DIVD / Max van der horst

Home
Team
Code of Conduct
News
Reports
CSIRT
Partners
Contact
Donate

Max van der horst

Max van der Horst

Role: Teamlead level 2

Social media

Icon - Max van der Horst

Articles / cases / cves

CSIRT Cases

DIVD-2023-00004 - Unauthenticated Remote Command Execution using SAML in Zoho ManageEngine
DIVD-2023-00003 - OS command injection in CentOS CWP
DIVD-2023-00002 - Publicly Reachable Malicious Webshells
DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS
DIVD-2022-00060 - Command Injection vulnerability in Bitbucket Server and Data Center
DIVD-2022-00054 - ProxyNotShell - Microsoft Exchange SSRF and RCE
DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability
DIVD-2022-00012 - Global Charity Vulnerabilities
DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections

CVEs contributed to

CVE-2022-45049 - Reflected XSS in Axiell Iguana CMS
CVE-2022-45050 - Reflected XSS in Axiell Iguana CMS
CVE-2022-45051 - Reflected POST XSS in Axiell Iguana CMS
CVE-2022-45052 - Local File Inclusion in Axiell Iguana CMS

Security
Twitter
Github
ANBI

Scanning from
AS50559
IPv4: 194.5.73.0/24 aka 194.5.73.0-194.5.73.255 - Our own local infrastructure
Cyberwar.nl
IPv4: 149.210.129.7 - Operated by Matthijs Koot
log4jdns.x00.it
IPv4: 5.2.67.229 - We use this domain and DNS server to track log4j vulnerabilities