Browse all 8 CVE security advisories affecting MolotovCherry. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MolotovCherry primarily targets enterprise applications and cloud services, focusing on gaining unauthorized access to sensitive data. Historically, the actor has favored remote code execution and cross-site scripting vulnerabilities as initial access vectors, often exploiting misconfigurations and unpatched systems. Privilege escalation follows initial compromise to maintain persistence. While no major public incidents have been definitively attributed to MolotovCherry, their consistent exploitation of known CVEs suggests methodical reconnaissance and exploitation cycles. The actor demonstrates moderate technical sophistication, typically leveraging common attack patterns rather than novel techniques. Their eight documented CVEs primarily affect web applications and API endpoints, indicating a preference for widely deployed enterprise software.
This page lists every published CVE security advisory associated with MolotovCherry. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.