Ralph Horn
Role: SabbaticalArticles / cases / cves
CSIRT Cases
- DIVD-2024-00015 - Remote Command Execution in CrushFTP
- DIVD-2024-00014 - Qlik Sense Remote Code Execution
- DIVD-2024-00013 - Palo Alto PAN-OS Command Injection Vulnerability in GlobalProtect
- DIVD-2024-00005 - Remote code execution in FortiOS
- DIVD-2024-00002 - Account takeover vulnerability in Gitlab CE/EE
- DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance
- DIVD-2023-00045 - Confluence RCE Vulnerability In Confluence Data Center and Confluence Server
- DIVD-2023-00040 - Critical F5 BIG-IP unauthenticated RCE Vulnerability
- DIVD-2023-00039 - VMware vCenter Server RCE
- DIVD-2023-00038 - Global Cisco IOS-XE (CVE-2023-20198) Implants
- DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability
- DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934
- DIVD-2023-00027 - Ignite Realtime Openfire auth bypass - CVE-2023-32315
- DIVD-2023-00026 - Apache Superset authentication bypass leads to RCE - CVE-2023-27524
- DIVD-2023-00023 - SQL injection in MOVEit Transfer - CVE-2023-34362
- DIVD-2023-00022 - OS command injection vulnerability of Zyxel firewalls
- DIVD-2023-00020 - PaperCut MF/NG Authentication Bypass
- DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability
- DIVD-2023-00007 - Global VMware ESXi Ransomware Attack
- DIVD-2023-00002 - Publicly Reachable Malicious Webshells
- DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
- DIVD-2022-00060 - Command Injection vulnerability in Bitbucket Server and Data Center
- DIVD-2022-00058 - ZK Framework - ZK AuUploader Servlet Upload Vulnerability
- DIVD-2022-00054 - ProxyNotShell - Microsoft Exchange SSRF and RCE
- DIVD-2022-00053 - Atlassian Bitbucket Server - CVE-2022-36804
- DIVD-2022-00045 - Injection vulnerability found within Socket.io
- DIVD-2022-00030 - Exposed QNAP
- DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
- DIVD-2022-00025 - VMware - CVE-2022-22954
- DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
- DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability
- DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js
- DIVD-2022-00017 - Global Healthcare Vulnerabilities
- DIVD-2022-00012 - Global Charity Vulnerabilities
- DIVD-2022-00010 - Auth bypass in SAP
- DIVD-2022-00008 - XSS Zeroday in Zimbra
- DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections
- DIVD-2021-00038 - Apache Log4j2
- DIVD-2021-00033 - Sites with Potential SQL-Injection
- DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure