{"vulnerability": "cve-2025-2345", "sightings": [{"uuid": "2f193530-e7b3-4777-804d-b9216f0eebf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2345\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-16T18:31:04.588Z\n\ud83d\udccf Modified: 2025-03-16T18:31:04.588Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299811\n2. https://vuldb.com/?ctiid.299811\n3. https://vuldb.com/?submit.516883\n4. https://github.com/geo-chen/IROAD/blob/main/README.md#finding-5-managing-settings-to-obtain-sensitive-data-and-sabotaging-car-battery", "creation_timestamp": "2025-03-16T18:46:49.000000Z"}, {"uuid": "b106f3f5-b9b3-4b27-8161-a1a0ac7ecfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23453", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wq4ibm2f", "content": "", "creation_timestamp": "2025-01-16T20:16:50.733678Z"}, {"uuid": "fb6b3db3-448c-4042-af28-485b2bf6d095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lkmazve3m62h", "content": "", "creation_timestamp": "2025-03-17T23:00:05.960618Z"}, {"uuid": "8b221273-2745-4d08-917d-3ef727984f88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114168175886953161", "content": "", "creation_timestamp": "2025-03-15T19:48:34.916960Z"}, {"uuid": "86e428a6-9be9-4527-ab74-175be9fd7019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23458", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f97cb8b322929ae3758164f8835411e8", "content": "", "creation_timestamp": "2025-12-30T12:42:00.000000Z"}, {"uuid": "b7c34133-dd02-40a5-b250-95974462a996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://t.me/cvedetector/20417", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2345 - \"IROAD Dash Cam X5 and Dash Cam X6 Remote Unauthenticated RCE\"\", \n  \"Content\": \"CVE ID : CVE-2025-2345 \nPublished : March 16, 2025, 7:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T22:13:48.000000Z"}, {"uuid": "b730e01c-7865-4422-800a-ef418b7db8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23454", "type": "seen", "source": "https://t.me/cvedetector/15995", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23454 - Flashmaniac Nature FlipBook Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23454 \nPublished : Jan. 21, 2025, 6:15 p.m. | 37\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flashmaniac Nature FlipBook allows Reflected XSS. This issue affects Nature FlipBook: from n/a through 1.7. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T20:19:20.000000Z"}, {"uuid": "292dc60d-821f-4dcc-aedd-c181147c1764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "published-proof-of-concept", "source": "Telegram/x4iOrftRSiAF20ajskWmAqFpT-uyGTPXxL6z-8fwclTCEGU", "content": "", "creation_timestamp": "2025-03-16T20:30:22.000000Z"}, {"uuid": "29cc4e26-7cd9-49ed-99ae-4b6559f64259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23452", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840015753217737", "content": "", "creation_timestamp": "2025-01-16T20:53:07.752042Z"}, {"uuid": "1ea91d6e-872b-4cab-a05e-44c31d924e01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23455", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840015782159097", "content": "", "creation_timestamp": "2025-01-16T20:53:08.294793Z"}, {"uuid": "e6755d54-27cf-4531-92ff-f923cf694eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23452", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wmwtoa2t", "content": "", "creation_timestamp": "2025-01-16T20:16:46.960355Z"}, {"uuid": "7ba71280-946b-4421-9bc9-ebf4f9646ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23456", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wvxqg72c", "content": "", "creation_timestamp": "2025-01-16T20:16:56.536662Z"}, {"uuid": "100bc96a-eb24-49a3-a998-027fbc1c1e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23455", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wstx7y2h", "content": "", "creation_timestamp": "2025-01-16T20:16:53.112749Z"}, {"uuid": "e453ebbc-b656-4b1c-b3f8-7137cf117cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23454", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867586319898208", "content": "", "creation_timestamp": "2025-01-21T17:44:51.422986Z"}, {"uuid": "a0b63d35-9fd4-4f4a-9c21-b96afb5d5678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23454", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbhjlvsju2t", "content": "", "creation_timestamp": "2025-01-21T18:16:11.535931Z"}, {"uuid": "49d3627e-bce8-4c99-98dd-fc9e9cc2a172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23457", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113900710168427584", "content": "", "creation_timestamp": "2025-01-27