π Merry Christmas from the Netlas Team!
Wishing you and your loved ones a joyful holiday season filled with warmth, happiness, and success. Thank you for being a part of our journey this yearβwe're deeply grateful for your support and trust.
This year, we launched exciting features like the Netlas Private Scanner, Team Access, and celebrated the v.1.0 release! π
Hereβs to a secure and innovative new year together! π
Wishing you and your loved ones a joyful holiday season filled with warmth, happiness, and success. Thank you for being a part of our journey this yearβwe're deeply grateful for your support and trust.
This year, we launched exciting features like the Netlas Private Scanner, Team Access, and celebrated the v.1.0 release! π
Hereβs to a secure and innovative new year together! π
2π8π5π2
π¨ Major API Outage Caused by PostgreSQL Cluster Synchronization Issues
Yesterday at 19:40 UTC, a significant outage affected the availability of our API, causing service disruptions for a majority of our users. Despite extensive efforts over the past night, the issue remains unresolved. The root cause has been identified as an unstable connection between our backend and database, which is continuing to impact overall application performance.
While the API is currently accessible, the application remains unstable. Our team is actively investigating and working diligently toward a resolution. Further updates will be shared as progress is made.
Yesterday at 19:40 UTC, a significant outage affected the availability of our API, causing service disruptions for a majority of our users. Despite extensive efforts over the past night, the issue remains unresolved. The root cause has been identified as an unstable connection between our backend and database, which is continuing to impact overall application performance.
While the API is currently accessible, the application remains unstable. Our team is actively investigating and working diligently toward a resolution. Further updates will be shared as progress is made.
π8
β
Major API Outage Resolved
Our team has successfully restored full functionality, and both the API and application are now operational. We have definitively identified the causes of the issue and will work on improving synchronization configurations in the near future to prevent similar incidents.
We sincerely apologize for the inconvenience caused and thank you for your patience and understanding during this time. If you experience any further issues, please contact our support team.
For real-time updates on Netlas Services' health status, please refer to https://status.netlas.io.
Our team has successfully restored full functionality, and both the API and application are now operational. We have definitively identified the causes of the issue and will work on improving synchronization configurations in the near future to prevent similar incidents.
We sincerely apologize for the inconvenience caused and thank you for your patience and understanding during this time. If you experience any further issues, please contact our support team.
For real-time updates on Netlas Services' health status, please refer to https://status.netlas.io.
β€5
CVE-2024-3393: DoS in Palo Alto PAN OS, 8.7 ratingβοΈ
The vulnerability allows an unauthenticated user to send a malicious packet that can cause Denial of Service.
Search at Netlas.io:
π Link: https://nt.ls/UwnvG
π Dork: http.body_sha256:"7bc15a9ba71464596444ad648fa144937b848b302459c4103deae105cf42ce42" OR http.favicon.hash_sha256:a03ff6778b0535b9c4388e88c674eeeac91c0cc4b25bd23bf30f8d0bd98ac854
Vendor's advisory: https://security.paloaltonetworks.com/CVE-2024-3393
The vulnerability allows an unauthenticated user to send a malicious packet that can cause Denial of Service.
Search at Netlas.io:
π Link: https://nt.ls/UwnvG
π Dork: http.body_sha256:"7bc15a9ba71464596444ad648fa144937b848b302459c4103deae105cf42ce42" OR http.favicon.hash_sha256:a03ff6778b0535b9c4388e88c674eeeac91c0cc4b25bd23bf30f8d0bd98ac854
Vendor's advisory: https://security.paloaltonetworks.com/CVE-2024-3393
π₯3πΎ2π1
Using theHarvester with the Netlas Module π
In our latest article, we demonstrate how to leverage the theHarvester framework integrated with Netlas to efficiently discover subdomains.
π Read now: https://netlas.io/blog/theharvester_and_netlas/
In our latest article, we demonstrate how to leverage the theHarvester framework integrated with Netlas to efficiently discover subdomains.
π Read now: https://netlas.io/blog/theharvester_and_netlas/
netlas.io
Using theHarvester with Netlas - Netlas Blog
In this article we will look at using theHarvester tool to find subdomains with the Netlas integration.
πΎ3π₯2π2
Minor App Improvements π₯
In the 1.0.9 update, we made some fixes aimed at increasing the stability of the application and improving the user experience.
Hereβs whatβs new:
π Optimized the autocomplete feature.
π Added status page and link on it in the footer.
π Fixed some bugs and issues.
π₯ A few other minor improvements.
π Read more: https://docs.netlas.io/changelog/
In the 1.0.9 update, we made some fixes aimed at increasing the stability of the application and improving the user experience.
Hereβs whatβs new:
π Optimized the autocomplete feature.
π Added status page and link on it in the footer.
π Fixed some bugs and issues.
π₯ A few other minor improvements.
π Read more: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
πΎ3π2
Tomorrow the new year will begin, and Netlas wants to share with you some statistics of the outgoing year! π
This year we achieved the following:
π Total requests: 15,552,390
π New users: 16,633
π Total coins spent: 474,734,108
π Total graphs stored: 1,165
π Total private scans was started: 789
π Most popular article: https://netlas.io/blog/attack_surface_discovery_guide/
β Most popular CVE post: CVE-2024-6387 (https://x.com/Netlas_io/status/1807760965967937826)
Thank you for being with us. The Netlas team wishes you success in your projects, safe surfaces, fast pentests and all the best. See you next year!
