{"vulnerability": "CVE-2023-27163", "sightings": [{"uuid": "b013115e-8bb1-4f80-9c8a-e45bf076d760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwze4vr6qf2v", "content": "", "creation_timestamp": "2025-08-22T21:02:32.964578Z"}, {"uuid": "ad20d38c-1a75-496b-bafd-f62cf080401f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "seen", "source": "https://gist.github.com/rudSarkar/8973cd217989cd43e900451d794f64fd", "content": "", "creation_timestamp": "2025-08-29T14:34:51.000000Z"}, {"uuid": "ae4710f4-91bd-42d8-aa88-97aa30256ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4767", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aTo assist in enumerating the webserver behind the webserver SSRF CVE-2023-27163\nURL\uff1ahttps://github.com/seanrdev/cve-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-19T07:24:26.000000Z"}, {"uuid": "53c904fd-f9ee-4c0f-8ec1-48e729572a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4810", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoc of SSRF for Request-Baskets (CVE-2023-27163)\nURL\uff1ahttps://github.com/ThickCoco/CVE-2023-27163-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-26T11:15:23.000000Z"}, {"uuid": "5eeed5b8-3293-463c-8de2-01ff32666846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4770", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-27163\nURL\uff1ahttps://github.com/overgrowncarrot1/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-20T00:25:05.000000Z"}, {"uuid": "b12d1670-8e1e-43ed-8aab-80f8338122a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4914", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-27163  Request-Baskets v1.2.1 - Server-side request forgery (SSRF)\nURL\uff1ahttps://github.com/0xFTW/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-13T12:14:17.000000Z"}, {"uuid": "cd42e46e-6c2b-47a4-a185-4b2ae8cc4839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4913", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGolang PoC for CVE-2023-27163 Mailtrail Exploit\nURL\uff1ahttps://github.com/thomas-osgood/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-13T04:27:54.000000Z"}, {"uuid": "60ea2acf-49f0-43b5-91b9-d1fcd20a6a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5177", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPython implementation of CVE-2023-27163\nURL\uff1ahttps://github.com/Hamibubu/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-21T03:00:57.000000Z"}, {"uuid": "856220ea-b94a-47e7-b20a-452794a03f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/29038", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aSSRF CVE-2023-27163 + maltrail vuln RCE\nURL\uff1ahttps://github.com/G4sp4rCS/htb-sau-automated\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-02T12:40:45.000000Z"}, {"uuid": "244da4d8-a66b-430c-8ca2-9350e5528043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/32512", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aUnauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder &lt;= 1.9.6. Executes arbitrary code remotely.\nURL\uff1ahttps://github.com/lukehebe/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-17T17:20:05.000000Z"}, {"uuid": "3501f41c-db74-41df-8ca6-71f3f73e1c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4811", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC CVE-2023-27163, SSRF, request-baskets hasta v1.2.1\nURL\uff1ahttps://github.com/davuXVI/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-26T15:45:20.000000Z"}, {"uuid": "33221dcc-12e5-4bbd-ac94-921cda56b1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6245", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1athis is a script that exploits the CVE-2023-27163 vulnerability which is request-basket SSRF\nURL\uff1ahttps://github.com/KharimMchatta/basketcraft\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-20T06:33:20.000000Z"}, {"uuid": "7f9720f5-49c0-4ba7-9ef2-f4f0405a8989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/K3hUGPupZNXNHC7PAa8Zg7tP0paYLzZhTuwIsCOfHpBua0Y", "content": "", "creation_timestamp": "2025-06-08T09:00:05.000000Z"}, {"uuid": "967c7aa8-8c6d-4fd2-a3ca-cd75e11f2c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/rj2ObYAKKGRmZTk9PYQyTU6MfpOJvGLJV8P7iFc-4Y7ni0w", "content": "", "creation_timestamp": "2025-06-03T21:00:05.000000Z"}, {"uuid": "243f89d8-b52f-47e4-be9c-9e4f8228ca8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/685", "content": "\ud83d\udccc\ud83d\udccdCraxs Rat v5.1 + Loader : https://system32.ink/craxs-rat-v5.1-loader/\n\n\ud83d\udd30\u26a1US Military Contractor And Puerto Rican Reserve Files Leak : https://system32.ink/us-military-contractor-and-puerto-rican-reserve-files-leak/\n\n\ud83d\udc7e\ud83d\udca9Islamic