Update Wed Mar 2 19:27:42 UTC 2022

m4ll0k · Mar 2, 2022 · 7e19347 · 7e19347
1 parent 3754a42
commit 7e19347
Show file tree

Hide file tree

Showing 14 changed files with 118 additions and 4 deletions.
diff --git a/2018/CVE-2018-1000621.md b/2018/CVE-2018-1000621.md
@@ -0,0 +1,17 @@
+### [CVE-2018-1000621](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000621)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. This impacts ONLY the Mycroft for Linux and "non-enclosure" installs - Mark 1 and Picroft unaffected. This attack appear to be exploitable remote access to the unsecured websocket server. This vulnerability appears to have been fixed in No fix currently available.
+
+### POC
+
+#### Reference
+- https://github.com/Nhoya/MycroftAI-RCE
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2018/CVE-2018-1285.md b/2018/CVE-2018-1285.md
@@ -13,5 +13,6 @@ Apache log4net versions before 2.0.10 do not disable XML external entities when
 - https://www.oracle.com/security-alerts/cpujan2021.html
 
 #### Github
+- https://github.com/aluxnimm/outlookcaldavsynchronizer
 - https://github.com/p1ay8y3ar/cve_monitor
 
diff --git a/2018/CVE-2018-21136.md b/2018/CVE-2018-21136.md
@@ -0,0 +1,17 @@
+### [CVE-2018-21136](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21136)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.
+
+### POC
+
+#### Reference
+- https://kb.netgear.com/000060224/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Modem-Routers-PSV-2018-0100
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2020/CVE-2020-28271.md b/2020/CVE-2020-28271.md
@@ -10,6 +10,7 @@ Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allo
 ### POC
 
 #### Reference
+- https://github.com/sharpred/deepHas/commit/2fe011713a6178c50f7deb6f039a8e5435981e20
 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28271
 
 #### Github

diff --git a/2021/CVE-2021-3156.md b/2021/CVE-2021-3156.md
@@ -53,6 +53,7 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based
 - https://github.com/Timirepo/CVE_Exploits
 - https://github.com/Toufupi/CVE_Collection
 - https://github.com/Y3A/CVE-2021-3156
+- https://github.com/aasphixie/aasphixie.github.io
 - https://github.com/ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build
 - https://github.com/amanszpapaya/MacPer
 - https://github.com/apogiatzis/docker-CVE-2021-3156

diff --git a/2021/CVE-2021-4104.md b/2021/CVE-2021-4104.md
@@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/GGongnanE/TodayILearned
 - https://github.com/HackJava/Log4j2
 - https://github.com/HynekPetrak/log4shell-finder
+- https://github.com/NCSC-NL/log4shell
 - https://github.com/NiftyBank/java-app
 - https://github.com/PAXSTORE/paxstore-openapi-java-sdk
 - https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words

diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md
@@ -28,6 +28,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
 
 #### Github
+- https://github.com/0-x-2-2/CVE-2021-44228
 - https://github.com/0xsyr0/OSCP
 - https://github.com/1in9e/Apache-Log4j2-RCE
 - https://github.com/1lann/log4shelldetect
@@ -44,6 +45,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/ChoiSG/log4shell-dockerlab
 - https://github.com/ClaudeStabile/PadeOpenfireDockerMode
 - https://github.com/CobbleSword/NachoSpigot
+- https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector
 - https://github.com/Cosmo-Tech/azure-digital-twins-simulator-connector
 - https://github.com/CptOfEvilMinions/ChooseYourSIEMAdventure
 - https://github.com/CreeperHost/Log4jPatcher
@@ -78,6 +80,8 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/MedKH1684/Log4j-Vulnerability-Exploitation
 - https://github.com/Mormoroth/log4j-vulnerable-app-cve-2021-44228-terraform
 - https://github.com/Mr-xn/Penetration_Testing_POC
+- https://github.com/NCSC-NL/log4shell
+- https://github.com/NO-MONKEY/log4j_use_in_sap
 - https://github.com/NUMde/compass-num-conformance-checker
 - https://github.com/Neo23x0/log4shell-detector
 - https://github.com/NiftyBank/java-app
@@ -92,6 +96,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/R0Wi/elasticsearch-nextcloud-docker
 - https://github.com/RADIUS-as-a-Service/radiusaas-docs
 - https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs
+- https://github.com/RrUZi/Awesome-CVE-2021-44228
 - https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs
 - https://github.com/StandB/CVE-2021-44228-poc
 - https://github.com/Staubgeborener/stars
@@ -144,6 +149,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/dileepdkumar/https-github.com-cisagov-log4j-affected-dbv2
 - https://github.com/docker-solr/docker-solr
 - https://github.com/druminik/log4shell-poc
+- https://github.com/dtact/divd-2021-00038--log4j-scanner
 - https://github.com/eclipse-archived/kuksa.integration
 - https://github.com/eclipse-scout/scout.rt
 - https://github.com/eromang/researches
@@ -211,6 +217,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/microsoft/ApplicationInsights-Java
 - https://github.com/mklinkj/log4j2-test
 - https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
+- https://github.com/myyxl/cve-2021-44228-minecraft-poc
 - https://github.com/mzlogin/CVE-2021-44228-Demo
 - https://github.com/nedenwalker/spring-boot-app-using-gradle
 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
@@ -248,6 +255,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/srhercules/log4j_mass_scanner
 - https://github.com/ssstonebraker/log4j-scan-turbo
 - https://github.com/stefmolin/Holiday-Hack-Challenge-2021
+- https://github.com/sud0x00/log4j-CVE-2021-44228
 - https://github.com/superfish9/pt
 - https://github.com/sysadmin0815/Fix-Log4j-PowershellScript
 - https://github.com/syslog-ng/syslog-ng
@@ -271,6 +279,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/wanetty/wanetty.github.io
 - https://github.com/watson-developer-cloud/assistant-with-discovery
 - https://github.com/wavefrontHQ/wavefront-proxy
+- https://github.com/webraybtl/log4j-snort
 - https://github.com/whalehub/awesome-stars
 - https://github.com/wheez-y/CVE-2021-44228-kusto
 - https://github.com/whitesource-ps/ws-bulk-report-generator

