{"vulnerability": "CVE-2023-3347", "sightings": [{"uuid": "0ac102b2-99f9-4d90-bd2b-d0bd10d01090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11173", "content": "Exploiting CVE-2023-33476 for remote code execution.\n\nhttps://blog.coffinsec.com/0day/2023/06/19/minidlna-cve-2023-33476-exploits.html", "creation_timestamp": "2023-06-24T16:07:58.000000Z"}, {"uuid": "0393bf37-63b8-49a4-82a2-cf8ec02b8fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/299", "content": "Exploiting CVE-2023-33476 for remote code execution.\n\nhttps://blog.coffinsec.com/0day/2023/06/19/minidlna-cve-2023-33476-exploits.html", "creation_timestamp": "2023-06-24T16:07:40.000000Z"}, {"uuid": "af2753af-9913-4266-a574-489b5ffdfc2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4599", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploits for a heap overflow in MiniDLNA <=1.3.2 (CVE-2023-33476)\nURL\uff1ahttps://github.com/mellow-hype/cve-2023-33476\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-20T15:45:20.000000Z"}, {"uuid": "0d259003-b0fc-4e4d-a29f-02ab0af91f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "Telegram/AoJTUILmpsxxe1Wbr2DVR1_uo58k__3Lr-giFB5KtJof0_0", "content": "", "creation_timestamp": "2023-07-10T09:52:01.000000Z"}, {"uuid": "bad505af-4933-4682-8e38-0e2646655c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/844", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33476\n\ud83d\udd39 Description: ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.\n\ud83d\udccf Published: 2023-06-02T00:00:00\n\ud83d\udccf Modified: 2025-01-08T20:33:54.461Z\n\ud83d\udd17 References:\n1. https://sourceforge.net/projects/minidlna/\n2. https://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html\n3. https://sourceforge.net/p/minidlna/git/ci/9bd58553fae5aef3e6dd22f51642d2c851225aec/\n4. https://lists.debian.org/debian-lts-announce/2023/06/msg00027.html\n5. https://www.debian.org/security/2023/dsa-5434\n6. https://security.gentoo.org/glsa/202311-12", "creation_timestamp": "2025-01-08T21:14:22.000000Z"}, {"uuid": "944f01a5-6eff-4097-a5b9-3b7bfe44fa20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "Telegram/Z42dUL5SlpUKhzaB8z2JtVDGF4e8DZjU4NsnyrTR2CVbxw", "content": "", "creation_timestamp": "2023-06-27T08:09:48.000000Z"}, {"uuid": "7bf8b536-4c72-4098-be66-55ed3640097f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "Telegram/1myHb24StfeYBCNoHvTo5avi7i-8TEd6e-KQkOZ47-n3PA", "content": "", "creation_timestamp": "2023-06-20T18:12:09.000000Z"}, {"uuid": "5658825f-1b94-47b9-af3b-e00ec2c890fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3710", "content": "\ud83d\udda5Dataleak:\n\n\ud83d\udd31DataLeak uprint_id : https://www.system32.ink/2023/06/DataLeak-uprint.id.html\n\n\ud83d\udd31Leak RaidForums  : https://www.system32.ink/2023/06/leak-raidforums-database-by-exposedvc.html\n\n\ud83d\udd31Leak Santander bank Mexico : https://www.system32.ink/2023/06/leak-santander-bank-mexico.html\n\n\ud83d\udd31Leak Tour Partner Group (tourpartnergroup.com) : https://www.system32.ink/2023/06/leak-tour-partner-group.html\n\n\ud83d\udda5Exploits:\n\n\ud83d\udd31MiniDLNA <=1.3.2 (CVE-2023-33476) Exploits : https://www.system32.ink/2023/06/minidlna-132-cve-2023-33476-exploits.html\n\n\ud83d\udd31CVE-2023-20178 PoC for Arbitrary File Delete vulnerability in Cisco Secure Client : https://www.system32.ink/2023/06/cve-2023-20178-poc-for-arbitrary-file.html\n\n\ud83d\udd31CVE-2023-25610  RCE vulnerability in FortiOS : https://www.system32.ink/2023/06/cve-2023-25610-rce-vulnerability-in.html\n\n\ud83d\udd31CVE-2023-30777 