{"vulnerability": "CVE-2023-34127", "sightings": [{"uuid": "56b4d675-496b-4474-8ed8-abb3ea44828f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/9599b5d9-4420-4e47-966c-247229ef3d0d", "content": "", "creation_timestamp": "2024-02-22T15:07:40.000000Z"}, {"uuid": "3b226e4f-a08c-4d20-b390-24eee618e3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "0e969d05-3597-4ba7-a92a-4331a13f6f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "40b7bc07-4d08-42dc-bc81-cc266603f9bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}, {"uuid": "044beb26-859f-43e6-85e2-d76932fc7955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/sonicwall_shell_injection_cve_2023_34124.rb", "content": "", "creation_timestamp": "2023-09-08T10:11:37.000000Z"}, {"uuid": "a616af36-3fdb-454c-ba2c-4e0a21e20a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8892", "content": "#exploit\n1. CVE-2023-36874:\nWindows Error Reporting Service Privilege Enhancement Vulnerability\nhttps://github.com/c4m3l-security/CVE-2023-36874\n\n2. CVE-2023-34127:\nImproper Neutralization of Special Elements used in an OS Command (\"OS Command Injection\") vulnerability in SonicWall GMS, SonicWall Analytics\nhttps://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis", "creation_timestamp": "2023-08-22T12:27:06.000000Z"}, {"uuid": "940cf929-27ac-4b6f-ad27-3b58a9866f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1069", "content": "CVE-2023-34127 : SonicWall - OS Command Injection\nissue affects  : GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\nDescription\nImproper Neutralization of Special Elements used in an OS Command (\u2018OS Command Injection\u2019) vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\nANALYSIS : https://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127/rapid7-analysis\nMetasploit : https://github.com/rapid7/metasploit-framework/pull/18302", "creation_timestamp": "2024-05-06T11:39:25.000000Z"}, {"uuid": "ce5f733f-922c-4829-aec3-78f592086695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34127", "type": "seen", "source": "https://t.me/cibsecurity/66610", "content": "\u203c CVE-2023-34127 \u203c\n\nImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:42:12.000000Z"}]}