{"vulnerability": "CVE-2023-22960", "sightings": [{"uuid": "5de3c55a-9ec4-47f7-b7a9-2dd6d3a64422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "Telegram/WRihU9RVQ76Mwzb3k9ebrptTCuR-6XuT4FJT5yU7VgBW5WI", "content": "", "creation_timestamp": "2023-01-27T07:20:44.000000Z"}, {"uuid": "364e205e-1d01-48d2-af99-abbc4d0a10f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/22", "content": "https://github.com/t3l3machus/CVE-2023-22960", "creation_timestamp": "2023-01-30T16:18:49.000000Z"}, {"uuid": "9a15866f-8e97-4e26-877b-7017438f4b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2421", "content": "#exploit\n1. CVE-2022-37987:\nA New Vector for Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation\nhttps://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation\n\n2. A NETGEAR WAN Command Injection\nhttps://research.nccgroup.com/2022/12/22/puckungfu-a-netgear-wan-command-injection\n\n3. Bypassing the Embedded Web Server's credential brute force prevention mechanism (PoC for CVE-2023-22960)\nhttps://github.com/t3l3machus/CVE-2023-22960\n// &gt;60 Lexmark printer models", "creation_timestamp": "2023-01-25T07:46:03.000000Z"}, {"uuid": "adc04724-3f1b-4185-b2f6-f0248e86f3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1326", "content": "\u0424\u0443, \u0431\u043b\u0438\u043d, \u041d\u043e POC \u0435\u0441\u0442\u044c POC \nCVE-2023-22960\n\u041e\u0431\u043e\u0434 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 (\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430) \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 60 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u043e\u0432 Lexmark.\n*\n\u0424\u043e\u0440 \u0414\u0430\u0443\u043d\u043b\u043e\u0430\u0434\u0435 \u0437\u044b\u0441\u0438\u0441 \u0449\u0438\u0442, \u0444\u043e\u043b\u043e\u0443 \u0442\u0443 \u0437\u044d \u043b\u0438\u043d\u043a, \u043c\u0430\u0439 \u0444\u0440\u0435\u043d\u0434", "creation_timestamp": "2023-01-24T15:02:07.000000Z"}, {"uuid": "e572f6d7-4aab-4f38-b594-cc8c468440e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "Telegram/kbBxloNzpExadTPrFgewuk9BFlRZq8_ZOyx3lu2weiIMTVM", "content": "", "creation_timestamp": "2023-02-09T11:33:05.000000Z"}, {"uuid": "e2bb79af-5df2-4905-addf-44406ed5ad29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7619", "content": "#exploit\n1. CVE-2022-37987:\nA New Vector for Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation\nhttps://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation\n\n2. A NETGEAR WAN Command Injection\nhttps://research.nccgroup.com/2022/12/22/puckungfu-a-netgear-wan-command-injection\n\n3. Bypassing the Embedded Web Server's credential brute force prevention mechanism (PoC for CVE-2023-22960)\nhttps://github.com/t3l3machus/CVE-2023-22960\n// &gt;60 Lexmark printer models", "creation_timestamp": "2023-01-25T11:03:01.000000Z"}, {"uuid": "77eca19c-055d-4d20-ad69-2ee05c0613d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22960", "type": "seen", "source": "https://t.me/cibsecurity/56877", "content": "\u203c CVE-2023-22960 \u203c\n\nLexmark products through 2023-01-10 have Improper Control of Interaction Frequency.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T00:25:16.000000Z"}]}