免责声明
今天是2023年8月10号周四,HW开始第二天,风急天高猿啸哀,部分BT已飞回!(徐总写的文案就是有文采,笑死😆)
第一天被日穿的佬
天启建议您:pip install -r kfc.txt试试呢
天启:纯情蓝高!!!,有看上的RT女师傅抓抓紧吧!
天启:如果忘记带纸可以敲敲隔壁倾月师傅的门!
哦吼,小红书SRC开通了
一、今日份漏洞情报
PeiQiwiki文库漏洞更新
https://github.com/PeiQi0/PeiQi-WIKI-Book
360漏洞情报今日更新情况
【演练实时消息】
【消息时间】:2023-08-10 01:10
【消息标题】:绿盟SAS安全审计系统 GetFile 任意文件读取漏洞
【消息详情】:360漏洞云监测到《绿盟SAS安全审计系统 GetFile 任意文件读取漏洞》消息,经漏洞云复核,确认为【真实】漏洞,漏洞影响版本【未知】,该漏洞标准化POC已经上传漏洞云情报平台,平台编号:360LDYLD-2023-00002408,情报订阅用户可登录漏洞云情报平台( https://loudongyun.360.cn/bug/list )查看漏洞详情。
【演练实时消息】
【消息时间】:2023-08-10 00:50
【消息标题】:亿赛通电子文档安全管理系统 importFileType 文件上传漏洞
【消息详情】:360漏洞云监测到《亿赛通电子文档安全管理系统 importFileType 文件上传漏洞》消息,经漏洞云复核,确认为【真实】Nday漏洞,漏洞影响版本【未知】,该漏洞标准化POC已经上传漏洞云情报平台,平台编号:360LDYLD-2023-00002494,情报订阅用户可登录漏洞云情报平台( https://loudongyun.360.cn/bug/list )查看漏洞详情。
【演练实时消息】
【消息时间】:2023-08-10 10:30
【消息标题】:泛微 E-Office 任意文件上传漏洞
【消息详情】:360漏洞云监测到《泛微 E-Office 任意文件上传漏洞(CVE-2023-2523)》POC已公开,经漏洞云复核,确认为【真实】漏洞,POC真实有效,漏洞影响版本【泛微 E-office=9.5 】,该漏洞标准化POC已经上传漏洞云情报平台,平台编号:360LDYLD-2023-00002492,情报订阅用户可登录漏洞云情报平台( https://loudongyun.360.cn/bug/list )查看漏洞详情。
【演练实时消息】
【消息时间】:2023-08-10 11:00
【消息标题】:通达OA SQL注入漏洞
【消息详情】:360漏洞云监测到《通达OA SQL注入漏洞(CVE-2023-2523)》POC已公开,经漏洞云复核,确认为POC【真实】,漏洞影响版本【通达OA<11.10】,该漏洞标准化POC已经上传漏洞云情报平台,平台编号:360LDYLD-2023-00002486,情报订阅用户可登录漏洞云情报平台( https://loudongyun.360.cn/bug/list )查看漏洞详情。
【消息时间】:2023-08-10 11:10
【消息标题】:网神 SecGate 3600 防火墙 obj_app_upfile 任意文件上传漏洞
【消息详情】:360漏洞云监测到《网神 SecGate 3600 防火墙 obj_app_upfile 任意文件上传漏洞》消息,经漏洞云复核,确认为历史漏洞,相关Poc在往年攻防演练中已有出现,该漏洞标准化POC已经上传漏洞云情报平台,平台编号:360LDYLD-2022-00005790,情报订阅用户可登录漏洞云情报平台( https://loudongyun.360.cn/bug/list )查看漏洞详情。
来自红蓝攻防实验室
2023HW-Day nday集合1、Hillstone LMS 系统命令执行漏洞2、天翼云网页防篡改系统命令执行漏洞3、中远麒麟堡垒机系统 SQL 注入漏洞4、致远 OA 系统命令执行漏洞5、致远 OA 系统 V5-V6 模块命令执行漏洞6、山石网科 EDR 系统 PHP 模块命令执行漏洞7、H3C NX54 系统 web 模块信息泄露漏洞8、锐捷 EG 易网关系统命令执行漏洞9、H3C 虚拟授权管理系统系统命令执行漏洞10、H3C 虚拟授权管理系统系统 web 模块命令执行漏洞11、H3C 综合日志审计平台系统命令执行漏洞12、Logbase 堡垒机系统 web 模块 SQL 注入漏洞13、绿盟 SAS堡垒机localuser.php 任意用户登录漏洞14、绿盟SAS堡垒机 GetFile 任意文件读取漏洞15、绿盟SAS堡垒机 Exec 远程命令执行漏洞16、HiKVISION综合安防管理平台env 信息泄漏漏洞17、安恒明御运维审计与风险控制系统 xmlrpc.sock 任意用户添加漏洞18、锐捷 NBR 路由器 fileupload.php 任意文件上传漏洞19、H3C Magic CVE-2023-34928 远程代码执行漏洞20、JCG路由器命令执行漏洞21、通达 OA getdata 远程代码执行漏洞22、红帆OA ioRepPicAdd 前台任意文件上传漏洞23、九思OA wap.do SQL注入漏洞24、九思OA wap.do 任意文件下载漏洞25、Finetree-5MP-摄像机未授权任意用户添加漏洞(老)
POC可以直接去PeiQiwiki文库搜一下哦!
二、恶意IP(建议封禁)
来源:知道创宇安全智脑,微步情报社区,CT情报,以及本小弟收集
