{"vulnerability": "CVE-2023-20209", "sightings": [{"uuid": "ec321a79-1790-4086-8cb5-aaca47128b0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/101", "content": "#cisco\nCisco Expressway \nCVE-2023-20209  (Auth) \n\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-03-12T15:00:58.000000Z"}, {"uuid": "5ab4a673-5ed8-44d4-b335-035f92f4c484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/105", "content": "Cisco Expressway\npost auth RCE\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-03-12T15:00:44.000000Z"}, {"uuid": "470cbee1-8b39-452a-871b-affd4895c0b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22826", "content": "https://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "09abc327-a9d2-4884-a3c8-c74fabc48466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "Telegram/XU1hmUSewexQ72aTh-3y6Y0lBjmdi-Ky-u-uAAAyQvmUZWU", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "6e387305-f6d1-4e1d-a63c-b5b49d112855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "Telegram/cJE2f1Ylibso8WfxExY7XnGGn9loSwHSSInb5Uh2BQYHEQ", "content": "", "creation_timestamp": "2023-09-28T05:04:24.000000Z"}, {"uuid": "66a0e520-a850-4ed0-ab7c-776ff57b4048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1388", "content": "CVE-2023-20209: Cisco RCE (Auth) \n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\n#git #redteam #pentest #exploit", "creation_timestamp": "2023-09-28T22:51:26.000000Z"}, {"uuid": "bbe310cd-c5b3-4bc0-ba9a-aad8e4865c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3147", "content": "https://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2023-09-29T12:56:46.000000Z"}, {"uuid": "2d7afcd4-31be-46aa-9b52-c0b14fec4802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/proxy_bar/1737", "content": "CVE-2023-20209\nCisco Expressway\nexploit\n\n#cisco", "creation_timestamp": "2023-09-27T20:08:31.000000Z"}, {"uuid": "8500e2e8-3a30-4dd4-8f5b-f5e773a8fbff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3213", "content": "Hackers Factory \n\nInstagram-py performs slick brute force attack on Instagram without any type of password limiting\n\nand also resumes your attack in ease.\n\n\u2014DeathSec\n\nhttps://github.com/deathsec/instagram-py\n\nAn open-source self-hosted purple team management web application.\n\nhttps://github.com/CyberCX-STA/PurpleOps?mibextid=Zxz2cZ\n\nJust some lists of Malware Configs\n\nhttps://github.com/Gi7w0rm/MalwareConfigLists\n\na unique vocabulary that is 90% generated with OpenAI ChatGPT.\n\nhttps://github.com/reewardius/bbFuzzing.txt\n\nCVE-2023-20209\n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\nOfficial repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts\n\nhttps://github.com/sherdencooper/GPTFuzz\n\nAttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details\n\nhttps://github.com/mrwadams/attackgen\n\nA Proof-Of-Concept for the CVE-2023-43770 vulnerability.\n\nhttps://github.com/s3cb0y/CVE-2023-43770-POC\n\nreverse shell using curl\n\nhttps://github.com/irsl/curlshell\n\nCVE-2023-42820\n\nhttps://github.com/h4m5t/CVE-2023-42820\n\nGoCrack is a management frontend for password cracking tools written in Go\n\nhttps://github.com/mandiant/gocrack\n\nAsk a TGS on behalf of another user without password\n\nhttps://github.com/foxlox/GIUDA\n\nCVE-2023-42442\n\nhttps://github.com/HolyGu/CVE-2023-42442\n\nBypass the Event Trace Windows(ETW) and unhook ntdll.\n\nhttps://github.com/unkvolism/Fuck-Etw\n\nMicrosoft SharePoint Server Elevation of Privilege Vulnerability\n\nhttps://github.com/Chocapikk/CVE-2023-29357\n\nDorks-collections-list/onion.txt at main \u00b7 cipher387/Dorks-collections-list\n\nhttps://github.com/cipher387/Dorks-collections-list/blob/main/onion.txt\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-10T20:32:25.000000Z"}, {"uuid": "7b64508f-17ab-4a4b-a623-bcb9b0cf2dbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/crackcodes/4390", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-09-28T18:37:41.000000Z"}, {"uuid": "d379fdf3-4d18-47ee-9047-6c56bca6eb96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/crackcodes/4382", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-10-10T07:12:43.000000Z"}, {"uuid": "f3e5f18c-2d4e-4e67-bf09-8fef5f36acbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/21210", "content": "CVE-2023-20209\n\nCisco expressway series/cisco telepresence video communication server command injection.\n\nhttps://github.com/0x41-Researcher/CVE-2023-20209\n\n#cve #cybersecurity #infosec", "creation_timestamp": "2023-09-29T21:53:43.000000Z"}, {"uuid": "fb408718-0ff0-4036-80ef-5166fe55141f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9106", "content": "#exploit\n1. CVE-2023-27121:\nCredential Leak via XSS in Pleasant Password Manager\nhttps://www.mdsec.co.uk/2023/09/the-not-so-pleasant-password-manager\n]-> https://github.com/mdsecactivebreach/PleasantTools\n\n2. CVE-2023-38571:\nmacOS TCC bypass in Music and TV\nhttps://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV\n\n3. CVE-2023-20209:\nCisco Expressway Series/Cisco TelePresence Video Communication Server Command Injection\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2023-09-28T12:08:15.000000Z"}, {"uuid": "66b0cd49-7fa9-4134-98b1-aaae1feb042a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "seen", "source": "https://t.me/cibsecurity/68688", "content": "\u203c CVE-2023-20209 \u203c\n\nA vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T00:36:41.000000Z"}, {"uuid": "24229a93-a51e-4078-b333-5dc60ad88500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1143", "content": "#exploit\n1. CVE-2023-27121:\nCredential Leak via XSS in Pleasant Password Manager\nhttps://www.mdsec.co.uk/2023/09/the-not-so-pleasant-password-manager\n]-> https://github.com/mdsecactivebreach/PleasantTools\n\n2. CVE-2023-38571:\nmacOS TCC bypass in Music and TV\nhttps://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV\n\n3. CVE-2023-20209:\nCisco Expressway Series/Cisco TelePresence Video Communication Server Command Injection\nhttps://github.com/0x41-Researcher/CVE-2023-20209", "creation_timestamp": "2024-08-16T08:30:20.000000Z"}, {"uuid": "bbd12f48-ce76-4cdf-a564-a7100227b270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20209", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1150", "content": "https://github.com/0x41-Researcher/CVE-2023-20209\n#github", "creation_timestamp": "2024-08-16T08:30:20.000000Z"}]}