Don’t Leave Me on Read: The Efficacy of Dynamic Honeypots for Novel Exploitation Discovery

GreyNoise researchers describe using dynamic, reactive honeypots to capture a live proof-of-concept exploit for CVE-2023-47246, a path traversal vulnerability enabling remote code execution in SysAid On-Premise. The post contrasts reactive sensors with passive listeners, shows the observed payloads and PCAP evidence, references the publicly released PoC, and highlights the value of impersonating vulnerable software to collect reliable exploit telemetry.