GreyNoise coverage for the top CVEs most used by Chinese state-sponsored attackers as identified by CISA: https://www.cisa.gov/uscert/ncas/alerts/aa22-279a
All of them in one GNQL by tag name.
All of them in one GNQL by CVE id.
Individual ones below:
- CVE-2019-11510: Pulse Secure VPN File Disclosure
- CVE-2019-19781: Citrix NetScaler LFI
- CVE-2020-5902: F5 BIG-IP TMUI RCE
- CVE-2020-5902: F5 BIG-IP TMUI RCE Vuln Check
- CVE-2021-1497: Cisco HyperFlex HX RCE Attempt
- CVE-2021-1497: Cisco HyperFlex HX RCE Vuln Check
- CVE-2021-22005: VMWare VCSA File Upload Attempt
- CVE-2021-22005: VMWare VCSA File Upload Check
- CVE-2021-22205: GitLab CE RCE
- CVE-2021-26084: Atlassian Confluence Server OGNL Injection Attempt
- CVE-2021-26084: Atlassian Confluence Server OGNL Injection Vuln Check
- CVE-2021-26855: ProxyLogon SSRF Attempt
- CVE-2021-26855: ProxyLogon SSRF Vuln Check
- CVE-2021-36260: Hikvision IP Camera RCE Attempt
- CVE-2021-40539: Zoho ManageEngine RCE Attempt
- CVE-2021-40539: Zoho ManageEngine RCE Check
- CVE-2021-41773: Apache HTTP Server Path Traversal Attempt
- CVE-2021-42237: Sitecore RCE Attempt
- CVE-2021-42237: Sitecore RCE Check
- CVE-2021-44228: Apache Log4j RCE Attempt
- CVE-2022-1388: F5 BIG-IP iControl REST Authentication Bypass
- CVE-2022-24112: Apache APISIX RCE Attempt
- CVE-2022-26134: Atlassian Confluence Server CVE-2022-26134 OGNL Injection Attempt