185.191.171.4205.210.31.2479.174.13.220205.210.31.5198.235.24.220119.52.208.2185.191.171.22205.210.31.85185.201.9.209205.210.31.193176.58.110.137205.210.31.3927.124.42.18154.41.228.146198.235.24.255121.60.81.17066.36.234.18198.235.24.193212.237.37.217198.235.24.22661.75.17.124119.52.216.106198.235.24.21438.54.88.17454.193.34.2219.151.149.152205.210.31.43205.210.31.167205.210.31.99205.210.31.57185.191.171.12205.210.31.44205.210.31.172135.125.234.192164.92.155.72171.212.209.20992.42.107.232198.235.24.230116.50.239.166205.210.31.5385.208.139.70118.107.46.131124.248.69.8385.208.98.20194.163.144.192198.235.24.178205.210.31.9885.208.98.16185.191.171.25217.76.53.63153.120.7.63198.235.24.161198.235.24.227205.210.31.76198.235.24.238198.235.24.228205.210.31.221205.210.31.84198.235.24.144205.210.31.79205.210.31.22185.191.171.19203.146.170.155198.235.24.194205.210.31.16945.81.39.20205.210.31.87198.235.24.129205.210.31.5645.141.215.19139.213.210.216188.65.36.6885.208.96.202119.52.106.108205.210.31.24638.242.241.17927.210.138.12285.208.96.200198.235.24.162205.210.31.171119.52.106.117172.104.181.101205.210.31.90205.210.31.17205.210.31.254198.235.24.184205.210.31.237198.235.24.229151.106.108.24198.235.24.246185.191.171.16198.235.24.14927.18.27.235198.235.24.23138.242.249.157103.136.221.238185.191.171.8205.210.31.106205.210.31.109205.210.31.110205.210.31.143198.235.24.204222.163.61.199175.27.223.15205.210.31.92205.210.31.15446.229.237.101205.210.31.198222.213.119.61198.235.24.175185.191.171.1122.138.102.141205.210.31.81107.189.12.105205.210.31.250162.55.85.21585.208.96.193137.226.113.44198.235.24.223222.163.46.119205.210.31.222205.210.31.97205.210.31.6685.208.96.20450.18.246.37124.248.69.175205.210.31.30205.210.31.225198.235.24.248205.210.31.19205.210.31.100205.210.31.22385.208.96.19894.102.61.75205.210.31.128205.210.31.251139.209.175.83205.210.31.163154.204.35.133205.210.31.73198.235.24.16513.57.15.9205.210.31.19285.208.96.205205.210.31.144198.235.24.205205.210.31.134205.210.31.142205.210.31.162205.210.31.72198.235.24.139103.20.220.64205.210.31.23205.210.31.3205.210.31.185205.210.31.15327.124.10.187198.235.24.155205.210.31.83122.10.45.233170.187.237.228172.245.205.158198.235.24.182185.191.171.6139.209.171.51119.52.215.4046.101.193.196205.210.31.226171.212.116.210122.138.100.103205.210.31.23285.208.96.209185.191.171.34205.210.31.40216.244.66.247205.210.31.164210.16.189.4205.210.31.95101.71.140.6205.210.31.203198.235.24.216205.210.31.8085.208.96.206205.210.31.75198.235.24.199198.235.24.136222.160.184.6173.224.126.236159.69.61.17820.171.240.220101.71.140.985.208.96.197205.210.31.11187.120.84.184198.235.24.159217.182.134.106205.210.31.27216.244.66.243157.90.182.23139.214.87.19551.144.113.144205.210.31.227198.235.24.147205.210.31.78194.169.175.167135.148.237.208205.210.31.129198.235.24.141122.138.96.207205.210.31.23885.208.96.201198.235.24.20285.217.144.60198.235.24.13034.27.12.1413.215.135.50137.117.121.68205.210.31.132198.235.24.183198.235.24.224205.