{"vulnerability": "CVE-2023-2020", "sightings": [{"uuid": "ec321a79-1790-4086-8cb5-aaca47128b0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/101", "content": "#cisco\nCisco Expressway \nCVE-2023-20209  (Auth) \n\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-03-12T15:00:58.000000Z"}, {"uuid": "fa1ca5d3-be53-4369-a621-030a96e4bf16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20200", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/20027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20200\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\n Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.\n\ud83d\udccf Published: 2023-08-23T18:20:09.900Z\n\ud83d\udccf Modified: 2025-07-01T13:57:36.701Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO", "creation_timestamp": "2025-07-01T14:11:14.000000Z"}, {"uuid": "09abc327-a9d2-4884-a3c8-c74fabc48466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "Telegram/XU1hmUSewexQ72aTh-3y6Y0lBjmdi-Ky-u-uAAAyQvmUZWU", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "5ab4a673-5ed8-44d4-b335-035f92f4c484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/105", "content": "Cisco Expressway\npost auth RCE\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-03-12T15:00:44.000000Z"}, {"uuid": "470cbee1-8b39-452a-871b-affd4895c0b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22826", "content": "https://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "1350a9b0-23bb-4103-b018-f6df2753dcba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20206", "type": "seen", "source": "https://t.me/cibsecurity/73342", "content": "\u203c CVE-2023-20206 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T19:21:56.000000Z"}, {"uuid": "6e387305-f6d1-4e1d-a63c-b5b49d112855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "Telegram/cJE2f1Ylibso8WfxExY7XnGGn9loSwHSSInb5Uh2BQYHEQ", "content": "", "creation_timestamp": "2023-09-28T05:04:24.000000Z"}, {"uuid": "8500e2e8-3a30-4dd4-8f5b-f5e773a8fbff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3213", "content": "Hackers Factory \n\nInstagram-py performs slick brute force attack on Instagram without any type of password limiting\n\nand also resumes your attack in ease.\n\n\u2014DeathSec\n\nhttps://github.com/deathsec/instagram-py\n\nAn open-source self-hosted purple team management web application.\n\nhttps://github.com/CyberCX-STA/PurpleOps?mibextid=Zxz2cZ\n\nJust some lists of Malware Configs\n\nhttps://github.com/Gi7w0rm/MalwareConfigLists\n\na unique vocabulary that is 90% generated with OpenAI ChatGPT.\n\nhttps://github.com/reewardius/bbFuzzing.txt\n\nCVE-2023-20209\n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\nOfficial repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts\n\nhttps://github.com/sherdencooper/GPTFuzz\n\nAttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details\n\nhttps://github.com/mrwadams/attackgen\n\nA Proof-Of-Concept for the CVE-2023-43770 vulnerability.\n\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\nreverse shell using curl\n\nhttps://github.com/irsl/curlshell\n\nCVE-2023-42820\n\nhttps://github.com/h4m5t/CVE-2023-42820\n\nGoCrack is a management frontend for password cracking tools written in Go\n\nhttps://github.com/mandiant/gocrack\n\nAsk a TGS on behalf of another user without password\n\nhttps://github.com/foxlox/GIUDA\n\nCVE-2023-42442\n\nhttps://github.com/HolyGu/CVE-2023-42442\n\nBypass the Event Trace Windows(ETW) and unhook ntdll.\n\nhttps://github.com/unkvolism/Fuck-Etw\n\nMicrosoft SharePoint Server Elevation of Privilege Vulnerability\n\nhttps://github.com/Chocapikk/CVE-2023-29357\n\nDorks-collections-list/onion.txt at main \u00b7 cipher387/Dorks-collections-list\n\nhttps://github.com/cipher387/Dorks-collections-list/blob/main/onion.txt\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-10T20:32:25.000000Z"}, {"uuid": "bbe310cd-c5b3-4bc0-ba9a-aad8e4865c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3147", "content": "https://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2023-09-29T12:56:46.000000Z"}, {"uuid": "2d7afcd4-31be-46aa-9b52-c0b14fec4802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/proxy_bar/1737", "content": "CVE-2023-20209\nCisco