{"vulnerability": "CVE-2023-2591", "sightings": [{"uuid": "7a5fd606-f7e7-4dec-bb97-f621e8a93b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25913", "type": "seen", "source": "https://t.me/cibsecurity/68915", "content": "\u203c CVE-2023-25913 \u203c\n\nBecause of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T14:22:13.000000Z"}, {"uuid": "039161f8-dbc8-42df-ac05-eb0dae39667f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25914", "type": "seen", "source": "https://t.me/cibsecurity/68914", "content": "\u203c CVE-2023-25914 \u203c\n\nDue to improper restriction, attackers could retrieve and read system files of the underlying server through the XML interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T00:41:13.000000Z"}, {"uuid": "b7ffbcf0-9156-46c9-bc7a-3b554a729f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25915", "type": "seen", "source": "https://t.me/cibsecurity/68911", "content": "\u203c CVE-2023-25915 \u203c\n\nDue to improper input validation, a remote attacker could execute arbitrary commands on the target system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T00:41:09.000000Z"}, {"uuid": "87c556c5-51f5-486e-8df3-cbbfb4747cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25912", "type": "seen", "source": "https://t.me/cibsecurity/65124", "content": "\u203c CVE-2023-25912 \u203c\n\nThe webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-11T18:33:24.000000Z"}, {"uuid": "1259f57b-b7fb-4af4-b8f1-1af87c09cd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2591", "type": "seen", "source": "https://t.me/cibsecurity/63579", "content": "\u203c CVE-2023-2591 \u203c\n\nCode Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.7.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T14:38:27.000000Z"}, {"uuid": "a8107864-23fa-45ee-9225-a650bba1d6a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25912", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/921", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25912\n\ud83d\udd39 Description: The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values.\n\ud83d\udccf Published: 2023-06-11T13:17:01.462Z\n\ud83d\udccf Modified: 2025-01-09T07:56:42.597Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/CVE-2023-25912/\n2. https://csirt.divd.nl/DIVD-2023-00021/", "creation_timestamp": "2025-01-09T08:17:38.000000Z"}]}