{"vulnerability": "CVE-2023-4746", "sightings": [{"uuid": "9a7c8ddc-726c-4b75-8446-8c563a86678f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47463", "type": "seen", "source": "https://t.me/ctinow/156933", "content": "https://ift.tt/x2S8OsH\nCVE-2023-47463 | GL.iNET AX1800 up to 4.4.x gl_nas_sys improper authentication", "creation_timestamp": "2023-12-20T12:36:55.000000Z"}, {"uuid": "2fe236ad-7192-4d6b-b3d9-ec84710e7c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47462", "type": "seen", "source": "https://t.me/ctinow/156818", "content": "https://ift.tt/dguh3Mp\nCVE-2023-47462 | GL.iNet AX1800 up to 3.215 Sharing permission", "creation_timestamp": "2023-12-20T09:12:10.000000Z"}, {"uuid": "776c4976-2fee-4282-bf0a-084ff0f18547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47465", "type": "seen", "source": "https://t.me/arpsyndicate/4599", "content": "#ExploitObserverAlert\n\nCVE-2023-47465\n\nDESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-47465. An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 3.6\nNVD-ES: 1.8\nARPS-EXPLOITABILITY: 0.5935014", "creation_timestamp": "2024-04-12T11:08:22.000000Z"}, {"uuid": "2adf19b7-f115-469c-8b54-b3f3c57a18b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47460", "type": "seen", "source": "https://t.me/ctinow/168590", "content": "https://ift.tt/xFu7Xc5\nCVE-2023-47460", "creation_timestamp": "2024-01-16T02:26:38.000000Z"}, {"uuid": "132654da-b2de-4a15-b56b-d7981c8e7394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47460", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9370", "content": "#exploit\n1. CVE-2023-32031:\nMS Exchange PowerShell backend RCE\nhttps://github.com/Avento/CVE-2023-32031\n\n2. CVE-2021-43609:\nThe full exploit chain is SQLi -> file read -> RCE\nhttps://github.com/d5sec/CVE-2021-43609-POC\n\n3. CVE-2023-47460:\nSQL injection in Knovos Discovery v.22.67\nhttps://github.com/aleksey-vi/CVE-2023-47460", "creation_timestamp": "2023-11-11T20:38:04.000000Z"}, {"uuid": "9abebc29-a7d6-4612-9592-f33af19d7c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47466", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpriikvla22e", "content": "", "creation_timestamp": "2025-05-22T16:02:51.084517Z"}, {"uuid": "5f8c19ec-7b16-4e99-aa54-de57df0df66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47466", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17294", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47466\n\ud83d\udd25 CVSS Score: 2.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.\n\ud83d\udccf Published: 2025-05-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-22T14:20:27.793Z\n\ud83d\udd17 References:\n1. https://github.com/taglib/taglib/issues/1163\n2. https://github.com/taglib/taglib/pull/1164\n3. https://github.com/taglib/taglib/compare/v1.13.1...v2.0\n4. https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf", "creation_timestamp": "2025-05-22T14:44:22.000000Z"}, {"uuid": "cf23fe30-759d-449e-b0b5-26454f975bc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47464", "type": "seen", "source": "https://t.me/ctinow/157037", "content": "https://ift.tt/BpWTHar\nCVE-2023-47464 | GL.iNET AX1800 up to 4.4.x Upload API permission", "creation_timestamp": "2023-12-20T14:46:28.000000Z"}, {"uuid": "3d4382f0-b22d-4116-9a29-dc223f36a850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47460", "type": "seen", "source": "https://t.me/ctinow/178585", "content": "https://ift.tt/pUGqjkw\nCVE-2023-47460 | Knovos Discovery 22.67.0 getGridColumnStructure sql injection", "creation_timestamp": "2024-02-03T15:21:20.000000Z"}, {"uuid": "5d94e1e7-77bd-4737-9849-58ccf9ba5d91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47460", "type": "seen", "source": "https://t.me/ctinow/171514", "content": "https://ift.tt/fy5Y1vl\nCVE-2023-47460 Exploit", "creation_timestamp": "2024-01-22T23:16:36.000000Z"}, {"uuid": "6165e5e1-edfc-41f6-a4da-9fd555333616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47465", "type": "seen", "source": "https://t.me/ctinow/161234", "content": "https://ift.tt/eohFJ2V\nCVE-2023-47465 | GPAC up to 2.2.1 box_code_base.c ctts_box_read denial of service (Issue 2652)", "creation_timestamp": "2024-01-01T08:56:55.000000Z"}, {"uuid": "76a08c77-b57d-41d0-a71b-e911635ae189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4746", "type": "seen", "source": "https://t.me/cibsecurity/69735", "content": "\u203c CVE-2023-4746 \u203c\n\nA vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T07:21:58.000000Z"}, {"uuid": "3c520280-5962-47d7-b6d2-4cd8e708337f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47464", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1989", "content": "https://github.com/HadessCS/CVE-2023-47464\n#github #poc", "creation_timestamp": "2024-02-17T11:42:24.000000Z"}, {"uuid": "1faa606d-c544-4a03-9b35-d213f3be5aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-47464", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9983", "content": "#exploit\n1. CVE-2023-48003:\nAsp.Net Zero <12.3 - HTML Injection Leads to Open Redirect via Websockets\nhttps://docs.unsafe-inline.com/0day/asp.net-zero-v12.3.0-html-injection-leads-to-open-redirect-via-websockets-cve-2023-48003\n\n2. Windows Defender Detection Mitigation TrojanWin32Powessere.G\nhttps://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART2.txt\n\n3. CVE-2023-47464:\nPath Traversal in Gl-Inet Gl-AX1800\nhttps://github.com/HadessCS/CVE-2023-47464", "creation_timestamp": "2024-02-16T10:58:01.000000Z"}]}