{"vulnerability": "CVE-2023-3945", "sightings": [{"uuid": "476c02c9-0f9c-4535-842e-826ff49e6ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39454", "type": "seen", "source": "Telegram/wsQnyzy5Rwj6hV7VG_r_XWrPt1FGUElvIFx1y6MmG4ZnqUwH", "content": "", "creation_timestamp": "2025-02-17T15:38:32.000000Z"}, {"uuid": "42c6617e-5b6a-4a2c-9108-b6fd712f5442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39456", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18184", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-39456\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 9.2.3, which fixes the issue.\n\ud83d\udccf Published: 2023-10-17T06:58:17.515Z\n\ud83d\udccf Modified: 2025-06-12T15:10:53.829Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\n2. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\n5. https://www.debian.org/security/2023/dsa-5549", "creation_timestamp": "2025-06-12T15:34:03.000000Z"}, {"uuid": "1eb7d007-d6ad-49e0-b541-40ec203c294c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39452", "type": "seen", "source": "https://t.me/cibsecurity/70684", "content": "\u203c CVE-2023-39452 \u203c\n\n** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-19T02:27:56.000000Z"}, {"uuid": "dd14fea6-b111-4311-9561-673e4943973e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39454", "type": "seen", "source": "https://t.me/cibsecurity/68820", "content": "\u203c CVE-2023-39454 \u203c\n\nBuffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T14:38:18.000000Z"}, {"uuid": "bb040ba1-84ac-429b-ae5c-bab75e3ca840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39455", "type": "seen", "source": "https://t.me/cibsecurity/68812", "content": "\u203c CVE-2023-39455 \u203c\n\nOS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T14:44:09.000000Z"}, {"uuid": "18921899-6ee2-4963-b380-6019c19aac9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3945", "type": "seen", "source": "https://t.me/cibsecurity/67275", "content": "\u203c CVE-2023-3945 \u203c\n\nA vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-26T02:27:08.000000Z"}]}