Tomorrow the new year will begin, and Netlas wants to share with you some statistics of the outgoing year! 🎄
This year we achieved the following:
👉 Total requests: 15,552,390
👉 New users: 16,633
👉 Total coins spent: 474,734,108
👉 Total graphs stored: 1,165
👉 Total private scans was started: 789
📖 Most popular article: https://netlas.io/blog/attack_surface_discovery_guide/
❗ Most popular CVE post: CVE-2024-6387 (https://x.com/Netlas_io/status/1807760965967937826)
Thank you for being with us. The Netlas team wishes you success in your projects, safe surfaces, fast pentests and all the best. See you next year!
This year we achieved the following:
👉 Total requests: 15,552,390
👉 New users: 16,633
👉 Total coins spent: 474,734,108
👉 Total graphs stored: 1,165
👉 Total private scans was started: 789
📖 Most popular article: https://netlas.io/blog/attack_surface_discovery_guide/
❗ Most popular CVE post: CVE-2024-6387 (https://x.com/Netlas_io/status/1807760965967937826)
Thank you for being with us. The Netlas team wishes you success in your projects, safe surfaces, fast pentests and all the best. See you next year!
1🎄4👾2☃1
CVE-2025-0282, -0283: Two vulnerabilities in Ivanti Connect Secure, 7.0 - 9.0 rating 🔥
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/WMQwN
👉 Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/WMQwN
👉 Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
👾4👍2🔥1
CVE-2025-22777: Privilege Escalation in GiveWP WordPress Plugin, 9.8 rating 🔥
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
👉 Link: https://nt.ls/amyWM
👉 Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
👉 Link: https://nt.ls/amyWM
👉 Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
🔥3👾2
CVE-2025-21598: Out-of-bounds Read in Juniper Junos OS, 8.2 rating❗️
An out-of-bouds read vulnerability in the RDP daemon, fixed last week, could potentially lead to DoS.
Search at Netlas.io:
👉 Link: https://nt.ls/HqWq2
👉 Dork: http.noscript:"Juniper"
Vendor's advisory: https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598
An out-of-bouds read vulnerability in the RDP daemon, fixed last week, could potentially lead to DoS.
Search at Netlas.io:
👉 Link: https://nt.ls/HqWq2
👉 Dork: http.noscript:"Juniper"
Vendor's advisory: https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598
👍2🔥2👾1
CVE-2025-0066, -0070 and other: Multiple vulnarabilities in SAP, 2.2 - 9.9 rating 🔥🔥🔥
Several vulnerabilities in SAP services for every taste and color: SQLi, Improper Authentication, DLL Hijacking, etc.
Search at Netlas.io:
👉 Link: https://nt.ls/zbP5e
👉 Dork: http.headers.server:"SAP"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/january-2025.html
Several vulnerabilities in SAP services for every taste and color: SQLi, Improper Authentication, DLL Hijacking, etc.
Search at Netlas.io:
👉 Link: https://nt.ls/zbP5e
👉 Dork: http.headers.server:"SAP"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/january-2025.html
🔥6👾3
CVE-2024-12365: Missing Authorization in W3 Total Cache WordPress Plugin, 8.5 rating❗️
The vulnerability allows an authenticated attacker to access sensitive data and make unauthorized web requests to collect information from internal services.
Search at Netlas.io:
👉 Link: https://nt.ls/BpOAJ
👉 Dork: http.body:"plugins/w3-total-cache"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/w3-total-cache/w3-total-cache-281-authenticated-subscriber-missing-authorization-to-server-side-request-forgery
The vulnerability allows an authenticated attacker to access sensitive data and make unauthorized web requests to collect information from internal services.
Search at Netlas.io:
👉 Link: https://nt.ls/BpOAJ
👉 Dork: http.body:"plugins/w3-total-cache"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/w3-total-cache/w3-total-cache-281-authenticated-subscriber-missing-authorization-to-server-side-request-forgery
👾3🔥2
CVE-2025-23051, -23052: Vulnerabilities in ArubaOS, 7.2 rating❗️
The vulnerabilities allow an attacker to inject commands and overwrite system files.
Search at Netlas.io:
👉 Link: https://nt.ls/7pU9N
👉 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US
The vulnerabilities allow an attacker to inject commands and overwrite system files.
