{"vulnerability": "cve-2023-36812", "sightings": [{"uuid": "71d7c2f9-b1b7-457a-98ea-05a91d00ac7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "b3ca7d8a-a434-49dd-9b17-806f4a68a02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_key_cmd_injection.rb", "content": "", "creation_timestamp": "2023-09-08T16:06:04.000000Z"}, {"uuid": "7975cb88-5e6c-4e20-9ed7-6fa40d799da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\nURL\uff1ahttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T14:30:28.000000Z"}, {"uuid": "ef8e9708-32a0-4481-a142-acf7595293ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/hunter4good/196", "content": "https://twitter.com/HunterMapping/status/1676168986189340672\n\ud83d\udea8Alert\ud83d\udea8 CVE-2023-36812 #OpenTSDB #RCE vulnerability\n\n\ud83d\udcce https://hunter.how/list?searchValue=favicon_hash%3D%227f4338a0648aaefcdb73240e8420387b%22\n\n1\u20e3 FOFA: icon_hash=\"407286339\"\n2\u20e3 Shodan: http.favicon.hash:407286339\n\nRefer to: \nhttps://securityonline.info/cve-2023-36812-opentsdb-faces-high-risk-security-vulnerability/\nhttps://github.com/OpenTSDB/opentsdb/issues/2261", "creation_timestamp": "2023-07-04T12:53:30.000000Z"}, {"uuid": "0420520c-5c61-4e90-b092-1492cec9b48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 < Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}, {"uuid": "962fe49f-257e-4655-b7bf-a3bbdd7ccfbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}, {"uuid": "351e8e05-c800-4917-abc3-2358a1633bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "c2b74715-a106-4e1b-bd2a-e907ba7e5735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}]}