{"vulnerability": "CVE-2023-2291", "sightings": [{"uuid": "dd97e723-b7c9-41d5-823c-4ea911e1fd02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2291", "type": "seen", "source": "https://t.me/cibsecurity/62938", "content": "\u203c CVE-2023-2291 \u203c\n\nStatic credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a low-privileged user to an Administrative user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T00:25:10.000000Z"}, {"uuid": "56f15800-fc65-4b7f-9c18-c0d09557f76b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22915", "type": "seen", "source": "https://t.me/cibsecurity/62731", "content": "\u203c CVE-2023-22915 \u203c\n\nA buffer overflow vulnerability in the \u00e2\u20ac\u0153fbwifi_forward.cgi\u00e2\u20ac\ufffd CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.30 through 5.35, USG20(W)-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote unauthenticated attacker to cause DoS conditions by sending a crafted HTTP request if the Facebook WiFi function were enabled on an affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:32.000000Z"}, {"uuid": "d73ad4cd-92f3-4970-9cc4-9d854ca3ac96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22917", "type": "seen", "source": "https://t.me/cibsecurity/62727", "content": "\u203c CVE-2023-22917 \u203c\n\nA buffer overflow vulnerability in the \u00e2\u20ac\u0153sdwan_iface_ipc\u00e2\u20ac\ufffd binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:27.000000Z"}, {"uuid": "5b7b9be1-5371-41da-97a6-77ea11c9f382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22914", "type": "seen", "source": "https://t.me/cibsecurity/62725", "content": "\u203c CVE-2023-22914 \u203c\n\nA path traversal vulnerability in the \u00e2\u20ac\u0153account_print.cgi\u00e2\u20ac\ufffd CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS commands in the \u00e2\u20ac\u0153tmp\u00e2\u20ac\ufffd directory by uploading a crafted file if the hotspot function were enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:25.000000Z"}, {"uuid": "c4cdad5d-07fa-4e31-9fac-5ed3f77f19f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22918", "type": "seen", "source": "https://t.me/cibsecurity/62755", "content": "\u203c CVE-2023-22918 \u203c\n\nA post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, VPN series firmware versions 4.30 through 5.35, NWA110AX firmware version 6.50(ABTG.2) and earlier versions, WAC500 firmware version 6.50(ABVS.0) and earlier versions, and WAX510D firmware version 6.50(ABTF.2) and earlier versions, which could allow a remote authenticated attacker to retrieve encrypted information of the administrator on an affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T22:19:51.000000Z"}, {"uuid": "c12e4247-9b7b-49ce-904f-5d0a5bc29935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22916", "type": "seen", "source": "https://t.me/cibsecurity/62730", "content": "\u203c CVE-2023-22916 \u203c\n\nThe configuration parser of Zyxel ATP series firmware versions 5.10 through 5.35, USG FLEX series firmware versions 5.00 through 5.35, USG FLEX 50(W) firmware versions 5.10 through 5.35, USG20(W)-VPN firmware versions 5.10 through 5.35, and VPN series firmware versions 5.00 through 5.35, which fails to properly sanitize user input. A remote unauthenticated attacker could leverage the vulnerability to modify device configuration data, resulting in DoS conditions on an affected device if the attacker could trick an authorized administrator to switch the management mode to the cloud mode.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:31.000000Z"}, {"uuid": "b5205f12-a68c-442e-b28f-fb7cbb181c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22910", "type": "seen", "source": "https://t.me/cibsecurity/56780", "content": "\u203c CVE-2023-22910 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision-* fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs capability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T20:22:57.000000Z"}, {"uuid": "60f16aca-0b17-44d3-85e5-37acd093b09c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22912", "type": "seen", "source": "https://t.me/cibsecurity/56770", "content": "\u203c CVE-2023-22912 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager insecurely uses AES-CTR encryption with a repeated (aka re-used) nonce, allowing an adversary to decrypt.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T20:22:44.000000Z"}, {"uuid": "b2f5deba-3c43-4689-a7a9-bfdbf783e97d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22911", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10753", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22911\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an HTML attribute context.\n\ud83d\udccf Published: 2023-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-07T18:36:08.229Z\n\ud83d\udd17 References:\n1. https://phabricator.wikimedia.org/T149488\n2. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/", "creation_timestamp": "2025-04-07T18:46:06.000000Z"}, {"uuid": "7cbb5baa-b447-4a38-a2ee-8fbfc18276ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22919", "type": "seen", "source": "https://t.me/cibsecurity/63131", "content": "\u203c CVE-2023-22919 \u203c\n\nThe post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-01T20:29:43.000000Z"}, {"uuid": "ce17e85c-b5fc-4c72-aa39-a6bfae09c2ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22913", "type": "seen", "source": "https://t.me/cibsecurity/62738", "content": "\u203c CVE-2023-22913 \u203c\n\nA post-authentication command injection vulnerability in the \u00e2\u20ac\u0153account_operator.cgi\u00e2\u20ac\ufffd CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker to modify device configuration data, resulting in denial-of-service (DoS) conditions on an affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:39.000000Z"}]}