{"vulnerability": "CVE-2023-2528", "sightings": [{"uuid": "2b5d3dfa-096a-4285-9f86-4fd3c5d4cdf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-09-30T18:10:03.000000Z"}, {"uuid": "5b9fb88b-6867-47bb-a31d-aab4230e39d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}, {"uuid": "b8997ea4-2e70-4155-8f37-35b35db09c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lroeg4e6uq2k", "content": "", "creation_timestamp": "2025-06-15T21:02:20.659679Z"}, {"uuid": "67b09507-30ba-4d28-ba6f-fcc75b545b0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "MISP/a41d8549-5384-5e1a-8c33-bf88e35b5a0a", "content": "", "creation_timestamp": "2025-10-14T10:31:51.000000Z"}, {"uuid": "2225d686-d72b-45b1-b1d0-86b3ffebd003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:00.000000Z"}, {"uuid": "bf64087e-16f7-4e2d-9461-518fa008e5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-25280", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2aba82e2-366e-4e45-9995-9dc94575a78b", "content": "", "creation_timestamp": "2026-02-02T12:26:27.764224Z"}, {"uuid": "80ce79cc-6686-4767-baf7-76e40df9a6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2528", "type": "seen", "source": "https://t.me/cibsecurity/64286", "content": "\u203c CVE-2023-2528 \u203c\n\nThe Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T07:30:57.000000Z"}, {"uuid": "cbf56014-15fd-41d1-834d-1819fcecbc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25280", "type": "seen", "source": "https://t.me/cibsecurity/60112", "content": "\u203c CVE-2023-25280 \u203c\n\nOS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T06:30:37.000000Z"}, {"uuid": "5a041bd9-09ab-4756-b9fb-6d37bef38466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25281", "type": "seen", "source": "https://t.me/cibsecurity/60105", "content": "\u203c CVE-2023-25281 \u203c\n\nA stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T06:30:27.000000Z"}, {"uuid": "b4579d94-9d9f-45e1-b614-4ef657e3dcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25282", "type": "seen", "source": "https://t.me/cibsecurity/60076", "content": "\u203c CVE-2023-25282 \u203c\n\nA heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-15T21:30:00.000000Z"}, {"uuid": "155fa3e6-a43e-4b4f-970d-3c7fdbcae0cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25283", "type": "seen", "source": "https://t.me/cibsecurity/59884", "content": "\u203c CVE-2023-25283 \u203c\n\nA stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T15:53:18.000000Z"}]}