{"vulnerability": "CVE-2023-4332", "sightings": [{"uuid": "87961e82-9f3a-410d-9bc1-d038893b83b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43321", "type": "seen", "source": "https://t.me/cibsecurity/71652", "content": "\u203c CVE-2023-43321 \u203c\n\nFile Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T02:12:13.000000Z"}, {"uuid": "319bd218-8f3c-41a8-b488-f27493c4429f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43326", "type": "seen", "source": "https://t.me/cibsecurity/71028", "content": "\u203c CVE-2023-43326 \u203c\n\nmooSocial v3.1.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the change email function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-26T14:11:58.000000Z"}, {"uuid": "b7e95c17-3e64-49ab-8078-218ee5f3bc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4332", "type": "seen", "source": "https://t.me/cibsecurity/68573", "content": "\u203c CVE-2023-4332 \u203c\n\nBroadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T22:30:49.000000Z"}, {"uuid": "ceac00c6-b2af-4e2f-93aa-66cbc445be36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43323", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9098", "content": "#exploit\n1. CVE-2023-35793:\nCSRF On Web-SSH\nhttps://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH\n\n2. CVE-2023-43263:\nXSS vulnerability in Froala Editor v.4.1.1\nhttps://github.com/b0marek/CVE-2023-43263\n\n3. CVE-2023-43323:\nmooSocial - External HTTP/DNS Service Interaction\nhttps://github.com/ahrixia/CVE-2023-43323", "creation_timestamp": "2023-09-27T11:00:44.000000Z"}, {"uuid": "3cd097eb-389b-4064-9972-b0fdd2570aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43323", "type": "seen", "source": "https://t.me/cibsecurity/71232", "content": "\u203c CVE-2023-43323 \u203c\n\nmooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-29T00:36:57.000000Z"}, {"uuid": "eb0cb7bb-7d69-4f38-8fde-5bebb8626125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43322", "type": "seen", "source": "https://t.me/cibsecurity/73102", "content": "\u203c CVE-2023-43322 \u203c\n\nZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to v5.10.3 was discovered to contain a command injection vulnerability via the endpoint /v1/system/toolkit/files/.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-28T07:17:32.000000Z"}, {"uuid": "c3d4277f-262b-4493-8891-623894350814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43323", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1131", "content": "#exploit\n1. CVE-2023-35793:\nCSRF On Web-SSH\nhttps://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH\n\n2. CVE-2023-43263:\nXSS vulnerability in Froala Editor v.4.1.1\nhttps://github.com/b0marek/CVE-2023-43263\n\n3. CVE-2023-43323:\nmooSocial - External HTTP/DNS Service Interaction\nhttps://github.com/ahrixia/CVE-2023-43323", "creation_timestamp": "2024-08-16T08:28:28.000000Z"}]}