{"vulnerability": "CVE-2023-2283", "sightings": [{"uuid": "e51f9899-9bd9-4e2e-a44e-727119dc5988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3080", "content": "30 Tools \ud83d\udd27 \ud83d\udee0\ud83e\ude9b\ud83d\udd28 - Hackers Factory \n\nBREAD\n\nBREAD (BIOS Reverse Engineering & Advanced Debugging) is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code (on real HW) from another PC via serial cable.\n\nhttps://github.com/Theldus/bread\n\n#cybersecurity #infosec #reverse\n\n\u200b\u200bGTScan \u2014 The Nmap Scanner for Telco\n\nGTScan relies on using empty TCAP layers as probes to detect listening subsystem numbers (i.e application port numbers like 80 for http, 443 for https but for telecom nodes) on the respective global titles. With this way will be able to map the network and use the results to conduct targeted direct attacks to the respective nodes.\n\nhttps://github.com/SigPloiter/GTScan\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bYAWNING-TITAN\n\nYAWNING-TITAN (YT) is an abstract, graph based cyber-security simulation environment that supports the training of intelligent agents for autonomous cyber operations. YAWNING-TITAN currently only supports defensive autonomous agents who face off against probabilistic red agents.\n\nhttps://github.com/dstl/Yawning-Titan\n\n#cybersecurity #infosec\n\n\u200b\u200bIRCP\n\nA robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers.\n\nhttps://github.com/internet-relay-chat/IRCP\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bTinyCheck\n\nTinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs).\n\nhttps://github.com/KasperskyLab/TinyCheck\n\n#cybersecurity #infosec\n\n\u200b\u200bDropSpawn\n\nA #CobaltStrike BOF used to spawn additional Beacons via a relatively unknown method of DLL hijacking. Works x86-x86, x64-x64, and x86-x64/vice versa. Use as an alternative to process injection.\n\nhttps://github.com/Octoberfest7/DropSpawn_BOF\n\n#infosec #pentesting #redteam\n\n\u200b\u200bInstagram-Lookup\n\nThis script allows you to search for an Instagram profile using user ID or retrieve a profile's ID by username. It utilizes the Instagram API to retrieve profile information based on the provided input.\n\nhttps://github.com/AyalX/Instagram-Lookup\n\n#OSINT #recon #infosec\n\n\u200b\u200bScreenshotBOFPlus\n\nTake a screenshot without injection for #CobaltStrike. I only made minor optimizations to the existing code, and made it support the ability to get a complete screenshot when global scaling is initiated on Windows.\n\nhttps://github.com/baiyies/ScreenshotBOFPlus\n\n#infosec #pentesting #redteam\n\n\u200b\u200bBytesafe\n\nSecurity platform that protects organizations from open source software supply chain attacks.\n\nhttps://github.com/bitfront-se/bytesafe-ce\n\n#cybersecurity #infosec\n\n\u200b\u200bSignatureGate\n\nWeaponized version of HellsGate, bypassing AV/EDR/EPPs by abusing opt-in-fix CVE-2013-3900. \n\nhttps://github.com/florylsk/SignatureGate\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-33829\n\nSCM Manager XSS\n\nhttps://github.com/CKevens/CVE-2023-33829-POC\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bBypassNeo-reGeorg\n\nAnti-kill version Neo-reGeorg.\n\nhttps://github.com/r00tSe7en/BypassNeo-reGeorg\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUTopia\n\nA tool for automatically generating fuzz drivers from unit tests.\n\nhttps://github.com/Samsung/UTopia\n\n#cybersecurity #infosec\n\n\u200b\u200bShellcode PageSplit\n\nSplitting and executing shellcode across multiple pages.\n\nhttps://github.com/x0reaxeax/PageSplit\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-2283\n\nAuthentication bypass vulnerability in libssh, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user\u2019s account via ssh login.