CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189: Multiple vulns on the Cisco Small Business Switches. 8.6 rating ❗️
An attacker can cause DoS or perform remote code execution with root user rights. POC is available!
Search on Netlas.io:
👉🏻 Link: https://nt.ls/eIvyW
👉🏻 Dork: http.favicon.perceptual_hash:ffdb0113090009ff~1 AND http.body:"Small Business"
An attacker can cause DoS or perform remote code execution with root user rights. POC is available!
Search on Netlas.io:
👉🏻 Link: https://nt.ls/eIvyW
👉🏻 Dork: http.favicon.perceptual_hash:ffdb0113090009ff~1 AND http.body:"Small Business"
🔥4👾2
CVE-2023-25690: Request Smuggling attack on Apache HTTP Server with 9.8 rating 🔥
An old vulnerability, but a POC has been published today.
Search on Netlas.io (over 20 million results):
👉🏻 Link (with tags): https://nt.ls/bGPCz
👉🏻 Link (without tags): https://nt.ls/0Xh1g
👉🏻 Dork: tag.name:"apache" AND (tag.apache.version:>=2.4.0 AND tag.apache.version:<=2.4.55)
An old vulnerability, but a POC has been published today.
Search on Netlas.io (over 20 million results):
👉🏻 Link (with tags): https://nt.ls/bGPCz
👉🏻 Link (without tags): https://nt.ls/0Xh1g
👉🏻 Dork: tag.name:"apache" AND (tag.apache.version:>=2.4.0 AND tag.apache.version:<=2.4.55)
👾3🤷♂1👍1
This Friday we want to share an interesting guide to using Netlas.io for bug bounties. The authors have done a big job, and now you can look at the results of their labor and appreciate possibilities of Netlas.
👉🏻 Part 1: https://youtu.be/lJFXNthSVko
👉🏻 Part 2: https://youtu.be/wHrn0EJOFfI
👉🏻 Part 3: https://youtu.be/pwUrHGg53Jw
Thanks to ValluvarSploit and _mohd_saqlain for creating the guide and permission to post it!
👉🏻 Part 1: https://youtu.be/lJFXNthSVko
👉🏻 Part 2: https://youtu.be/wHrn0EJOFfI
👉🏻 Part 3: https://youtu.be/pwUrHGg53Jw
Thanks to ValluvarSploit and _mohd_saqlain for creating the guide and permission to post it!
👾8
Using Netlas.io within Tines automations
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here 👉🏻
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here 👉🏻
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
Medium
Using Netlas.io within Tines automations
Basics of building automated circuits in Tines and using Netlas.io searches in them. Creation of a mechanism for detecting virtual hosting.
👾4👍1
Dork list for Netlas.io has been updated on GitHub!
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
👉🏻 Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
👉🏻 Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
👍3👾3
CVE-2023-25157: SQL injection for GeoServer, 9.8 rating 🔥
An old vulnerability with working PoC.
Search at Netlas.io:
👉🏻 Dork: http.noscript:"geoserver"
👉🏻 Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
An old vulnerability with working PoC.
Search at Netlas.io:
👉🏻 Dork: http.noscript:"geoserver"
👉🏻 Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
👾3👏1
CVE-2023-33778: Hard-coded creds in Draytek Vigor Routers, 9.8 rating 🔥
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
👉🏻 Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
👉🏻 Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
👉🏻 Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
👉🏻 Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
👾4🔥1
CVE-2023-27997: Pre-authentication RCE on Fortigate VPN, 9.8 rating 🔥
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
👉🏻 Link with tags (recommended): https://nt.ls/jOlSo
👉🏻 Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
👉🏻 Link with tags (recommended): https://nt.ls/jOlSo
👉🏻 Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
👾5🔥2
CVE-2023-3128: Authentication Bypass in Grafana, 9.4 rating ❗️
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/iqMVz
👉🏻 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/iqMVz
👉🏻 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
👾4🔥2
CVE-2023-36630: Privilege Escalation and Authentication Bypass in CloudPanel, critical rating 🔥
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
👉🏻 Link: nt.ls/V3hEn
👉🏻 Dork: http.noscript:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
👉🏻 Link: nt.ls/V3hEn
👉🏻 Dork: http.noscript:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
👾5🔥1
CVE-2023-3460: Privilege Escalation in UltimateMember WordPress plugin, 9.8 rating! 🔥
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/S9Skz
👉🏻 Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/S9Skz
👉🏻 Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
👾4🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
The end of Beta Presale II is very close!
Hurry up to get Netlas.io subnoscription with a 50% discount, after 6 days the discount will be reduced ❗️
👉🏻 Buy a subnoscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
Hurry up to get Netlas.io subnoscription with a 50% discount, after 6 days the discount will be reduced ❗️
👉🏻 Buy a subnoscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
👾4👨💻1
Media is too big
VIEW IN TELEGRAM
A new tool in Netlas 🔥
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
👉🏻 Tool: https://app.netlas.io/asd/
👉🏻 Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
👉🏻 Overview video: https://youtu.be/98s-Iu5MyRw
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
👉🏻 Tool: https://app.netlas.io/asd/
👉🏻 Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
👉🏻 Overview video: https://youtu.be/98s-Iu5MyRw
🔥5🆒2👾2
CVE-2023-34192: Reflected XSS in Zimbra Collaboration Suite, 9.0 rating! 🔥
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ufPn6
👉🏻 Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ufPn6
👉🏻 Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
👍3👾3⚡1🔥1
CVE-2023-3519, -3466, -3467: Multiple vulns in Citrix Gateway/ADC, 9.8 rating 🔥
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/HB0b1
👉🏻 Dork: http.noscript:"Citrix ADC" OR http.noscript:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/HB0b1
👉🏻 Dork: http.noscript:"Citrix ADC" OR http.noscript:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
🔥2👾2
Share an attack surface graph
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
👾5👍3
CVE-2023-35078: Ivanti EPMM Remote Unauthenticated API Access Vulnerability
🚨 PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (❗️CVSS 10.0❗️)
A limited number of customers have been impacted already 😖
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
🚨 PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (❗️CVSS 10.0❗️)
A limited number of customers have been impacted already 😖
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
👾3🔥2
☝🏻 Another one for the same product published today: CVE-2023-35082, CVSS 10.0
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
👾3🔥2🤔1
CVE-2023-39143: RCE in PaperCut MF/NG, 8.4 rating 🔥
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ZGjrR
👉🏻 Dork: (http.noscript:"PaperCut Login" AND (http.denoscription:"PaperCut NG" OR http.denoscription:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ZGjrR
👉🏻 Dork: (http.noscript:"PaperCut Login" AND (http.denoscription:"PaperCut NG" OR http.denoscription:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
👾3🔥2❤1👍1
CVE-2023-38035: Auth Bypass in Ivanti (MobileIron) Sentry, 9.8 rating 🔥
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
👉 Link: https://nt.ls/CwTWz
👉 Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
👉 Link: https://nt.ls/CwTWz
👉 Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
🔥2👾2👍1😁1