CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189: Multiple vulns on the Cisco Small Business Switches. 8.6 rating βοΈ
An attacker can cause DoS or perform remote code execution with root user rights. POC is available!
Search on Netlas.io:
ππ» Link: https://nt.ls/eIvyW
ππ» Dork: http.favicon.perceptual_hash:ffdb0113090009ff~1 AND http.body:"Small Business"
An attacker can cause DoS or perform remote code execution with root user rights. POC is available!
Search on Netlas.io:
ππ» Link: https://nt.ls/eIvyW
ππ» Dork: http.favicon.perceptual_hash:ffdb0113090009ff~1 AND http.body:"Small Business"
π₯4πΎ2
CVE-2023-25690: Request Smuggling attack on Apache HTTP Server with 9.8 rating π₯
An old vulnerability, but a POC has been published today.
Search on Netlas.io (over 20 million results):
ππ» Link (with tags): https://nt.ls/bGPCz
ππ» Link (without tags): https://nt.ls/0Xh1g
ππ» Dork: tag.name:"apache" AND (tag.apache.version:>=2.4.0 AND tag.apache.version:<=2.4.55)
An old vulnerability, but a POC has been published today.
Search on Netlas.io (over 20 million results):
ππ» Link (with tags): https://nt.ls/bGPCz
ππ» Link (without tags): https://nt.ls/0Xh1g
ππ» Dork: tag.name:"apache" AND (tag.apache.version:>=2.4.0 AND tag.apache.version:<=2.4.55)
πΎ3π€·ββ1π1
This Friday we want to share an interesting guide to using Netlas.io for bug bounties. The authors have done a big job, and now you can look at the results of their labor and appreciate possibilities of Netlas.
ππ» Part 1: https://youtu.be/lJFXNthSVko
ππ» Part 2: https://youtu.be/wHrn0EJOFfI
ππ» Part 3: https://youtu.be/pwUrHGg53Jw
Thanks to ValluvarSploit and _mohd_saqlain for creating the guide and permission to post it!
ππ» Part 1: https://youtu.be/lJFXNthSVko
ππ» Part 2: https://youtu.be/wHrn0EJOFfI
ππ» Part 3: https://youtu.be/pwUrHGg53Jw
Thanks to ValluvarSploit and _mohd_saqlain for creating the guide and permission to post it!
πΎ8
Using Netlas.io within Tines automations
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here ππ»
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here ππ»
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
Medium
Using Netlas.io within Tines automations
Basics of building automated circuits in Tines and using Netlas.io searches in them. Creation of a mechanism for detecting virtual hosting.
πΎ4π1
Dork list for Netlas.io has been updated on GitHub!
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
ππ» Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
ππ» Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
π3πΎ3
CVE-2023-25157: SQL injection for GeoServer, 9.8 rating π₯
An old vulnerability with working PoC.
Search at Netlas.io:
ππ» Dork: http.title:"geoserver"
ππ» Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
An old vulnerability with working PoC.
Search at Netlas.io:
ππ» Dork: http.title:"geoserver"
ππ» Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
πΎ3π1
CVE-2023-33778: Hard-coded creds in Draytek Vigor Routers, 9.8 rating π₯
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
ππ» Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
ππ» Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
ππ» Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
ππ» Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
πΎ4π₯1
CVE-2023-27997: Pre-authentication RCE on Fortigate VPN, 9.8 rating π₯
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
ππ» Link with tags (recommended): https://nt.ls/jOlSo
ππ» Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
ππ» Link with tags (recommended): https://nt.ls/jOlSo
ππ» Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
πΎ5π₯2
CVE-2023-3128: Authentication Bypass in Grafana, 9.4 rating βοΈ
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
ππ» Link: https://nt.ls/iqMVz
ππ» Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.title:"Grafana"
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
ππ» Link: https://nt.ls/iqMVz
ππ» Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.title:"Grafana"
πΎ4π₯2
CVE-2023-36630: Privilege Escalation and Authentication Bypass in CloudPanel, critical rating π₯
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
ππ» Link: nt.ls/V3hEn
ππ» Dork: http.title:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
ππ» Link: nt.ls/V3hEn
ππ» Dork: http.title:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
πΎ5π₯1
CVE-2023-3460: Privilege Escalation in UltimateMember WordPress plugin, 9.8 rating! π₯
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
ππ» Link: https://nt.ls/S9Skz
ππ» Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
ππ» Link: https://nt.ls/S9Skz
ππ» Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
πΎ4π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
The end of Beta Presale II is very close!
Hurry up to get Netlas.io subscription with a 50% discount, after 6 days the discount will be reduced βοΈ
ππ» Buy a subscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
Hurry up to get Netlas.io subscription with a 50% discount, after 6 days the discount will be reduced βοΈ
ππ» Buy a subscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
πΎ4π¨βπ»1
Media is too big
VIEW IN TELEGRAM
A new tool in Netlas π₯
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
ππ» Tool: https://app.netlas.io/asd/
ππ» Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
ππ» Overview video: https://youtu.be/98s-Iu5MyRw
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
ππ» Tool: https://app.netlas.io/asd/
ππ» Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
ππ» Overview video: https://youtu.be/98s-Iu5MyRw
π₯5π2πΎ2
CVE-2023-34192: Reflected XSS in Zimbra Collaboration Suite, 9.0 rating! π₯
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
ππ» Link: https://nt.ls/ufPn6
ππ» Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
ππ» Link: https://nt.ls/ufPn6
ππ» Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
π3πΎ3β‘1π₯1
CVE-2023-3519, -3466, -3467: Multiple vulns in Citrix Gateway/ADC, 9.8 rating π₯
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
ππ» Link: https://nt.ls/HB0b1
ππ» Dork: http.title:"Citrix ADC" OR http.title:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
ππ» Link: https://nt.ls/HB0b1
ππ» Dork: http.title:"Citrix ADC" OR http.title:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
π₯2πΎ2
Share an attack surface graph
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
πΎ5π3
CVE-2023-35078: Ivanti EPMM Remote Unauthenticated API Access Vulnerability
π¨ PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (βοΈCVSS 10.0βοΈ)
A limited number of customers have been impacted already π
Search at Netlas.io:
ππ» Link: https://nt.ls/QdWH7
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendorβs advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
π¨ PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (βοΈCVSS 10.0βοΈ)
A limited number of customers have been impacted already π
Search at Netlas.io:
ππ» Link: https://nt.ls/QdWH7
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendorβs advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
πΎ3π₯2
βπ» Another one for the same product published today: CVE-2023-35082, CVSS 10.0
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
ππ» Link: https://nt.ls/QdWH7
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendorβs advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
ππ» Link: https://nt.ls/QdWH7
ππ» Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendorβs advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
πΎ3π₯2π€1
CVE-2023-39143: RCE in PaperCut MF/NG, 8.4 rating π₯
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
ππ» Link: https://nt.ls/ZGjrR
ππ» Dork: (http.title:"PaperCut Login" AND (http.description:"PaperCut NG" OR http.description:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
ππ» Link: https://nt.ls/ZGjrR
ππ» Dork: (http.title:"PaperCut Login" AND (http.description:"PaperCut NG" OR http.description:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
πΎ3π₯2β€1π1
CVE-2023-38035: Auth Bypass in Ivanti (MobileIron) Sentry, 9.8 rating π₯
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
π Link: https://nt.ls/CwTWz
π Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
π Link: https://nt.ls/CwTWz
π Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
π₯2πΎ2π1π1