FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence. Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets. The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc. |
|
CVE ID | CVE-2022-26138 |
CVE Title | Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 91/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | No |
Exploited by APT Group(s) | No |
Included in CISA KEV List | Yes |
Available working exploit(s) | 0 |
Available POC exploit(s) | 4 |
Darknet Mention(s) | 0 |
Telegram Mention(s) | 1 (مرکز تحقیقاتی APT IRAN) |
FortiRecon Intelligence Reporting(s) | 5 (OSINT) |
Vendor Advisory: | https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html |
https://jira.atlassian.com/browse/CONFSERVER-79483 |
CVE ID | CVE-2022-3236 |
CVE Title | Sophos Firewall Code Injection Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 90/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | No |
Exploited by APT Group(s) | No |
Included in CISA KEV List | Yes |
Available working exploit(s) | 0 |
Available POC exploit(s) | 0 |
Darknet Mention(s) | 5 (xss) |
Telegram Mention(s) | 0 |
FortiRecon Intelligence Reporting(s) | 1 (Darknet), 6 (OSINT) |
Vendor Advisory: | https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce |
CVE ID | CVE-2022-26134 |
CVE Title | Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 93/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | Yes (cerberimposter, hezb, mimo, mimus ransomware operators, avoslocker ransomware operators, mauricrypt ransomware operators, cerber ransomware) |
Exploited by APT Group(s) | Yes (8220, apt33, tac-040) |
Included in CISA KEV List | Yes |
Available working exploit(s) | 4 |
Available POC exploit(s) | 75 |
Darknet Mention(s) | 3 (xss, breachforums) |
Telegram Mention(s) | 9 (مرکز تحقیقاتی APT IRAN, Malware Corporation, Termux Israel :israel:, ARVIN, IT Security Alerts) |
FortiRecon Intelligence Reporting(s) | 16 (Technical Intelligence), 21 (Darknet), 33 (OSINT), 3 (HUMINT) |
Vendor Advisory: | https://jira.atlassian.com/browse/CONFSERVER-79016 |
http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Conc... | |
http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html | |
http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html | |
http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html | |
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html |
CVE ID | CVE-2022-2766 |
CVE Title | A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-206162 is the identifier assigned to this vulnerability. |
NVD Severity | CRITICAL |
FortiRecon Severity | LOW |
FortiRecon Score | 0/100 |
Exploited | No |
Exploited by Ransomware Group(s) | No |
Exploited by APT Group(s) | No |
Included in CISA KEV List | No |
Available working exploit(s) | 0 |
Available POC exploit(s) | 0 |
Darknet Mention(s) | 0 |
Telegram Mention(s) | 0 |
FortiRecon Intelligence Reporting(s) | 0 |
Vendor Advisory: | https://vuldb.com/?id.206162 |
https://github.com/Drun1baby/CVE_Pentest/blob/main/Loan%20Management%20System%20CMS/images/sql01.png |
CVE ID | CVE-2021-26084 |
CVE Title | Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 92/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | Yes (atom silo ransomware operators, cerber ransomware) |
Exploited by APT Group(s) | Yes (cadet blizzard) |
Included in CISA KEV List | Yes |
Available working exploit(s) | 4 |
Available POC exploit(s) | 42 |
Darknet Mention(s) | 29 (xss, raidforums) |
Telegram Mention(s) | 7 (Freedom F0x, ANTICHAT Channel, مرکز تحقیقاتی APT IRAN, Кардинг | Пластик, Ralf Hacker Channel) |
FortiRecon Intelligence Reporting(s) | 15 (Technical Intelligence),13 (OSINT), 2 (Darknet) |
Vendor Advisory: | https://jira.atlassian.com/browse/CONFSERVER-67940 |
http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html | |
CVE ID | CVE-2021-33044 |
CVE Title | Dahua IP Camera Authentication Bypass Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 92/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | No |
Exploited by APT Group(s) | No |
Included in CISA KEV List | Yes |
Available working exploit(s) | 1 |
Available POC exploit(s) | 5 |
Darknet Mention(s) | 4 (bhf) |
Telegram Mention(s) | 0 |
FortiRecon Intelligence Reporting(s) | 2 (OSINT) |
Vendor Advisory: | https://www.dahuasecurity.com/support/cybersecurity/details/957 |
http://seclists.org/fulldisclosure/2021/Oct/13 | |
http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html |
CVE ID | CVE-2021-33045 |
CVE Title | Dahua IP Camera Authentication Bypass Vulnerability |
NVD Severity | CRITICAL |
FortiRecon Severity | CRITICAL |
FortiRecon Score | 92/100 |
Exploited | Yes |
Exploited by Ransomware Group(s) | No |
Exploited by APT Group(s) | No |
Included in CISA KEV List | Yes |
Available working exploit(s) | 1 |
Available POC exploit(s) | 0 |
Darknet Mention(s) | 2 (bhf) |
Telegram Mention(s) | 0 |
FortiRecon Intelligence Reporting(s) | 2 (OSINT) |
Vendor Advisory: | https://www.dahuasecurity.com/support/cybersecurity/details/957 |
http://seclists.org/fulldisclosure/2021/Oct/13 | |
http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.