diff --git a/2021/CVE-2021-44832.md b/2021/CVE-2021-44832.md
@@ -21,6 +21,7 @@ Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases
 - https://github.com/YunDingLab/fix_log4j2
 - https://github.com/aws/aws-msk-iam-auth
 - https://github.com/domwood/kiwi-kafka
+- https://github.com/dtact/divd-2021-00038--log4j-scanner
 - https://github.com/hillu/local-log4j-vuln-scanner
 - https://github.com/lhotari/pulsar-docker-images-patch-CVE-2021-44228
 - https://github.com/logpresso/CVE-2021-44228-Scanner

diff --git a/2021/CVE-2021-45046.md b/2021/CVE-2021-45046.md
@@ -25,6 +25,7 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i
 - https://github.com/HackJava/Log4j2
 - https://github.com/HynekPetrak/log4shell-finder
 - https://github.com/LoliKingdom/NukeJndiLookupFromLog4j
+- https://github.com/NCSC-NL/log4shell
 - https://github.com/NUMde/compass-num-conformance-checker
 - https://github.com/NiftyBank/java-app
 - https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
@@ -40,6 +41,7 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i
 - https://github.com/davejwilson/azure-spark-pools-log4j
 - https://github.com/dileepdkumar/https-github.com-cisagov-log4j-affected-dbv2
 - https://github.com/docker-solr/docker-solr
+- https://github.com/dtact/divd-2021-00038--log4j-scanner
 - https://github.com/eventsentry/scripts
 - https://github.com/hillu/local-log4j-vuln-scanner
 - https://github.com/hypertrace/hypertrace

diff --git a/2021/CVE-2021-45105.md b/2021/CVE-2021-45105.md
@@ -24,12 +24,14 @@ Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) di
 - https://github.com/Cybereason/Logout4Shell
 - https://github.com/HackJava/Log4j2
 - https://github.com/HynekPetrak/log4shell-finder
+- https://github.com/NCSC-NL/log4shell
 - https://github.com/NiftyBank/java-app
 - https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
 - https://github.com/Qualys/log4jscanwin
 - https://github.com/binkley/modern-java-practices
 - https://github.com/darkarnium/Log4j-CVE-Detect
 - https://github.com/davejwilson/azure-spark-pools-log4j
+- https://github.com/dtact/divd-2021-00038--log4j-scanner
 - https://github.com/hillu/local-log4j-vuln-scanner
 - https://github.com/imTigger/webapp-hardware-bridge
 - https://github.com/jacobalberty/unifi-docker

diff --git a/2022/CVE-2022-0824.md b/2022/CVE-2022-0824.md
@@ -0,0 +1,17 @@
+### [CVE-2022-0824](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0824)
+![](https://img.shields.io/static/v1?label=Product&message=webmin%2Fwebmin&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%201.990%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen)
+
+### Description
+
+Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
+
+### POC
+
+#### Reference
+- https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2022/CVE-2022-0829.md b/2022/CVE-2022-0829.md
@@ -0,0 +1,17 @@
+### [CVE-2022-0829](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0829)
+![](https://img.shields.io/static/v1?label=Product&message=webmin%2Fwebmin&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C%201.990%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen)
+
+### Description
+
+Improper Authorization in GitHub repository webmin/webmin prior to 1.990.
+
+### POC
+
+#### Reference
+- https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e
+
+#### Github
+No PoCs found on GitHub currently.
+