{"vulnerability": "cve-2025-3023", "sightings": [{"uuid": "0f17a923-ab49-4cf0-bccd-96ebad20b161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114187757559576628", "content": "", "creation_timestamp": "2025-03-19T06:48:26.966033Z"}, {"uuid": "2b6498b3-e319-4007-9356-abc834ab00c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkpo7zwabd26", "content": "", "creation_timestamp": "2025-03-19T07:34:09.619684Z"}, {"uuid": "9b7a76b7-af80-48fa-bc21-68e30ec8704b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkpoa27hon2k", "content": "", "creation_timestamp": "2025-03-19T07:34:10.246943Z"}, {"uuid": "3e293455-26c7-4cdf-9ce7-8913d8d46d52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114188229071663395", "content": "", "creation_timestamp": "2025-03-19T08:48:21.534396Z"}, {"uuid": "dfa336ef-385a-4c96-a737-d4155169964f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3llc2rx277m2d", "content": "", "creation_timestamp": "2025-03-26T15:06:51.063262Z"}, {"uuid": "68306aab-0cda-4ef9-83d1-42804592a46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llc4kw3ufk2v", "content": "", "creation_timestamp": "2025-03-26T15:38:42.453729Z"}, {"uuid": "c789b2b1-0859-42e0-be72-578e332f775f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3llfkq7xjg42x", "content": "", "creation_timestamp": "2025-03-28T00:30:12.845532Z"}, {"uuid": "ae1848f5-c037-46aa-beb1-e7c6f7403b87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llev4aniv22q", "content": "", "creation_timestamp": "2025-03-27T18:03:16.758168Z"}, {"uuid": "912ac845-1965-4fe1-850a-de7bd646cdd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lldnyaargx2u", "content": "", "creation_timestamp": "2025-03-27T06:23:06.276687Z"}, {"uuid": "f8ae04e1-9cd8-4f81-87fe-cebce9e07005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114189623044262219", "content": "", "creation_timestamp": "2025-03-19T14:42:52.920260Z"}, {"uuid": "d11d25b2-1c50-4288-b604-55c5caf84501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114189633111513349", "content": "", "creation_timestamp": "2025-03-19T14:45:25.321383Z"}, {"uuid": "e843e715-3083-4d74-a0a0-74f2b288c668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llgiabavxn27", "content": "", "creation_timestamp": "2025-03-28T09:18:08.999822Z"}, {"uuid": "14cd88aa-3596-4cb9-a829-ecb116141ab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3llgo4arldt26", "content": "", "creation_timestamp": "2025-03-28T11:03:17.275876Z"}, {"uuid": "47d451cf-6401-4fc9-94f2-d88eb0e1e8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/prohoster.bsky.social/post/3llhi43ilq32q", "content": "", "creation_timestamp": "2025-03-28T18:48:29.076848Z"}, {"uuid": "98f3b161-37de-4566-9b9f-199863935a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lljblcv6yc24", "content": "", "creation_timestamp": "2025-03-29T11:57:09.544539Z"}, {"uuid": "7a709418-94b5-427c-8d05-9e7dc30e61a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8018", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30234\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26).\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T04:37:24.456Z\n\ud83d\udd17 References:\n1. https://security.tritondatacenter.com/tps-2025-002/\n2. https://smartos.topicbox.com/groups/smartos-discuss/Ta6f13072e6bedddc-M3702e993edd7d6ce8d78dfc8\n3. https://www.openwall.com/lists/oss-security/2025/03/13/10", "creation_timestamp": "2025-03-19T04:48:45.000000Z"}, {"uuid": "d2f33e0f-a3cc-4625-956d-62dcdbed62c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://t.me/cvedetector/21358", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30232 - Exim Use-After-Free Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-30232 \nPublished : March 28, 2025, 12:15 a.m. | 1\u00a0hour, 47\u00a0minutes ago \nDescription : A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T03:31:53.000000Z"}, {"uuid": "8e783284-d48d-49d0-8349-497c0948364f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "published-proof-of-concept", "source": "Telegram/mkGOM-E8OJsYhEw1M1OyyZKeq4b7Lb26u5ZJyOZQOlcRf_M", "content": "", "creation_timestamp": "2025-03-19T06:30:14.000000Z"}, {"uuid": "b837e83a-d47f-44e6-afce-e8d0ba05feab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://t.me/suboxone_chatroom/7690", "content": "CVE-2025-30232: Use-after-free in Exim, \"medium\" rating\u2757\ufe0f\n\nA vulnerability in some versions of Exim potentially allows an attacker to perform Privilege Escalation, if he has command line access.