搜索

2021年hvv 4月8日情报汇总​

白帽子社区

共 4727字,需浏览 10分钟

 ·

2021-04-08 21:06

作者:护网专题小组  编辑:白帽子社区运营团队




    "白帽子社区在线CTF靶场BMZCTF,欢迎各位在这里练习、学习,BMZCTF全身心为网络安全赛手提供优质学习环境,链接(http://www.bmzclub.cn/)

"    


HW专题篇(一)



漏洞情报


疑似确认漏洞

WPS 通过内置浏览器实现RCE漏洞
某远OA 任意文件上传漏洞
天擎越权访问漏洞
H3C交换机任意用户登录漏洞
某服VPN无条件RCE漏洞
帆软V9 getshell漏洞
Coremail命令执行漏洞
Jellyfin任意文件读取漏洞
齐治堡垒机命令执行漏洞
用友NC反序列化漏洞
和信创天云桌面系统全版本存在命令执行、文件上传漏洞
jackson存在反序列化漏洞
某服EDR存在命令执行漏洞
jackson存在反序列化漏洞
tomcat存在反序列化命令执行漏洞
泛微OA9前台存在任意文件上传漏洞
泛微OA8前台存在SQL注入
dubbo存在反序列化命令执行漏洞
weblogic存在反序列化命令执行漏洞
天擎前台存在sq|注入
红帆0A任意文件写入漏洞
金蝶K3Cloud全版本存在命令执行
用友U8Cloud版本存在命令执行
启明星辰天清汉马USG防火墙存在逻辑缺陷漏洞
天眼存在0day漏洞


已辟谣漏洞
幻阵管理后台认证绕过漏洞


攻击IP共计275条(已去重)
1.202.249.7214.23.86.18614.23.114.21936.110.10.17836.110.33.119.130.105.95119.130.105.96119.130.105.98119.130.105.100119.130.105.104119.130.105.105119.130.105.110119.130.105.111119.130.105.112119.130.105.113119.130.105.114119.130.105.118119.130.105.121119.130.105.122119.130.105.126119.130.105.127119.130.105.129119.130.105.130119.130.105.131119.130.105.132119.130.105.133119.130.105.134119.130.105.135119.130.105.136119.130.105.140119.130.105.142119.130.105.143119.130.105.144119.130.105.149119.130.105.151119.130.106.10119.130.106.12119.130.106.15119.130.106.18119.130.106.19119.130.106.20119.130.106.21119.130.106.22119.130.106.23119.130.106.24119.130.106.25119.130.106.26119.130.106.27119.130.106.28119.130.106.35119.130.106.40119.130.106.41119.130.106.42119.130.106.44119.130.106.45119.130.106.46119.130.106.47119.130.106.49119.130.106.59119.130.106.60119.130.106.61119.130.106.62119.130.106.65119.130.106.69119.130.106.71119.130.106.72119.130.106.73119.130.106.74119.130.106.75119.130.106.77119.130.106.78119.130.106.81119.130.106.86119.130.106.91119.130.106.92119.130.106.94119.130.106.95119.130.106.99119.130.106.107119.130.106.108119.130.106.111119.130.106.112119.130.106.113119.130.106.114119.130.106.116119.130.106.120119.130.106.122119.130.106.123119.130.106.125119.130.106.131119.130.106.135119.130.106.138119.130.106.140119.130.106.141119.130.106.143119.130.106.144119.130.106.146119.130.106.148119.130.106.151119.130.106.153119.130.106.156119.130.106.157119.130.106.158119.130.106.165119.130.106.170119.130.106.172119.130.106.175119.130.106.176119.130.106.180119.130.106.182119.130.106.185119.130.106.187119.130.106.189119.130.106.191119.130.106.192119.130.106.197119.130.106.198119.130.106.199119.130.106.203119.130.106.206119.130.106.209119.130.106.214119.130.106.219119.130.106.220119.130.106.222119.130.106.223119.130.106.225119.130.106.230119.130.106.231119.130.106.232119.130.106.235119.130.106.236119.130.106.237119.130.106.239119.130.106.242119.130.106.249119.130.107.4119.130.107.7119.130.107.8119.130.107.9119.130.107.12119.130.107.13119.130.107.15119.130.107.16119.130.107.17119.130.107.21119.130.107.22119.130.107.23119.130.107.25119.130.107.32119.130.107.40119.130.107.41119.130.107.43119.130.107.45119.130.107.46119.130.107.47119.130.107.48119.130.107.53119.130.107.55119.130.107.56119.130.107.57119.130.107.59119.130.107.60119.130.107.61119.130.107.67119.130.107.68119.130.107.69119.130.107.79119.130.107.81119.130.107.87119.130.107.89119.130.107.91119.130.107.92119.130.107.94119.130.107.99119.130.107.101119.130.107.108119.130.107.109119.130.107.110119.130.107.111119.130.107.115119.130.107.120119.130.107.121119.130.107.123119.130.107.128119.130.107.129119.130.107.134119.130.107.135183.129.153.149183.129.153.150183.129.153.151183.129.153.152183.129.241.203183.129.241.205183.134.192.17183.134.192.18183.134.192.21183.134.192.22183.134.192.25183.134.192.99183.134.192.200202.105.136.102210.12.55.230210.12.169.35210.21.61.200210.21.229.202211.103.223.113211.162.77.10218.17.55.237218.17.107.34218.17.157.149218.17.158.45218.17.184.106218.30.116.3218.30.116.4218.30.116.7218.30.116.8218.30.116.9218.30.116.10218.30.116.92218.30.116.94218.30.116.95218.30.116.97218.30.116.99218.30.116.183218.30.116.184218.30.116.185218.30.116.186218.30.116.187218.30.116.188218.30.116.231218.30.116.232218.30.116.233218.30.116.246218.30.116.247219.136.71.42219.142.112.12219.143.144.162219.143.240.82219.143.240.93221.4.33.229221.4.33.253222.85.178.32222.128.20.226222.209.84.116222.209.84.125223.71.139.22223.71.139.25223.71.139.26223.71.139.28223.112.9.217223.223.179.130223.223.179.1311.15.185.1281.15.186.261.15.189.21149.235.107.21554.178.182.4681.68.70.230103.102.195.68106.75.114.155112.17.250.41116.211.138.200117.136.38.227119.188.182.132121.5.64.12121.5.147.39121.5.147.143122.9.9.171123.127.16.178139.9.158.162150.158.191.239150.158.213.195180.96.16.254183.61.189.186
往期精彩文章




