Go back

VulnCheck Initial Access Intelligence Update - May 2024

Patrick Garrityin/patrickmgarrity/

VulnCheck Initial Access Intelligence equips organizations and security teams with detection artifacts such as Suricata signatures, YARA rules, PCAPs, and private exploit PoCs to defend against initial access vulnerabilities that are either already being exploited or likely to be exploited soon.

In May 2024, we developed new Initial Access Intelligence (IAI) artifacts for 20 CVEs, covering 16 different vendors and 18 different products.

Initial Access Intelligence - May 2024

To provide better visibility into these updates, we’ve broken down May’s Initial Access Intelligence Artifacts by CVE. For each CVE, we provide a range of detection tools including:

  • Exploits
  • Version scanners
  • PCAPs
  • Suricata rules
  • Snort rules
  • YARA rules
  • Greynoise/Censys/Shodan queries

May 2024 Initial Access Artifacts

Artifact NameDate AddedCVEExploitVersion ScannerpcapSuricata RulesnortRuleyara
Nexus Repository Manager Path Traversal2024-05-31CVE-2024-4956
Netis MW5360 Password Command Injection2024-05-30CVE-2024-22729
Rejetto HFS 2.3m RCE2024-05-30CVE-2024-23692
Netis SOHO Admin Credential Leak2024-05-30CVE-2024-23693
Telesquare TLR-2005Ksh sysCommand RCE2024-05-29CVE-2024-29269
Cisco RV Series Upload Symlink Traverse RCE2024-05-24CVE-2024-23691
Bricks Builder WordPress RCE2024-05-24CVE-2024-25600
nostromo (nhttpd) Path Traversal RCE2024-05-21CVE-2019-16278
Struts Path Traversal RCE2024-05-21CVE-2023-50164
Citrix NetScaler Information Disclosure (Memory Leak)2024-05-17CVE-2023-6549
Cacti cmd_realtime.php RCE Attempt2024-05-17CVE-2024-29895
pgAdmin Validate Binary Injection2024-05-15CVE-2022-4223
JetBrains TeamCity Authentication Bypass2024-05-14CVE-2024-23917
Tinyproxy UAF2024-05-13CVE-2023-49606
OpenMetadata JWT Bypass RCE2024-05-13CVE-2024-28255
D-Link NAS Hard-Coded Credentials2024-05-05CVE-2024-3272
D-Link NAS Command Injection2024-05-05CVE-2024-3273
Netgear VPN Configuration Backup RCE2024-05-03CVE-2024-23690
Apache Tomcat WebDAV Webshell Upload2024-05-01CVE-2017-12617
Apache Tomcat 'Ghostcat' File Leak2024-05-01CVE-2020-1938

Learn More About VulnCheck Initial Access Intelligence

Learn more about how you can leverage Initial Access Intelligence detection artifacts to detect & respond to remote code execution (RCE) vulnerabilities here: https://docs.vulncheck.com/products/initial-access-intelligence/introduction