{"vulnerability": "CVE-2023-41080", "sightings": [{"uuid": "1ea8eeb9-ae58-434c-87b2-21224e19eb94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41080", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8921", "content": "#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\nhttps://github.com/shiomiyan/CVE-2023-41080\n\n3. CVE-2023-39063:\nRaidenFTPD Buffer Overflow\nhttps://github.com/AndreGNogueira/CVE-2023-39063", "creation_timestamp": "2023-08-27T15:11:36.000000Z"}, {"uuid": "f410ba6c-2b00-4447-a9ba-9c1168a12e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://www.knime.com/security/advisories#CVE-2026-4649", "content": "", "creation_timestamp": "2026-03-25T03:00:10.000000Z"}, {"uuid": "fc88769d-8f1a-4f77-9ce8-56841ee96744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41080", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3169", "content": "Hackers Factory \n\nlazy way to create CVE-2023-38831 winrar file for testing\n\nhttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc\n\nCVE-2022-39986 PoC\n\nhttps://github.com/WhiteOwl-Pub/RaspAP-CVE-2022-39986-PoC\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nHVCI-loldrivers-check\nChecks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.\n\nhttps://github.com/trailofbits/HVCI-loldrivers-check\n\nGolang Secure Coding Practices guide\n\nhttps://github.com/OWASP/Go-SCP\n\n#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nEvolutionary encryption framework based on scalable complexity over time.\n\nhttps://github.com/jofpin/temcrypt\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nBash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.\n\nhttps://github.com/ozpingux/BasicLinuxForensicScript\n\nyou want an #investigation on user accounts,  \n\nSnoop, a #cli #python #tool, scans various sites, forums, and social networks for the presence of the username.\n\ngithub.com/snooppr/snoop\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-27T17:49:56.000000Z"}, {"uuid": "b867e2ba-5047-4dae-b473-2b74aeda1437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/cvedetector/5355", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8646 - Apache HTTP Server/Open-Redirect vulnerability in Glassfish\", \n  \"Content\": \"CVE ID : CVE-2024-8646 \nPublished : Sept. 11, 2024, 2:15 p.m. | 37\u00a0minutes ago \nDescription : In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed.  \nThis vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish.  \nThis vulnerability only affects applications that are explicitly deployed to the root context ('/'). \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T17:00:45.000000Z"}, {"uuid": "5adc3dc4-2389-4529-9178-ae7a5adbddb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/arpsyndicate/3249", "content": "#ExploitObserverAlert\n\nCVE-2023-41080\n\nDESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.  The vulnerability is limited to the ROOT (default) web application.\n\nFIRST-EPSS: 0.002440000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T07:19:34.000000Z"}, {"uuid": "255d08a9-aa28-427d-a155-73ea5806f731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/cibsecurity/69217", "content": "\u203c CVE-2023-41080 \u203c\n\nURL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.The vulnerability is limited to the ROOT (default) web application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-26T00:14:32.000000Z"}]}