虎符ctf  wp
apache ofbiz CVE-2021-26295 RMI反序列化分析
红队战术-用ssl加密你的metasploit通信
【护网行动专题】红队攻击指南




技术支持:白帽子社区团队
— 扫码关注我们 



浏览 81
点赞
评论
收藏
分享

手机扫一扫分享

分享
举报
评论
图片
表情
推荐
2021年4月90篇GAN/对抗论文汇总
机器学习与生成对抗网络
0
股市晚报-2021年4月16日
心态第一策略第二技术只有屈居第三了                            1上证指数:3426.62(开:+0.00% ,收:+0.81%) 【上涨129家,下跌311家】2深证指数:13720.74(开:+0.00% ,收:+0.30%) 【上涨1953家,下跌438...
2021年4月的一些思考!
木木老贼
0
腾讯云4月8日故障复盘及情况说明
4月8日15点23分,腾讯云团队收到告警信息,云API服务处于异常状态;随即在腾讯云工单、售后服务群以及微博等渠道开始大量出现腾讯云控制台登录不上的客户反馈。经过故障定位发现,客户登录不上控制台正是由云API异常所导致。云API是云上统一的开放接口集合,客户可以通过API以编程方式管理和操控云端资源
2021年边缘计算融资汇总
物联网智库
0
最新!2022年4月66篇GAN/对抗论文汇总
机器学习与生成对抗网络
0
免费版-Elasticsearch7.8X入门到精通2021年4月
码农沉思录
0
微软 Xbox 2023 发布会汇总:《星空》最新情报公布
Machree
0
全球区块链产业发展月报(2021年4月)
01区块链
0
整理了一套HVV利器!
Bypass
0