{"vulnerability": "CVE-2023-25135", "sightings": [{"uuid": "b6bd2151-51c5-4b15-9ec9-f953d3b4133b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "Telegram/AqbQcSruHn_WkutfE8evxRkyLJKRGDqBk7h61RFWxZdE1Lg", "content": "", "creation_timestamp": "2023-02-04T17:08:41.000000Z"}, {"uuid": "afdf24c7-9ed6-4275-81ef-d78060115f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2886", "content": "Tools - Hackers Factory\n\n\u200b\u200bMobSF\n\nMobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF\n\n\u200b\u200bvBulletin Exploits\n\nCVE-2023-25135: Pre-authentication RCE.\n\nhttps://github.com/ambionics/vbulletin-exploits\n\nDetails:\nhttps://www.ambionics.io/blog/vbulletin-unserializable-but-unreachable\n\n\u200b\u200bInternet of Vulnerable Things\n\nThe results of my small term paper on the topic of the Internet of Vulnerable Things and the exploit for CVE-2022-48194.\n\nhttps://github.com/otsmr/internet-of-vulnerable-things\n\n\u200b\u200bOSTIF\n\nSecurity Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF\n\nhttps://github.com/ostif-org/OSTIF\n\n\u200b\u200bSocial Media #OSINT\n\nhttps://github.com/cqcore/Social-Media-OSINT\n\n\u200b\u200bWhatWaf\n\nWhatWaf is an advanced firewall detection tool who's goal is to give you the idea of \"There's a WAF?\". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target.\n\nhttps://github.com/Ekultek/WhatWaf\n\n\u200b\u200bESP32Marauder\n\nA suite of WiFi/Bluetooth offensive and defensive tools for the #ESP32\n\nhttps://github.com/justcallmekoko/ESP32Marauder\n\n\u200b\u200bWarpgate\n\nA smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps.\n\n\u2022 Set it up in your DMZ, add user accounts and easily assign them to specific hosts and URLs within the network.\n\u2022 Warpgate will record every session for you to view (live) and replay later through a built-in admin web UI.\n\u2022 Written in 100% safe Rust.\n\nhttps://github.com/warp-tech/warpgate\n\n\u200b\u200bWAFW00F\n\nAllows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.\n\nhttps://github.com/EnableSecurity/wafw00f\n\n\u200b\u200bTiny-XSS-Payloads\n\nA collection of tiny XSS Payloads that can be used in different contexts.\n\nhttps://github.com/terjanq/Tiny-XSS-Payloads\n\nWeb:\nhttps://tinyxss.terjanq.me\n\n\u200b\u200bD/Invoke\n\nDynamically invoke arbitrary unmanaged code from managed code without P/Invoke.\n\nhttps://github.com/rasta-mouse/DInvoke\n\nDetails:\nhttps://offensivedefence.co.uk/posts/dinvoke-105\n\n\u200b\u200bCloudGPT\n\nVulnerability scanner for AWS customer managed policies using #ChatGPT\n\nhttps://github.com/ustayready/cloudgpt\n\n\u200b\u200bVX-API\n\nCollection of various malicious functionality to aid in malware development.\n\nhttps://github.com/vxunderground/VX-API\n\n\u200b\u200bBitdrain \n\nRemote p2p bandwidth/cpu overage attack against bitcoin, dogecoin, etc.\n\nhttps://github.com/visualbasic6/drain\n\n\u200b\u200bMaltego Web2Screenshot Transforms\n\nThe #Maltego Web2Screenshot Transforms allow you to capture screenshots from both websites and URLs in a secure and anonymous manner.\n\nI developed these transforms to enhance my operational security (OPSEC) by avoiding exposing my public or VPN's IP address. With these Transforms, you can generate high-quality screenshots while keeping your identity and location hidden.\n\nhttps://github.com/TURROKS/Maltego_Web2Screenshot\n\n\u200b\u200bGEF \n\nGDB Enhanced Features a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux.\n\nhttps://github.com/hugsy/gef\n\n\u200b\u200bCortex XDR Config Extractor\n\nWith this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions.\n\nhttps://github.com/Laokoon-SecurITy/Cortex-XDR-Config-Extractor\n\n\u200b\u200bBounty Meter\n\nCommand-line utility tool designed for bug bounty hunters to define their bounty target for a year, maintain and keep record of their bounties on a monthly basis, and track their progress throughout the year. With Bounty Meter, you can add and subtract bounties, view your total bounties earned this year, and display an interactive stats card to visualize your progress.