{"vulnerability": "cve-2023-4174", "sightings": [{"uuid": "34b90449-878a-4db3-abc1-1ff58afd04d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4174", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4898", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4174 PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-4174\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-11T08:50:26.000000Z"}, {"uuid": "7e938b0c-cd37-4333-867f-0130b5e2d73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4174", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4936", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4174 - mooSocial 3.1.6 - Reflected Cross Site Scripting (XSS)\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-4174\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-17T02:51:40.000000Z"}, {"uuid": "43d9a90a-61ac-4498-9baf-a63ec3a6cdc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41747", "type": "seen", "source": "https://t.me/cibsecurity/69588", "content": "\u203c CVE-2023-41747 \u203c\n\nSensitive information disclosure due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T22:13:18.000000Z"}, {"uuid": "579a7b19-27bd-4758-8401-81e45528169c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41745", "type": "seen", "source": "https://t.me/cibsecurity/69587", "content": "\u203c CVE-2023-41745 \u203c\n\nSensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T22:13:17.000000Z"}, {"uuid": "1df4ecca-395c-4ac8-94cc-ddf25db80ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41742", "type": "seen", "source": "https://t.me/cibsecurity/69549", "content": "\u203c CVE-2023-41742 \u203c\n\nExcessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T18:13:06.000000Z"}, {"uuid": "50b45734-75e3-470e-b92d-2d70e30c2fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41741", "type": "seen", "source": "https://t.me/cibsecurity/69535", "content": "\u203c CVE-2023-41741 \u203c\n\nExposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T14:12:52.000000Z"}, {"uuid": "834b76bc-0b0d-4eae-a6ea-847e454dc058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41740", "type": "seen", "source": "https://t.me/cibsecurity/69534", "content": "\u203c CVE-2023-41740 \u203c\n\nImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T14:12:51.000000Z"}, {"uuid": "839813cb-3088-4645-98b4-948092d49613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41743", "type": "seen", "source": "https://t.me/cibsecurity/69563", "content": "\u203c CVE-2023-41743 \u203c\n\nLocal privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:14.000000Z"}, {"uuid": "3167da7a-3411-4b32-bd8d-30a5dda728e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41749", "type": "seen", "source": "https://t.me/cibsecurity/69605", "content": "\u203c CVE-2023-41749 \u203c\n\nSensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 32047, Acronis Cyber Protect 15 (Windows) before build 35979.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T00:13:24.000000Z"}, {"uuid": "3acb63c5-1c5f-495c-a01e-417fa62bfcd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41746", "type": "seen", "source": "https://t.me/cibsecurity/69583", "content": "\u203c CVE-2023-41746 \u203c\n\nRemote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T22:13:13.000000Z"}, {"uuid": "5133b1b7-7bed-428d-9e4f-d1255e978700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41744", "type": "seen", "source": "https://t.me/cibsecurity/69576", "content": "\u203c CVE-2023-41744 \u203c\n\nLocal privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:35.000000Z"}, {"uuid": "e3c64e1a-8854-4186-96ee-8bc8bb2103be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41748", "type": "seen", "source": "https://t.me/cibsecurity/69581", "content": "\u203c CVE-2023-41748 \u203c\n\nRemote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T22:13:10.000000Z"}, {"uuid": "9975ee45-31f3-4ff4-90f5-27b4df827cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4174", "type": "exploited", "source": "https://www.exploit-db.com/exploits/51671", "content": "", "creation_timestamp": "2023-08-08T00:00:00.000000Z"}]}