{"vulnerability": "cve-2023-2752", "sightings": [{"uuid": "9bdcc02e-0117-4fb4-89a5-982f2d4be1f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "Telegram/JHth4ZHtrek0mtXpyx13xhAaf76J47pdr3e7jIQSEbuQ4I4", "content": "", "creation_timestamp": "2024-04-02T00:59:20.000000Z"}, {"uuid": "7c55b1b0-3f4d-4576-907e-7bf25c5ab60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "Telegram/JnNnilEYMUSh-Zu51neb6kHqGke6sMvBJm_GJssev0Bvng", "content": "", "creation_timestamp": "2024-03-01T07:47:44.000000Z"}, {"uuid": "4c8b7c57-d7bd-4aa8-9d0c-8f58fc494224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "64b23fac-3204-4046-8a42-eea168a4bc66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27521", "type": "seen", "source": "Telegram/S9K4ydVaenuiGT-MUThEfW8laq3lh4foo0mTzDNhG35ftKcO", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}, {"uuid": "d92c6c18-7de2-45e0-8890-7a6b839e52b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/78", "content": "https://github.com/horizon3ai/CVE-2023-27524", "creation_timestamp": "2023-04-25T18:25:31.000000Z"}, {"uuid": "5573e7eb-9d20-4468-9902-d731bde2f08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/arpsyndicate/1910", "content": "#ExploitObserverAlert\n\nCVE-2023-27524\n\nDESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-27524. Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\nFIRST-EPSS: 0.906990000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T04:23:04.000000Z"}, {"uuid": "5a067124-1681-4b95-baf0-bc65f78b7272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "https://t.me/arpsyndicate/150", "content": "#ExploitObserverAlert\n\nCVE-2023-27522\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2023-27522. HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.\n\nFIRST-EPSS: 0.005500000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T02:44:55.000000Z"}, {"uuid": "18fc4ace-3129-43e6-9b02-058d789576a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "Telegram/MBMGshtgbvgJwtNFQOGjMRSdF8xMj0S4jsbIBgQGTrj3-Q", "content": "", "creation_timestamp": "2023-04-26T12:38:50.000000Z"}, {"uuid": "3e70b99c-15ec-4d49-abbf-4da4fe13473c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/10663", "content": "CVE-2023-27524: Basic #PoC for CVE-2023-27524:\n\nInsecure Default Configuration in Apache Superset\n\nhttps://github.com/horizon3ai/CVE-2023-27524\n\nPrivate: @RAVE_CGF", "creation_timestamp": "2024-04-02T00:59:21.000000Z"}, {"uuid": "9ff0214f-308f-472a-b6f6-26fd3f35611f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "Telegram/bxIbtebNpYZn73aIlUIITrmh9OTqREcr__tt_K9TdQwmBA", "content": "", "creation_timestamp": "2024-01-10T06:33:04.000000Z"}, {"uuid": "9b335852-b1cf-4045-86be-3147d21b6e10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/KomunitiSiber/110", "content": "Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks\nhttps://thehackernews.com/2023/04/apache-superset-vulnerability-insecure.html\n\nThe maintainers of the\u00a0Apache Superset\u00a0open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution.\nThe vulnerability, tracked as\u00a0CVE-2023-27524\u00a0(CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access", "creation_timestamp": "2023-04-26T13:36:44.000000Z"}, {"uuid": "910c6468-dff5-466f-ae13-e841d3fcb2ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "https://t.me/KomunitiSiber/1316", "content": "CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack\nhttps://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has\u00a0added\u00a0six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThis includes\u00a0CVE-2023-27524\u00a0(CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.", "creation_timestamp": "2024-01-10T06:31:52.000000Z"}, {"uuid": "b8a881bd-ce24-4784-9271-06b0634b0d94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/BABATATASASA/5510", "content": "JsonWebToken (CVE-2022-23529).\nChatGPT (CVE-2023-28858).\nApache Superset (CVE-2023-27524).\nPaperCut NG/MF (CVE-2023-27350).\nFortinet FortiOS (CVE-2022-41328).\nAdobe ColdFusion (CVE-2023-26360).\nMOVEit vulnerability (CVE-2023-34362).", "creation_timestamp": "2023-09-25T15:05:09.000000Z"}, {"uuid": "66c3c763-4f18-4d8e-87c9-eb51def08cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2994", "content": "Tools - Hackers Factory \n\nbadsecrets\n\nA library for detecting known secrets across many web frameworks.