{"vulnerability": "CVE-2023-2289", "sightings": [{"uuid": "ad60c9fc-a5c7-4475-9790-c4eacf6e9706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "aa689494-e750-4222-9d73-4e56a3a4aed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "19a28a63-12dc-4399-9c5e-2f87f65c3f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "b97980d9-dca0-407d-a6a2-fac49ceae54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "20058faa-bc4f-4506-9319-1b13d6e6a29b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "030263a9-29be-4967-a283-166dddc80a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "145c171c-1268-4e2b-aadf-f35f750e1c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "921546ba-3d98-4752-9dc6-1b60dc19dff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "1bb5d996-a7e7-4328-900f-4f2f616f0ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "f08bd75e-b920-41e5-869c-c50ba24f1c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/strapi_cve_2023_22893", "content": "", "creation_timestamp": "2023-04-30T12:52:53.000000Z"}, {"uuid": "76e57f58-5da2-4af1-9fa9-becdb6e66980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "3a4cfb1d-4bbc-41d4-8129-0065fd1a2811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22891", "type": "seen", "source": "Telegram/9Wo9l0kBQEWMd92ug_DRkIKBZqxctkcMr4UuLNeDHOku2ymm", "content": "", "creation_timestamp": "2025-03-06T02:17:23.000000Z"}, {"uuid": "13317468-5ee6-4599-8dca-a05baa2413d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22899", "type": "seen", "source": "https://t.me/cKure/10797", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 CVE-2023-22899: Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.", "creation_timestamp": "2023-03-16T07:47:18.000000Z"}, {"uuid": "f4c244e3-395d-4d83-9c17-4aa684983122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22890", "type": "seen", "source": "Telegram/AKyNAmvHlnzu-eBakbue4CXgpea_9Zms5QqL9BboLA_y4hTf", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"}, {"uuid": "b340648c-568a-4726-b5e6-e302b2a73835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22890", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6551", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22890\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.\n\ud83d\udccf Published: 2023-03-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-05T15:02:15.282Z\n\ud83d\udd17 References:\n1. https://smartbear.com/security/cve/", "creation_timestamp": "2025-03-05T15:32:57.000000Z"}, {"uuid": "10714060-887d-4701-8dd9-48b3ba28cd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22891", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22891\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.\n\ud83d\udccf Published: 2023-03-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-05T20:25:01.778Z\n\ud83d\udd17 References:\n1. https://smartbear.com/security/cve/", "creation_timestamp": "2025-03-05T20:36:49.000000Z"}, {"uuid": "f495bc73-ed2b-469a-bf4a-8548f64f96d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22894", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/170", "content": "Multiple Critical Vulnerabilities in Strapi Versions <=4.7.1\n\n\ud83d\udc64 by GhostCcamm\n\nStrapi had multiple critical vulnerabilities that could be chained together to gain Unauthenticated Remote Code Execution. This is GhostCcamm's public disclosure of the vulnerabilities he found in Strapi, how they were patched and some nonsensical ramblings.\n\n\ud83d\udcdd Contents:\n\u25cf Overview \n\u25cf TL;DR\n\u25cf Disclaimers\n\u25cf CVE-2023-22893\n\u25cf CVE-2023-22621\n\u25cf CVE-2023-22894\n\u25cf Chaining CVE-2023-22621 and CVE-2023-22894 Together to Achieve Unauthenticated RCE \n\u25cf Indicators of Compromise \n\u25cf Conclusion \n\nhttps://www.ghostccamm.com/blog/multi_strapi_vulns/", "creation_timestamp": "2023-04-18T09:12:23.000000Z"}, {"uuid": "57725e8f-09c0-49a4-9eef-a8270085184f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/170", "content": "Multiple Critical Vulnerabilities in Strapi Versions <=4.7.1\n\n\ud83d\udc64 by GhostCcamm\n\nStrapi had multiple critical vulnerabilities that could be chained together to gain Unauthenticated Remote Code Execution. This is GhostCcamm's public disclosure of the vulnerabilities he found in Strapi, how they were patched and some nonsensical ramblings.