{"vulnerability": "CVE-2023-3106", "sightings": [{"uuid": "21714744-54e5-4898-b2bf-091b06d56d3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31068", "type": "seen", "source": "https://t.me/arpsyndicate/2428", "content": "#ExploitObserverAlert\n\nCVE-2023-27133\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27133. TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\nFIRST-EPSS: 0.001300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T04:19:43.000000Z"}, {"uuid": "6d1c9597-e04a-42d9-a9be-c2172c4a21a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31068", "type": "seen", "source": "https://t.me/cibsecurity/72443", "content": "\u203c CVE-2023-27133 \u203c\n\nTSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:01.000000Z"}, {"uuid": "8cc5009c-4977-4465-8c66-2b4ad20dcff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31067", "type": "seen", "source": "https://t.me/cibsecurity/72443", "content": "\u203c CVE-2023-27133 \u203c\n\nTSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:01.000000Z"}, {"uuid": "cffbfe67-ceb8-4f84-b2e8-03c99e1515f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31067", "type": "seen", "source": "https://t.me/arpsyndicate/2428", "content": "#ExploitObserverAlert\n\nCVE-2023-27133\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27133. TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\nFIRST-EPSS: 0.001300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T04:19:43.000000Z"}, {"uuid": "f59fbefa-4cc1-4d94-9658-da21209ab3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31068", "type": "seen", "source": "https://t.me/cibsecurity/70216", "content": "\u203c CVE-2023-31068 \u203c\n\nAn issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\\TSplus\\UserDesktop\\themes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:39.000000Z"}, {"uuid": "b5a04cd7-4d0a-46a5-943c-f09e93cccfeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31069", "type": "seen", "source": "https://t.me/cibsecurity/72444", "content": "\u203c CVE-2023-27132 \u203c\n\nTSplus Remote Work 16.0.0.0 places a cleartext password on the \"var pass\" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:04.000000Z"}, {"uuid": "29c6c29b-ec56-4f58-bdf9-74fe67d18b9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31069", "type": "seen", "source": "https://t.me/cibsecurity/70220", "content": "\u203c CVE-2023-31069 \u203c\n\nAn issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:43.000000Z"}, {"uuid": "79c8e702-bd64-4947-a0a8-f9ee0d91bb8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31067", "type": "seen", "source": "https://t.me/cibsecurity/70215", "content": "\u203c CVE-2023-31067 \u203c\n\nAn issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\\TSplus\\Clients\\www.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:38.000000Z"}, {"uuid": "1ac80870-dd1b-4590-bd04-ad750c97893a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31065", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64558", "content": "\u203c CVE-2023-31065 \u203c\n\nInsufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0.\u00c2\u00a0An old session can be used by an attacker even after the user has been deleted or the password has been changed.Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:30:33.000000Z"}, {"uuid": "cb337202-a75f-49db-a2d9-d939d482461e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3106", "type": "seen", "source": "https://t.me/cibsecurity/66488", "content": "\u203c CVE-2023-3106 \u203c\n\nA NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T12:41:34.000000Z"}, {"uuid": "425c3dbc-3ddd-4ede-b89a-d82cf48261b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31062", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64554", "content": "\u203c CVE-2023-31062 \u203c\n\nImproper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.\u00c2\u00a0 When\u00c2\u00a0the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by sending a loginrequest and following it with a subsequent HTTP requestusing the returned cookie.Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:25:51.000000Z"}, {"uuid": "91e69463-d9d0-47af-963d-c7797c87f749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31060", "type": "seen", "source": "https://t.me/cibsecurity/62676", "content": "\u203c CVE-2023-31060 \u203c\n\nRepetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T07:14:02.000000Z"}, {"uuid": "e9d12aaf-b213-462b-b9df-ba5768398470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31061", "type": "seen", "source": "https://t.me/cibsecurity/62675", "content": "\u203c CVE-2023-31061 \u203c\n\nRepetier Server through 1.4.10 does not have CSRF protection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T07:14:01.000000Z"}, {"uuid": "295b832f-843b-4007-9b7c-a6f8131be65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31066", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64545", "content": "\u203c CVE-2023-31066 \u203c\n\nFiles or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could\u00c2\u00a0delete, edit, stop, and start others' sources!\u00c2\u00a0Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 https://github.com/apache/inlong/pull/7775 to solve it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:25:29.000000Z"}, {"uuid": "8099c98b-d14f-43d4-a0d4-3b3010f4dde1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31064", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64543", "content": "\u203c CVE-2023-31064 \u203c\n\nFiles or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an\u00c2\u00a0application that doesn't belongs to it.\u00c2\u00a0Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7799 https://github.com/apache/inlong/pull/7799 to solve it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:25:24.000000Z"}]}