ÿÖÜÉý¼¶Í¨¸æ-2021-12-14
Ðû²¼Ê±¼ä 2021-12-15ÐÂÔöÊÂÎñ
ÊÂÎñÃû³Æ£º | TCP_ºóÃÅ_9002.Rat_APT_¹¥»÷ |
Çå¾²ÀàÐÍ£º | Ô¶¿ØºóÃÅ |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ä¾ÂíÊÔͼÅþÁ¬Ô¶³Ì·þÎñÆ÷¡£Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁËľÂí¡£9002.RatÊÇÕýÔÚ»îÔ¾µÄAPTs(AdvancedPersistentThreats)¹¥»÷£¬ÄÑÒÔ¼ì²â£¬ÇÒºÜÊÇÓÐÕë¶ÔÐÔ¡£Ö÷ÒªÊÇʹÓÃʱÏÂÊ¢ÐеÄÎó²îÈö²¥£¬ÈçCVE-2013-1347¡¢CVE-2013-2423¡¢CVE-2013-1493µÈ¡£·¢Ã÷ÓÐÉÏ´«Óû§Îļþ£¬Ô¶³ÌÖ´ÐÐÏÂÁîµÈ¹¦Ð§¡£¹¥»÷Õß¿ÉÔ¶³Ì¿ØÖƱ»¿Ø¶ËÖ÷»ú×öÖݪֲÙ×÷¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_D_Link_ÏÂÁî×¢ÈëÎó²î |
Çå¾²ÀàÐÍ£º | Âß¼/Éè¼Æ¹ýʧ |
ÊÂÎñÐÎò£º | D-LinkÒ»¼ÒÉú²úÍøÂçÓ²¼þºÍÈí¼þ²úÆ·µÄÆóÒµ£¬Ö÷Òª²úÆ·Óн»Á÷»ú¡¢ÎÞÏß²úÆ·¡¢¿í´ø²úÆ·¡¢Íø¿¨¡¢Â·ÓÉÆ÷¡¢ÍøÂçÉãÏñ»úºÍÍøÂçÇå¾²²úÆ·(·À»ðǽ)µÈ¡£D-Link±£´æÒ»¸öÏÂÁî×¢ÈëÎó²î£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÏò/getcfg.php·¢ËÍ°üÀ¨¶ñÒâÏÂÁîµÄÇëÇ󣬴ӶøʵÏÖÔ¶³Ìí§ÒâÏÂÁîÖ´ÐÐ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | TCP_ºóÃÅ_Rotajakiro.Oceanlotus(º£Á«»¨)_ÅþÁ¬ |
Çå¾²ÀàÐÍ£º | ÆäËûºóÃÅ |
ÊÂÎñÐÎò£º | ¼ì²âµ½ºóÃÅÊÔͼÅþÁ¬Ô¶³Ì·þÎñÆ÷¡£Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁ˺óÃÅRotajakiro¡£RotajakiroÒÉËÆÊÇAPT×éÖ¯º£Á«»¨ËùµÄʹÓúóÃÅ£¬¹¦Ð§ºÜÊÇÇ¿Ê¢£¬ÔËÐкó¿ÉÒÔÍêÈ«¿ØÖƱ»Ñ¬È¾»úе¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | TCP_ºáÏòÒƶ¯_PsexecÎļþдÈë |
Çå¾²ÀàÐÍ£º | ÆäËûºóÃÅ |
ÊÂÎñÐÎò£º | PsExecÊÇÒ»¸öÇáÁ¿¼¶µÄtelnetÌæ»»¹¤¾ß£¬ËüʹÄúÎÞÐèÊÖ¶¯×°Öÿͻ§¶ËÈí¼þ¼´¿ÉÖ´ÐÐÆäËûϵͳÉϵÄÀú³Ì£¬²¢ÇÒ¿ÉÒÔ»ñµÃÓëÏÂÁî¿ØÖÆ̨ÏÕЩÏàͬµÄʵʱ½»»¥ÐÔ¡£PsExec×îÇ¿Ê¢µÄ¹¦Ð§¾ÍÊÇÔÚÔ¶³ÌϵͳºÍÔ¶³ÌÖ§³Ö¹¤¾ß(Èçipconfig¡¢whoami)ÖÐÆô¶¯½»»¥Ê½ÏÂÁîÌáÐÑ´°¿Ú£¬ÒÔ±ãÏÔʾÎÞ·¨Í¨¹ýÆäËû·½·¨ÏÔʾµÄÓйØÔ¶³ÌϵͳµÄÐÅÏ¢¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_Citrix_SD-WAN_Ô¶³Ì´úÂëÖ´ÐÐÎó²î[CVE-2020-8271][CNNVD-202011-1336] |