210.31.151198.235.24.242205.210.31.137115.85.21.85103.42.58.103222.163.47.186198.235.24.252205.210.31.21351.75.133.70205.210.31.103205.210.31.18443.128.11.242185.191.171.14205.210.31.208185.191.171.3202.79.169.18159.223.17.119124.248.69.230205.210.31.18195.191.219.131205.210.31.195198.235.24.154218.146.39.67162.55.85.220205.210.31.236205.210.31.231198.235.24.215198.235.24.196139.214.87.85205.210.31.65205.210.31.7436.134.130.57205.210.31.24435.87.158.36205.210.31.10121.22.5.241104.160.42.76205.210.31.141198.235.24.168205.210.31.220205.210.31.48205.210.31.89205.210.31.239205.210.31.183198.235.24.237198.235.24.212198.235.24.201205.210.31.8205.210.31.14885.208.98.22198.235.24.235198.235.24.225205.210.31.13054.177.102.232198.235.24.23646.19.136.74205.210.31.25538.55.128.10287.121.221.210222.163.61.159185.191.171.183.226.97.26205.210.31.170205.210.31.34205.210.31.215208.91.69.21103.115.164.8127.124.40.56205.210.31.47198.235.24.148198.235.24.169154.9.228.19985.208.96.210101.71.140.7205.210.31.38119.52.233.95205.210.31.207109.237.98.53122.138.96.16747.243.189.7793.188.165.7543.153.174.46119.52.105.201205.210.31.54198.235.24.232143.244.138.155185.191.171.20107.148.73.7038.49.39.117208.91.69.30198.235.24.146205.210.31.253205.210.31.24585.208.96.196205.210.31.194205.210.31.96205.210.31.42205.210.31.211195.191.219.132205.210.31.35205.210.31.252198.235.24.195198.235.24.142198.235.24.203205.210.31.19727.203.244.107205.210.31.155112.237.3.7121.196.195.153143.198.32.12205.210.31.14205.210.31.196205.210.31.8685.208.98.29185.191.171.11205.210.31.5574.249.156.221198.187.28.23185.191.171.338.222.188.8343.136.181.37119.52.107.175205.210.31.205205.210.31.168175.23.128.80205.210.31.5234.223.106.245185.191.171.17205.210.31.201154.61.74.7205.210.31.135205.210.31.18685.208.98.19198.235.24.156216.244.66.228185.191.171.1085.208.96.199198.235.24.247205.210.31.41205.210.31.214205.210.31.14685.208.96.203205.210.31.241205.210.31.233198.235.24.21147.107.66.8119.52.107.249205.210.31.156205.210.31.216205.210.31.3685.208.98.1797.74.94.186154.43.165.6198.235.24.166198.235.24.208198.235.24.239198.235.24.19854.93.164.158185.191.171.24205.210.31.2205.210.31.60205.210.31.249205.210.31.229205.210.31.45205.210.31.16185.208.98.18205.210.31.180205.210.31.68103.27.62.17442.91.178.75122.138.105.5344.210.236.62207.154.254.20985.208.96.194205.210.31.69129.204.197.13392.204.138.222213.136.75.229154.9.228.159205.210.31.6198.235.24.163205.210.31.176205.210.31.46198.235.24.24087.76.8.76222.160.187.180216.118.246.34205.210.31.150198.235.24.145205.210.31.248205.210.31.230205.210.31.5185.208.98.23205.210.31.71185.191.171.26198.235.24.13185.208.98.24205.210.31.105198.235.24.213