Lennaert Oudshoorn

Role: Head of DIVD-CSIRT

Articles / cases / cves

Blog posts

• 29 March 2021 - DIVD publishes it’s first annual report (in Dutch).

CSIRT Cases

• DIVD-2023-00033 - Citrix systems exploited with CVE-2023-3519
• DIVD-2023-00031 - Ivanti MobileIron vulnerable for CVE-2023-35078
• DIVD-2023-00030 - Citrix systems vulnerable for CVE-2023-3519
• DIVD-2023-00029 - Critical Fortinet SSL-VPN RCE Vulnerability
• DIVD-2023-00028 - SQL Injection in MOVEit Transfer - CVE-2023-36934
• DIVD-2023-00009 - Cisco RV Series Remote Command Execution
• DIVD-2022-00065 - Multiple Critical Vulnerabilities in multiple Zyxel EOL devices
• DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
• DIVD-2022-00061 - KNXNet/IP gateways often left open to the internet
• DIVD-2022-00058 - ZK Framework - ZK AuUploader Servlet Upload Vulnerability
• DIVD-2022-00042 - Canon print portals facing the internet
• DIVD-2022-00030 - Exposed QNAP
• DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
• DIVD-2022-00025 - VMware - CVE-2022-22954
• DIVD-2022-00012 - Global Charity Vulnerabilities
• DIVD-2021-00038 - Apache Log4j2
• DIVD-2021-00036 - VMware vCenter Server arbitrary file read vulnerability
• DIVD-2021-00030 - GitLab Unauthenticated RCE Flaw
• DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
• DIVD-2021-00026 - Omigod: Microsoft Open Management Interface RCE
• DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
• DIVD-2021-00012 - Warehouse Botnet
• DIVD-2021-00011 - Kaseya VSA Disclosure
• DIVD-2021-00010 - vCenter Server PreAuth RCE
• DIVD-2021-00006 - SmarterMail
• DIVD-2021-00005 - Pulse Secure PreAuth RCE
• DIVD-2021-00004 - Gelekte phishing gegevens / Leaked phishing credentials
• DIVD-2021-00002 - Kaseya VSA
• DIVD-2021-00001 - Microsoft on-prem Exchange Servers
• DIVD-2020-00014 - SolarWinds Orion
• DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
• DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
• DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
• DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
• DIVD-2020-00008 - 313 000 Wordpress sites scanned
• DIVD-2020-00007 - Citrix ShareFile

CSIRT blog posts

• 05 October 2021 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
• 06 July 2021 - Kaseya Case Update 3
• 03 July 2021 - Kaseya Case Update
• 02 July 2021 - Kaseya VSA Advisory
• 09 May 2021 - Phishing slachtoffer notificatie / Victim notification phishing
• 08 March 2021 - Exchange Zero-day IoC detectie script / Exchange Zero-day detection script
• 30 December 2020 - SolarWinds Orion API authentication bypass
• 17 December 2020 - Het Security Meldpunt wordt DIVD CSIRT / This site will become DIVD CSIRT
• 27 November 2020 - Wordpress binnen het .nl domein geïndexeerd / Wordpress in .nl space indexed
• 15 November 2020 - Lijst met 49 000 kwetsbare Fortinet VPNs / List of 49 000 vulnerable Fortinet VPNs