Post · bonfire.cafe

Post

cR0w h0 h0

@cR0w@infosec.exchange · last week

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

https://www.cve.org/CVERecord?id=CVE-2017-20216

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20212

K. Reid Wightman :verified: 🌻 :donor:

@reverseics@infosec.exchange replied · last week

@cR0w @Dio9sys @da_667 weird, there have been exploits for these since 2017, and the CNA is vulncheck (which wasn't even around in 2017). maybe vulncheck did 'the thing' where you can reserve CVEs for a prior year?

I've been tempted to do that sometimes on these multi-year coordination processes ;-).

cR0w h0 h0

@cR0w@infosec.exchange replied · last week

@reverseics @Dio9sys @da_667 I've seen so many like that from them that I assumed they've been going through exploit-db and publishing CVEs for PoCs that didn't have them.

soup

@hotsoup@infosec.exchange replied · last week

@cR0w @reverseics @Dio9sys @da_667 are you saying that they’re going back and… checking vulns?

K. Reid Wightman :verified: 🌻 :donor:

@reverseics@infosec.exchange replied · last week

@risottobias @hotsoup @cR0w @Dio9sys @da_667 100%

(••)
( ••)>⌐■-■
(⌐■_■)

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1-beta.35 no JS en

Automatic federation enabled