Reminder Data Leak : https://system32.ink/islamic-reminder-data-leak/\n\n\u2623\ufe0f\ud83c\udf2a\ufe0fBangladeshi Police Files Leak : https://system32.ink/bangladeshi-police-files-leak/\n\n\ud83d\udcdf\ud83e\uddeeTBBRAT \u2013 Power Full BotNet\u00a0 : https://system32.ink/tbbrat-power-full-botnet/\n\n\n\ud83d\udc7e\u26a1Virus Maker Pack (Simp) : https://system32.ink/virus-maker-pack-simp/\n\n\n\ud83d\udcdfCVE-2023-27163 Mailtrail Exploit\u00a0 : https://system32.ink/cve-2023-27163-mailtrail-exploit/", "creation_timestamp": "2023-09-30T20:01:41.000000Z"}, {"uuid": "b5ebc3e5-45a5-4ad1-84f9-f2b1183d29cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/TWpQ0c_C6YvvOFPQCx9RaG8kEfWk1VJPeSRhUGPNV2cSPY0", "content": "", "creation_timestamp": "2025-04-02T23:00:06.000000Z"}, {"uuid": "74a02ce2-e8ca-40c2-9a7b-0de9e9f6bea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/Q-FUU-lAutYI3jEoV8acSdppz6zQVwroodkszDoVVVD_xOQ", "content": "", "creation_timestamp": "2025-04-17T23:00:05.000000Z"}, {"uuid": "713586c5-9a25-4bea-a1f8-2202d1467609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/FCOppEE1snfxNKfXaD44vpAG7SdClp-dBtkWgvlb7BE7MQ", "content": "", "creation_timestamp": "2023-09-01T04:40:00.000000Z"}, {"uuid": "9263695c-070a-4584-8c9b-38bb1b172ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/wAedV2UzHCXkR1qPZU7YW_pbw0fFx7WMa1tMKw1kv-vHsA", "content": "", "creation_timestamp": "2023-10-17T18:10:51.000000Z"}, {"uuid": "60e3bf88-fd1e-49cf-8c4c-c89810365db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3124", "content": "AnoMark\n\nThis algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines  datasets considered clean. Once done it can detect malicious command lines on other datasets.\n\nhttps://github.com/ANSSI-FR/AnoMark\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32117\n\nIntegrate Google Drive &lt;= 1.1.99 - Missing Authorization via REST API Endpoints.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-32117\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bGeoPincer\n\nA script that leverages OpenStreetMap's Overpass API in order to search for locations. These locations will be queried using a collection of establishments that are somewhat adjacent.\n\nhttps://github.com/tloja/GeoPincer\n\n#OSINT #cybersecurity #infosec\n\n\u200b\u200bAwesome Industrial Protocols\n\nCompilation of industrial network protocols resources focusing on offensive security.\n\n\u2022 You are currently viewing the Awesome Industrial Protocols page.\n\u2022 etailed pages for protocols are available in protocols.\n\u2022 All data is stored in MongoDB databases in db.\n\u2022 Turn/IP (in srcs) is a handy tool to manipulate this data, generate the awesome list and protocol pages, and simplify the research and test process on industrial protocols\n\nhttps://github.com/Orange-Cyberdefense/awesome-industrial-protocols\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36884-Checker\n\nScript to check for CVE-2023-36884 hardening.\n\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAlcatraz\n\nA x64 binary obfuscator that is able to obfuscate various different pe files including:\n\n\u2022 .exe\n\u2022 .dll\n\u2022 .sys\n\nhttps://github.com/weak1337/Alcatraz\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCobalt Strike BOFs\n\nBeacon object files I made to use with #CobaltStrike.\n\nhttps://github.com/Und3rf10w/CobaltStrikeBOFs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bWindows 11 Exploits\n\nCVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, CVE-2022-30190.\n\nhttps://github.com/nu11secur1ty/Windows11Exploits\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bADHunt v2.0\n\nA tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.\n\nhttps://github.com/Auto19/ADHunt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bIAMActionHunter\n\nIAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.\n\nhttps://github.com/RhinoSecurityLabs/IAMActionHunter\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bSysPlant\n\nA small implementation in NIM of the currently known syscall hooking methods.\n\nhttps://github.com/x42en/sysplant\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUnshackle\n\nOpen-source tool to bypass windows and linux passwords from bootable usb.\n\nhttps://github.com/Fadi002/unshackle\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCASR\n\nCollect crash reports, triage, and estimate severity.\n\nhttps://github.com/ispras/casr\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27163\n\nTo assist in enumerating the webserver behind the webserver SSRF.