\n\nhttps://github.com/github/securitylab/tree/1786eaae7f90d87ce633c46bbaa0691d2f9bf449/SecurityExploits/libssh/pubkey-auth-bypass-CVE-2023-2283\n\n#cybersecurity #infosec\n\n\u200b\u200bIndoXploit-Shell \n\nhttps://github.com/flux10n/IndoXploit-WebShell\n\n#infosec #pentesting #redteam\n\n\u200b\u200b1/2", "creation_timestamp": "2023-06-10T10:53:16.000000Z"}, {"uuid": "8658fb6b-f5f1-46da-ac80-bb8dbb0dabaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1568", "content": "libssh CVE-2023-2283\nPOC exploit\nusage:\n~/libssh/build/examples/ssh-client -p 2022 victim@172.18.0.10 ~/id_ed25519.pub\n\n#ssh", "creation_timestamp": "2023-06-08T10:11:39.000000Z"}, {"uuid": "d458e133-dff7-4e39-b2d6-25c932fd89ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3640", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31leak of the airline Lnea A\u00e9rea Amaszonas S.A. : https://system32.ink/d/leak-of-the-airline-lnea-aerea-amaszonas-s-a/\n\n\ud83d\udd31Leak solicitudesglpi(.)dnsalias(.)net : https://system32.ink/d/leak-solicitudesglpi-dnsalias-net/\n\n\ud83d\udd31Leak goldstockcanada(.)com : https://system32.ink/d/leak-goldstockcanada-com/\n\n\ud83d\udd31Leak realtimetopup(.)com : https://system32.ink/d/leak-realtimetopup-com/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31UTopia is a tool for automatically generating fuzz drivers : https://system32.ink/d/utopia-is-a-tool-for-automatically-generating-fuzz-drivers/\n\n\ud83d\udd31Instagram-Lookup : https://system32.ink/d/instagram-lookup/\n\n\ud83d\udda5Exploit:\n\n\ud83d\udd31libssh CVE-2023-2283 POC exploit : https://system32.ink/d/libssh-cve-2023-2283-poc-exploit/\n\n\ud83d\udd31CVE-2023-29336 Win32k Privilege Escalation Vulnerability with PoC : https://system32.ink/d/cve-2023-29336-win32k-privilege-escalation-vulnerability-with-poc/\n\n\ud83d\udd31CVE-2023-32353 PoC Exploit : https://system32.ink/d/cve-2023-32353-poc-exploit/\n\n@crackcodes crackcodes.in", "creation_timestamp": "2023-06-09T06:57:28.000000Z"}, {"uuid": "d397f4a5-9c51-4c15-ad6e-7a59e7126bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "Telegram/NN3pXljU0HKWuAzoNXu9AGvW_T8BRzwQQn_FvkN6Fu7fNuM", "content": "", "creation_timestamp": "2023-06-12T21:13:08.000000Z"}, {"uuid": "b353ca94-78e2-4cea-b2cf-9d8369560dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "Telegram/_8EjJXXQqbkIyzyxgInWP7w3Pys3pMtrWeaEQ6Tu9Qnvxv8", "content": "", "creation_timestamp": "2023-06-08T22:47:06.000000Z"}, {"uuid": "eb97a3c6-91f3-4fea-b36b-7c34badf6ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "seen", "source": "https://t.me/ctinow/182432", "content": "https://ift.tt/v7cZiF2\nCVE-2023-2283 | Oracle MySQL Workbench 8.0.34 and prior improper authentication", "creation_timestamp": "2024-02-10T06:36:47.000000Z"}, {"uuid": "34aea5b3-6a25-4d52-b566-804db71f04c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "seen", "source": "https://t.me/ctinow/181088", "content": "https://ift.tt/Y2uElNk\nCVE-2023-2283 | Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade unknown vulnerability", "creation_timestamp": "2024-02-08T01:56:19.000000Z"}, {"uuid": "5a70868e-b386-4fd5-b645-81409d5f9e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "seen", "source": "https://t.me/ctinow/181087", "content": "https://ift.tt/vB5Qaky\nCVE-2023-2283 | Oracle Communications Cloud Native Core Console 23.3.1 Configuration improper authentication", "creation_timestamp": "2024-02-08T01:56:18.000000Z"}, {"uuid": "b20b7e27-a712-4b69-a595-e25cabf187c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22835", "type": "seen", "source": "https://t.me/cibsecurity/66310", "content": "\u203c CVE-2023-22835 \u203c\n\nA security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants.This defect was resolved with the release of Foundry Issues 2.510.0 and Foundry Frontend 6.228.