\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nDetails:\nhttps://blog.blacklanternsecurity.com/p/introducing-badsecrets\n\n#cybersecurity #infosec #pentesting\n\nHyperDeceit\n\nThis repository contains the full source-code of the HyperDeceit project which is a library that allows you to impersonate as Hyper-V and intercept hypercalls done by the Windows kernel.\n\nhttps://github.com/Xyrem/HyperDeceit\n\nDetails: \nhttps://reversing.info/posts/hyperdeceit/\n\n#infosec #pentesting #redteam\n\nCVE-2023-27524\n\nApache Superset Auth Bypass (CVE-2023-27524)\n\nhttps://github.com/TardC/CVE-2023-27524\n\n#cve #cybersecurity #infosec\n\nPEASS\n\nPrivilege Escalation Awesome Scripts SUITE new generation.\n\nhttps://github.com/carlospolop/PEASS-ng/\n\n#infosec #pentesting #redteam\n\nMagSpoof\n\nA portable device that can spoof/emulate any magnetic stripe, credit card or hotel card \"wirelessly\", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy.\n\nhttps://github.com/samyk/magspoof\n\n#infosec #pentesting #redteam\n\neffective-waffle \n\nyet another sleep encryption thing. also used the default github repo name for this one.\n\nhttps://github.com/susMdT/effective-waffle\n\n#cybersecurity #infosec\n\nDUCKSPLOIT\n\nWindows Hacking FrameWork using Reverse Shell.\n\nhttps://github.com/canarddu38/DUCKSPLOIT\n\n#infosec #pentesting #redteam\n\nBackdoorBox\n\nThe open-sourced Python toolbox for backdoor attacks and defenses.\n\nhttps://github.com/THUYimingLi/BackdoorBox\n\n#cybersecurity #infosec #pentesting\n\nWinDbg_Scripts\n\nUseful scripts for WinDbg using the debugger data model.\n\nhttps://github.com/yardenshafir/WinDbg_Scripts\n\n#cybersecurity #infosec\n\nCompMgmtLauncher_DLL_UACBypass\n\nCompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive.\n\nhttps://github.com/hackerhouse-opensource/CompMgmtLauncher_DLL_UACBypass\n\n#infosec #pentesting #redteam\n\nEliteElixir\n\nThe first ever MC:BE ForceOP Exploit utilizing a user impersonation exploit within Bedrock Dedicated Server.\n\nhttps://github.com/MrDiamond64/EliteElixir\n\n#infosec #pentesting #redteam\n\nprenum\n\nThe perils of the Pre-Windows 2000 compatible access group in a Windows Domain.\n\nhttps://github.com/4ndr34z/prenum\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-16T06:03:12.000000Z"}, {"uuid": "8011bb21-0ed8-4eaa-a1d1-a6e3ef29eaa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2897", "content": "Tools - Hackers Factory\n\n\u200b\u200bLTESniffer\n\nAn Open-source LTE Downlink/Uplink Eavesdropper.\n\nThe main purpose of LTESniffer is to support security and analysis research on the cellular network. Due to the collection of uplink-downlink user data, any use of LTESniffer must follow the local regulations on sniffing the LTE traffic.\n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-1671-POC\n\nBased on dnslog platform.\n\nhttps://github.com/W01fh4cker/CVE-2023-1671-POC\n\n#infosec #cve #poc\n\n\u200b\u200bChattyCaty\n\nOpen-source project which demonstrates an infrastructure to create a polymorphic program using GPT models.\n\nhttps://github.com/cyberark/ChattyCaty\n\n#cybersecurity #infosec\n\n\u200b\u200bprocess-cloning\n\nThe Definitive Guide To Process Cloning on Windows.\n\nhttps://github.com/huntandhackett/process-cloning\n\n#cybersecurity #infosec #pentesting\n\nPentestGPT\n\nA GPT-empowered penetration testing tool.\n\nhttps://github.com/GreyDGL/PentestGPT\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bLinkedinEmails\n\nSearches for employees of a company on #linkedin and generates a list of possible emails.\n\nhttps://github.com/miltinhoc/LinkedinEmails\n\n\u200b\u200bSECMON\n\nWeb-based tool for the automation of infosec watching and vulnerability management with a web interface.\n\nhttps://github.com/Guezone/SECMON\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27524 \n\nApache Superset Auth Bypass.\n\nScript to check if an Apache Superset server is running with an insecure default configuration (CVE-2023-27524). The script checks if a Superset server's session cookies are signed with any well-known default Flask SECRET_KEYs.\n\nhttps://github.com/horizon3ai/CVE-2023-27524\n\n#infosec #cve #poc\n\n\u200b\u200bZaproxy\n\nThe OWASP Zed Attack Proxy (ZAP) is one of the world\u2019s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.