{"vulnerability": "CVE-2023-37286", "sightings": [{"uuid": "7d53123d-1dd4-4fd9-ac1e-4ab5be65b9d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37286", "type": "seen", "source": "https://t.me/cibsecurity/66243", "content": "\u203c CVE-2023-37286 \u203c\n\nSmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code and disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-10T07:23:27.000000Z"}]}