\n\nhttps://github.com/720922/bountymeter\n\n#infosec #cybersec", "creation_timestamp": "2023-04-17T20:56:38.000000Z"}, {"uuid": "09cd53b1-03ab-4c10-84f2-9b13454c194c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8127", "content": "#exploit\n1. CVE-2023-25135: \nPre-authentication RCE\nhttps://github.com/ambionics/vbulletin-exploits\n\n2. CVE-2023-29084:\nCommand injection in ManageEngine ADManager Plus\nhttps://hnd3884.github.io/posts/CVE-2023-29084-Command-injection-in-ManageEngine-ADManager-plus", "creation_timestamp": "2023-04-16T16:39:36.000000Z"}, {"uuid": "ef62c884-d36c-47b4-acc3-fe1f2f048f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4933", "content": "CVE-2023-25135: Pre-authentication RCE\n\nGithub\n\n#CVE #RCE #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"}, {"uuid": "ae2982e1-a9e2-4a54-b776-7b0045bc472c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "660eb017-5fec-4aa6-9461-9bb21b027d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "00b3ab09-acfc-447d-afdd-f96f2d28d0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "e4dc4693-230d-4d19-b623-1a60e71604ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "fd7019b7-932f-434f-8518-0c4b3c9fbbac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "e0a4accc-44f2-4653-800e-98fa32527e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "52960fcf-6c2f-494d-b44c-76f0cd4e0a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1362", "content": "CVE-2023-25135\nvBulletin - RCE + exploit\nman+exploit\n\n#exploit #vBulletin", "creation_timestamp": "2023-02-04T18:01:24.000000Z"}, {"uuid": "e25cc4ca-c8b2-4d49-8747-8c4a57bf9cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1305", "content": "\u200b\u200bvBulletin Exploits\n\nCVE-2023-25135: Pre-authentication RCE.\n\nhttps://github.com/ambionics/vbulletin-exploits\n\nDetails:\nhttps://www.ambionics.io/blog/vbulletin-unserializable-but-unreachable\n\n#cve #infosec #exploit", "creation_timestamp": "2023-04-17T22:46:51.000000Z"}, {"uuid": "2a1b04fb-1587-4171-8c34-07ec61886073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1201", "content": "#exploit\n1. CVE-2023-25135: \nPre-authentication RCE\nhttps://github.com/ambionics/vbulletin-exploits\n\n2. CVE-2023-29084:\nCommand injection in ManageEngine ADManager Plus\nhttps://hnd3884.github.io/posts/CVE-2023-29084-Command-injection-in-ManageEngine-ADManager-plus", "creation_timestamp": "2023-04-16T12:59:50.000000Z"}, {"uuid": "f0746a78-7aef-444d-8844-bcb32ec9a4f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1450", "content": "Linux Bluetooth: Unauthorized management command execution (CVE-2023-2002)\nhttps://github.com/lrh2000/CVE-2023-2002\nCVE-2023-25135: vBulletin Pre-authentication RCE \nhttps://github.com/ambionics/vbulletin-exploits", "creation_timestamp": "2023-04-19T17:44:57.000000Z"}, {"uuid": "21ac75a4-30f1-45f3-bc8e-a449789bb00b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2515", "content": "CVE-2023-25135\nvBulletin - RCE + exploit\n\nLink:- https://system32.ink/news-feed/p/217/", "creation_timestamp": "2023-02-05T17:11:01.000000Z"}, {"uuid": "f31abbdf-3d58-46a9-8a46-de78a631cd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "seen", "source": "https://t.me/cibsecurity/57440", "content": "\u203c CVE-2023-25135 \u203c\n\nvBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions are 5.6.7 PL1, 5.6.8 PL1, and 5.6.9 PL1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T07:25:33.000000Z"}, {"uuid": "8cbf4d1e-e42a-4d3f-92ec-7a09693c5f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-21)", "content": "", "creation_timestamp": "2024-12-21T00:00:00.000000Z"}, {"uuid": "b1566cd1-722a-4f1a-9513-b54e01a9cc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "3c6b8679-f72b-44e8-889e-a63e7d12b02f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "a6d1d409-c24b-4518-bdc4-d10b0a3d3a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "e9cbc701-ee01-460e-87f7-664dd792c52e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25135", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}]}