{"vulnerability": "cve-2023-2646", "sightings": [{"uuid": "b45e49d8-5d32-4db7-b79a-073b4541baef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "1fe1cb01-9f9d-4328-b080-5b7651e03f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/php/jorani_path_trav.rb", "content": "", "creation_timestamp": "2023-08-18T21:32:35.000000Z"}, {"uuid": "1e425cac-faa2-46c2-a7a9-85aa55bddb17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2646", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2937", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2646\n\ud83d\udd39 Description: A vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local network. The associated identifier of this vulnerability is VDB-228775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2023-05-11T07:31:04.076Z\n\ud83d\udccf Modified: 2025-01-24T16:52:19.575Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.228775\n2. https://vuldb.com/?ctiid.228775", "creation_timestamp": "2025-01-24T17:04:49.000000Z"}, {"uuid": "b7797fed-6131-444a-89a2-f9c31b48e205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26461", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5690", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26461\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows the attacker to view sensitive data which is owned by certain privileges.\n\n\n\ud83d\udccf Published: 2023-03-14T04:56:47.419Z\n\ud83d\udccf Modified: 2025-02-27T15:08:31.768Z\n\ud83d\udd17 References:\n1. https://launchpad.support.sap.com/#/notes/3284550\n2. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "creation_timestamp": "2025-02-27T15:29:37.000000Z"}, {"uuid": "7b67a4d7-2041-4f5e-96e6-5aa8c2b5d66d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26460", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5689", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26460\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity\n\n\n\ud83d\udccf Published: 2023-03-14T04:56:08.985Z\n\ud83d\udccf Modified: 2025-02-27T15:09:25.265Z\n\ud83d\udd17 References:\n1. https://launchpad.support.sap.com/#/notes/3288096\n2. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "creation_timestamp": "2025-02-27T15:29:33.000000Z"}, {"uuid": "a34b4641-7daa-4a7d-8db9-4bf8de8eea05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "Telegram/Kg4p27AeXzQEwrYIUQrDd3aoP6Y3QAGwqEpU_wkMcAAYnw", "content": "", "creation_timestamp": "2024-04-21T13:30:55.000000Z"}, {"uuid": "2390497f-3b38-415e-bbb1-4de02ad3a80c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1185", "content": "", "creation_timestamp": "2023-09-23T01:25:19.000000Z"}, {"uuid": "8d40a31a-1344-44a2-ac6a-8c88059751c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "Telegram/I02Zqby_U8WXJHbBluLuFIUEva5i-xhgDDcsVJnLbSUOMRw", "content": "", "creation_timestamp": "2023-09-04T08:46:00.000000Z"}, {"uuid": "17620490-91a3-4a0a-9eb4-867e4205456a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26467", "type": "seen", "source": "https://t.me/cibsecurity/61814", "content": "\u203c CVE-2023-26467 \u203c\n\nA man in the middle can redirect traffic to a malicious server in a compromised configuration.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T02:22:56.000000Z"}, {"uuid": "1deecba9-9fc5-434e-83c6-9908963cd253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26468", "type": "seen", "source": "https://t.me/cibsecurity/58840", "content": "\u203c CVE-2023-26468 \u203c\n\nCerebrate 1.12 does not properly consider organisation_id during creation of API keys.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-24T03:18:39.000000Z"}, {"uuid": "78bc8d15-e23c-4e6c-865b-610967b18435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26462", "type": "seen", "source": "https://t.me/cibsecurity/58774", "content": "\u203c CVE-2023-26462 \u203c\n\nThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials (usable for privilege escalation) are stored in an insecure format. (To read this stored data, the attacker needs access to the application server or its source code.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T12:18:15.000000Z"}, {"uuid": "6815a52f-906a-41b5-acb9-ca2e7ed760f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "Telegram/uLmhWOl3beOf17BNIHAGQ4OnYf8l9CQq6pwSKa5j1fdOYQ", "content": "", "creation_timestamp": "2023-10-24T19:47:13.000000Z"}, {"uuid": "3e098543-2880-4b61-a589-30f85c54678f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26464", "type": "seen", "source": "https://t.me/cibsecurity/59786", "content": "\u203c CVE-2023-26464 \u203c\n\n** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested) hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized. This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T16:21:19.000000Z"}, {"uuid": "5e8ba301-fc6a-48a3-9680-98ae1e23d5bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "https://t.me/BackupLulz/72", "content": "", "creation_timestamp": "2024-11-03T04:41:13.000000Z"}, {"uuid": "d9dfbfde-8dc3-458e-85bb-3ce69a285adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "074b16a2-1df8-4668-ad64-05d3b5f1777b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "4ed19a8a-8dec-4355-9ae0-809840030981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26464", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m7nxg7x5e622", "content": "", "creation_timestamp": "2025-12-10T21:02:31.449827Z"}, {"uuid": "e5b6a90a-2393-41bd-922c-b7b093f6bb36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5061", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-26469 REC PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-26469\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-01T09:45:35.000000Z"}, {"uuid": "26e29c06-7090-47e4-96a7-1a3c6678abd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26462", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7312", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26462\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded service credentials (usable for privilege escalation) are stored in an insecure format. (To read this stored data, the attacker needs access to the application server or its source code.)\n\ud83d\udccf Published: 2023-02-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-12T14:20:09.537Z\n\ud83d\udd17 References:\n1. https://thingsboard.io/docs/reference/releases/\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/238544", "creation_timestamp": "2025-03-12T14:40:48.000000Z"}, {"uuid": "19265244-8381-4151-96d8-4bcd4470df21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "published-proof-of-concept", "source": "Telegram/uQt2aDj4DLVVfhhUnSJFNr0FM792fPV0z89qK1niEyGWIw", "content": "", "creation_timestamp": "2024-04-21T13:43:49.000000Z"}, {"uuid": "52b56784-29ae-401f-b7ec-82d7648484a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26465", "type": "seen", "source": "https://t.me/arpsyndicate/2430", "content": "#ExploitObserverAlert\n\nCVE-2023-26465\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26465. Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-04T04:29:21.000000Z"}, {"uuid": "c22e718d-a1d0-4b76-82cb-0e24318070ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26469", "type": "seen", "source": "https://t.me/cibsecurity/68783", "content": "\u203c CVE-2023-26469 \u203c\n\nIn Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T22:38:13.000000Z"}, {"uuid": "f6c3fa7e-84d2-4214-92ae-d54fb18acfa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2646", "type": "seen", "source": "https://t.me/cibsecurity/63866", "content": "\u203c CVE-2023-2646 \u203c\n\nA vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local network. The associated identifier of this vulnerability is VDB-228775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T12:15:16.000000Z"}, {"uuid": "26708914-a657-473e-9c21-5c07229ce9e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26463", "type": "seen", "source": "https://t.me/cibsecurity/62215", "content": "\u203c CVE-2023-26463 \u203c\n\nstrongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named \"public\" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS, EAP-TTLS, EAP-PEAP, or EAP-TNC). This is fixed in 5.9.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T07:26:36.000000Z"}, {"uuid": "0a5daa5e-6ed9-4dea-8b27-cd6fb330bd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26466", "type": "seen", "source": "https://t.me/cibsecurity/61800", "content": "\u203c CVE-2023-26466 \u203c\n\nA user with non-Admin access can change a configuration file on the client to modify the Server URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T00:22:48.000000Z"}, {"uuid": "5ee4a43d-0c1f-4eea-96b1-4598164a60d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26460", "type": "seen", "source": "https://t.me/cibsecurity/59940", "content": "\u203c CVE-2023-26460 \u203c\n\nCache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T12:53:54.000000Z"}]}