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T00:24:11.000000Z"}, {"uuid": "ca57c24b-f3aa-48dc-9c28-1a5ffd5b9500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8278", "content": "#exploit\n1. CVE-2023-1667 / CVE-2023-2283:\nDoS/Authentication bypass in libssh\nhttps://securitylab.github.com/advisories/GHSL-2023-032_GHSL-2023-042_libssh\nhttps://securitylab.github.com/advisories/GHSL-2023-085_libssh\n\n2. CVE-2023-28770:\nZyxel (Routers/CPE Devices) Chained RCE\nhttps://packetstormsecurity.com/files/172277/Zyxel-Chained-Remote-Code-Execution.html\n\n3. CVE-2023-25394:\nVideoStream LPE\nhttps://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE", "creation_timestamp": "2023-05-11T18:05:50.000000Z"}, {"uuid": "1c1ca3ce-bb6f-4a3e-a72c-0a7988fce284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22839", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8929", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22839\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udccf Published: 2023-02-01T17:56:26.064Z\n\ud83d\udccf Modified: 2025-03-26T17:48:26.847Z\n\ud83d\udd17 References:\n1. https://my.f5.com/manage/s/article/K37708118", "creation_timestamp": "2025-03-26T18:25:40.000000Z"}, {"uuid": "b2bde80c-e2f5-4f29-9165-c1255fd477ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/2811", "content": "libssh CVE-2023-2283\n\nhttps://github.com/github/securitylab/tree/1786eaae7f90d87ce633c46bbaa0691d2f9bf449/SecurityExploits/libssh/pubkey-auth-bypass-CVE-2023-2283\n\nusage:\n~/libssh/build/examples/ssh-client -p 2022 victim@172.18.0.10 ~/id_ed25519.pub", "creation_timestamp": "2023-07-26T09:40:33.000000Z"}, {"uuid": "2845cc4d-cc3b-4a6c-8be7-fca15eeb7200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "Telegram/Br2OpH7o_MWfREYUYid276mb8IdKTXovISPbJMRVK8IsJQ", "content": "", "creation_timestamp": "2023-06-09T06:58:31.000000Z"}, {"uuid": "d460c0cf-733b-4f95-82ae-ded1cd23e849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "Telegram/AN344bRTc8lME8zSJGBvq7bNYn_UVAU64_FV0zTbjkmEax4", "content": "", "creation_timestamp": "2023-07-26T07:41:04.000000Z"}, {"uuid": "29bc53bd-e41a-4f45-9fb3-41d89a228992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22836", "type": "seen", "source": "https://t.me/ctinow/175513", "content": "https://ift.tt/PJqRsfy\nCVE-2023-22836", "creation_timestamp": "2024-01-29T20:26:08.000000Z"}, {"uuid": "49d63918-e770-4d9e-bbdc-51463dcb22f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22836", "type": "seen", "source": "https://t.me/ctinow/189867", "content": "https://ift.tt/NOHaA2l\nCVE-2023-22836 | Palantir com.palantir.skywise:guardian prior 2.278.0 Foundry Linter service authorization", "creation_timestamp": "2024-02-21T18:16:19.000000Z"}, {"uuid": "b08887ea-0540-4a11-9d24-55dca6413ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "seen", "source": "https://t.me/ctinow/182348", "content": "https://ift.tt/3a91Ahe\nCVE-2023-2283 | Oracle MySQL Cluster 8.0.34 and prior/8.1.0 improper authentication", "creation_timestamp": "2024-02-10T00:02:23.000000Z"}, {"uuid": "9af85bc2-e351-462b-92ea-9f0b3a21d9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22838", "type": "seen", "source": "https://t.me/cibsecurity/59441", "content": "\u203c CVE-2023-22838 \u203c\n\nCross-site scripting vulnerability in Product List Screen and Product Detail Screen of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:22.000000Z"}, {"uuid": "010c356d-dfb0-463d-a705-5020f81464c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22839", "type": "seen", "source": "https://t.me/cibsecurity/57322", "content": "\u203c CVE-2023-22839 \u203c\n\nOn BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:18.000000Z"}, {"uuid": "b971a6fd-7d0f-47f0-a274-883405230e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22832", "type": "seen", "source": "https://t.me/cibsecurity/57895", "content": "\u203c CVE-2023-22832 \u203c\n\nThe ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations and disallows XML External Entity resolution in the ExtractCCDAAttributes Processor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-10T16:57:37.000000Z"}, {"uuid": "6e8b24c1-aae7-4d9e-b9fa-83eca4d4c1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22833", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/465", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22833\n\ud83d\udd39 Description: Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances.\n\ud83d\udccf Published: 2023-06-06T18:55:06.549Z\n\ud83d\udccf Modified: 2025-01-07T16:24:09.439Z\n\ud83d\udd17 References:\n1. https://palantir.safebase.us/?tcuUid=7f1fd834-805d-4679-85d0-9d779fa064ae", "creation_timestamp": "2025-01-07T16:41:17.000000Z"}]}