Search at Netlas.io:
👉 Link: https://nt.ls/7pU9N
👉 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US
👾3🔥2
CVE-2024-57726, -57727, -57728: Multiple vulnerabilities in SimpleHelp, 7.2 - 8.8 rating❗️
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
👉 Link: https://nt.ls/Frx6H
👉 Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
👉 Link: https://nt.ls/Frx6H
👉 Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
👾3🔥2
CVE-2025-21535: Server Takeover in Oracle WebLogic, 9.8 rating 🔥
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
👉 Link: https://nt.ls/6EpWK
👉 Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
👉 Link: https://nt.ls/6EpWK
👉 Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
1🔥4👾3❤1
CVE-2025-0314 and other: Multiple vulnerabilities in GitLab, 4.3 - 8.7 rating❗️
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
👉 Link: https://nt.ls/BNKS8
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
👉 Link: https://nt.ls/BNKS8
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
👾3❤1👍1
CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating 🔥
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
👉 Link: https://nt.ls/FLFJT
👉 Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
👉 Link: https://nt.ls/FLFJT
👉 Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
🔥5👍4👾2❤1
CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating 🔥
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
👉 Link: https://nt.ls/NETLB
👉 Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
👉 Link: https://nt.ls/NETLB
👉 Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
🔥3👍2👾2
CVE-2025-22609, -22611, -22612: Multiple vulnerabilities in Coolify, 10.0 rating 🔥🔥🔥
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
👉 Link: https://nt.ls/vUWWf
👉 Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
👉 Link: https://nt.ls/vUWWf
👉 Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
🔥4👾3❤1
🚧 Planned Maintenance 🚧
The application will be unavailable for a period of time❗️
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC ⏰. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The application will be unavailable for a period of time❗️
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC ⏰. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
👍2💊2👨💻1
CVE-2024-11187, -12705: Vulnerabilities in BIND DNS Software, 7.5 rating❗️
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
👉 Link: https://nt.ls/bGSFv
👉 Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
👉 Link: https://nt.ls/bGSFv
👉 Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
🔥3👾3👍2
🚧 Planned Maintenance 🚧
We remind you, at 07:00 UTC the application will become temporarily unavailable. The work will take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
We remind you, at 07:00 UTC the application will become temporarily unavailable. The work will take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
❤2
🚧 Planned Maintenance 🚧
We remind you that the planned work will begin in an hour, at 07:00 UTC. Our team will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
We remind you that the planned work will begin in an hour, at 07:00 UTC. Our team will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
💊2👨💻1
💯 Planned Maintenance completed 💯
Netlas is fully online again and you can get back to your projects! 👾
Netlas is fully online again and you can get back to your projects! 👾
❤2👾2👍1👎1
CVE-2024-56529: Session Fixation in Mailcow, 7.5 rating❗️
The application does not disable old session IDs, which allows a remote attacker to use existing IDs in the victim's browser.
Search at Netlas.io:
👉 Link: https://nt.ls/AuyJw
👉 Dork: http.noscript:"mailcow UI"
Vendor's advisory: https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-23c8-4wwr-g3c6
The application does not disable old session IDs, which allows a remote attacker to use existing IDs in the victim's browser.
Search at Netlas.io:
👉 Link: https://nt.ls/AuyJw
👉 Dork: http.noscript:"mailcow UI"
Vendor's advisory: https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-23c8-4wwr-g3c6
👍2🔥2👾2
Unauthorized Data Upload in Alibaba Cloud – PoC by Chirag Artani 🔥
A new video is out on our friend’s channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Don’t miss it! 🔍
We also recommend checking out Chirag Artani’s website and Twitter for more cybersecurity insights:
👉 Website: 3rag.com
👉 Twitter: x.com/Chirag99Artani
A new video is out on our friend’s channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Don’t miss it! 🔍
We also recommend checking out Chirag Artani’s website and Twitter for more cybersecurity insights:
👉 Website: 3rag.com
👉 Twitter: x.com/Chirag99Artani
YouTube
I found 9322 Targets For Unauthorized Data Upload In Alibaba Cloud | POC Exploit Explained Live
Note: do not harm any server, do not upload any malicious files like malware or anything. This is high severity bug which is leading to upload unauthorized data.
I found 9321 targets which are vulnerable for this vulnerability. This is just for learning…
I found 9321 targets which are vulnerable for this vulnerability. This is just for learning…
❤3👾3
CVE-2025-0890, -40890, -40891: Vulnerabilities in Zyxel CPE, 8.8 - 9.8 rating 🔥
The vulnerabilities include two OS Command Injections, and Improper Authentication via Telnet.
Search at Netlas.io:
👉 Link: https://nt.ls/Lxf7h
👉 Dork: telnet.banner:"Zyxel VDSL"
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025
The vulnerabilities include two OS Command Injections, and Improper Authentication via Telnet.
Search at Netlas.io:
👉 Link: https://nt.ls/Lxf7h
👉 Dork: telnet.banner:"Zyxel VDSL"
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025
🔥4👍3👾2