{"vulnerability": "CVE-2023-2564", "sightings": [{"uuid": "105c5184-8d64-4dbd-92ed-f98a34db1ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25643", "type": "seen", "source": "https://t.me/ctinow/166002", "content": "https://ift.tt/tsXgB8N\nCVE-2023-25643 | ZTE MC801A/MC801A1 command injection", "creation_timestamp": "2024-01-10T17:41:51.000000Z"}, {"uuid": "825fb559-9367-44d7-a9bf-8a3020a57783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25642", "type": "seen", "source": "https://t.me/ctinow/165956", "content": "https://ift.tt/s3bf2Ax\nCVE-2023-25642 | ZTE MC801A/MC801A1 TCP Port buffer overflow", "creation_timestamp": "2024-01-10T17:08:02.000000Z"}, {"uuid": "6988693a-dd9e-4880-80df-8dcb5a15185e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25644", "type": "seen", "source": "https://t.me/ctinow/166005", "content": "https://ift.tt/5x2A1yZ\nCVE-2023-25644 | ZTE MC801A/MC801A1 Web Interface exceptional condition", "creation_timestamp": "2024-01-10T17:41:54.000000Z"}, {"uuid": "46d90746-6c4c-4fa2-a737-1c7ab9523e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25649", "type": "seen", "source": "https://t.me/cibsecurity/69190", "content": "\u203c CVE-2023-25649 \u203c\n\nThere is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-25T14:14:06.000000Z"}, {"uuid": "51d3340b-d309-431f-b451-002cf2222bc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25648", "type": "seen", "source": "https://t.me/ctinow/166003", "content": "https://ift.tt/VGKWELc\nCVE-2023-25648 | ZTE ZXCLOUD iRAI permission assignment", "creation_timestamp": "2024-01-10T17:41:52.000000Z"}, {"uuid": "2907bb55-70eb-4ab9-a4d6-fd1323a4885c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2564", "type": "seen", "source": "https://t.me/cibsecurity/63407", "content": "\u203c CVE-2023-2564 \u203c\n\nOS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-07T19:29:42.000000Z"}]}