VulnCheck는 VulnCheck KEV를 커뮤니티 서비스로 제공하여, 알려진 익스플로잇 취약점에 대한 시의적절한 가시성을 제공합니다. 이 서비스는 VulnCheck 커뮤니티 대시보드, API 엔드포인트, 그리고 기계가 읽을 수 있는 JSON을 통해 제공됩니다.
curl --request GET --url https://api.vulncheck.com/v3/backup/vulncheck-kev --header 'Accept: application/json' --header 'Authorization: Bearer insert_token_here'
package main
import (
"context"
"encoding/json"
"fmt"
"log"
"os"
vulncheck "github.com/vulncheck-oss/sdk-go-v2/v2"
)
func main() {
configuration := vulncheck.NewConfiguration()
configuration.Scheme = "https"
configuration.Host = "api.vulncheck.com"
client := vulncheck.NewAPIClient(configuration)
token := os.Getenv("VULNCHECK_API_TOKEN")
auth := context.WithValue(
context.Background(),
vulncheck.ContextAPIKeys,
map[string]vulncheck.APIKey{
"Bearer": {Key: token},
},
)
resp, httpRes, err := client.EndpointsAPI.BackupIndexGet(auth, "vulncheck-kev").Execute()
if err != nil || httpRes.StatusCode != 200 {
log.Fatal(err)
}
prettyJSON, err := json.MarshalIndent(resp.Data, "", " ")
if err != nil {
log.Fatalf("Failed to generate JSON: %v", err)
return
}
fmt.Println(string(prettyJSON))
}
import vulncheck_sdk
configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"
with vulncheck_sdk.ApiClient(configuration) as api_client:
endpoints_client = vulncheck_sdk.EndpointsApi(api_client)
api_response = endpoints_client.backup_index_get("vulncheck-kev")
print(api_response.data[0].url)
vulncheck backup download vulncheck-kev
VulnCheck KEV는 문자열, 문자열 배열, 시간(및 이러한 데이터 유형을 포함하는 객체)으로 구성된 따라가기 쉬운 스키마를 가지고 있습니다.
아래에는 모든 필드가 채워진 VulnCheck KEV 레코드의 예시가 포함되어 있습니다. 또한, Go 프로그래밍 언어에서 이 JSON 객체를 파싱하기 위한 데이터 구조 예시도 포함되어 있습니다.
아래는 VulnCheck KEV의 전체 레코드 예시입니다. 모든 필드가 채워져 있습니다.
"data": [
{
"vendorProject": "PHP Group",
"product": "PHP",
"shortDescription": "PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823.",
"vulnerabilityName": "PHP-CGI OS Command Injection Vulnerability",
"required_action": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"knownRansomwareCampaignUse": "Known",
"cve": [
"CVE-2024-4577"
],
"cwes": [
"CWE-78"
],
"vulncheck_xdb": [
{
"xdb_id": "024996c990cc",
"xdb_url": "https://vulncheck.com/xdb/024996c990cc",
"date_added": "2025-02-14T19:38:10Z",
"exploit_type": "initial-access",
"clone_ssh_url": "git@github.com:Didarul342/CVE-2024-4577.git"
},
{
"xdb_id": "081170ce66e7",
"xdb_url": "https://vulncheck.com/xdb/081170ce66e7",
"date_added": "2024-06-18T13:19:21Z",
"exploit_type": "initial-access",
"clone_ssh_url": "git@github.com:jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE.git"
},
{
"xdb_id": "0b2ec7cacbad",
"xdb_url": "https://vulncheck.com/xdb/0b2ec7cacbad",
"date_added": "2024-07-11T02:22:32Z",
"exploit_type": "initial-access",
"clone_ssh_url": "git@github.com:bibo318/CVE-2024-4577-RCE-ATTACK.git"
},
{
"xdb_id": "0c4b91081cb3",
"xdb_url": "https://vulncheck.com/xdb/0c4b91081cb3",
"date_added": "2023-01-13T08:18:15Z",
"exploit_type": "initial-access",
"clone_ssh_url": "git@github.com:0xPugal/my-nuclei-templates.git"
},
// ..
],
"vulncheck_reported_exploitation": [
{
"url": "https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
"date_added": "2024-06-07T00:00:00Z"
},
{
"url": "https://x.com/Shadowserver/status/1799053497490698548",
"date_added": "2024-06-07T00:00:00Z"
},
{
"url": "https://infosec.exchange/@ntkramer/112582375921224782",
"date_added": "2024-06-08T00:00:00Z"
},
{
"url": "https://isc.sans.edu/diary/Attacker%20Probing%20for%20New%20PHP%20Vulnerablity%20CVE-2024-4577/30994",
"date_added": "2024-06-09T00:00:00Z"
},
{
"url": "https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/",
"date_added": "2024-06-10T00:00:00Z"
},
{
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-06-11&host_type=src&vulnerability=cve-2024-4577",
"date_added": "2024-06-11T00:00:00Z"
},
{
"url": "https://api.vulncheck.com/v3/index/vulncheck-canaries?cve=CVE-2024-4577&date=2025-10-21",
"date_added": "2025-10-21T22:37:21Z"
},
{
"url": "https://api.vulncheck.com/v3/index/vulncheck-canaries?cve=CVE-2024-4577&date=2025-10-22",
"date_added": "2025-10-22T14:42:59Z"
// ..
}
],
"reported_exploited_by_vulncheck_canaries": true,
"dueDate": "2024-07-03T00:00:00Z",
"cisa_date_added": "2024-06-12T00:00:00Z",
"date_added": "2024-06-07T00:00:00Z",
"_timestamp": "2025-10-22T17:27:39.163357849Z"
아래에는 VulnCheck KEV 데이터 구조를 마샬링 또는 언마샬링하기 위한 데이터 구조 예시가 포함되어 있습니다.
type VulnCheckKEV struct {
VendorProject string `json:"vendorProject"`
Product string `json:"product"`
Description string `json:"shortDescription"`
Name string `json:"vulnerabilityName"`
RequiredAction string `json:"required_action"`
KnownRansomwareCampaignUse string `json:"knownRansomwareCampaignUse"`
CVE []string `json:"cve"`
VulnCheckXDB []XDB `json:"vulncheck_xdb"`
VulnCheckReportedExploitation []ReportedExploit `json:"vulncheck_reported_exploitation"`
ReportedExploitedByVulnCheckCanaries bool `json:"reported_exploited_by_vulncheck_canaries"`
DueDate *time.Time `json:"dueDate,omitempty"`
CisaDateAdded *time.Time `json:"cisa_date_added,omitempty"`
DateAdded time.Time `json:"date_added"`
}
type ReportedExploit struct {
Url string `json:"url"`
DateAdded time.Time `json:"date_added"`
}
type XDB struct {
XDBID string `json:"xdb_id"`
XDBURL string `json:"xdb_url"`
DateAdded time.Time `json:"date_added"`
ExploitType string `json:"exploit_type"`
CloneSSHURL string `json:"clone_ssh_url"`
}