CVE-2024-57726, -57727, -57728: Multiple vulnerabilities in SimpleHelp, 7.2 - 8.8 ratingโ๏ธ
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
๐ Link: https://nt.ls/Frx6H
๐ Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
The vulnerabilities allow attackers to upload arbitrary files to the SimpleHelp server, as well as escalate privileges, which together allows RCE to be carried out.
Search at Netlas.io:
๐ Link: https://nt.ls/Frx6H
๐ Dork: http.headers.server:"SimpleHelp"
Vendor's advisory: https://simple-help.com/kb---security-vulnerabilities-01-2025#
๐พ3๐ฅ2
CVE-2025-21535: Server Takeover in Oracle WebLogic, 9.8 rating ๐ฅ
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
๐ Link: https://nt.ls/6EpWK
๐ Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
An easily exploitable vulnerability in the Core component allows an unauthenticated attacker to remotely compromise a WebLogic server.
Search at Netlas.io:
๐ Link: https://nt.ls/6EpWK
๐ Dork: protocol:t3 OR protocol:t3s
Vendor's advisory: https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW
1๐ฅ4๐พ3โค1
CVE-2025-0314 and other: Multiple vulnerabilities in GitLab, 4.3 - 8.7 ratingโ๏ธ
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
๐ Link: https://nt.ls/BNKS8
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
๐ Link: https://nt.ls/BNKS8
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
๐พ3โค1๐1
CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating ๐ฅ
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
๐ Link: https://nt.ls/FLFJT
๐ Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
๐ Link: https://nt.ls/FLFJT
๐ Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
๐ฅ5๐4๐พ2โค1
CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating ๐ฅ
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
๐ Link: https://nt.ls/NETLB
๐ Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
๐ Link: https://nt.ls/NETLB
๐ Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
๐ฅ3๐2๐พ2
CVE-2025-22609, -22611, -22612: Multiple vulnerabilities in Coolify, 10.0 rating ๐ฅ๐ฅ๐ฅ
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
๐ Link: https://nt.ls/vUWWf
๐ Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
Three vulnerabilities of highest severity in Coolify allow for RCE, privilege escalation, and authentication bypass.
Search at Netlas.io:
๐ Link: https://nt.ls/vUWWf
๐ Dork: http.favicon.hash_sha256:eaf648b6000a49599ed58bda49e576d0f981e535a8075d524a4be890edcf96d0 AND uri:*login*
Vendor's advisory: https://github.com/coollabsio/coolify/security/advisories/GHSA-3w2c-jfr2-9pg9
๐ฅ4๐พ3โค1
๐ง Planned Maintenance ๐ง
The application will be unavailable for a period of timeโ๏ธ
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC โฐ. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The application will be unavailable for a period of timeโ๏ธ
The maintenance is scheduled to start on February 02, 2025, at 07:00 UTC โฐ. It is expected to take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
๐2๐2๐จโ๐ป1
CVE-2024-11187, -12705: Vulnerabilities in BIND DNS Software, 7.5 ratingโ๏ธ
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
๐ Link: https://nt.ls/bGSFv
๐ Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
๐ Link: https://nt.ls/bGSFv
๐ Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
๐ฅ3๐พ3๐2
๐ง Planned Maintenance ๐ง
We remind you, at 07:00 UTC the application will become temporarily unavailable. The work will take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
We remind you, at 07:00 UTC the application will become temporarily unavailable. The work will take a couple of hours, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
โค2
๐ง Planned Maintenance ๐ง
We remind you that the planned work will begin in an hour, at 07:00 UTC. Our team will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
We remind you that the planned work will begin in an hour, at 07:00 UTC. Our team will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
๐2๐จโ๐ป1
๐ฏ Planned Maintenance completed ๐ฏ
Netlas is fully online again and you can get back to your projects! ๐พ
Netlas is fully online again and you can get back to your projects! ๐พ
โค2๐พ2๐1๐1
CVE-2024-56529: Session Fixation in Mailcow, 7.5 ratingโ๏ธ
The application does not disable old session IDs, which allows a remote attacker to use existing IDs in the victim's browser.
Search at Netlas.io:
๐ Link: https://nt.ls/AuyJw
๐ Dork: http.title:"mailcow UI"
Vendor's advisory: https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-23c8-4wwr-g3c6
The application does not disable old session IDs, which allows a remote attacker to use existing IDs in the victim's browser.
Search at Netlas.io:
๐ Link: https://nt.ls/AuyJw
๐ Dork: http.title:"mailcow UI"
Vendor's advisory: https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-23c8-4wwr-g3c6
๐2๐ฅ2๐พ2
Unauthorized Data Upload in Alibaba Cloud โ PoC by Chirag Artani ๐ฅ
A new video is out on our friendโs channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Donโt miss it! ๐
We also recommend checking out Chirag Artaniโs website and Twitter for more cybersecurity insights:
๐ Website: 3rag.com
๐ Twitter: x.com/Chirag99Artani
A new video is out on our friendโs channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Donโt miss it! ๐
We also recommend checking out Chirag Artaniโs website and Twitter for more cybersecurity insights:
๐ Website: 3rag.com
๐ Twitter: x.com/Chirag99Artani
YouTube
I found 9322 Targets For Unauthorized Data Upload In Alibaba Cloud | POC Exploit Explained Live
Note: do not harm any server, do not upload any malicious files like malware or anything. This is high severity bug which is leading to upload unauthorized data.