Exploit Reflected XSS vulnerability in the Advanced Custom Fields WordPress plugin : https://www.system32.ink/2023/06/cve-2023-30777-exploit-reflected-xss.html\n\n\ud83d\udda5Rat:\n\n\ud83d\udd31GCR-Google-Calendar-RAT : https://www.system32.ink/2023/06/gcr-google-calendar-rat.html\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31Mantra - A tool used to hunt down API key leaks in JS files and pages : https://www.system32.ink/2023/06/mantra-tool-used-to-hunt-down-api-key.html\n\n\ud83d\udd31IIS Short Name Scanner - 2012-2023 : https://www.system32.ink/2023/06/iis-short-name-scanner-2012-2023.html\n\n@crackcodes | crackcodes.in | system32.ink", "creation_timestamp": "2023-06-21T14:59:33.000000Z"}, {"uuid": "fd75b9da-62a2-4bbf-93cc-f84879486e87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3708", "content": "Exploits: \n\n\ud83d\udd31CVE-2023-1829 Exploit : https://system32.ink/d/cve-2023-1829-exploit/\n\n\ud83d\udd31Hammulator framework POC : https://system32.ink/d/hammulator-framework-poc/\n\n\ud83d\udd31Exploits for a heap overflow in MiniDLNA <=1.3.2 (CVE-2023-33476) : https://system32.ink/d/exploits-for-a-heap-overflow-in-minidlna/\n\n\n@crackcodes | crackcodes.in | system32.ink", "creation_timestamp": "2023-06-20T18:11:06.000000Z"}, {"uuid": "c7b23095-25b1-4718-91f3-26586a833794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33472", "type": "seen", "source": "https://t.me/ctinow/178362", "content": "https://ift.tt/R1t45QC\nCVE-2023-33472 | Scada-LTS up to 2.7.5.2 Privilege Escalation", "creation_timestamp": "2024-02-03T03:11:46.000000Z"}, {"uuid": "94d5d8dd-8727-4aea-bb7d-5465a4204c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33472", "type": "seen", "source": "https://t.me/ctinow/167662", "content": "https://ift.tt/zPCGD1F\nCVE-2023-33472", "creation_timestamp": "2024-01-13T03:26:57.000000Z"}, {"uuid": "b3a3217d-1893-4da3-9907-0dbba303f921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3347", "type": "seen", "source": "https://t.me/cibsecurity/67041", "content": "\u203c CVE-2023-3347 \u203c\n\nA vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured \"server signing = required\" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-20T18:32:52.000000Z"}, {"uuid": "f9326d39-1412-498d-9c37-4807e0b73a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "seen", "source": "https://t.me/cibsecurity/64891", "content": "\u203c CVE-2023-33476 \u203c\n\nReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T18:37:28.000000Z"}, {"uuid": "9ab342f0-e4bc-43b1-9c98-e4a89708202b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7447", "content": "chonked pt.2: exploiting cve-2023-33476 for remote code execution\n\nhttps://blog.coffinsec.com/0day/2023/06/19/minidlna-cve-2023-33476-exploits.html", "creation_timestamp": "2023-06-20T11:49:52.000000Z"}, {"uuid": "a0f05f46-1cd7-4c8f-9c55-55d3fa569b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33476", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8443", "content": "#exploit\n1. CVE-2023-33476:\nminidlna 1.3.2 heap buffer overflow vulnerability\nhttps://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html\n\n2. Shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding\nhttps://github.com/ImageMagick/ImageMagick/issues/6338\n\n3. CVE-2022-32902:\nTCC-bypass in macOS\nhttps://github.com/jhftss/POC/tree/main/CVE-2022-32902\n]-> https://jhftss.github.io/CVE-2022-32902-Patch-One-Issue-and-Introduce-Two", "creation_timestamp": "2023-06-07T11:03:01.000000Z"}]}