Expressway\nexploit\n\n#cisco", "creation_timestamp": "2023-09-27T20:08:31.000000Z"}, {"uuid": "66a0e520-a850-4ed0-ab7c-776ff57b4048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1388", "content": "CVE-2023-20209: Cisco RCE (Auth) \n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\n#git #redteam #pentest #exploit", "creation_timestamp": "2023-09-28T22:51:26.000000Z"}, {"uuid": "7b64508f-17ab-4a4b-a623-bcb9b0cf2dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/crackcodes/4390", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-09-28T18:37:41.000000Z"}, {"uuid": "d379fdf3-4d18-47ee-9047-6c56bca6eb96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/crackcodes/4382", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-10-10T07:12:43.000000Z"}, {"uuid": "b7741520-f73a-4934-a5da-0652ea38d945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20200", "type": "seen", "source": "https://t.me/cibsecurity/69080", "content": "\u203c CVE-2023-20200 \u203c\n\nA vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T22:12:42.000000Z"}, {"uuid": "f3e5f18c-2d4e-4e67-bf09-8fef5f36acbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/21210", "content": "CVE-2023-20209\n\nCisco expressway series/cisco telepresence video communication server command injection.\n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\n#cve #cybersecurity #infosec", "creation_timestamp": "2023-09-29T21:53:43.000000Z"}, {"uuid": "66b0cd49-7fa9-4134-98b1-aaae1feb042a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/cibsecurity/68688", "content": "\u203c CVE-2023-20209 \u203c\n\nA vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T00:36:41.000000Z"}, {"uuid": "960e5ed0-7ab9-4feb-9e8b-93aff839a499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20207", "type": "seen", "source": "https://t.me/cibsecurity/66561", "content": "\u203c CVE-2023-20207 \u203c\n\nA vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to view sensitive information in clear text.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T18:20:43.000000Z"}, {"uuid": "b42b5bdc-8af4-436a-ad61-b0587178d30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20205", "type": "seen", "source": "https://t.me/cibsecurity/68717", "content": "\u203c CVE-2023-20205 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T02:37:06.000000Z"}, {"uuid": "0249e8e6-8372-4d30-90f2-775c43214ae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20201", "type": "seen", "source": "https://t.me/cibsecurity/68708", "content": "\u203c CVE-2023-20201 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T02:36:57.000000Z"}, {"uuid": "28b75b09-8865-4b99-8c56-398096c11110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20203", "type": "seen", "source": "https://t.me/cibsecurity/68707", "content": "\u203c CVE-2023-20203 \u203c\n\nMultiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T02:36:56.000000Z"}, {"uuid": "24229a93-a51e-4078-b333-5dc60ad88500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1143", "content": "#exploit\n1. CVE-2023-27121:\nCredential Leak via XSS in Pleasant Password Manager\nhttps://www.mdsec.co.uk/2023/09/the-not-so-pleasant-password-manager\n]-> https://github.com/mdsecactivebreach/PleasantTools\n\n2. CVE-2023-38571:\nmacOS TCC bypass in Music and TV\nhttps://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV\n\n3. CVE-2023-20209:\nCisco Expressway Series/Cisco TelePresence Video Communication Server Command Injection\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-08-16T08:30:20.000000Z"}, {"uuid": "fb408718-0ff0-4036-80ef-5166fe55141f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9106", "content": "#exploit\n1. CVE-2023-27121:\nCredential Leak via XSS in Pleasant Password Manager\nhttps://www.mdsec.co.uk/2023/09/the-not-so-pleasant-password-manager\n]-> https://github.com/mdsecactivebreach/PleasantTools\n\n2. CVE-2023-38571:\nmacOS TCC bypass in Music and TV\nhttps://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV\n\n3. CVE-2023-20209:\nCisco Expressway Series/Cisco TelePresence Video Communication Server Command Injection\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2023-09-28T12:08:15.000000Z"}, {"uuid": "bbd12f48-ce76-4cdf-a564-a7100227b270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1150", "content": "https://github.com/0x41-Researcher/CVE-2023-20209\n#github", "creation_timestamp": "2024-08-16T08:30:20.000000Z"}]}