I found 9321 targets which are vulnerable for this vulnerability. This is just for learningโฆ
I found 9321 targets which are vulnerable for this vulnerability. This is just for learningโฆ
โค3๐พ3
CVE-2025-0890, -40890, -40891: Vulnerabilities in Zyxel CPE, 8.8 - 9.8 rating ๐ฅ
The vulnerabilities include two OS Command Injections, and Improper Authentication via Telnet.
Search at Netlas.io:
๐ Link: https://nt.ls/Lxf7h
๐ Dork: telnet.banner:"Zyxel VDSL"
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025
The vulnerabilities include two OS Command Injections, and Improper Authentication via Telnet.
Search at Netlas.io:
๐ Link: https://nt.ls/Lxf7h
๐ Dork: telnet.banner:"Zyxel VDSL"
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025
๐ฅ4๐3๐พ2
CVE-2024-13487: Code Injection in The CURCY WooCommerce Plugin, 7.3 ratingโ๏ธ
The vulnerability allows unauthenticated users to execute arbitrary shortcodes into popular free currency exchange plugin.
Search at Netlas.io:
๐ Link: https://nt.ls/QhoHC
๐ Dork: http.body:"plugins/woo-multi-currency"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-multi-currency/curcy-multi-currency-for-woocommerce-225-unauthenticated-arbitrary-shortcode-execution-via-get-products-price-function
The vulnerability allows unauthenticated users to execute arbitrary shortcodes into popular free currency exchange plugin.
Search at Netlas.io:
๐ Link: https://nt.ls/QhoHC
๐ Dork: http.body:"plugins/woo-multi-currency"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-multi-currency/curcy-multi-currency-for-woocommerce-225-unauthenticated-arbitrary-shortcode-execution-via-get-products-price-function
๐3๐พ3
๐ง Storage Maintenance ๐ง
We are currently performing maintenance to scale up storage capacity. The private scanner may be unavailable for the next 24-48 hours. The Netlas team apologizes for the inconvenience.
We will do our best to complete it as quickly as possible.
We are currently performing maintenance to scale up storage capacity. The private scanner may be unavailable for the next 24-48 hours. The Netlas team apologizes for the inconvenience.
We will do our best to complete it as quickly as possible.
๐2๐จโ๐ป2
Netlas vs Censys: A Comprehensive Analysis ๐งฎ
A new article in our series of comparisons with competitors.
This time we evaluated the pros and cons of Censys, which proved to be the strongest of our opponents. However, we tried to evaluate both search engines as honestly as possible, using 10+ key indicators.
๐ Read now: https://netlas.io/blog/netlas_vs_censys/
A new article in our series of comparisons with competitors.
This time we evaluated the pros and cons of Censys, which proved to be the strongest of our opponents. However, we tried to evaluate both search engines as honestly as possible, using 10+ key indicators.
๐ Read now: https://netlas.io/blog/netlas_vs_censys/
netlas.io
Netlas vs Censys - Netlas Blog
Compare IoT search engines Netlas and Censys, highlighting their features, strengths, and ideal use cases for security research.
๐4๐พ4โค3
CVE-2025-25064, -25065: Two vulnerabilities in Zimbra, 5.3 - 9.8 rating ๐ฅ
Vulnerabilities include SQL injection and SSRF, which could potentially lead to RCE. We recommend installing the latest patches as soon as possible.
Search at Netlas.io:
๐ Link: https://nt.ls/nehV7
๐ Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637 OR \*.banner:"Zimbra"
Vendor's advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Vulnerabilities include SQL injection and SSRF, which could potentially lead to RCE. We recommend installing the latest patches as soon as possible.
Search at Netlas.io:
๐ Link: https://nt.ls/nehV7
๐ Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637 OR \*.banner:"Zimbra"
Vendor's advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
๐ฅ3๐พ2
CVE-2025-22467: RCE in Ivanti Connect Secure, 9.9 rating ๐ฅ๐ฅ๐ฅ
A stack-based buffer overflow in Ivanti Connect Secure allows a remote authenticated attacker to achieve remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/WojuE
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
A stack-based buffer overflow in Ivanti Connect Secure allows a remote authenticated attacker to achieve remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/WojuE
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
๐ฅ6๐2๐พ1
CVE-2025-0376 and other: Multiple vulnerabilitites in GitLab, 4.2 - 8.7 ratingโ๏ธ
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
๐ฅ3๐พ3๐1
CVE-2025-1094: Improper Neutralization of Quoting Syntax in PostgreSQL functions, 8.1 ratingโ๏ธ
A vulnerability in some functions of the libpq library allows SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/EtVPc
๐ Dork: postgres:*
Vendor's advisory: https://www.postgresql.org/support/security/CVE-2025-1094/
A vulnerability in some functions of the libpq library allows SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/EtVPc
๐ Dork: postgres:*
Vendor's advisory: https://www.postgresql.org/support/security/CVE-2025-1094/
๐ฅ3โค2๐พ2