\n\n\ud83d\udcdd Contents:\n\u25cf Overview \n\u25cf TL;DR\n\u25cf Disclaimers\n\u25cf CVE-2023-22893\n\u25cf CVE-2023-22621\n\u25cf CVE-2023-22894\n\u25cf Chaining CVE-2023-22621 and CVE-2023-22894 Together to Achieve Unauthenticated RCE \n\u25cf Indicators of Compromise \n\u25cf Conclusion \n\nhttps://www.ghostccamm.com/blog/multi_strapi_vulns/", "creation_timestamp": "2023-04-18T09:12:23.000000Z"}, {"uuid": "fedea581-d5ce-4a8e-b72f-a2d19e93ea8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "https://t.me/cibsecurity/62035", "content": "\u203c CVE-2023-22897 \u203c\n\nAn issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T02:29:31.000000Z"}, {"uuid": "98874859-866f-4fd6-9882-c3bb8982ce88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "seen", "source": "Telegram/GTYfPubox00zcCZt9TK4WryEwmDd4LOFDV_IGOSMuoCUERfj", "content": "", "creation_timestamp": "2025-02-14T10:00:27.000000Z"}, {"uuid": "8fc136ba-2ee2-4e37-b895-bc75e4ffe6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22894", "type": "seen", "source": "Telegram/pD-oLW4y0XW4yFER1BFQ6URql9YMKhYuONoBuEocaLRzSF5v", "content": "", "creation_timestamp": "2025-02-06T02:44:19.000000Z"}, {"uuid": "a2f562b2-7bd0-488e-8dde-3a10e9eda9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "seen", "source": "Telegram/rrCH1mJt5YZGRlrso3uiQLR58aMCTJ_UmeqXQXTzKgSb3ZZd", "content": "", "creation_timestamp": "2025-02-06T02:44:19.000000Z"}, {"uuid": "215046bd-fe48-403d-9864-c1412eae345b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/962", "content": "", "creation_timestamp": "2023-07-27T01:42:23.000000Z"}, {"uuid": "30146a97-e0f3-4c62-a36f-6706d4d4c4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22899", "type": "seen", "source": "https://t.me/cibsecurity/56219", "content": "\u203c CVE-2023-22899 \u203c\n\nZip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T07:28:21.000000Z"}, {"uuid": "59199954-858a-4c3f-9da7-c4bcb2c85c97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22890", "type": "seen", "source": "https://t.me/cibsecurity/59709", "content": "\u203c CVE-2023-22890 \u203c\n\nSmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T00:23:24.000000Z"}, {"uuid": "da1da3a0-a07d-4684-ac0d-3095a5352df6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22892", "type": "seen", "source": "https://t.me/cibsecurity/59706", "content": "\u203c CVE-2023-22892 \u203c\n\nThere exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T00:23:21.000000Z"}, {"uuid": "c758679e-0bae-4c08-823d-1fd386891edd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22891", "type": "seen", "source": "https://t.me/cibsecurity/59700", "content": "\u203c CVE-2023-22891 \u203c\n\nThere exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T00:23:14.000000Z"}, {"uuid": "35910d13-2af2-4421-8d05-2ce57d8eb421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22898", "type": "seen", "source": "https://t.me/cibsecurity/56218", "content": "\u203c CVE-2023-22898 \u203c\n\nworkers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T08:27:18.000000Z"}, {"uuid": "0a56b43b-b051-4ace-b182-510a5db20f3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22895", "type": "seen", "source": "https://t.me/cibsecurity/56215", "content": "\u203c CVE-2023-22895 \u203c\n\nThe bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T07:28:15.000000Z"}, {"uuid": "89899f16-09a6-4101-a150-3162452a670f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22897", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8116", "content": "#exploit\n1. CVE-2023-22620:\nBypassing SecurePoint UTM\u2019s Authentication\nhttps://www.rcesecurity.com/2023/04/securepwn-part-1-bypassing-securepoint-utms-authentication-cve-2023-22620\n\n2. CVE-2023-22897:\nSecurePoint UTM Firewall - Leaking Remote Memory Contents\nhttps://www.rcesecurity.com/2023/04/securepwn-part-2-leaking-remote-memory-contents-cve-2023-22897", "creation_timestamp": "2023-04-14T13:24:16.000000Z"}, {"uuid": "e02f4128-905b-4f26-a630-b5cd46964534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22894", "type": "published-proof-of-concept", "source": "Telegram/BDIuQxJm2Cl1hcH3rBtjVuiBaQPlmqaGA0Zegr2NgVBdQWM", "content": "", "creation_timestamp": "2023-04-18T17:16:58.000000Z"}, {"uuid": "ce96b091-7949-417e-bc06-983db5a76aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22893", "type": "published-proof-of-concept", "source": "Telegram/BDIuQxJm2Cl1hcH3rBtjVuiBaQPlmqaGA0Zegr2NgVBdQWM", "content": "", "creation_timestamp": "2023-04-18T17:16:58.000000Z"}]}