CVE-2024-45763 and other: Multiple vulnerabilities in Dell Sonic OS, 9.0 - 9.1 rating ๐ฅ
Some Sonic OS entities are vulnerable to OS Command Injection. Additionally, the vulnerabilities include a weakness in the authentication process that could allow a remote attacker to gain unauthorized access.
Search at Netlas.io:
๐ Link: https://nt.ls/TAX1W
๐ Dork: http.favicon.hash_sha256:d39342cbe7b9717529eb07f697779c55cdae7e0fc26c9672f64c49cbd8411eea
Vendor's advisory: https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
Some Sonic OS entities are vulnerable to OS Command Injection. Additionally, the vulnerabilities include a weakness in the authentication process that could allow a remote attacker to gain unauthorized access.
Search at Netlas.io:
๐ Link: https://nt.ls/TAX1W
๐ Dork: http.favicon.hash_sha256:d39342cbe7b9717529eb07f697779c55cdae7e0fc26c9672f64c49cbd8411eea
Vendor's advisory: https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
๐ฅ3๐พ3๐2
CVE-2024-39710 and other: Multiple vulnerabilities in Ivanti Connect Secure, 4.4 - 9.1 rating ๐ฅ
Lots (25!) of vulnerabilities in the latest Ivanti bulletin. DoS, RCE, Auth Bypass - vulnerabilities on every taste.
Search at Netlas.io:
๐ Link: https://nt.ls/v0fEW
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
Lots (25!) of vulnerabilities in the latest Ivanti bulletin. DoS, RCE, Auth Bypass - vulnerabilities on every taste.
Search at Netlas.io:
๐ Link: https://nt.ls/v0fEW
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
๐ฅ2๐พ2๐1
CVE-2024-52301: Improper Input Validation in Laravel Framework, 8.7 ratingโ๏ธ
The vulnerability allows an attacker to change environment using a special crafted query string.
More then 830k instances at Netlas.io:
๐ Link: https://nt.ls/CDJgv
๐ Dork: http.headers.set_cookie:"laravel_session="
Vendor's advisory: https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h
The vulnerability allows an attacker to change environment using a special crafted query string.
More then 830k instances at Netlas.io:
๐ Link: https://nt.ls/CDJgv
๐ Dork: http.headers.set_cookie:"laravel_session="
Vendor's advisory: https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h
๐ฅ3๐2๐พ1
Automated search for sites by favicon ๐
When mapping an attack surface or searching for vulnerable web interfaces, favicon matching often plays a critical role. Some IoT search engines, such as Shodan or Netlas, already offer this functionality.
However, today we want to introduce a tool that simplifies this process, developed by a member of the Netlas community. This utility supports searching for favicons across several search engines, including Shodan, Netlas, ZoomEye, and more.
Introducing FAVICORN โ a collaborative creation by @soxoj, @seelwersowl, and @osint_mindset ๐ฆ
๐ FAVICORN's GitHub: https://github.com/sharsil/favicorn
When mapping an attack surface or searching for vulnerable web interfaces, favicon matching often plays a critical role. Some IoT search engines, such as Shodan or Netlas, already offer this functionality.
However, today we want to introduce a tool that simplifies this process, developed by a member of the Netlas community. This utility supports searching for favicons across several search engines, including Shodan, Netlas, ZoomEye, and more.
Introducing FAVICORN โ a collaborative creation by @soxoj, @seelwersowl, and @osint_mindset ๐ฆ
๐ FAVICORN's GitHub: https://github.com/sharsil/favicorn
GitHub
GitHub - sharsil/favicorn: All-sources tool to search websites by favicons
All-sources tool to search websites by favicons. Contribute to sharsil/favicorn development by creating an account on GitHub.
1๐พ4๐2๐2
CVE-2024-52316, -52317, -52318: Multiple vulnerabilities in Apache Tomcat, 6.1 - 9.8 rating ๐ฅ
Three new vulnerabilities, including Auth Bypass, XSS injection, and Inadequate Encryption Strength, could pose a threat to thousands of web services.