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/mtDNc\n\ud83d\udc49 Dork: smtp.banner:\"Exim 4.96\" OR smtp.banner:\"Exim 4.97\" OR smtp.banner:\"Exim 4.98\" OR smtp.banner:\"Exim 4.98.1\"\n\nVendor's advisory: https://exim.org/static/doc/security/CVE-2025-30232.txt", "creation_timestamp": "2025-04-07T11:28:11.000000Z"}, {"uuid": "adf4f7b5-326a-42a3-a7c5-c059296fa6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-200/", "content": "", "creation_timestamp": "2025-04-07T03:00:00.000000Z"}, {"uuid": "2e137e6d-e8ca-487a-8960-22c924eef7cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3023", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmgkzimysm2c", "content": "", "creation_timestamp": "2025-04-10T03:33:17.991663Z"}, {"uuid": "9499f149-f408-431c-bb5b-2e7fb8382ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:58.000000Z"}, {"uuid": "69a4bd8d-2241-4cbf-bbff-baf79b927492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "Telegram/PWNK0uEjqc3o9Ao2DS9MNA_zBBKtA6SCYaqSlMWCwGOICKU", "content": "", "creation_timestamp": "2025-10-31T04:31:55.000000Z"}, {"uuid": "d0ada30a-81da-455f-bbff-68f6c5727b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8025", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30236\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T06:16:56.750Z\n\ud83d\udd17 References:\n1. https://reserge.org/probabilistically-breaking-securenvoy-totp/\n2. https://securenvoy.com/wp-content/uploads/2025/03/Release-Notes-9.4.515.pdf", "creation_timestamp": "2025-03-19T06:52:03.000000Z"}, {"uuid": "d13c65aa-be9c-4c04-b260-73559f9c6dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3023", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11182", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3023\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: N/A\n\ud83d\udccf Modified: 2025-04-09T22:15:58.040Z\n\ud83d\udd17 References:\nNo references available.", "creation_timestamp": "2025-04-09T22:48:55.000000Z"}, {"uuid": "790a3ef9-c020-49e2-9e4b-a10dda431cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30234", "type": "seen", "source": "https://t.me/cvedetector/20625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30234 - SmartOS SSH Key Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-30234 \nPublished : March 19, 2025, 5:15 a.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26). \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T07:57:42.000000Z"}, {"uuid": "ef0c9cc2-1f90-4d09-8325-0cd7e5cae641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "published-proof-of-concept", "source": "Telegram/spBu0IgY2k9BGiGfLW87pLcgqoFD4hIVLtlxkjLcsX7UOko", "content": "", "creation_timestamp": "2025-03-19T08:30:22.000000Z"}, {"uuid": "fd4fba8f-e679-45a4-900e-959d98def890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "aa25d1ff-28de-4a80-8f17-645f084a6596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30235", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30235\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication attempts, because concurrent attempts are mishandled.\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T06:10:34.689Z\n\ud83d\udd17 References:\n1. https://reserge.org/probabilistically-breaking-securenvoy-totp/\n2. https://securenvoy.com/wp-content/uploads/2025/03/Release-Notes-9.4.515.pdf", "creation_timestamp": "2025-03-19T06:52:04.000000Z"}, {"uuid": "45d5aedd-d4ff-45bc-ad83-ed831c213ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9243", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30232\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.\n\ud83d\udccf Published: 2025-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T00:11:36.790Z\n\ud83d\udd17 References:\n1. https://www.exim.org/static/doc/security/CVE-2025-30232.txt", "creation_timestamp": "2025-03-28T00:35:30.000000Z"}, {"uuid": "c68b5fb3-3520-4c55-a141-5242ae9389b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30235", "type": "seen", "source": "https://t.me/cvedetector/20618", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30235 - Shearwater SecurEnvoy SecurAccess Account Brute Force\", \n  \"Content\": \"CVE ID : CVE-2025-30235 \nPublished : March 19, 2025, 6:15 a.m. | 39\u00a0minutes ago \nDescription : Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication attempts, because concurrent attempts are mishandled. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T07:57:34.000000Z"}, {"uuid": "590e829a-a611-493d-a4d2-3c6fc0ce211f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30236", "type": "seen", "source": "https://t.me/cvedetector/20617", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30236 - Shearwater SecurEnvoy SecurAccess TOTP Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-30236 \nPublished : March 19, 2025, 6:15 a.m. | 39\u00a0minutes ago \nDescription : Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T07:57:33.000000Z"}, {"uuid": "d7b8a3c5-f2a7-4a96-a07a-03e7b35d1a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30232", "type": "published-proof-of-concept", "source": "Telegram/FM2EOk86-hsfYWtXeDik_4c3ateEFNrnuhfOBQbGFDHktVc", "content": "", "creation_timestamp": "2025-03-28T02:00:41.000000Z"}]}