This year we achieved the following:
π Total requests: 15,552,390
π New users: 16,633
π Total coins spent: 474,734,108
π Total graphs stored: 1,165
π Total private scans was started: 789
π Most popular article: https://netlas.io/blog/attack_surface_discovery_guide/
β Most popular CVE post: CVE-2024-6387 (https://x.com/Netlas_io/status/1807760965967937826)
Thank you for being with us. The Netlas team wishes you success in your projects, safe surfaces, fast pentests and all the best. See you next year!
1π4πΎ2β1
CVE-2025-0282, -0283: Two vulnerabilities in Ivanti Connect Secure, 7.0 - 9.0 rating π₯
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
π Link: https://nt.ls/WMQwN
π Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
π Link: https://nt.ls/WMQwN
π Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
πΎ4π2π₯1
CVE-2025-22777: Privilege Escalation in GiveWP WordPress Plugin, 9.8 rating π₯
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
π Link: https://nt.ls/amyWM
π Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
π Link: https://nt.ls/amyWM
π Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
π₯3πΎ2
CVE-2025-21598: Out-of-bounds Read in Juniper Junos OS, 8.2 ratingβοΈ
An out-of-bouds read vulnerability in the RDP daemon, fixed last week, could potentially lead to DoS.
Search at Netlas.io:
π Link: https://nt.ls/HqWq2
π Dork: http.title:"Juniper"
Vendor's advisory: https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598
An out-of-bouds read vulnerability in the RDP daemon, fixed last week, could potentially lead to DoS.
Search at Netlas.io:
π Link: https://nt.ls/HqWq2
π Dork: http.title:"Juniper"
Vendor's advisory: https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598
π2π₯2πΎ1
CVE-2025-0066, -0070 and other: Multiple vulnarabilities in SAP, 2.2 - 9.9 rating π₯π₯π₯
Several vulnerabilities in SAP services for every taste and color: SQLi, Improper Authentication, DLL Hijacking, etc.
Search at Netlas.io:
π Link: https://nt.ls/zbP5e
π Dork: http.headers.server:"SAP"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/january-2025.html
Several vulnerabilities in SAP services for every taste and color: SQLi, Improper Authentication, DLL Hijacking, etc.
Search at Netlas.io:
π Link: https://nt.ls/zbP5e
π Dork: http.headers.server:"SAP"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/january-2025.html
π₯6πΎ3
CVE-2024-12365: Missing Authorization in W3 Total Cache WordPress Plugin, 8.5 ratingβοΈ
The vulnerability allows an authenticated attacker to access sensitive data and make unauthorized web requests to collect information from internal services.
Search at Netlas.io:
π Link: https://nt.ls/BpOAJ
π Dork: http.body:"plugins/w3-total-cache"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/w3-total-cache/w3-total-cache-281-authenticated-subscriber-missing-authorization-to-server-side-request-forgery
The vulnerability allows an authenticated attacker to access sensitive data and make unauthorized web requests to collect information from internal services.
Search at Netlas.io:
π Link: https://nt.ls/BpOAJ
π Dork: http.body:"plugins/w3-total-cache"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/w3-total-cache/w3-total-cache-281-authenticated-subscriber-missing-authorization-to-server-side-request-forgery
πΎ3π₯2
CVE-2025-23051, -23052: Vulnerabilities in ArubaOS, 7.2 ratingβοΈ
The vulnerabilities allow an attacker to inject commands and overwrite system files.
Search at Netlas.io:
π Link: https://nt.ls/7pU9N
π Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US
The vulnerabilities allow an attacker to inject commands and overwrite system files.
Search at Netlas.io:
π Link: https://nt.ls/7pU9N
π Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US
πΎ3π₯2
CVE-2024-57726, -57727, -57728: Multiple vulnerabilities in SimpleHelp, 7.2 - 8.8 ratingβοΈ
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
π Link: https://nt.ls/Frx6H
π Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
π Link: https://nt.ls/Frx6H
π Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
πΎ3π₯2
CVE-2025-21535: Server Takeover in Oracle WebLogic, 9.8 rating π₯
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
π Link: https://nt.ls/6EpWK
π Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
π Link: https://nt.ls/6EpWK
π Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
1π₯4πΎ3β€1
CVE-2025-0314 and other: Multiple vulnerabilities in GitLab, 4.3 - 8.7 ratingβοΈ
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
π Link: https://nt.ls/BNKS8
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
π Link: https://nt.ls/BNKS8
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
πΎ3β€1π1
CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating π₯
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
π Link: https://nt.ls/FLFJT
π Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
π Link: https://nt.ls/FLFJT
π Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
π₯5π4πΎ2β€1
CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating π₯
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
π Link: https://nt.ls/NETLB
π Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
π Link: https://nt.ls/NETLB
π Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
π₯3π2πΎ2
CVE-2025-22609, -22611, -22612: Multiple vulnerabilities in Coolify, 10.0 rating π₯π₯π₯
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
π Link: https://nt.ls/vUWWf
π Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
π Link: https://nt.ls/vUWWf
π Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
π₯4πΎ3β€1
π§ Planned Maintenance π§
The application will be unavailable for a period of timeβοΈ
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC β°. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The application will be unavailable for a period of timeβοΈ
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC β°. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
π2π2π¨βπ»1
CVE-2024-11187, -12705: Vulnerabilities in BIND DNS Software, 7.5 ratingβοΈ
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
π Link: https://nt.ls/bGSFv
π Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
π Link: https://nt.ls/bGSFv
π Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
π₯3πΎ3π2