{"vulnerability": "CVE-2023-3109", "sightings": [{"uuid": "dfd85ec7-a5b3-4fcd-a18c-30ca754f29d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115889109162271840", "content": "", "creation_timestamp": "2026-01-13T18:04:32.115703Z"}, {"uuid": "7758e0dd-0db9-48ac-8e70-539d6606c17d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review", "content": "", "creation_timestamp": "2026-01-13T18:01:16.000000Z"}, {"uuid": "e3c196db-d435-4598-8251-85c784e0f3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mcg6j3yi3k26", "content": "", "creation_timestamp": "2026-01-14T23:03:39.227754Z"}, {"uuid": "19a95d65-c512-458c-8ee3-2a3ac1ec23c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007", "content": "", "creation_timestamp": "2026-01-13T18:16:30.000000Z"}, {"uuid": "65fcc237-8bb8-4baa-b8e8-7b5bce2c52a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://bsky.app/profile/michael-speller.bsky.social/post/3mcha7hiuhs2u", "content": "", "creation_timestamp": "2026-01-15T09:06:42.179353Z"}, {"uuid": "16ef3522-c806-45eb-8502-7c15a3d35e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/300", "content": "https://xz.aliyun.com/t/13216\nCVE-2023-31099\n#exploit", "creation_timestamp": "2024-01-06T16:19:47.000000Z"}, {"uuid": "2d1574bb-4ba8-4907-a9d1-1dfa8d5be39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/", "content": "", "creation_timestamp": "2026-01-13T23:47:38.000000Z"}, {"uuid": "5085865d-d879-4330-bb56-4233aae85798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007", "content": "", "creation_timestamp": "2026-04-10T10:53:42.000000Z"}, {"uuid": "c9e74183-c52d-451b-bbe1-169338590355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31092", "type": "seen", "source": "https://t.me/ctinow/157154", "content": "https://ift.tt/tDrk81q\nCVE-2023-31092", "creation_timestamp": "2023-12-20T17:23:42.000000Z"}, {"uuid": "a0c1a66c-a6cf-4150-9f70-9de6830cf709", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://bsky.app/profile/cyberdudebivash.bsky.social/post/3mciotd6k5s2f", "content": "", "creation_timestamp": "2026-01-15T23:01:03.857238Z"}, {"uuid": "fd44ff54-74b2-4eb7-a9a4-483d2116f2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "published-proof-of-concept", "source": "Telegram/2ll6hh1bRVrEFfGLVvmcXFGa-ma2XRt9Qhxg0JMZZaj3Ow", "content": "", "creation_timestamp": "2024-01-25T17:54:00.000000Z"}, {"uuid": "620bef06-d828-4515-823d-6ec7b231a478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31098", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64550", "content": "\u203c CVE-2023-31098 \u203c\n\nWeak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0.\u00c2\u00a0When users change their password to a simple password (with any character orsymbol), attackers can easily guess the user's password and access the account.Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 https://github.com/apache/inlong/pull/7805 to solve it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T21:59:48.000000Z"}, {"uuid": "5b099f81-4730-4af9-a067-5c391a76ab5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31095", "type": "seen", "source": "https://t.me/ctinow/160425", "content": "https://ift.tt/scxgEfr\nCVE-2023-31095", "creation_timestamp": "2023-12-29T11:26:20.000000Z"}, {"uuid": "6161f3f7-cf3f-4e52-92be-a8127f470422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31094", "type": "seen", "source": "https://t.me/cibsecurity/68828", "content": "\u203c CVE-2023-31094 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin <=\u00c2\u00a02.4.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T16:38:12.000000Z"}, {"uuid": "f39c1b5a-a26d-46f1-824e-e90575c7b897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31091", "type": "seen", "source": "https://t.me/cibsecurity/68742", "content": "\u203c CVE-2023-31091 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <=\u00c2\u00a01.0.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T14:37:17.000000Z"}, {"uuid": "44c17d30-c407-4b4f-8f75-5f5d6c8635b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "seen", "source": "https://t.me/arpsyndicate/2400", "content": "#ExploitObserverAlert\n\nCVE-2023-31099\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-31099. Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.\n\nFIRST-EPSS: 0.001760000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-04T01:36:28.000000Z"}, {"uuid": "00f5366a-0ad6-46a9-a4bc-0114b1ba3071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3814", "content": "#exploit\n1. CVE-2023-31099:\nZoho ManageEngine Opmanager deserialization RCE\nhttps://xz.aliyun.com/t/13216\n\n2. PoC for webauthn/passkeyss\nhttps://github.com/spbkaizo/go-demo-passkeys\n\n3. Exploiting and Examining CVE-2023-1829 in cls_tcindex Classifier Vulnerability\nhttps://starlabs.sg/blog/2023/06-breaking-the-code-exploiting-and-examining-cve-2023-1829-in-cls_tcindex-classifier-vulnerability\n]-> PoC: https://github.com/star-sg/CVE/tree/master/CVE-2023-1829", "creation_timestamp": "2024-01-07T15:08:32.000000Z"}, {"uuid": "281203ae-978e-454f-bff8-5df5b45d4466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31095", "type": "seen", "source": "https://t.me/cibsecurity/73923", "content": "\u203c\ufe0fCVE-2023-31095\u203c\ufe0f\n\nURL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms from na through 1.2.8.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:36:30.000000Z"}, {"uuid": "c7811351-9904-49fa-90b1-2fed90ae41d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31096", "type": "seen", "source": "https://t.me/cibsecurity/72004", "content": "\u203c CVE-2023-31096 \u203c\n\nAn issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:17:05.000000Z"}, {"uuid": "ab55ca6b-7929-4fac-b3a8-5329b009ca9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1804", "content": "https://xz.aliyun.com/t/13216\nCVE-2023-31099\n#exploit", "creation_timestamp": "2024-01-06T19:33:35.000000Z"}, {"uuid": "02320b27-01ca-40be-9d73-21441db5ca72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31099", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9734", "content": "#exploit\n1. CVE-2023-31099:\nZoho ManageEngine Opmanager deserialization RCE\nhttps://xz.aliyun.com/t/13216\n\n2. PoC for webauthn/passkeyss\nhttps://github.com/spbkaizo/go-demo-passkeys\n\n3. Exploiting and Examining CVE-2023-1829 in cls_tcindex Classifier Vulnerability\nhttps://starlabs.sg/blog/2023/06-breaking-the-code-exploiting-and-examining-cve-2023-1829-in-cls_tcindex-classifier-vulnerability\n]-> PoC: https://github.com/star-sg/CVE/tree/master/CVE-2023-1829", "creation_timestamp": "2024-01-06T18:45:41.000000Z"}]}