{"vulnerability": "CVE-2023-2359", "sightings": [{"uuid": "da7727cc-ebc8-4b45-81d3-837a8832dce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2359", "type": "seen", "source": "MISP/2bb5c40c-5583-4a30-bc62-81e5a7af21a7", "content": "", "creation_timestamp": "2025-03-19T15:49:02.000000Z"}, {"uuid": "77e1e6f3-aaea-4944-bdcb-4753ae731a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23592", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8520", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23592\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information.\n\ud83d\udccf Published: 2023-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:03:51.959Z\n\ud83d\udd17 References:\n1. https://wallix.com\n2. https://www.wallix.com/support/alerts/", "creation_timestamp": "2025-03-24T19:23:34.000000Z"}, {"uuid": "caac0b95-b322-48e4-9476-3c1b6857e690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23591", "type": "seen", "source": "Telegram/bssDLnaGlucYqk_Zw3xf-ThEYSiclm4V2FAYIlM232YwVh9a", "content": "", "creation_timestamp": "2025-02-14T10:00:27.000000Z"}, {"uuid": "ec9314f2-d666-4c1a-b2eb-71bf7face688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23590", "type": "seen", "source": "https://t.me/arpsyndicate/1647", "content": "#ExploitObserverAlert\n\nCVE-2023-23590\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-23590. Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.\n\nFIRST-EPSS: 0.000770000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T15:43:38.000000Z"}, {"uuid": "804563a7-2f9b-4f81-8d0d-f99e56d9305c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23599", "type": "seen", "source": "https://t.me/cibsecurity/64903", "content": "\u203c CVE-2023-23599 \u203c\n\nWhen copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:36:39.000000Z"}, {"uuid": "c337b651-7dc0-46bc-9082-c00fc2c18643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23598", "type": "seen", "source": "https://t.me/cibsecurity/64907", "content": "\u203c CVE-2023-23598 \u203c\n\nDue to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:36:48.000000Z"}, {"uuid": "6a755b09-77e3-4fd7-9ff2-a7140ef7959a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23590", "type": "seen", "source": "https://t.me/cibsecurity/56513", "content": "\u203c CVE-2023-23590 \u203c\n\nMercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-15T07:12:41.000000Z"}, {"uuid": "52028bc9-2480-46d5-9abc-48ef86dbb209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23597", "type": "seen", "source": "https://t.me/cibsecurity/64933", "content": "\u203c CVE-2023-23597 \u203c\n\nA compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:42:26.000000Z"}, {"uuid": "40dd183e-af77-4195-ae01-b7c84b0dd273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23594", "type": "seen", "source": "https://t.me/cibsecurity/61278", "content": "\u203c CVE-2023-23594 \u203c\n\nAn authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T22:22:30.000000Z"}, {"uuid": "37705a1e-e601-44f0-893a-d79f35644ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23592", "type": "seen", "source": "https://t.me/cibsecurity/57893", "content": "\u203c CVE-2023-23592 \u203c\n\nWALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-10T16:57:36.000000Z"}, {"uuid": "4d7fa049-7769-4c00-8106-8b063733fcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23596", "type": "seen", "source": "https://t.me/cibsecurity/56747", "content": "\u203c CVE-2023-23596 \u203c\n\njc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T12:27:21.000000Z"}]}