{"vulnerability": "CVE-2023-3144", "sightings": [{"uuid": "f7b38fe9-41e5-4bcb-bf21-220c732d8796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "f19d18ee-0e00-490f-b3fd-527efed62e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-30)", "content": "", "creation_timestamp": "2026-01-30T00:00:00.000000Z"}, {"uuid": "47e06263-d321-4986-afdb-d55ae4a6bd5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "seen", "source": "https://t.me/ctinow/174654", "content": "https://ift.tt/WCrAeL5\nCVE-2023-31446 | Cassia Gateway XC1000_2.1.1.2303082218/XC2000_2.1.1.2303090947 /bypass/config queueUrl os command injection", "creation_timestamp": "2024-01-27T07:07:25.000000Z"}, {"uuid": "4e70855c-ff2d-4e17-806e-b23e5dc06554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31447", "type": "seen", "source": "https://t.me/cibsecurity/68896", "content": "\u203c CVE-2023-31447 \u203c\n\nuser_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:12.000000Z"}, {"uuid": "f28c7945-9bf1-4d57-9ab7-a168a006cf2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31449", "type": "seen", "source": "https://t.me/cibsecurity/68094", "content": "\u203c CVE-2023-31449 \u203c\n\nAn issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a WMI Custom Sensor. When creating this sensor, the user can set the WQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T16:14:56.000000Z"}, {"uuid": "6c920ebc-72c1-49e4-b1c4-934f9287e7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31448", "type": "seen", "source": "https://t.me/cibsecurity/68090", "content": "\u203c CVE-2023-31448 \u203c\n\nAn issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a HL7 Sensor. When creating this sensor, the user can set the HL7 message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T16:14:53.000000Z"}, {"uuid": "dd0b3750-1072-4160-98c3-428c8f37cc7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31445", "type": "seen", "source": "https://t.me/cibsecurity/63880", "content": "\u203c CVE-2023-31445 \u203c\n\nCassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T16:15:25.000000Z"}, {"uuid": "48ccd317-718d-4e7d-9cd0-c11449bf90a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31442", "type": "seen", "source": "https://t.me/cibsecurity/63856", "content": "\u203c CVE-2023-31442 \u203c\n\nIn Lightbend Akka before 2.8.1, the async-dns resolver (used by Discovery in DNS mode and transitively by Cluster Bootstrap) uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not validate (e.g., via TLS) the authenticity of the discovered service, this may result in exfiltration of application data (e.g., persistence events may be published to an unintended Kafka broker). If such validation is performed, then the poisoning constitutes a denial of access to the intended service. This affects Akka 2.5.14 through 2.8.0, and Akka Discovery through 2.8.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T07:14:58.000000Z"}, {"uuid": "49e84150-54af-42e4-a717-57bfd2c1c9cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31444", "type": "seen", "source": "https://t.me/cibsecurity/63106", "content": "\u203c CVE-2023-31444 \u203c\n\nIn Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-29T00:27:49.000000Z"}, {"uuid": "be570022-e36d-45f2-898c-df5363b04da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31444", "type": "seen", "source": "Telegram/SLZbKxu1UlKOt4tZOitLjgdy470iM1iSe44i8dEQ89e6s5Sr", "content": "", "creation_timestamp": "2025-02-01T17:28:10.000000Z"}, {"uuid": "548e7f99-0f3b-4036-a7e8-1742b6b9ddc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "seen", "source": "https://t.me/ctinow/165527", "content": "https://ift.tt/C3sDF8O\nCVE-2023-31446", "creation_timestamp": "2024-01-10T04:26:20.000000Z"}, {"uuid": "7c33c2ba-6563-4e15-a79f-f73383cb79c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31441", "type": "seen", "source": "https://t.me/cibsecurity/66923", "content": "\u203c CVE-2023-31441 \u203c\n\nIn NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T18:33:02.000000Z"}, {"uuid": "a3d8a2c1-32e1-484a-95ec-4dfa2ee01922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9743", "content": "#exploit\n1. CVE-2023-31446:\nDodge OPTIFY RCE\nhttps://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution\n\n2. CVE-2020-11110:\nGrafana Stored CSS\nhttps://github.com/AVE-Stoik/CVE-2020-11110-Proof-of-Concept/tree/main\n\n3.\u00a0CVE-2023-51467:\nApache Ofbiz Exploit\nhttps://github.com/JaneMandy/CVE-2023-51467-Exploit", "creation_timestamp": "2024-01-07T22:09:15.000000Z"}, {"uuid": "f06d462b-d388-4376-a1d0-ae6bcf6c36e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "c78ad134-86cd-4f11-8b71-09f76fb4ce6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "76bbad9a-adae-44a6-96d5-778358686784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31445", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4270", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository contains description for CVE-2023-31445\nURL\uff1ahttps://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-28T07:52:03.000000Z"}, {"uuid": "5c6603a5-4931-4d81-a621-8a21252b5f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18978", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31446\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.\n\ud83d\udccf Published: 2024-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T15:36:04.915Z\n\ud83d\udd17 References:\n1. https://www.cassianetworks.com\n2. https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution\n3. https://blog.kscsc.online/cves/202331446/md.html", "creation_timestamp": "2025-06-20T15:44:16.000000Z"}, {"uuid": "34cb0d05-2673-4079-9b5a-b8a1295a6310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "seen", "source": "https://t.me/arpsyndicate/4817", "content": "#ExploitObserverAlert\n\nCVE-2023-31446\n\nDESCRIPTION: Exploit Observer has 10 entries in 5 file formats related to CVE-2023-31446. In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.\n\nFIRST-EPSS: 0.019820000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-PRIORITY: 0.9521352", "creation_timestamp": "2024-04-24T20:58:52.000000Z"}, {"uuid": "31f7e2a6-50a6-4b65-a3c6-79abef046bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31448", "type": "seen", "source": "https://t.me/arpsyndicate/2360", "content": "#ExploitObserverAlert\n\nCVE-2023-31448\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-31448. A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths, allowing the sensor to execute files outside the designated custom sensors folder. The severity of this vulnerability is medium and received a score of 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.4\nNVD-ES: 1.2", "creation_timestamp": "2024-01-03T20:58:49.000000Z"}, {"uuid": "c8496e8d-c21f-44d8-8916-858f72b32ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "seen", "source": "https://t.me/ctinow/164237", "content": "https://ift.tt/tSKY2Iu\nCVE-2023-31446 Exploit", "creation_timestamp": "2024-01-08T09:16:40.000000Z"}, {"uuid": "f4eaa93a-7683-4467-a85b-5977e32b7126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2439", "content": "#exploit\n1. CVE-2023-31446:\nDodge OPTIFY RCE\nhttps://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution\n\n2. CVE-2020-11110:\nGrafana Stored CSS\nhttps://github.com/AVE-Stoik/CVE-2020-11110-Proof-of-Concept/tree/main\n\n3.\u00a0CVE-2023-51467:\nApache Ofbiz Exploit\nhttps://github.com/JaneMandy/CVE-2023-51467-Exploit", "creation_timestamp": "2024-08-16T09:01:19.000000Z"}, {"uuid": "c798e38d-ef83-4fae-a826-92ceb75a8fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "a1f42a70-e6d9-4c65-9c44-230c6ec0b7b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31446", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}]}