{"vulnerability": "CVE-2023-2785", "sightings": [{"uuid": "7cd16474-33cf-47b6-a433-b556d2468614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27852", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5772", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27852\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device.\n\ud83d\udccf Published: 2023-03-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T20:15:34.219Z\n\ud83d\udd17 References:\n1. https://tenable.com/security/research/tra-2023-9", "creation_timestamp": "2025-02-27T20:25:30.000000Z"}, {"uuid": "f9ea0d0c-0a63-4f93-ad35-622536307da2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27854", "type": "seen", "source": "https://t.me/cibsecurity/73071", "content": "\u203c CVE-2023-27854 \u203c\n\nAn arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. \u00c2\u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00c2\u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T22:17:18.000000Z"}, {"uuid": "5993614b-fa12-4e5e-a1b7-1179e94c3898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27859", "type": "seen", "source": "https://t.me/ctinow/171438", "content": "https://ift.tt/KD897Nw\nCVE-2023-27859", "creation_timestamp": "2024-01-22T21:31:19.000000Z"}, {"uuid": "9aff7141-bbca-4092-9a32-219df26dbf8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqv7qzouiz2u", "content": "", "creation_timestamp": "2025-06-05T21:02:22.203131Z"}, {"uuid": "5f2470c7-b189-4bd0-a9b8-d8df7680cce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqv7r2od6n2c", "content": "", "creation_timestamp": "2025-06-05T21:02:28.538337Z"}, {"uuid": "94fd8622-ff33-4feb-adf3-ca086eb47da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27856", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqv7r2674x27", "content": "", "creation_timestamp": "2025-06-05T21:02:25.340480Z"}, {"uuid": "ac9ee1cf-a77e-4cb5-ac9b-b21f7077eff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "d32d8b85-006f-49d8-b8dd-86791d42093b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27852", "type": "seen", "source": "Telegram/qUKDuF8QK7Xi_RdjPbrmDJkxjf-zNqPOhXS4E9Lmd_m33lBy", "content": "", "creation_timestamp": "2025-03-02T11:44:19.000000Z"}, {"uuid": "193dde0c-d648-4e14-bc66-57555b8f3ebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27850", "type": "seen", "source": "Telegram/yAEPby0xmIpTU9P6q5HoOQwf-Bsf8v2iSOo0W24Q7JJdQhkp", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}, {"uuid": "ff9645a2-56ff-44fe-a63f-7b52250d054b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27858", "type": "seen", "source": "https://t.me/cibsecurity/73077", "content": "\u203c CVE-2023-27858 \u203c\n\nRockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an\u00c2\u00a0uninitialized pointer in the application. \u00c2\u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00c2\u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T22:17:24.000000Z"}, {"uuid": "1a85fc04-af3f-4ac2-86de-879334ce50b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27851", "type": "seen", "source": "https://t.me/cibsecurity/59807", "content": "\u203c CVE-2023-27851 \u203c\n\nNETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T20:21:15.000000Z"}, {"uuid": "233e2027-ad7b-455c-b727-54899ab03aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27853", "type": "seen", "source": "https://t.me/cibsecurity/59805", "content": "\u203c CVE-2023-27853 \u203c\n\nNETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T20:21:12.000000Z"}, {"uuid": "78a31ad2-37c8-483d-aa8f-3c5171001a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27850", "type": "seen", "source": "https://t.me/cibsecurity/59804", "content": "\u203c CVE-2023-27850 \u203c\n\nNETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T20:21:11.000000Z"}, {"uuid": "a1e35daf-335d-4b29-8097-b7385b2fe5f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27852", "type": "seen", "source": "https://t.me/cibsecurity/59803", "content": "\u203c CVE-2023-27852 \u203c\n\nNETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T20:21:09.000000Z"}, {"uuid": "7fc3ce4e-6e83-4f33-a412-1c30be54ef34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrbevtobclr2", "content": "", "creation_timestamp": "2025-06-10T17:06:44.048577Z"}, {"uuid": "86750bf1-de84-4158-be72-78d934ca2638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27856", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrbevtobclr2", "content": "", "creation_timestamp": "2025-06-10T17:06:44.263645Z"}, {"uuid": "4ea72c48-7290-41ee-92b3-fcbcb1084540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lr7bmrf77i22", "content": "", "creation_timestamp": "2025-06-09T21:02:24.136940Z"}, {"uuid": "f9a433a6-8906-4151-887a-3b4300658301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lr7bmrhjnl2v", "content": "", "creation_timestamp": "2025-06-09T21:02:24.735110Z"}, {"uuid": "20058478-84e2-4521-918f-6ce4c7e7bf0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lr7bmrjxxt24", "content": "", "creation_timestamp": "2025-06-09T21:02:25.254736Z"}, {"uuid": "5cb8149d-8212-4efd-9ca6-11577392b887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27856", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "c27d9459-4bfd-48b1-8232-49a580049afd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/thinmanager_traversal_upload.rb", "content": "", "creation_timestamp": "2025-06-04T17:49:24.000000Z"}, {"uuid": "e6f366b3-0155-47a5-8a5d-f8f831a1779d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27851", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27851\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device.\n\ud83d\udccf Published: 2023-03-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T21:35:18.213Z\n\ud83d\udd17 References:\n1. https://tenable.com/security/research/tra-2023-9", "creation_timestamp": "2025-02-27T22:26:01.000000Z"}, {"uuid": "80a7142d-fef4-4b83-94cc-acddad879701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27853", "type": "seen", "source": "Telegram/bQjkNy3kRbhuMXi9wMGyILgbOx5E_v2k6vJhPa47YwiC6eRy", "content": "", "creation_timestamp": "2025-03-02T11:44:20.000000Z"}, {"uuid": "cdef66bd-90d8-4f9d-bed8-6b8583da895e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27851", "type": "seen", "source": "Telegram/VdTs9brnmVC2d4XzHknL1Hw8yzokOvL-_jLH4U3Mc7iHl5FM", "content": "", "creation_timestamp": "2025-03-02T11:44:20.000000Z"}, {"uuid": "6abf6733-e069-4efa-92c2-403a599b533a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2785", "type": "seen", "source": "https://t.me/cibsecurity/65297", "content": "\u203c CVE-2023-2785 \u203c\n\nMattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of\u00c2\u00a0large log files\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-16T14:22:33.000000Z"}, {"uuid": "cb1fb4a6-6258-4365-8868-3fb5286d77cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27856", "type": "seen", "source": "https://t.me/cibsecurity/60430", "content": "\u203c CVE-2023-27856 \u203c\n\nIn affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T06:48:33.000000Z"}, {"uuid": "d3128004-df69-4bb7-8284-71564bafc57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27857", "type": "seen", "source": "https://t.me/cibsecurity/60427", "content": "\u203c CVE-2023-27857 \u203c\n\nIn affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T06:45:29.000000Z"}, {"uuid": "24602071-9590-481a-b0cb-f75d87f4d885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27855", "type": "seen", "source": "https://t.me/cibsecurity/60426", "content": "\u203c CVE-2023-27855 \u203c\n\nIn affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. The attacker could overwrite existing executable files with attacker-controlled, malicious contents, potentially causing remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T06:45:28.000000Z"}, {"uuid": "f998b0a6-2216-4756-803f-46648ae42153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27856", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/thinmanager_traversal_download.rb", "content": "", "creation_timestamp": "2025-06-04T19:11:19.000000Z"}]}