{"vulnerability": "cve-2023-2335", "sightings": [{"uuid": "cd42e280-b4dc-4f8a-a9b8-77689ab6dce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23354", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113677066786539518", "content": "", "creation_timestamp": "2024-12-19T02:13:04.160413Z"}, {"uuid": "01ddc6d3-ca34-41c5-9fcb-8e73bce4ee1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23356", "type": "seen", "source": "https://t.me/cvedetector/13306", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-23356 - QNAP QuFirewall Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-23356 \nPublished : Dec. 19, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. \n \nWe have already fixed the vulnerability in the following versions: \nQuFirewall 2.3.3 ( 2023/03/27 ) and later \n  and later \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T03:55:53.000000Z"}, {"uuid": "ecbff943-3210-4230-a09b-80b7ae04e53b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23354", "type": "seen", "source": "https://t.me/cvedetector/13305", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-23354 - QNAP QuLog Center Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-23354 \nPublished : Dec. 19, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. \n \nWe have already fixed the vulnerability in the following versions: \nQuLog Center 1.5.0.738 ( 2023/03/06 ) and later \nQuLog Center 1.4.1.691 ( 2023/03/01 ) and later \nQuLog Center 1.3.1.645 ( 2023/02/22 ) and later \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T03:55:53.000000Z"}, {"uuid": "c5261878-49ec-4241-8ee2-fa0228d80987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23357", "type": "seen", "source": "https://t.me/cvedetector/13299", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-23357 - QNAP QuLog Center XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-23357 \nPublished : Dec. 19, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data. \n \nWe have already fixed the vulnerability in the following versions: \nQuLog Center 1.5.0.738 ( 2023/03/06 ) and later \nQuLog Center 1.4.1.691 ( 2023/03/01 ) and later \nQuLog Center 1.3.1.645 ( 2023/02/22 ) and later \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T03:55:45.000000Z"}, {"uuid": "3411de78-a4d2-4e5d-986d-568852053188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2335", "type": "seen", "source": "https://t.me/cibsecurity/63004", "content": "\u203c CVE-2023-2335 \u203c\n\nPlaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows (Registery modules) allows Retrieve Admin user credentialsThis issue affects surelock windows: from 2.3.12 through 2.40.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T22:26:44.000000Z"}, {"uuid": "ae70c0d9-3257-4668-99ad-40a62b6b9d6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23356", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113677066800818635", "content": "", "creation_timestamp": "2024-12-19T02:13:04.092042Z"}, {"uuid": "e3d17acb-ed95-499c-a9a7-71ad13d0303e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23357", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113677125798560166", "content": "", "creation_timestamp": "2024-12-19T02:28:04.516786Z"}]}