{"vulnerability": "cve-2023-3412", "sightings": [{"uuid": "3b226e4f-a08c-4d20-b390-24eee618e3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "76cf4c76-67ff-4afb-af6a-cafb623b8ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "8491ff3a-cb2c-46cb-88af-bf3d1a4e3a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}, {"uuid": "40b7bc07-4d08-42dc-bc81-cc266603f9bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}, {"uuid": "e2553380-8743-4375-a757-34c9525a51f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/sonicwall_shell_injection_cve_2023_34124.rb", "content": "", "creation_timestamp": "2023-09-08T10:11:37.000000Z"}, {"uuid": "d5c28d73-dd8b-402f-9d26-043b091261e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34123", "type": "seen", "source": "Telegram/RO-3KQYYmJp6rc3OyQ2a4C_Dza1Efh5pGtP13e3EKmucFw", "content": "", "creation_timestamp": "2023-07-13T09:12:22.000000Z"}, {"uuid": "155d2d7d-536b-4331-9384-5e465c11c7e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1692", "content": "Sonicwall rce CVE-2023-34124\n*\nmetasploit\n*\nuse exploit/multi/http/sonicwall_shell_injection_cve_2023_34124\n\n\u043d\u0443 \u0434\u0430 \u043d\u0443 \u0434\u0430 \ud83d\ude43\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u0435\u0442 4-5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f @fulmetalpackets", "creation_timestamp": "2023-08-21T21:23:47.000000Z"}, {"uuid": "213e3156-312b-4361-b166-a164f31ba860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "https://t.me/true_secator/4611", "content": "SonicWall \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c Global Management System (GMS) \u0438 \u041f\u041e \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 Analytics.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 15 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c GMS 9.3.2-SP1 \u0438 Analytics 2.5.0.4-R7 (\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0427\u0435\u0442\u044b\u0440\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0432 \u0445\u043e\u0434\u0435 \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0412\u0441\u0435 \u043e\u043d\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a: CVE-2023-34124 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u0430), CVE-2023-34133 (\u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u043b\u044c\u0442\u0440\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), CVE-2023-34134 (\u0447\u0442\u0435\u043d\u0438\u0435 \u0445\u044d\u0448\u0430 \u043f\u0430\u0440\u043e\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0441\u043b\u0443\u0436\u0431\u0443) \u0438 CVE-2023-34137 (\u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CAS).\n\nSonicWall PSIRT \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 PoC \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0443\u044e \u043d\u0438\u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u044e GMS/Analytics On-Prem,\u00a0\u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0443\u0436\u0435 \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 (HelloKitty, FiveHands) \u0438 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430.\n\n\u0418 \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, SonicWall \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 500 000 \u0431\u0438\u0437\u043d\u0435\u0441-\u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0432 215 \u0441\u0442\u0440\u0430\u043d\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.", "creation_timestamp": "2023-07-13T15:09:07.000000Z"}, {"uuid": "99cf9fb3-d2fb-47f5-9152-47d6c47117ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34122", "type": "seen", "source": "https://t.me/cibsecurity/65169", "content": "\u203c CVE-2023-34122 \u203c\n\nImproper input validation in the installer for Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-13T22:20:12.000000Z"}, {"uuid": "56b4d675-496b-4474-8ed8-abb3ea44828f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/9599b5d9-4420-4e47-966c-247229ef3d0d", "content": "", "creation_timestamp": "2024-02-22T15:07:40.000000Z"}, {"uuid": "1d674bd5-a0fd-431d-a017-968a86e06902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "0e969d05-3597-4ba7-a92a-4331a13f6f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "044beb26-859f-43e6-85e2-d76932fc7955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/sonicwall_shell_injection_cve_2023_34124.rb", "content": "", "creation_timestamp": "2023-09-08T10:11:37.000000Z"}, {"uuid": "940cf929-27ac-4b6f-ad27-3b58a9866f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1069", "content": "CVE-2023-34127 : SonicWall - OS Command Injection\nissue affects  : GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\nDescription\nImproper Neutralization of Special Elements used in an OS Command (\u2018OS Command Injection\u2019) vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\nANALYSIS : https://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis\nMetasploit : https://github.com/rapid7/metasploit-framework/pull/18302", "creation_timestamp": "2024-05-06T11:39:25.000000Z"}, {"uuid": "ce5f733f-922c-4829-aec3-78f592086695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "https://t.me/cibsecurity/66610", "content": "\u203c CVE-2023-34127 \u203c\n\nImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:42:12.000000Z"}, {"uuid": "1231f29d-b396-4d48-96f3-109cbd0386f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34128", "type": "seen", "source": "https://t.me/cibsecurity/66621", "content": "\u203c CVE-2023-34128 \u203c\n\nTomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:45:18.000000Z"}, {"uuid": "b913af1f-dc21-4360-be7a-aa131966fd17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34124", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3iopgsbwo2w", "content": "", "creation_timestamp": "2025-10-18T21:02:26.548920Z"}, {"uuid": "da4e7f46-c1e3-4800-8b22-4a8559b8638d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34123", "type": "seen", "source": "https://t.me/KomunitiSiber/480", "content": "New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products\nhttps://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html\n\nSonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.\nOf the 15 shortcomings (tracked from CVE-2023-34123 through CVE-2023-34137), four", "creation_timestamp": "2023-07-13T10:11:28.000000Z"}, {"uuid": "a616af36-3fdb-454c-ba2c-4e0a21e20a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34127", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8892", "content": "#exploit\n1. CVE-2023-36874:\nWindows Error Reporting Service Privilege Enhancement Vulnerability\nhttps://github.com/c4m3l-security/CVE-2023-36874\n\n2. CVE-2023-34127:\nImproper Neutralization of Special Elements used in an OS Command (\"OS Command Injection\") vulnerability in SonicWall GMS, SonicWall Analytics\nhttps://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis", "creation_timestamp": "2023-08-22T12:27:06.000000Z"}]}