\n\nhttps://github.com/zaproxy/zaproxy\n\nWebsite:\nhttps://www.zaproxy.org/\n\n#infosec #pentesting #best\n\n\u200b\u200bStackrox\n\nThe StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.\n\nhttps://github.com/stackrox/stackrox\n\n#cybersecurity #infosec\n\n\u200b\u200bNuclear Pond\n\nNuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.\n\nhttps://github.com/DevSecOpsDocs/nuclearpond\n\n#cybersecurity #infosec \n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-04-26T09:26:57.000000Z"}, {"uuid": "8e086f48-e21a-4cb3-b368-bf74ce77ff41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "Telegram/ygWFXxoEmvPiqcK9c8iovXPMcOts8txggjLOoQbyXEsCCw", "content": "", "creation_timestamp": "2023-04-25T13:59:31.000000Z"}, {"uuid": "6787e326-e64a-452d-84fc-93cdd44e154b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/proxy_bar/1464", "content": "CVE-2023-27524\nApache Superset Auth Bypass\nPOC exploit\n\n\u0434\u0435\u043d\u044c \u0431\u043e\u0433\u0430 \u044f \u0441\u043c\u043e\u0442\u0440\u044e\n\n#apache #poc", "creation_timestamp": "2023-04-25T15:10:13.000000Z"}, {"uuid": "5216b2db-2fd1-41b4-9109-f61888142bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "Telegram/7gLqEpAl8qlx5dg18S-_F0HUSrgy0ajX8Q4ExVP4VrKDRmc", "content": "", "creation_timestamp": "2023-05-22T18:50:24.000000Z"}, {"uuid": "d8a391fe-a700-4370-8dea-ac8d736a95c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "Telegram/E9ec-bTUdb_3jzT5RLGDZkp0LBWJld6BDhGcelaAX6nCWag", "content": "", "creation_timestamp": "2023-07-09T07:45:12.000000Z"}, {"uuid": "d6e0574e-fbc5-4621-aedc-c717548f092b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/780", "content": "CVE-2023-27524 : Apache Superset Insecure Default Configuration To Remote Code Execution\nBlog : https://www.horizon3.ai/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution/", "creation_timestamp": "2023-08-01T22:29:01.000000Z"}, {"uuid": "a5abff85-daad-4e7d-8b79-243bf62b643c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2752", "type": "seen", "source": "https://t.me/cibsecurity/64302", "content": "\u203c CVE-2023-2752 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T12:31:09.000000Z"}, {"uuid": "45c7df2e-6add-4a2a-9c76-942254523230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/cibsecurity/62729", "content": "\u203c CVE-2023-27524 \u203c\n\nSession Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:30.000000Z"}, {"uuid": "3f7b826d-a518-46af-90a9-90d8e1e8e12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27525", "type": "seen", "source": "https://t.me/cibsecurity/62294", "content": "\u203c CVE-2023-27525 \u203c\n\nAn authenticated user with Gamma role authorization could have access to metadata information using non trivial methods in Apache Superset up to and including 2.0.1\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-17T20:41:11.000000Z"}, {"uuid": "edc804ce-a6eb-4dbf-be24-25c7f90e7b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "https://t.me/cibsecurity/59570", "content": "\u203c CVE-2023-27522 \u203c\n\nHTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T18:13:38.000000Z"}, {"uuid": "b93a32ea-1aa4-4832-9f49-aacc3fa7148b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8185", "content": "#exploit\n1. CVE-2023-27350:\nPOC for CVE-2023-27350 affecting PaperCut MF/NG\nhttps://github.com/horizon3ai/CVE-2023-27350\n]-> https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise\n\n2. CVE-2023-27524:\nInsecure Default Configuration in Apache Superset\nhttps://github.com/horizon3ai/CVE-2023-27524", "creation_timestamp": "2023-04-26T02:22:48.000000Z"}, {"uuid": "b2c71edd-f858-4841-9368-7bd565847967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8984", "content": "#exploit\n1. CVE-2023-4634:\nRCE Exploit for Wordpress Media-Library Plugin < 3.10\nhttps://github.com/Patrowl/CVE-2023-4634\n\n2. CVE-2023-27524, CVE-2023-39265, CVE-2023-37941:\nApache Superset\u00a0- RCE, Credential Harvesting & More\nhttps://www.horizon3.ai/apache-superset-part-ii-rce-credential-harvesting-and-more", "creation_timestamp": "2023-09-07T11:01:26.000000Z"}, {"uuid": "9a14a562-1400-4208-8e64-cc3e05954aa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4975", "content": "CVE-2023-27524 ( Apache Superset Auth Bypass )\n\nExploit\n\n#CVE #Exploit #POC\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:21.000000Z"}, {"uuid": "612fa471-ba4c-42dd-92a4-17e268f0bd37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:51.000000Z"}, {"uuid": "771fe0d9-8adb-4e2a-86d5-c5d538f4c358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2bd8ea34-74bd-4e3c-a88c-4a0cb6f0b6a5", "content": "", "creation_timestamp": "2026-02-02T12:26:43.633661Z"}, {"uuid": "68790f75-7fc0-43c9-ac9c-cd0ad81dd8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4241", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aBasic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset\nURL\uff1ahttps://github.com/horizon3ai/CVE-2023-27524\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-25T12:12:43.000000Z"}, {"uuid": "2816ef8f-889d-4f2c-a32d-e17c720c9670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4288", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA POC for the all new CVE-2023-27524 which allows for authentication bypass and gaining access to the admin dashboard.\nURL\uff1ahttps://github.com/MaanVader/CVE-2023-27524-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-07T08:05:24.000000Z"}, {"uuid": "7d9b0a99-5cf0-4e54-a7cb-2c941aee8c14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5604", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-27524\nURL\uff1ahttps://github.com/NguyenCongHaiNam/Research-CVE-2023-27524\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T00:31:14.000000Z"}, {"uuid": "5b3421fb-8dac-40b2-81b7-e978c9e0a348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "Telegram/zyh2j7QPoGimdfNrucDW8nGVJvwQaa6_ybAaByh8mMfpDfE", "content": "", "creation_timestamp": "2023-03-08T16:18:04.000000Z"}, {"uuid": "6cbb5952-a196-49af-a3ce-7af7206d1fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3315", "content": "CVE-2023-27524: Apache Superset Auth Bypass\n\n\n\ud83d\udca5 Script to check if an Apache Superset server is running with an insecure default configuration (CVE-2023-27524). The script checks if a Superset server's session cookies are signed with any well-known default Flask SECRET_KEYs.\n\nThe --validate flag can be used to validate exploitability by enumerating databases using the Superset API.\n\nrequirements:\n\nflask-unsign==1.2.0\nrequests==2.26.0\nUsage:\n\nCVE-2023-27524.py [-h] --url URL [--id ID] [--validate] [--timeout TIMEOUT]\n\nDownload: https://system32.ink/news-feed/p/308/", "creation_timestamp": "2023-04-25T13:58:22.000000Z"}, {"uuid": "68064a09-1f0a-4fea-9750-d51ba38b2a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/thehackernews/3284", "content": "\ud83d\udea8 A dangerous default configuration in Apache Superset has been discovered, which could allow attackers to gain RCE, harvest credentials, and compromise data.\n\nFor more details, read about CVE-2023-27524 at https://thehackernews.com/2023/04/apache-superset-vulnerability-insecure.html\n\nTo fix this issue, upgrade to version 2.1.", "creation_timestamp": "2023-04-26T11:40:57.000000Z"}, {"uuid": "b14576a5-5204-4e1c-a618-f4a3e6ea6e3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7267", "content": "CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution\n\nhttps://www.horizon3.ai/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution/", "creation_timestamp": "2023-04-25T15:50:13.000000Z"}, {"uuid": "ab91cd50-17bc-423d-84d7-53ed22091d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5884", "content": "CVE-2023-27524 - Apache Superset Auth Bypass and RCE\n\nGithub\n\n#CVE #Exploit #POC\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-12-31T14:55:04.000000Z"}, {"uuid": "0e4d0edc-1638-4ea4-818d-58436fe8ab50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.rb", "content": "", "creation_timestamp": "2023-09-12T23:27:42.000000Z"}, {"uuid": "5db711b1-c20a-47fa-9f5e-9bf195d3344e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://gist.github.com/TatiShayo/ac718ff676ec5a22e5264aaa05f02163", "content": "", "creation_timestamp": "2025-09-27T08:10:18.000000Z"}, {"uuid": "35ead6f1-f8ed-43de-af19-2aa3d0dd1314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2bd8ea34-74bd-4e3c-a88c-4a0cb6f0b6a5", "content": "", "creation_timestamp": "2026-02-02T12:26:43.633661Z"}, {"uuid": "96643b5f-fc27-4819-ae39-8fccd80f0b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4260", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache Superset Auth Bypass Vulnerability CVE-2023-27524.