugs in subscription system that were discovered during the penetration testing.
Now Netlas has become even safer!
ππ» Changelog: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
πΎ5π2
New vulnerability in CrushFTP, "serious" rating π₯
The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already been used in real attacks!
Search at Netlas.io:
ππ» Link: https://nt.ls/5fGPm
ππ» Dork: http.headers.server:"CrushFTP"
Vendor's advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already been used in real attacks!
Search at Netlas.io:
ππ» Link: https://nt.ls/5fGPm
ππ» Dork: http.headers.server:"CrushFTP"
Vendor's advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
π5πΎ4π₯3π1
CVE-2024-20356: Command Injection in Cisco Integrated Management Controller, 8.7 rating π₯
The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!
Search at Netlas.io:
ππ» Link: https://nt.ls/WixwE
ππ» Dork: http.title:"Cisco Integrated Management Controller"
Read more: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/
The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!
Search at Netlas.io:
ππ» Link: https://nt.ls/WixwE
ππ» Dork: http.title:"Cisco Integrated Management Controller"
Read more: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/
π₯4π4πΎ4π1
pfSense-SA-24_04: XSS in pfSense Plus and pfSense CEβ
A vulnerability was discovered in the jquery-treegrid library that could cause arbitrary JavaScript code to be executed in the user's browser.
According to the vendor's advisory, the library is used for testing only and can be safely disabled.
Search at Netlas.io:
π Link: https://nt.ls/E5AZ1
π Dork: http.title:"pfSense - Login" OR http.title:"pfSense Plus"
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-24_04.webgui.asc
A vulnerability was discovered in the jquery-treegrid library that could cause arbitrary JavaScript code to be executed in the user's browser.
According to the vendor's advisory, the library is used for testing only and can be safely disabled.
Search at Netlas.io:
π Link: https://nt.ls/E5AZ1
π Dork: http.title:"pfSense - Login" OR http.title:"pfSense Plus"
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-24_04.webgui.asc
π4πΎ4π₯2π1
π Webinar by Our Partners: The Art and Science of C2: Veni, non vidi, non vici?
This May 7th, join our partners as they demonstrate detecting and analyzing C2 servers with Netlas. Expert insights and real-time demonstrations await!
π See it live on LinkedIn!
https://www.linkedin.com/events/7191004213999542272/
This May 7th, join our partners as they demonstrate detecting and analyzing C2 servers with Netlas. Expert insights and real-time demonstrations await!
π See it live on LinkedIn!
https://www.linkedin.com/events/7191004213999542272/
Linkedin
The Art and Science of C2: Veni, non vidi, non vici? | LinkedIn
π Join us for an in-depth exploration of Command and Control (C2) servers in our webinar:
"The Art and Science of C2: Veni, non vidi, non vici? ".
π€Ώ Dive into the deep water of C2 infrastructure, understanding its role in cyber attacks, and how to combatβ¦
"The Art and Science of C2: Veni, non vidi, non vici? ".
π€Ώ Dive into the deep water of C2 infrastructure, understanding its role in cyber attacks, and how to combatβ¦
π2πΎ2π1
CVE-2024-26304, -26305, -33511, -33512 and other: Multiple vulnerabilities in ArubaOS, 5.3 - 9.8 rating π₯π₯π₯
More recently disclosed vulnerabilities allow an unauthenticated attacker to perform RCE via a buffer overflow and cause a denial of service.
Search at Netlas.io:
ππ» Link: https://nt.ls/myG4Y
ππ» Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt
More recently disclosed vulnerabilities allow an unauthenticated attacker to perform RCE via a buffer overflow and cause a denial of service.
Search at Netlas.io:
ππ» Link: https://nt.ls/myG4Y
ππ» Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt
π₯4πΎ4
CVE-2023-49606: RCE in Tinyproxy 1.10.0, 1.11.1, 9.8 rating π₯
A use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.
Search at Netlas.io:
π Link: https://nt.ls/vWqHD
π Dork: http.headers.server:"tinyproxy/1.11.1" OR http.headers.server:"tinyproxy/1.10.0"
Read more: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
A use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.
Search at Netlas.io:
π Link: https://nt.ls/vWqHD
π Dork: http.headers.server:"tinyproxy/1.11.1" OR http.headers.server:"tinyproxy/1.10.0"
Read more: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
π5πΎ3π₯1