Çå¾²ÀàÐÍ£º | ´úÂëÖ´ÐÐ |
ÊÂÎñÐÎò£º | CitrixSD-WANÊÇÓÉÃÀ¹úCitrix¹«Ë¾¿ª·¢µÄÒ»Ì×¹ãÓòÍø¼¯ÖÐÖÎÀíϵͳ£¬Í¨¹ýÐéÄ⻯ÊÖÒÕʵÏÖÆóÒµ¼¶µÄÇå¾²¹ãÓòÍø£¬×ÛºÏʹÓöàÌõÁ´Â·£¬ÊµÏÖ¸ºÔØƽºâ£¬²¢ÄÜÉèÖᢼà¿ØºÍÆÊÎöWANÉϵÄËùÓÐCitrixSD-WAN×°±¸¡£CitrixSD-WANͨ¹ýurlÆ¥ÅäʵÏÖÉí·ÝÑéÖ¤£¬µ«¹¥»÷Õß¿ÉÒÔͨ¹ý½á¹¹¶ñÒâurlʹµÃApacheÆÊÎöµÄurlºÍCakePHP´«ÈëµÄurl·×ÆçÖ£¬´Ó¶øÈƹý¿Í»§¶ËÖ¤Êé¼ì²é£¬ÊµÏÖÔ¶³Ì´úÂëÖ´ÐС£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_Redmine_ÏÂÁîÖ´ÐÐ[CVE-2011-4929][CNNVD-201210-082] |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | RedmineÊÇÒ»Ì׿ªÔ´µÄ»ùÓÚWebµÄÏîÄ¿ÖÎÀíºÍȱÏݸú×Ù¹¤¾ß¡£¸Ã¹¤¾ßÌṩÏîÄ¿ÖÎÀí¡¢ÎÊÌâ¸ú×ٺͻùÓÚ½ÇÉ«µÄ»á¼û¿ØÖƵȹ¦Ð§¡£Redmine0.9.x°æ±¾ºÍ1.0.5֮ǰµÄ1.0.x°æ±¾ÖеÄbazaar¿âÊÊÅäÆ÷Öб£´æδÃ÷Îó²î¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îͨ¹ýδ֪ÏòÁ¿Ö´ÐÐí§ÒâÏÂÁî¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_Barracuda-Spam-Firewall-img.pl_Ô¶³ÌÏÂÁîÖ´ÐÐ[CVE-2005-2847][CNNVD-200509-075] |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | BarracudaSpamFirewallÊÇÓÃÓÚ±£»¤Óʼþ·þÎñÆ÷µÄ¼¯³ÉÓ²¼þºÍÈí¼þÀ¬»øÓʼþ½â¾ö¼Æ»®¡£BarracudaSpamFirewallÖб£´æÔ¶³ÌÏÂÁîÖ´ÐÐÎó²î¡£img.pl¾ç±¾ÔÚÓû§¶ÁÈ¡ÍêÎļþ»áÊÔͼ¶Ï¿ªÎļþ¡£ÔÚ/cgi-bin/img.pl¾ç±¾ÖУºmy$file_img=\"/tmp/\".CGI£º£ºparam(\'\'f\'\');open(IMG£¬$file_img)ordie\"Couldnotopenimagebecause£º$!£Ün\";...unlink($file_img);perlopenº¯Êý»¹¿ÉÒÔÓÃÓÚÖ´ÐÐÏÂÁî¡£ÈôÊÇ×Ö·û´®ÒÔ\"|\"¿¢ÊµĻ°£¬¾ç±¾¾Í»áÖ´ÐÐÏÂÁî¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_VINGA_ÏÂÁîÖ´ÐÐÎó²î[CVE-2021-43469][CNNVD-202112-350] |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | VINGAWR-N300U77.102.1.4853ÊÜgoahead×é¼þÓ°Ï죬±£´æÒ»´¦ÏÂÁîÖ´ÐÐÎó²î¡£¸ÃÎó²îÔ´ÓÚ¶Ô´«ÈëµÄhost²ÎÊý¹ýÂ˲»ÑϽ÷£¬µ¼Ö¹¥»÷Õß¿ÉÒÔ×¢Èë¶ñÒâÏÂÁîʵÏÖÔ¶³ÌÏÂÁîÖ´ÐС£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_¿ÉÒÉÐÐΪ_tcp_socketŲÓà |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IPÖ÷»úÕýÔÚʵÑéÔÚÄ¿µÄÖ÷»ú¾ÙÐÐtcp_socketŲÓ㬿ÉÄÜΪÏÂÁî×¢Èë¹¥»÷¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_Quest_KACE_Systems_ManagementÏÂÁîÖ´ÐÐÎó²î[CVE-2018-11138][CNNVD-201805-1216] |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IP×°±¸Ê¹ÓÃQuest_KACE_Systems_ManagementÏÂÁîÖ´ÐÐÎó²î¹¥»÷Ä¿µÄIP×°±¸¡£QuestKACEϵͳÖÎÀí×°±¸8.0.318download_agent_installer.phpÎļþÔÊÐíδ¾Éí·ÝÑéÖ¤µÄÓû§ÒÔWeb·þÎñÆ÷Óû§wwwµÄÉí·ÝÖ´ÐÐí§ÒâÏÂÁî¡£ |
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | HTTP_¿ÉÒÉÐÐΪ_Apache_Log4j_ǶÌ×ʹÓÃÄÚÖÃlookupÃûÌÃ×Ö·û´® |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | ApacheLog4jÊÇÒ»¸öÓÃÓÚJavaµÄÈÕÖ¾¼Í¼¿â£¬ÆäÖ§³ÖÆô¶¯Ô¶³ÌÈÕÖ¾·þÎñÆ÷¡£´ËÊÂÎñ´ú±í·¢Ã÷ÁËÔ´IPÖ÷»ú·¢ËÍÁËÖª×ãÄÚÖÃlookupÃûÌõÄ×Ö·û´®£¬µ±Ä¿µÄIPÖ÷»úºó¶ËÎüÊÕµ½´ËÃûÌõÄ×Ö·û´®Ê±£¬»á×Ô¶¯Å²ÓÃlookup¹¦Ð§¡£´ËÊÂÎñ¼ì²âµÄÊÇ¡°Ç¶Ìס±Ê¹ÓÃlookup¼ÇºÅµÄÐÐΪ£¬´ËÐÐΪ¾ßÓÐÒ»¶¨Î£º¦£¬¿ÉÄܻᱻ¹¥»÷ÕßÀÄÓã¬ÈçÈƹýWAF¼ì²â£¬²¢¾ÙÐзÇÔ¤ÆÚµÄjndiŲÓᣠ|
¸üÐÂʱ¼ä£º | 20211214 |
ÊÂÎñÃû³Æ£º | TCP_¿ÉÒÉÐÐΪ_Apache_Log4j_ǶÌ×ʹÓÃÄÚÖÃlookupÃûÌÃ×Ö·û´® |
Çå¾²ÀàÐÍ£º | ÏÂÁîÖ´ÐÐ |
ÊÂÎñÐÎò£º | ApacheLog4jÊÇÒ»¸öÓÃÓÚJavaµÄÈÕÖ¾¼Í¼¿â£¬ÆäÖ§³ÖÆô¶¯Ô¶³ÌÈÕÖ¾·þÎñÆ÷¡£´ËÊÂÎñ´ú±í·¢Ã÷ÁËÔ´IPÖ÷»ú·¢ËÍÁËÖª×ãÄÚÖÃlookupÃûÌõÄ×Ö·û´®£¬µ±Ä¿µÄIPÖ÷»úºó¶ËÎüÊÕµ½´ËÃûÌõÄ×Ö·û´®Ê±£¬»á×Ô¶¯Å²ÓÃlookup¹¦Ð§¡£´ËÊÂÎñ¼ì²âµÄÊÇ¡°Ç¶Ìס±Ê¹ÓÃlookup¼ÇºÅµÄÐÐΪ£¬´ËÐÐΪ¾ßÓÐÒ»¶¨Î£º¦£¬¿ÉÄܻᱻ¹¥»÷ÕßÀÄÓã¬ÈçÈƹýWAF¼ì²â£¬²¢¾ÙÐзÇÔ¤ÆÚµÄjndiŲÓᣠ|
¸üÐÂʱ¼ä£º | 20211214 |