{"vulnerability": "CVE-2023-2915", "sightings": [{"uuid": "19adc590-230f-422b-85f0-4af01eb45daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29152", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/237", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29152\n\ud83d\udd39 Description: \n\nBy changing the filename parameter in the request, an attacker could \ndelete any file with the permissions of the Vuforia server account.\n\n\n\ud83d\udccf Published: 2023-06-07T21:46:20.797Z\n\ud83d\udccf Modified: 2025-01-06T21:22:20.741Z\n\ud83d\udd17 References:\n1. https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13", "creation_timestamp": "2025-01-06T21:36:13.000000Z"}, {"uuid": "fcd19771-323b-4568-ae05-cf8a9f20e599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2915", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "f20cce68-bde5-4b69-85b7-d9840d5e78c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2915", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/thinmanager_traversal_delete.rb", "content": "", "creation_timestamp": "2025-06-05T15:18:07.000000Z"}, {"uuid": "a6de7081-97f9-4f18-95fd-a85d689b62d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29152", "type": "seen", "source": "https://t.me/cibsecurity/65058", "content": "\u203c CVE-2023-29152 \u203c\n\nBy changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia server account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-08T03:19:24.000000Z"}, {"uuid": "2c707620-0e57-4df4-9e50-cc304a4a701c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29155", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18076", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29155\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the \"root\" account on the host system of the device. This could allow an attacker to obtain admin-level access to the host system.\n\ud83d\udccf Published: 2023-11-20T16:28:20.585Z\n\ud83d\udccf Modified: 2025-06-11T14:06:31.953Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-02", "creation_timestamp": "2025-06-11T14:31:28.000000Z"}, {"uuid": "85eb7463-9d76-482a-82c4-08d51025529b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2915", "type": "seen", "source": "https://t.me/cibsecurity/68769", "content": "\u203c CVE-2023-2915 \u203c\n\nThe Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T20:37:32.000000Z"}, {"uuid": "08ad8829-ab2c-4fbb-8679-6de8e7a2ff15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29153", "type": "seen", "source": "https://t.me/ctinow/201207", "content": "https://ift.tt/MHYq4iu\nCVE-2023-29153 | Intel SPS prior 06.01.04.002.0 denial of service (intel-sa-01003)", "creation_timestamp": "2024-03-06T11:12:02.000000Z"}, {"uuid": "deba7182-dae2-403e-80a3-bd5c50526e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29156", "type": "seen", "source": "https://t.me/Rootsec_2/385", "content": "\ud83d\udce1Nozomi Networks Discovers Three Vulnerabilities Affecting BlueMark DroneScout ds230 Remote ID Receiver \n\"In this blog post, we disclose three vulnerabilities (critical, high and medium risk) which affect the DroneScout ds230 device. Two of these vulnerabilities(CVE-2023-31191 & CVE-2023-29156) could allow an attacker to spoof Remote ID information forcing the DroneScout ds230 to drop Remote ID information transmitted by legitimately communicating drones. The consequence of this is the attacker being able to inject fake locations associated with the legitimate drones detected by the DroneScout. The third vulnerability(CVE-2023-31190) discovered demonstrates the capability to install malicious firmware updates on the DroneScout appliance. \"\n\n#ODID #expoitation #fw #DroneScout #Drone #UAV #UAS", "creation_timestamp": "2024-08-16T08:08:28.000000Z"}, {"uuid": "423f3388-1223-44e9-848f-f7a12c516e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29159", "type": "seen", "source": "https://t.me/cibsecurity/64839", "content": "\u203c CVE-2023-29159 \u203c\n\nDirectory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-01T07:25:08.000000Z"}, {"uuid": "6a33912e-b72b-4760-a632-a0e665a2c1b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29156", "type": "seen", "source": "https://t.me/cibsecurity/66335", "content": "\u203c CVE-2023-29156 \u203c\n\nDroneScout ds230 Remote ID receiver from BlueMark Innovations\u00c2\u00a0is affected by an information loss vulnerability through\u00c2\u00a0traffic injection.An attacker can exploit this vulnerability by injecting, at the right times, spoofed Open Drone ID (ODID) messages which force the DroneScout ds230 Remote ID receiver to drop real Remote ID (RID) information and, instead, generate and transmit JSON encoded MQTT messages containing crafted RID information.\u00c2\u00a0Consequently, the\u00c2\u00a0MQTT broker, typically operated by a system integrator,\u00c2\u00a0will have no access to the drones\u00e2\u20ac\u2122 real RID information.This issue affects DroneScout ds230 in default configuration from firmware version 20211210-1627 through 20230329-1042.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T12:42:53.000000Z"}]}