Search at Netlas.io:
๐ Link: https://nt.ls/dbwDi
๐ Dork: http.title:"Apache Tomcat"
Vendor's advisory: https://lists.apache.org/thread/dokwlz7k57sgphfj3ko36vn8xrys3o6r
Three new vulnerabilities, including Auth Bypass, XSS injection, and Inadequate Encryption Strength, could pose a threat to thousands of web services.
Search at Netlas.io:
๐ Link: https://nt.ls/dbwDi
๐ Dork: http.title:"Apache Tomcat"
Vendor's advisory: https://lists.apache.org/thread/dokwlz7k57sgphfj3ko36vn8xrys3o6r
๐ฅ4๐พ2
Minor App Improvements
In update 1.0.3, we've introduced several features to enhance the payment experience.
Hereโs whatโs new:
๐ Added a Payment Guide
๐ Clarified subscription options for the Freelancer tier
๐ฅ A few other minor improvements
๐ Read more: https://docs.netlas.io/changelog/
In update 1.0.3, we've introduced several features to enhance the payment experience.
Hereโs whatโs new:
๐ Added a Payment Guide
๐ Clarified subscription options for the Freelancer tier
๐ฅ A few other minor improvements
๐ Read more: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
๐พ3๐1
PAN-OS RCE PoC by Chirag Artani ๐ฅ
Our friendโs channel posted another interesting video about one of the latest vulnerabilities, where he demonstrated Proof of Concept using Netlas ๐
We also recommend checking out his website and Twitter for more tips:
๐ Site: 3rag.com
๐ Twitter: x.com/Chirag99Artani
Our friendโs channel posted another interesting video about one of the latest vulnerabilities, where he demonstrated Proof of Concept using Netlas ๐
We also recommend checking out his website and Twitter for more tips:
๐ Site: 3rag.com
๐ Twitter: x.com/Chirag99Artani
YouTube
PAN-OS RCE Again - Authentication Bypass in the Management Web Interface & Command Injection | POC
POC written by me - https://github.com/Sachinart/CVE-2024-0012-POC
Please do not exploit any target without written permission, that's not ethical way.
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker withโฆ
Please do not exploit any target without written permission, that's not ethical way.
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker withโฆ
1๐พ6๐2
Netlas and Shodan: Comprehensive Analysis ๐งฎ
With Netlas recently emerging from beta and reaching version 1.0, we felt it was the perfect time to conduct a comprehensive comparison with its competitors.
Weโve started with one of the toughest challenges: an in-depth, objective comparison of Netlas and the veteran in the field, Shodan. Using over 10 key indicators, weโve analyzed both platforms to help you understand pros and cons of the two solutions.
๐ Read now: https://netlas.io/blog/netlas_vs_shodan/
With Netlas recently emerging from beta and reaching version 1.0, we felt it was the perfect time to conduct a comprehensive comparison with its competitors.
Weโve started with one of the toughest challenges: an in-depth, objective comparison of Netlas and the veteran in the field, Shodan. Using over 10 key indicators, weโve analyzed both platforms to help you understand pros and cons of the two solutions.
๐ Read now: https://netlas.io/blog/netlas_vs_shodan/
netlas.io
Netlas vs Shodan: Platforms Comparison - Netlas Blog
Compare IoT search engines Netlas and Shodan, highlighting their features, strengths, and ideal use cases for security research.
1๐ฅ6๐พ2
CVE-2024-48990 and other: Multiple vulnerabilities in Needrestart utility for Ubuntu (including Ubuntu Server), 5.3 - 7.8 ratingโ๏ธ
Five vulnerabilities discovered by researchers from Qualys allow LPE to be carried out on machines running Ubuntu OS and gain root rights.
Search at Netlas.io:
๐ Link: https://nt.ls/ZhaO6
๐ Dork: http.headers.server:"Ubuntu"
Read more: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
Five vulnerabilities discovered by researchers from Qualys allow LPE to be carried out on machines running Ubuntu OS and gain root rights.
