{"vulnerability": "CVE-2023-3831", "sightings": [{"uuid": "8c0068f0-ee06-4f2f-894b-2dba7ccf6d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38318", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19044", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-38318\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.\n\ud83d\udccf Published: 2024-01-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T19:37:02.137Z\n\ud83d\udd17 References:\n1. https://openwrt.org/docs/guide-user/services/captive-portal/opennds\n2. https://github.com/openNDS/openNDS/releases/tag/v10.1.3\n3. https://github.com/openNDS/openNDS/blob/master/ChangeLog\n4. https://www.forescout.com/resources/sierra21-vulnerabilities", "creation_timestamp": "2025-06-20T19:43:28.000000Z"}, {"uuid": "63510e9d-2bb5-417e-95b4-3b7b101cfff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38319", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19043", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-38319\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.\n\ud83d\udccf Published: 2024-01-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T19:37:43.154Z\n\ud83d\udd17 References:\n1. https://openwrt.org/docs/guide-user/services/captive-portal/opennds\n2. https://github.com/openNDS/openNDS/releases/tag/v10.1.3\n3. https://github.com/openNDS/openNDS/blob/master/ChangeLog\n4. https://www.forescout.com/resources/sierra21-vulnerabilities", "creation_timestamp": "2025-06-20T19:43:27.000000Z"}, {"uuid": "d46eb152-531c-49de-84a9-e94929206a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38318", "type": "seen", "source": "https://t.me/ctinow/187476", "content": "https://ift.tt/4GmVOzi\nCVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection", "creation_timestamp": "2024-02-19T06:51:56.000000Z"}, {"uuid": "d1d19c9d-f91c-47a4-8088-f4f6cc37cbc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38319", "type": "seen", "source": "https://t.me/ctinow/187375", "content": "https://ift.tt/kzgI3vU\nCVE-2023-38319 | OpenNDS up to 10.1.2 FAS Key Entry os command injection", "creation_timestamp": "2024-02-18T21:21:20.000000Z"}, {"uuid": "223c8be3-2653-4763-923b-9e759a5eb95a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38318", "type": "seen", "source": "https://t.me/ctinow/174006", "content": "https://ift.tt/a0ZyqTS\nCVE-2023-38318", "creation_timestamp": "2024-01-26T06:26:14.000000Z"}, {"uuid": "42a89dd9-1c6e-4cee-9734-4bf2db8866e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38319", "type": "seen", "source": "https://t.me/ctinow/174007", "content": "https://ift.tt/TtQqogv\nCVE-2023-38319", "creation_timestamp": "2024-01-26T06:26:15.000000Z"}, {"uuid": "37afe983-1638-4d8f-aa72-0ac5e85f580e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38317", "type": "seen", "source": "https://t.me/ctinow/174005", "content": "https://ift.tt/u8P6zAS\nCVE-2023-38317", "creation_timestamp": "2024-01-26T06:26:13.000000Z"}, {"uuid": "65852a18-0a69-4af8-858c-9c9a466600c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38311", "type": "seen", "source": "https://t.me/cibsecurity/67465", "content": "\u203c CVE-2023-38311 \u203c\n\nAn issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-31T18:38:00.000000Z"}, {"uuid": "d80e844b-42a1-48fb-9dab-6a7b06f21f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38310", "type": "seen", "source": "https://t.me/cibsecurity/67463", "content": "\u203c CVE-2023-38310 \u203c\n\nAn issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an attacker to store an XSS payload in the configuration settings of specific log files. This results in the execution of that payload whenever the affected log files are accessed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-31T18:37:58.000000Z"}, {"uuid": "5b6809d2-056c-4518-a998-61c1dcf67969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38312", "type": "seen", "source": "https://t.me/cibsecurity/72294", "content": "\u203c CVE-2023-38312 \u203c\n\nA directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-15T22:31:04.000000Z"}, {"uuid": "ed6c61d2-e126-4474-9ab4-eceaeb52897c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38317", "type": "seen", "source": "https://t.me/ctinow/187475", "content": "https://ift.tt/Bq0VLGH\nCVE-2023-38317 | OpenNDS up to 10.1.2 Configuration File os command injection", "creation_timestamp": "2024-02-19T06:51:55.000000Z"}, {"uuid": "9f84d6e6-2956-42be-9f0c-ff109ee94c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38317", "type": "seen", "source": "https://t.me/ctinow/178230", "content": "https://ift.tt/yoGFl7R\nCVE-2023-38317 Exploit", "creation_timestamp": "2024-02-02T19:17:01.000000Z"}, {"uuid": "24f4ab5c-4a2b-4ddc-aa29-0bf7fe1a0bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38318", "type": "seen", "source": "https://t.me/ctinow/178229", "content": "https://ift.tt/uTfbg7S\nCVE-2023-38318 Exploit", "creation_timestamp": "2024-02-02T19:17:00.000000Z"}, {"uuid": "48d46896-dc1d-47bc-b95b-45d57aedb8fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38319", "type": "seen", "source": "https://t.me/ctinow/178228", "content": "https://ift.tt/fzydvAb\nCVE-2023-38319 Exploit", "creation_timestamp": "2024-02-02T19:16:59.000000Z"}]}