205.210.31.202205.210.31.20205.210.31.82198.235.24.233198.235.24.132217.160.232.32122.141.192.35205.210.31.217142.93.56.228120.38.11.4459.59.14.221198.235.24.18045.81.39.227198.235.24.153198.235.24.197205.210.31.181205.210.31.13185.191.171.9198.235.24.150185.191.171.35198.235.24.245198.235.24.134208.91.69.19205.210.31.32139.209.171.12205.210.31.212205.210.31.26205.210.31.107205.210.31.158205.210.31.88222.163.58.250198.235.24.13720.150.220.19723.88.67.81198.235.24.21795.111.226.15119.52.210.182198.235.24.151205.210.31.7744.203.94.250198.235.24.24485.208.96.208205.210.31.15198.235.24.185205.210.31.177205.210.31.178205.210.31.25205.210.31.1383.237.254.838.45.123.162119.8.180.84198.235.24.158198.235.24.254205.210.31.209153.120.43.14918.208.210.158124.248.69.223205.210.31.104198.235.24.186124.248.69.22185.208.96.212185.191.171.23205.210.31.2154.175.183.40167.86.122.200124.248.69.143101.71.140.8148.251.4.36198.235.24.251198.235.24.207205.210.31.235198.235.24.135119.52.106.99198.235.24.152198.235.24.241205.210.31.28198.235.24.222103.136.220.238185.191.171.2198.235.24.128198.235.24.249198.235.24.133205.210.31.108185.191.171.21205.210.31.140205.210.31.219205.210.31.175112.44.190.143205.210.31.206205.210.31.37185.191.171.13205.210.31.210198.235.24.243129.146.41.159205.210.31.59162.215.212.39198.235.24.209205.210.31.1165.108.125.120119.52.208.95205.210.31.204205.210.31.242205.210.31.165198.235.24.143205.210.31.21814.128.13.2205.210.31.50198.235.24.219205.210.31.9185.208.96.207205.210.31.152216.244.66.195205.210.31.243205.210.31.1285.208.98.31198.235.24.234205.210.31.9367.211.214.155107.172.5.251205.210.31.17394.102.61.7198.235.24.177103.174.87.250216.244.66.239162.55.86.59205.210.31.67103.136.221.2393.99.47.227205.210.31.240205.210.31.199185.191.171.754.218.46.79175.178.215.205154.12.240.15015.228.79.181198.235.24.171110.82.17.90205.210.31.149122.138.100.4652.8.247.135205.210.31.15934.222.201.120198.235.24.140198.235.24.19285.208.96.195205.210.31.102139.214.91.169117.27.161.171103.114.162.188205.210.31.224192.241.141.91205.210.31.147205.210.31.31198.235.24.253205.210.31.94185.65.207.26216.244.66.244205.210.31.136205.210.31.3385.208.96.211205.210.31.29198.235.24.164120.38.159.233104.236.104.29198.235.24.17645.81.39.17436.157.11.43205.210.31.145205.210.31.139185.191.171.15207.244.248.83195.191.219.13374.208.34.76198.235.24.218205.210.31.166205.210.31.9198.235.24.174183.60.21.9119.52.213.177185.191.171.5
使用需知
由于传播、利用此文所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,文章作者不为此承担任何责任。
封面图片来源网络,如有侵权联系必删。
安全小白,不喜绕过。
仅供参考,请勿用于违法行为,如有侵权以及各种情况可以私聊!
原文始发于微信公众号(天启实验室):HW第二天0day以及恶意IP简单汇总
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论