{"vulnerability": "cve-2023-3252", "sightings": [{"uuid": "19bd3e06-a740-437f-82dd-517149622ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32529", "type": "seen", "source": "https://t.me/arpsyndicate/682", "content": "#ExploitObserverAlert\n\nCVE-2023-32529\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-32529. Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.  Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.  This is similar to, but not identical to CVE-2023-32530.\n\nFIRST-EPSS: 0.003400000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-29T06:31:06.000000Z"}, {"uuid": "8785dd44-cec9-42b4-9309-623053e37a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3252", "type": "seen", "source": "https://t.me/cibsecurity/69380", "content": "\u203c CVE-2023-3252 \u203c\n\nAn arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T22:17:41.000000Z"}, {"uuid": "95138b28-0e64-4806-8ec7-e9f121a5209c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32523", "type": "seen", "source": "https://t.me/cibsecurity/65550", "content": "\u203c CVE-2023-32523 \u203c\n\nAffected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities.This is similar to, but not identical to CVE-2023-32524.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:24:58.000000Z"}, {"uuid": "ae79c131-c676-4c12-93b1-85a51369443a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32524", "type": "seen", "source": "https://t.me/cibsecurity/65550", "content": "\u203c CVE-2023-32523 \u203c\n\nAffected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities.This is similar to, but not identical to CVE-2023-32524.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:24:58.000000Z"}, {"uuid": "0e03135f-04e1-4f50-ab79-773d2f25abe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32525", "type": "seen", "source": "https://t.me/cibsecurity/65562", "content": "\u203c CVE-2023-32526 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32525.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:27:52.000000Z"}, {"uuid": "0c40fc07-17b9-47db-a277-193915286566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32526", "type": "seen", "source": "https://t.me/cibsecurity/65562", "content": "\u203c CVE-2023-32526 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32525.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:27:52.000000Z"}, {"uuid": "fd447562-a6c7-4533-90a4-c2a1db5046e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32528", "type": "seen", "source": "https://t.me/cibsecurity/65560", "content": "\u203c CVE-2023-32528 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32527.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:25:08.000000Z"}, {"uuid": "9aa6f83b-0e82-432f-b423-89b6001f61c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32527", "type": "seen", "source": "https://t.me/cibsecurity/65560", "content": "\u203c CVE-2023-32528 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32527.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:25:08.000000Z"}, {"uuid": "598c5397-a25e-439a-9c9c-9a9566273cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32529", "type": "seen", "source": "https://t.me/cibsecurity/65552", "content": "\u203c CVE-2023-32529 \u203c\n\nVulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.This is similar to, but not identical to CVE-2023-32530.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:25:00.000000Z"}, {"uuid": "0a77de03-096d-47ff-a1ac-c65c35a05cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32528", "type": "seen", "source": "https://t.me/cibsecurity/65544", "content": "\u203c CVE-2023-32527 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32528.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:24:52.000000Z"}, {"uuid": "2b006e14-f356-4932-a8cf-8ac9464cde78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32527", "type": "seen", "source": "https://t.me/cibsecurity/65544", "content": "\u203c CVE-2023-32527 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32528.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:24:52.000000Z"}, {"uuid": "f88eae8e-0280-4c05-8d12-5d0f51a4f7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32521", "type": "seen", "source": "https://t.me/cibsecurity/65541", "content": "\u203c CVE-2023-32521 \u203c\n\nA path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:21:59.000000Z"}, {"uuid": "12a9369e-fddc-439d-964b-bcf5f22e00a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32529", "type": "seen", "source": "https://t.me/cibsecurity/65539", "content": "\u203c CVE-2023-32530 \u203c\n\nVulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.This is similar to, but not identical to CVE-2023-32529.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:21:54.000000Z"}, {"uuid": "89f0a042-4fbd-4a61-b5ee-d35d451c84de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32522", "type": "seen", "source": "https://t.me/cibsecurity/65556", "content": "\u203c CVE-2023-32522 \u203c\n\nA path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files.Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:25:04.000000Z"}, {"uuid": "327a1b47-f776-4711-84dd-c07bdfdc0e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32525", "type": "seen", "source": "https://t.me/cibsecurity/65535", "content": "\u203c CVE-2023-32525 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32526.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:21:50.000000Z"}, {"uuid": "ed60f90c-2430-4f43-b5ab-fc0ffaad4aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32526", "type": "seen", "source": "https://t.me/cibsecurity/65535", "content": "\u203c CVE-2023-32525 \u203c\n\nTrend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.This is similar to, but not identical to CVE-2023-32526.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T02:21:50.000000Z"}, {"uuid": "8c893719-db37-4d5c-b472-f86444970e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32524", "type": "published-proof-of-concept", "source": "Telegram/JJ4aokg6nBDO0aQeB0SH-tylBVWfPlOS9pDTLCIGtEUG", "content": "", "creation_timestamp": "2023-10-23T00:32:37.000000Z"}, {"uuid": "62bee1e5-afcd-40a5-a015-3ebe77283a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32520", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646341973947565", "content": "", "creation_timestamp": "2024-12-13T15:59:20.245577Z"}]}