{"vulnerability": "CVE-2023-0861", "sightings": [{"uuid": "b26e6278-2637-4a74-87da-cb54dfbe441b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0861", "type": "published-proof-of-concept", "source": "Telegram/V7m6dyWJdYDSJe7SKroRfeJFuGytvG7wnZqZe-y0JOsicXA", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"}, {"uuid": "996f6241-deb4-4172-91ef-dc4bc4eccd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0861", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3933", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAnalyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers\nURL\uff1ahttps://github.com/seifallahhomrani1/CVE-2023-0861-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-12T18:17:30.000000Z"}, {"uuid": "7605941a-055e-4b57-965b-ea967cd0e6d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0861", "type": "seen", "source": "https://t.me/cibsecurity/58306", "content": "\u203c CVE-2023-0861 \u203c\n\nNetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103. The issue affects NSRW packaged by Phoenix Contact routers: from 4.6.72.0 before 4.6.72.101, from 4.6.73.0 before 4.6.73.101.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T12:37:14.000000Z"}, {"uuid": "185a9dfa-6fb3-48f2-bc03-4aa3bde71978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0861", "type": "seen", "source": "https://t.me/cibsecurity/72746", "content": "\u203c CVE-2023-46306 \u203c\n\nThe web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter. This occurs because another thread can be started before the trap that triggers the cleanup function. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. NOTE: this is different from CVE-2023-0861 and CVE-2023-0862, which were fixed in version 4.6.0.105.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-23T00:39:04.000000Z"}, {"uuid": "c4be49ba-5a68-4577-bd4c-15d1dce7a696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0861", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7956", "content": "#exploit\n1. CVE-2022-22963:\nVulnerability in the Spring Cloud Function Framework for Java that allows RCE\nhttps://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit\n\n2. CVE-2023-0861:\nCommand Injection Vulnerability  in NetModule Routers\nhttps://github.com/seifallahhomrani1/CVE-2023-0861-POC", "creation_timestamp": "2023-03-19T13:41:00.000000Z"}]}