\n\nhttps://github.com/seanrdev/cve-2023-27163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCS2BR BOF\n\nYou would like to execute BOFs written for #CobaltStrike in #BruteRatel C4? Look no further, we got you covered! CS2BR implements a compatibility-layer that make CS BOFs use the BRC4 API. This allows you to use the vast landscape that is BOFs in BRC4.\n\nhttps://github.com/NVISOsecurity/cs2br-bof\n\nDetails:\nhttps://blog.nviso.eu/2023/07/17/introducing-cs2br-pt-ii-one-tool-to-port-them-all/\n \n#infosec #pentesting #redteam\n\n\u200b\u200bhypobrychium\n\nAV/EDR completely ignore me. Duplicate the token of a running process and run a command.\n\nhttps://github.com/foxlox/hypobrychium\n\n#cve #infosec\n\n2/3", "creation_timestamp": "2023-07-22T17:37:23.000000Z"}, {"uuid": "04539747-8358-4c25-af3c-8b61b5ca7161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "Telegram/8UwH0gDtqEi-bChRwg5QWL2v4MHMQdUYS8yIwThlQqmGNw", "content": "", "creation_timestamp": "2023-08-14T03:56:54.000000Z"}, {"uuid": "cdbc48e1-e1e4-44a1-a5b5-99d9845b3823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/845", "content": "CVE-2023-27163 : Request-baskets SSRF\nhttps://github.com/seanrdev/cve-2023-27163", "creation_timestamp": "2023-08-21T07:42:24.000000Z"}, {"uuid": "bfaf5fcb-3593-47e0-aed6-c8a70334d888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4199", "content": "\ud83d\udccc\ud83d\udccdCraxs Rat v5.1 + Loader : https://system32.ink/craxs-rat-v5.1-loader/\n\n\ud83d\udd30\u26a1US Military Contractor And Puerto Rican Reserve Files Leak : https://system32.ink/us-military-contractor-and-puerto-rican-reserve-files-leak/\n\n\ud83d\udc7e\ud83d\udca9Islamic Reminder Data Leak : https://system32.ink/islamic-reminder-data-leak/\n\n\u2623\ufe0f\ud83c\udf2a\ufe0fBangladeshi Police Files Leak : https://system32.ink/bangladeshi-police-files-leak/\n\n\ud83d\udcdf\ud83e\uddeeTBBRAT \u2013 Power Full BotNet  : https://system32.ink/tbbrat-power-full-botnet/\n\n\n\ud83d\udc7e\u26a1Virus Maker Pack (Simp) : https://system32.ink/virus-maker-pack-simp/\n\n\n\ud83d\udcdfCVE-2023-27163 Mailtrail Exploit  : https://system32.ink/cve-2023-27163-mailtrail-exploit/", "creation_timestamp": "2023-08-27T10:58:47.000000Z"}, {"uuid": "80147be7-4848-4ba1-be18-67f3f6ee1842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4030", "content": "\ud83d\udcccSt Landry Parish School Board Data Leak : https://system32.ink/st-landry-parish-school-board-data-leak/\n\n\ud83d\udcdfCVE-2023-27163 Mailtrail Exploit  : https://system32.ink/cve-2023-27163-mailtrail-exploit/\n\n\ud83d\udc7eSentinelOne Agent : https://system32.ink/sentinelone-agent-free-download/", "creation_timestamp": "2023-08-14T03:55:59.000000Z"}, {"uuid": "4a005074-76cd-4f8f-b78a-07febc6d4793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4237", "content": "\ud83e\ude85ReadyAPI v3.47.0 Crack : Download\n\n\ud83d\udccdCVE-2021-21972 Vcenter Exploitation Toolkit : Download\n\n\ud83e\uddeeLanSweeper Licensed : Download\n\n\ud83d\udda8Postel \u2013 S.P.A Data Leak : Download\n\n\ud83e\udeacEternalHush Advance C2 Framework : Download\n\n\ud83d\udcefTomsk State University\u2019s Main System Source Code : Download\n\n\ud83d\udc7eCapital Television Belarus Data Leak : Download\n\n\ud83d\udd78CVE-2023-27163-InternalProber : Download", "creation_timestamp": "2023-09-01T04:39:19.000000Z"}, {"uuid": "ecab883d-5bc8-4c79-84df-5f6e1013d162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "seen", "source": "https://t.me/cibsecurity/61287", "content": "\u203c CVE-2023-27163 \u203c\n\nrequest-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-01T00:22:25.000000Z"}, {"uuid": "7ed9f86c-41bd-4953-94ef-185dd2ad3957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8703", "content": "#exploit\n1. CVE-2023-38408:\nRCE in OpenSSH's forwarded ssh-agent\nhttps://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt\n\n2. CVE-2023-27163:\nRequest-baskets SSRF\nhttps://github.com/seanrdev/cve-2023-27163\n\n3. CVE-2023-3696:\nMongoose Prototype Pollution Vulnerability\nhttps://huntr.dev/bounties/1eef5a72-f6ab-4f61-b31d-fc66f5b4b467", "creation_timestamp": "2023-07-20T11:00:35.000000Z"}, {"uuid": "cff6728d-e1d4-48ba-bc64-0a88b7461ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27163", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8933", "content": "#tools\n#Offensive_security\n1. CVE-2023-27163 InternalProber - tool to perform port scanning using vulnerable Request-Baskets\nhttps://github.com/samh4cks/CVE-2023-27163-InternalProber\n2. PowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts/commands without spawning powershell.exe\nhttps://github.com/Mr-Un1k0d3r/PowerLessShell", "creation_timestamp": "2023-08-29T15:26:26.000000Z"}]}