{"vulnerability": "CVE-2023-3327", "sightings": [{"uuid": "5e4c0340-eb28-4726-a948-37c503ed069d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33276", "type": "seen", "source": "https://t.me/cibsecurity/65795", "content": "\u203c CVE-2023-33276 \u203c\n\nThe web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a \"404 - Not Found\" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T18:15:12.000000Z"}, {"uuid": "a7f5a7b8-3fd1-4d8a-9ca4-c2939a96346a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33274", "type": "seen", "source": "https://t.me/cibsecurity/66608", "content": "\u203c CVE-2023-33274 \u203c\n\nThe authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T00:25:50.000000Z"}, {"uuid": "4e8af5d5-44db-4c80-9e90-38df039eb8bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33277", "type": "seen", "source": "https://t.me/cibsecurity/65736", "content": "\u203c CVE-2023-33277 \u203c\n\nThe web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-29T20:14:29.000000Z"}, {"uuid": "3a956d43-7ea5-4654-bc9c-6abdf43387ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33272", "type": "seen", "source": "https://t.me/cibsecurity/71524", "content": "\u203c CVE-2023-33272 \u203c\n\nAn issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is vulnerable to OS command injection (blind).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T00:21:26.000000Z"}, {"uuid": "642b55a2-5295-43d0-b271-0f52a2ebfbc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33271", "type": "seen", "source": "https://t.me/cibsecurity/71533", "content": "\u203c CVE-2023-33271 \u203c\n\nAn issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T00:24:37.000000Z"}, {"uuid": "6b86adce-9eea-463e-9228-fc18fdf1fd3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33270", "type": "seen", "source": "https://t.me/cibsecurity/71528", "content": "\u203c CVE-2023-33270 \u203c\n\nAn issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection (blind).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T00:24:29.000000Z"}]}