{"vulnerability": "CVE-2023-3699", "sightings": [{"uuid": "de2d7d78-25f8-45ee-b06a-9bc0f3af95a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36998", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdnvqioo62f", "content": "", "creation_timestamp": "2025-01-22T15:15:41.147983Z"}, {"uuid": "17ca6858-1056-43f1-b7ba-713e6c5480b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3699", "type": "seen", "source": "https://t.me/arpsyndicate/2355", "content": "#ExploitObserverAlert\n\nCVE-2023-3699\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-3699. An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2024-01-03T20:33:04.000000Z"}, {"uuid": "1b4085e3-56d7-4805-bbd4-d9c83a7b9c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3699", "type": "seen", "source": "https://t.me/cibsecurity/69006", "content": "\u203c CVE-2023-3699 \u203c\n\nAn Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:25:07.000000Z"}, {"uuid": "4625e16c-8962-4c32-8bc5-ab78689370b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36993", "type": "seen", "source": "https://t.me/cibsecurity/66228", "content": "\u203c CVE-2023-36993 \u203c\n\nThe cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T22:18:00.000000Z"}, {"uuid": "3513e786-4419-4fea-9c22-4d109f6cb0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36994", "type": "seen", "source": "https://t.me/cibsecurity/66227", "content": "\u203c CVE-2023-36994 \u203c\n\nIn TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T22:17:59.000000Z"}, {"uuid": "1ecdaae5-7b40-4c63-86b3-41ff98ec174e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36992", "type": "seen", "source": "https://t.me/cibsecurity/66224", "content": "\u203c CVE-2023-36992 \u203c\n\nPHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T22:17:53.000000Z"}]}