{"vulnerability": "CVE-2023-4744", "sightings": [{"uuid": "3e1b04c4-8a4d-43bb-a47a-641be085d357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47444", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/402", "content": "Top Security News for 15/11/2023\n\nUrgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability\nhttps://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html \n\nAdvanced threat predictions for 2024\nhttps://securelist.com/kaspersky-security-bulletin-apt-predictions-2024/111048/ \n\nStatic Code Injections in OpenCart (CVE-2023-47444)\nhttps://www.reddit.com/r/netsec/comments/17vfo5a/static_code_injections_in_opencart_cve202347444/ \n\nWrong: \u201cYou Can\u2019t Protect What You Don\u2019t Know\u201d\nhttps://dale-peterson.com/2023/11/14/wrong-you-cant-protect-what-you-dont-know/ \n\nNEW 'Off The Wall' ONLINE\nhttps://www.2600.com/wall/14-11-2023 \n\nThe cyber underworld is getting a bit faster and a lot looser, and the gangs may be drawing some unwelcome attention.\nhttps://thecyberwire.com/podcasts/daily-podcast/1947/notes \n\nIntroducing Bambdas\nhttps://portswigger.net/blog/introducing-bambdas \n\nSecurity Alert: Microsoft Releases November 2023 Security Updates\nhttps://malware.news/t/security-alert-microsoft-releases-november-2023-security-updates/75675#post_1 \n\nISC Stormcast For Wednesday, November 15th, 2023 https://isc.sans.edu/podcastdetail/8746, (Wed, Nov 15th)\nhttps://malware.news/t/isc-stormcast-for-wednesday-november-15th-2023-https-isc-sans-edu-podcastdetail-8746-wed-nov-15th/75677#post_1 \n\nSecurity Alert: Alert Regarding Vulnerability in Adobe Acrobat and Reader (APSB23-54)\nhttps://malware.news/t/security-alert-alert-regarding-vulnerability-in-adobe-acrobat-and-reader-apsb23-54/75674#post_1 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-11-15T08:00:07.000000Z"}, {"uuid": "21c6fd82-2b42-4f91-b0f3-1eadc0446c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4744", "type": "seen", "source": "https://t.me/cibsecurity/69736", "content": "\u203c CVE-2023-4744 \u203c\n\nA vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T07:21:59.000000Z"}, {"uuid": "a27bc41c-62b1-45b8-b1d5-3a01e918bbe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47444", "type": "published-proof-of-concept", "source": "Telegram/AOpvdTsjzp7H3NHE-unulMxXJPzXcZMNwS8LLyL1I0LOWQ", "content": "", "creation_timestamp": "2023-11-15T15:55:39.000000Z"}, {"uuid": "dbda2ac0-9b17-4e84-9046-ddd4b5c0c18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47444", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2096", "content": "#exploit\n1. CVE-2023-47444:\nAuthenticated Static Code Injections in OpenCart\nhttps://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444\n\n2. CVE-2022-41853:\nUsing static functions to obtian RCE via Java Deserialization & Remote Codebase Attack\nhttps://github.com/mbadanoiu/CVE-2022-41853\n\n3. CVE-2023-3452:\nWordpress Plugin Canto < 3.0.5 - RFI/RCE Unauthenticated\nhttps://github.com/leoanggal1/CVE-2023-3452-PoC", "creation_timestamp": "2024-08-16T08:52:58.000000Z"}, {"uuid": "478018b2-ef8f-4ee3-b3ed-5a861317947f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47440", "type": "seen", "source": "https://t.me/ctinow/161008", "content": "https://ift.tt/THR03sU\nCVE-2023-47440 | Gladys Assistant up to 4.27.0 Incomplete Fix CVE-2023-43256 path traversal", "creation_timestamp": "2023-12-31T08:46:53.000000Z"}, {"uuid": "2082e57f-7567-4f95-996f-e341eb6f33aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47444", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8057", "content": "Authenticated Static Code Injections in OpenCart (CVE-2023-47444) \n\nhttps://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444/", "creation_timestamp": "2023-11-27T10:32:03.000000Z"}, {"uuid": "d66b237b-6653-48ff-861e-34cfbd3a7e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47444", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9459", "content": "#exploit\n1. CVE-2023-47444:\nAuthenticated Static Code Injections in OpenCart\nhttps://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444\n\n2. CVE-2022-41853:\nUsing static functions to obtian RCE via Java Deserialization & Remote Codebase Attack\nhttps://github.com/mbadanoiu/CVE-2022-41853\n\n3. CVE-2023-3452:\nWordpress Plugin Canto < 3.0.5 - RFI/RCE Unauthenticated\nhttps://github.com/leoanggal1/CVE-2023-3452-PoC", "creation_timestamp": "2023-11-25T12:25:42.000000Z"}]}