{"vulnerability": "CVE-2023-28770", "sightings": [{"uuid": "0e861d60-d375-4b25-a6c4-a281f3baa926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-03)", "content": "", "creation_timestamp": "2025-01-03T00:00:00.000000Z"}, {"uuid": "5fc30f71-d4fb-4b49-b3d8-9b9be3a02a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-06)", "content": "", "creation_timestamp": "2025-01-06T00:00:00.000000Z"}, {"uuid": "fd20a7fc-7eda-48c1-933b-0f68eaa4fb0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "c419cfcc-685f-4172-b09d-c518b8c93ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "42db49cd-7c87-451f-afb0-ef13e7a1ec08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "aa4ceda3-5329-4114-b22d-b76b27925b32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "ef354a5e-561e-4a4d-8941-fd6618793170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zyxel_lfi_unauth_ssh_rce.rb", "content": "", "creation_timestamp": "2023-05-10T10:06:35.000000Z"}, {"uuid": "13cb290d-7276-4d60-af8f-ff66a74dfe7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:53.000000Z"}, {"uuid": "2ee1fe9f-4a1a-4862-b1b4-d00005cbe3d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "3d7cc3e9-8d5c-41f0-8ced-17eaf1ac11f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8278", "content": "#exploit\n1. CVE-2023-1667 / CVE-2023-2283:\nDoS/Authentication bypass in libssh\nhttps://securitylab.github.com/advisories/GHSL-2023-032_GHSL-2023-042_libssh\nhttps://securitylab.github.com/advisories/GHSL-2023-085_libssh\n\n2. CVE-2023-28770:\nZyxel (Routers/CPE Devices) Chained RCE\nhttps://packetstormsecurity.com/files/172277/Zyxel-Chained-Remote-Code-Execution.html\n\n3. CVE-2023-25394:\nVideoStream LPE\nhttps://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE", "creation_timestamp": "2023-05-11T18:05:50.000000Z"}, {"uuid": "2c6740e3-06a1-48ca-ab69-2f05452e470b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28770", "type": "seen", "source": "https://t.me/cibsecurity/62965", "content": "\u203c CVE-2023-28770 \u203c\n\nThe sensitive information exposure vulnerability in the CGI \u00e2\u20ac\u0153Export_Log\u00e2\u20ac\ufffd and the binary \u00e2\u20ac\u0153zcmd\u00e2\u20ac\ufffd in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T12:39:20.000000Z"}]}