{"vulnerability": "cve-2023-25826", "sightings": [{"uuid": "9832c5ae-9023-443c-87a7-9d446a5253a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 < Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}, {"uuid": "afbdfcf4-9462-485a-9e40-151c312e5a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}, {"uuid": "a730b5be-ac61-46bc-824f-26d834ccc150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "seen", "source": "https://t.me/cibsecurity/63240", "content": "\u203c CVE-2023-25826 \u203c\n\nDue to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T22:31:09.000000Z"}, {"uuid": "c130a930-0b80-468f-a03b-389c9ee8dc8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_key_cmd_injection.rb", "content": "", "creation_timestamp": "2023-09-08T16:06:04.000000Z"}, {"uuid": "9e3e36ea-a6c5-492f-9bd6-ce3056a8907d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:51.000000Z"}, {"uuid": "9bf468cd-5fb8-4114-93c7-0078e8cf6927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "1bef4a57-d25d-4133-91b0-0d90cfa2dfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\nURL\uff1ahttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T14:30:28.000000Z"}, {"uuid": "9326b546-f3cc-4070-b3bf-131279056815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25826", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}]}