{"vulnerability": "CVE-2023-42406", "sightings": [{"uuid": "2219ef26-cdf6-49a1-80b5-bc49ae5dd423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42406", "type": "seen", "source": "https://t.me/cibsecurity/73029", "content": "\u203c CVE-2023-42406 \u203c\n\nSQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a remote attacker to obtain sensitive information and execute arbitrary code via the editrole.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T02:16:16.000000Z"}, {"uuid": "65eec79e-8c08-4ca1-9de9-d44aa030d972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42406", "type": "seen", "source": "Telegram/BInHsv8QLPFw0ngOrqx1Jf34o7-WDNUfgDTh8jC7E6NCfA", "content": "", "creation_timestamp": "2023-10-27T12:29:39.000000Z"}, {"uuid": "89b663ac-510f-4399-bab8-1b6e85e83f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42406", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9702", "content": "#exploit\n1. CVE-2023-26360:\nAdobe Coldfusion File Read Arbrtary Exploit\nhttps://github.com/yosef0x01/CVE-2023-26360\n\n2. CVE-2023-42406:\nSQL injection in D-Link DAR-7000\nhttps://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md\n]-> https://github.com/1dreamGN/CVE/blob/main/D-LINK%20-DAR-7000_sql__sysmanage_editrole.php.md\n\n3. Out-of-memory happened in TIFFOpen via a craft file\nhttps://gitlab.com/libtiff/libtiff/-/issues/614", "creation_timestamp": "2024-01-03T14:27:37.000000Z"}, {"uuid": "58015d24-515c-4da3-b229-81fccae5c771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42406", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2402", "content": "#exploit\n1. CVE-2023-26360:\nAdobe Coldfusion File Read Arbrtary Exploit\nhttps://github.com/yosef0x01/CVE-2023-26360\n\n2. CVE-2023-42406:\nSQL injection in D-Link DAR-7000\nhttps://github.com/1dreamGN/CVE/blob/main/CVE-2023-42406.md\n]-> https://github.com/1dreamGN/CVE/blob/main/D-LINK%20-DAR-7000_sql__sysmanage_editrole.php.md", "creation_timestamp": "2024-08-16T08:59:54.000000Z"}]}