Search at Netlas.io:
๐ Link: https://nt.ls/ZhaO6
๐ Dork: http.headers.server:"Ubuntu"
Read more: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
๐พ4๐ฅ3๐2
๐ง Planned Maintenance ๐ง
The application will be unavailable for a period of timeโ๏ธ
The maintenance is scheduled to start on November 24, 2024, at 08:00 UTC โฐ. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The application will be unavailable for a period of timeโ๏ธ
The maintenance is scheduled to start on November 24, 2024, at 08:00 UTC โฐ. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
๐พ4๐1๐ฟ1
Blind Spot in the Fortinet VPNs, no CVEโ๏ธ
Researchers from Pentera have discovered a potential vulnerability in Fortinet VPNs, probably allowing an attacker to hide the fact that a brute force attack was successfully completed.
Search at Netlas.io:
๐ Link: https://nt.ls/zJEUh
๐ Dork: http.body_sha256:"6e24d74ebc881e1e97331bb72d6edee8431485a8a0cafd7c4a913a3819817b84"
Read more: https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/
Researchers from Pentera have discovered a potential vulnerability in Fortinet VPNs, probably allowing an attacker to hide the fact that a brute force attack was successfully completed.
Search at Netlas.io:
๐ Link: https://nt.ls/zJEUh
๐ Dork: http.body_sha256:"6e24d74ebc881e1e97331bb72d6edee8431485a8a0cafd7c4a913a3819817b84"
Read more: https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/
๐ฅ4๐พ3
CVE-2024-52052, -053, -054, -055, -056: Multiple vulnerabilitites in Wowza Streaming Engine, 5.1 - 9.4 rating ๐ฅ
Five recent vulnerabilities we almost missed. RCE, stored XSS, file read, file write, and folder deletion - vulnerabilities for every taste!
Search at Netlas.io:
๐ Link: https://nt.ls/8BudC
๐ Dork: http.favicon.hash_sha256:3641ed4d68a0362f1ef45069584a71b0940acfcdb6abf8c13b8fc29837160a81 OR http.headers.server:"WowzaStreamingEngine"
Read more: https://www.rapid7.com/blog/post/2024/11/20/multiple-vulnerabilities-in-wowza-streaming-engine-fixed/
Five recent vulnerabilities we almost missed. RCE, stored XSS, file read, file write, and folder deletion - vulnerabilities for every taste!
Search at Netlas.io:
๐ Link: https://nt.ls/8BudC
๐ Dork: http.favicon.hash_sha256:3641ed4d68a0362f1ef45069584a71b0940acfcdb6abf8c13b8fc29837160a81 OR http.headers.server:"WowzaStreamingEngine"
Read more: https://www.rapid7.com/blog/post/2024/11/20/multiple-vulnerabilities-in-wowza-streaming-engine-fixed/
๐พ4๐3
CVE-2024-8932, -8929, -11233, -11236, -11234: Multiple vulnerabilities in PHP, 4.8 - 9.8 rating ๐ฅ
Five vulnerabilities in some PHP versions, which allowing attackers to leak sensitive information, execute arbitrary code, or launch DoS attacks.
More then 700k instances at Netlas.io:
๐ Link 1 (tag, more precisely): https://nt.ls/yIHH8
๐ Dork: tag.php.version:(>=8.1.0 AND <8.1.31) OR tag.php.version:(>=8.2.0 AND <8.2.26) OR tag.php.version:(>=8.3.0 AND <8.3.14)
๐ Link 2 (not tag, all PHP instances): https://nt.ls/9GJlg
๐ Dork: http.headers.x_powered_by:"php" OR http.headers.set_cookie:"PHPSESSID" OR http.headers.server:"PHP"
Vendor's advisories: https://github.com/php/php-src/security
Five vulnerabilities in some PHP versions, which allowing attackers to leak sensitive information, execute arbitrary code, or launch DoS attacks.
More then 700k instances at Netlas.io:
๐ Link 1 (tag, more precisely): https://nt.ls/yIHH8
๐ Dork: tag.php.version:(>=8.1.0 AND <8.1.31) OR tag.php.version:(>=8.2.0 AND <8.2.26) OR tag.php.version:(>=8.3.0 AND <8.3.14)
๐ Link 2 (not tag, all PHP instances): https://nt.ls/9GJlg
๐ Dork: http.headers.x_powered_by:"php" OR http.headers.set_cookie:"PHPSESSID" OR http.headers.server:"PHP"
Vendor's advisories: https://github.com/php/php-src/security
1๐ฅ4๐พ4
Black Friday & Cyber Monday Discount at Netlas ๐
Take advantage of our exclusive Black Friday & Cyber Monday deal: 20% off Freelancer and Business subscriptions for both monthly and annual billing cycles!
