VulnCheck Initial Access Intelligence equips organizations and security teams with detection artifacts such as Suricata signatures, YARA rules, PCAPs, and private exploit PoCs to defend against initial access vulnerabilities that are either already being exploited or likely to be exploited soon.
In June 2024, VulnCheck developed new Initial Access Intelligence (IAI) artifacts for 15 CVEs, covering 13 different vendors and 13 different products.
To provide better visibility into these updates, we’ve broken down June’s Initial Access Intelligence Artifacts by CVE. For each CVE, we provide a range of detection tools including:
- Exploits
- Version scanners
- PCAPs
- Suricata rules
- Snort rules
- YARA rules
- Greynoise/Censys/Shodan queries
June 2024 Initial Access Artifacts
| Artifact Name | Date Added | CVE | Exploit | Version Scanner | pcap | Suricata Rule | snortRule | yara |
|---|---|---|---|---|---|---|---|---|
| Progress Telerik Report Server | 2024-06-03 | CVE-2024-4358 | ✅ | ✅ | ✅ | |||
| Apache HugeGraph Gremlin Filter Bypass | 2024-06-05 | CVE-2024-27348 | ✅ | ✅ | ✅ | ✅ | ✅ | |
| Check Point Security Gateway Path Traversal | 2024-06-06 | CVE-2024-24919 | ✅ | ✅ | ✅ | ✅ | ||
| Apache OFBiz Path Traversal RCE | 2024-06-06 | CVE-2024-32113 | ✅ | ✅ | ✅ | ✅ | ✅ | |
| PHP CGI Argument Injection | 2024-06-08 | CVE-2024-4577 | ✅ | ✅ | ✅ | ✅ | ✅ | |
| Kyocera MFP Address Book Credential Leak | 2024-06-12 | CVE-2022-1026 | ✅ | ✅ | ✅ | ✅ | ||
| Sophos UTM 9 WebAdmin SID Command Injection | 2024-06-13 | CVE-2020-25223 | ✅ | ✅ | ✅ | ✅ | ||
| SolarWinds Serv-U InternalDir Directory Traversal | 2024-06-14 | CVE-2024-28995 | ✅ | ✅ | ✅ | ✅ | ✅ | |
| Build You Own Botnet Web UI RCE | 2024-06-18 | CVE-2024-6131 | ✅ | ✅ | ✅ | ✅ | ||
| Ivanti Endpoint Manager (EPM) SQL Injection RCE | 2024-06-21 | CVE-2024-29824 | ✅ | ✅ | ✅ | ✅ | ||
| Zyxel NAS simZysh Python Injection | 2024-06-21 | CVE-2024-29973 | ✅ | ✅ | ✅ | ✅ | ||
| Empire C2 path traversal RCE | 2024-06-24 | CVE-2024-6127 | ✅ | ✅ | ||||
| AVideo Remote Code Execution | 2024-06-25 | CVE-2024-31819 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| XWiki Database Search Code Injection | 2024-06-25 | CVE-2024-31982 | ✅ | ✅ | ✅ | ✅ | ✅ | |
| Progress MOVEit Transfer SFTP Authentication Bypass | 2024-06-28 | CVE-2024-5806 | ✅ | ✅ | ✅ | ✅ | ✅ |
Learn More About VulnCheck Initial Access Intelligence
Learn more about how you can leverage Initial Access Intelligence detection artifacts to detect & respond to remote code execution (RCE) vulnerabilities here: https://docs.vulncheck.com/products/initial-access-intelligence/introduction