\nURL\uff1ahttps://github.com/antx-code/CVE-2023-27524\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-27T07:39:53.000000Z"}, {"uuid": "bba8cb1d-532c-4542-8407-f75bd730f943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4258", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApahce-Superset\u8eab\u4efd\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e(CVE-2023-27524)\u68c0\u6d4b\u5de5\u5177\nURL\uff1ahttps://github.com/Okaytc/Superset_auth_bypass_check\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-27T06:25:31.000000Z"}, {"uuid": "1bd7257a-0586-4cd7-8b9b-1a1b9fc3f58a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/10", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 Horizon3 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0434\u043b\u044f RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-27524 \u0432 Apache Superset, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 8.9 \u043f\u043e CVSS3.0. Apache Superset - \u044d\u0442\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0438 \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0430\u044f Airbnb \u0432 2017 \u0433\u043e\u0434\u0443. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0441\u0443\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u043e\u0433\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \\x02\\x01thisismyscretkey\\x01\\x02\\\\e\\\\y\\\\y\\\\h \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 SECRET_KEY \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f session cookie, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Superset \u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u0431\u0443\u043a\u0432\u0430\u043c\u0438 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043d\u0430 'YOUR_OWN_RANDOM_GENERATED_SECRET_KEY'. \u0410\u0432\u0442\u043e\u0440\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0443\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b 1288 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 (\u0431\u043e\u043b\u0435\u0435 70% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430) \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0435 \u043e\u0441\u0438\u043b\u0438\u043b\u0438 RTFM \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430. \u041f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0447\u0435\u043d\u044c \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u0430 \u0438 \u0441\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u044d\u0442\u0438\u043c \u043a\u043b\u044e\u0447\u043e\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f session cooki\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b , \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e flask-unsign  \u0414\u0430\u043b\u0435\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u043c\u0435\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445 SQL \u0431\u0430\u0437\u0430\u043c\u0438 \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b, \u0430 \u0442\u0430\u043a \u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0411\u0414 \u0438 \u0441\u0430\u043c\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \n\u041f\u043e\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 Netlas: http.favicon.hash_sha256:e186603e51173d86bfc680eee24345d67c7a1d945a8e76dc4b218bbfabed666e\n\u0421\u043a\u0440\u0438\u043f\u0442 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: https://github.com/horizon3ai/CVE-2023-27524\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n#CVE-2023-27524 #RCE #Apache_Superset", "creation_timestamp": "2023-04-25T19:02:57.000000Z"}, {"uuid": "a7fcd5e0-59e5-4ca9-b966-b208ab9e934b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/17309", "content": "\u200b\u200bCVE-2023-27524 \n\nApache Superset Auth Bypass.\n\nScript to check if an Apache Superset server is running with an insecure default configuration (CVE-2023-27524). The script checks if a Superset server's session cookies are signed with any well-known default Flask SECRET_KEYs.\n\nhttps://github.com/horizon3ai/CVE-2023-27524\n\n#infosec #cve #poc", "creation_timestamp": "2023-05-23T17:56:35.000000Z"}, {"uuid": "eed57731-0fb3-4297-ba13-a719489181e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27526", "type": "seen", "source": "https://t.me/cibsecurity/69995", "content": "\u203c CVE-2023-27526 \u203c\n\nA non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T16:17:37.000000Z"}, {"uuid": "8838a99a-9ead-4c29-8f00-a24be0d57e95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "exploited", "source": "https://t.me/information_security_channel/51294", "content": "CISA Warns of Apache Superset Vulnerability Exploitation\nhttps://www.securityweek.com/cisa-warns-of-apache-superset-vulnerability-exploitation/\n\nCISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.