{"vulnerability": "CVE-2023-22344", "sightings": [{"uuid": "c2d2eb6f-8c83-4565-a611-a1c08eb8af72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59440", "content": "\u203c CVE-2023-22344 \u203c\n\nUse of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22336 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:21.000000Z"}, {"uuid": "3c6b5773-0909-4e92-ba20-3940fce0234a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59444", "content": "\u203c CVE-2023-22335 \u203c\n\nImproper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to bypass access restriction and download an arbitrary file of the directory where the product runs. As a result of exploiting this vulnerability with CVE-2023-22336 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:25.000000Z"}, {"uuid": "2b741ef5-0167-46d5-ab6a-404c14adfd48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59437", "content": "\u203c CVE-2023-22336 \u203c\n\nPath traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:18.000000Z"}, {"uuid": "96ddf42a-27f8-4738-b883-b545d7956164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "Telegram/NYZmz1eOKNDAGNnnuRUvzWQuP9X38H3odG6pDdaeLU612Qet", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"}]}