T14:08:31.059296Z"}, {"uuid": "1fa3a39c-e744-4013-a15a-fef5bc3b6c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23457", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgq73kapvy2q", "content": "", "creation_timestamp": "2025-01-27T14:55:08.327889Z"}, {"uuid": "27fc0be1-dc33-4944-b010-c0c8417585f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lkkysh4fu32j", "content": "", "creation_timestamp": "2025-03-17T11:00:06.356624Z"}, {"uuid": "88f0a912-ffb2-4b72-a6a5-44fad2995311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23458", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb6dp3r3bq2y", "content": "", "creation_timestamp": "2025-12-30T02:49:55.874144Z"}, {"uuid": "94ce8eea-10cc-4184-870d-3eaa5de39ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23454", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2453", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23454\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flashmaniac Nature FlipBook allows Reflected XSS. This issue affects Nature FlipBook: from n/a through 1.7.\n\ud83d\udccf Published: 2025-01-21T17:21:49.720Z\n\ud83d\udccf Modified: 2025-01-21T18:43:43.967Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/vertical-diamond-flipbook-flash/vulnerability/wordpress-nature-flipbook-wordpress-plugin-plugin-1-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T19:01:50.000000Z"}, {"uuid": "7bb6e6fc-2a94-4a82-98e6-e3515bf2105e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23451", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23451\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Awesome Twitter Feeds allows Reflected XSS. This issue affects Awesome Twitter Feeds: from n/a through 1.0.\n\ud83d\udccf Published: 2025-03-03T13:30:04.173Z\n\ud83d\udccf Modified: 2025-03-03T16:01:49.969Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/awesome-twitter-feeds/vulnerability/wordpress-awesome-twitter-feeds-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T16:30:40.000000Z"}, {"uuid": "c1c59f7c-8ef5-4d3e-b976-d0399d15af0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23450", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6232", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23450\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agenwebsite AW WooCommerce Kode Pembayaran allows Reflected XSS. This issue affects AW WooCommerce Kode Pembayaran: from n/a through 1.1.4.\n\ud83d\udccf Published: 2025-03-03T13:30:03.999Z\n\ud83d\udccf Modified: 2025-03-03T16:01:56.661Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/aw-woocommerce-kode-pembayaran/vulnerability/wordpress-aw-woocommerce-kode-pembayaran-plugin-1-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T16:30:39.000000Z"}, {"uuid": "819eef0e-9c3d-44da-9542-30ecfbb92f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23457", "type": "seen", "source": "https://t.me/cvedetector/16457", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23457 - Clodeo Shipdeo Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-23457 \nPublished : Jan. 27, 2025, 2:15 p.m. | 15\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Clodeo Shipdeo allows Reflected XSS. This issue affects Shipdeo: from n/a through 1.2.8. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T15:59:48.000000Z"}, {"uuid": "0c738bb7-cb26-4f82-8b5e-ad4ec0530b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23453", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840015767767164", "content": "", "creation_timestamp": "2025-01-16T20:53:08.061589Z"}, {"uuid": "79681191-26e0-44ef-8c13-ca6be09bb3ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23456", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840074779178638", "content": "", "creation_timestamp": "2025-01-16T21:08:08.481587Z"}, {"uuid": "750e27e2-dfd2-4837-8441-f0284d43ad5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23457", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgq4vtuqpr2h", "content": "", "creation_timestamp": "2025-01-27T14:16:07.431658Z"}, {"uuid": "223760ad-5765-49dd-86fe-f94e987d05c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkjffsr7bb2n", "content": "", "creation_timestamp": "2025-03-16T19:40:21.516669Z"}, {"uuid": "ad65d0e2-6a61-4ffe-99c2-5181e530af32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114173839640484534", "content": "", "creation_timestamp": "2025-03-16T19:48:56.425253Z"}, {"uuid": "193ff1a2-2d96-49c5-8c28-e69ca433fb60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2345", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkjlu3eysa2h", "content": "", "creation_timestamp": "2025-03-16T21:35:42.957056Z"}]}