The best part? This isnโt just a one-time discount โ itโs your forever price as long as your subscription remains active or until base prices are reconsidered ๐ฅ
All you need to claim your forever discount is the code: BFCM2024.
๐ Learn more here: https://nt.ls/2WiQ0
Take advantage of our exclusive Black Friday & Cyber Monday deal: 20% off Freelancer and Business subscriptions for both monthly and annual billing cycles!
The best part? This isnโt just a one-time discount โ itโs your forever price as long as your subscription remains active or until base prices are reconsidered ๐ฅ
All you need to claim your forever discount is the code: BFCM2024.
๐ Learn more here: https://nt.ls/2WiQ0
1๐ฅ4๐พ3๐2
CVE-2024-8114, -8177, -11669, -11668: Multiple vulnerabilities in GitLab, 4.2 - 8.2 ratingโ๏ธ
GitLab has posted an advisory about several vulnerabilities. These include Privilege Escalation, DoS, Authentication Bypass, and others.
Search at Netlas.io:
๐ Link: https://nt.ls/xgD6x
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/11/26/patch-release-gitlab-17-6-1-released/
GitLab has posted an advisory about several vulnerabilities. These include Privilege Escalation, DoS, Authentication Bypass, and others.
Search at Netlas.io:
๐ Link: https://nt.ls/xgD6x
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/11/26/patch-release-gitlab-17-6-1-released/
๐4๐พ3
CVE-2024-42327: SQL Injection in Zabbix, 9.9 rating ๐ฅ
The discovered vulnerability allows any Zabbix user to perform Privilege Escalation via SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/qH7Ao
๐ Dork: http.favicon.hash_sha256:22b06a141c425c92951056805f46691c4cd8e7547ed90b8836a282950d4b4be2
Vendor's advisory: https://support.zabbix.com/browse/ZBX-25623
The discovered vulnerability allows any Zabbix user to perform Privilege Escalation via SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/qH7Ao
๐ Dork: http.favicon.hash_sha256:22b06a141c425c92951056805f46691c4cd8e7547ed90b8836a282950d4b4be2
Vendor's advisory: https://support.zabbix.com/browse/ZBX-25623
1๐ฅ4๐พ4๐1
CVE-2024-11667: Directory Traversal in Zyxel Firewalls, 7.3 ratingโ๏ธ
A vulnerability in the web interface of some firewalls allows an attacker to download or upload files using a special URL.
Search at Netlas.io:
๐ Link: https://nt.ls/agozE
๐ Dork: http.favicon.hash_sha256:9a02f3cf948f9409c25070f2f057b69dda5d0aaf7fa8d056552e8bda8295ca1f
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024
A vulnerability in the web interface of some firewalls allows an attacker to download or upload files using a special URL.
Search at Netlas.io:
๐ Link: https://nt.ls/agozE
๐ Dork: http.favicon.hash_sha256:9a02f3cf948f9409c25070f2f057b69dda5d0aaf7fa8d056552e8bda8295ca1f
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024
๐พ4๐3๐ฅ2
CVE-2024-8672: Code Injection in Widget Options WordPress Plugin, 9.9 rating ๐ฅ
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/xOEZp
๐ Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/xOEZp
๐ Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
๐ฅ5๐พ4
๐จ Netlas is down due to issues with a planned update. Weโre rolling back and working to restore service ASAP. Apologies for the inconvenienceโupdates to follow.
๐2
โ
Netlas is back online, and all services are operational.
However, our team is continuing to monitor the system and address any lingering issues to ensure full stability. We apologize for the disruption and thank you for your patience and understanding.
However, our team is continuing to monitor the system and address any lingering issues to ensure full stability. We apologize for the disruption and thank you for your patience and understanding.
โค2๐2