\nThe post CISA Warns of Apache Superset Vulnerability Exploitation (https://www.securityweek.com/cisa-warns-of-apache-superset-vulnerability-exploitation/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-01-09T19:54:07.000000Z"}, {"uuid": "3e463285-efe6-4b0a-806d-3a568eb63b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/thehackernews/4375", "content": "\ud83d\udea8 CISA warns of 6 actively exploited security flaws \n \n\u2570\u2508\u27a4 CVE-2023-27524 in Apache Superset. \n\u2570\u2508\u27a4 CVE-2023-38203 & CVE-2023-29300 in Adobe ColdFusion. \n\u2570\u2508\u27a4 CVE-2023-41990 in Apple products. \n\u2570\u2508\u27a4 CVE-2016-20017 in D-Link devices. \n\u2570\u2508\u27a4 CVE-2023-23752 in Joomla! \n \nRead: https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html", "creation_timestamp": "2024-01-10T06:02:02.000000Z"}, {"uuid": "d54c8cc8-004c-44cd-9079-78ad01c3a339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-01-08T18:10:03.000000Z"}, {"uuid": "afd04159-1056-467e-a1e9-4e2b376f9b87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e7ed740d-6d5b-4666-ad70-77d97777b165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "0d6e9db4-b624-45de-8ea3-546892bf7ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01", "content": "", "creation_timestamp": "2025-05-13T10:00:00.000000Z"}, {"uuid": "3e2a3e9b-7e4b-45f3-80a3-7de19cd80945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "1ed10600-849b-4652-8b63-1e0a79f89fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:12.000000Z"}, {"uuid": "2ab9168d-d080-4291-91a7-9eb8d3c5e3b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_superset_cookie_sig_rce.rb", "content": "", "creation_timestamp": "2023-10-12T21:34:40.000000Z"}, {"uuid": "01a0b0f9-3f07-4e6f-938e-e10b4994686b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "d4c94918-9976-47e0-a126-bf6be0b78a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5342", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache Superset \u9ed8\u8ba4SECRET_KEY \u6f0f\u6d1e(CVE-2023-27524)\nURL\uff1ahttps://github.com/CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T08:39:36.000000Z"}, {"uuid": "38d8ce09-acb3-4ef6-a08e-23fec8f3bb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27520", "type": "seen", "source": "Telegram/b7IHSLp34ZVHiB1OfJGM_5tHTe08ipBojnMiwQXQUyMrl0zt", "content": "", "creation_timestamp": "2025-02-14T10:00:36.000000Z"}, {"uuid": "9e1185cc-016a-44ad-bfa2-9aa32769a37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2752", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2604", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2752\n\ud83d\udd39 Description: Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.\n\ud83d\udccf Published: 2023-05-17T00:00:00\n\ud83d\udccf Modified: 2025-01-22T17:21:20.965Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/efdf5b24-6d30-4d57-a5b0-13b253ba3ea4\n2. https://github.com/thorsten/phpmyfaq/commit/e7599d49b0ece7ceef3a4e8d334782cc3df98be8", "creation_timestamp": "2025-01-22T18:02:34.000000Z"}, {"uuid": "8da08112-9f02-4e1a-ac2f-669572e79fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27522", "type": "seen", "source": "https://t.me/ctinow/100957", "content": "Internet Bug Bounty: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)\n\nhttps://ift.tt/0yGU7uk", "creation_timestamp": "2023-03-23T07:51:17.000000Z"}, {"uuid": "6fec8384-b88d-4dcc-9876-9f74994fd7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/ctinow/108022", "content": "CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution\n\nhttps://ift.tt/dwGjxKc", "creation_timestamp": "2023-04-25T18:32:01.000000Z"}, {"uuid": "66dd99f8-b94f-4e85-8a5c-be75ddc2fbff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27524", "type": "seen", "source": "https://t.me/ctinow/109130", "content": "Apache Superset RCE Vulnerability CVE-2023-27524 Highlights Ongoing Issues with Flask AppBuilder, Joining List of Previously Discovered CVEs\n\nhttps://ift.tt/UWbn0pX", "creation_timestamp": "2023-05-01T19:56:20.000000Z"}]}