{"vulnerability": "CVE-2023-2588", "sightings": [{"uuid": "c4023ca9-e6c0-4499-9a3d-5d376b5a6429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25889", "type": "seen", "source": "https://t.me/cibsecurity/60946", "content": "\u203c CVE-2023-25889 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:40:13.000000Z"}, {"uuid": "5237a282-99c0-4a8e-8987-c041d5880d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2588", "type": "seen", "source": "https://t.me/cibsecurity/64553", "content": "\u203c CVE-2023-2588 \u203c\n\nTeltonika\u00e2\u20ac\u2122s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices\u00e2\u20ac\u2122 local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System cloud subdomain. This URL could be shared with others without Remote Management System authentication . An attacker could exploit this vulnerability to create a malicious webpage that uses a trusted and certified domain. An attacker could initiate a reverse shell when a victim connects to the malicious webpage, achieving remote code execution on the victim device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:25:48.000000Z"}, {"uuid": "2e7f5343-47e5-42ba-ab45-cefdfa8f23b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25885", "type": "seen", "source": "https://t.me/cibsecurity/60963", "content": "\u203c CVE-2023-25885 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:46:09.000000Z"}, {"uuid": "32a5918c-85fe-4c83-b1ee-f174da3a698f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25883", "type": "seen", "source": "https://t.me/cibsecurity/60937", "content": "\u203c CVE-2023-25883 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-08T12:09:29.000000Z"}, {"uuid": "bd6c2da1-07dc-413d-8f40-c0d76016fc3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25888", "type": "seen", "source": "https://t.me/cibsecurity/60934", "content": "\u203c CVE-2023-25888 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:39:53.000000Z"}, {"uuid": "746c41a5-f301-4a02-af38-68665f334e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25880", "type": "seen", "source": "https://t.me/cibsecurity/60931", "content": "\u203c CVE-2023-25880 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:39:51.000000Z"}, {"uuid": "4b6ccde6-7cb6-40d4-912f-6f701791f65e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25881", "type": "seen", "source": "https://t.me/cibsecurity/60945", "content": "\u203c CVE-2023-25881 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:40:12.000000Z"}]}