{"uuid": "8c0068f0-ee06-4f2f-894b-2dba7ccf6d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38318", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19044", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-38318\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.\n\ud83d\udccf Published: 2024-01-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T19:37:02.137Z\n\ud83d\udd17 References:\n1. https://openwrt.org/docs/guide-user/services/captive-portal/opennds\n2. https://github.com/openNDS/openNDS/releases/tag/v10.1.3\n3. https://github.com/openNDS/openNDS/blob/master/ChangeLog\n4. https://www.forescout.com/resources/sierra21-vulnerabilities", "creation_timestamp": "2025-06-20T19:43:28.000000Z"}