{"vulnerability": "CVE-2023-46456", "sightings": [{"uuid": "f4ce6c82-37e4-4fa2-b850-f520b495e6f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6110", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploits for GL.iNet CVE-2023-46454, CVE-2023-46455 and CVE-2023-46456\nURL\uff1ahttps://github.com/cyberaz0r/GL.iNet-Multiple-Vulnerabilities\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-08T01:48:35.000000Z"}, {"uuid": "f97e5a1e-0c16-47b3-b53b-64475fb0800f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/rhizexploitbotddos/80", "content": "Poc : 82webmaster - Blind Sql Injection\nDork: intext:Design &amp; Developed By: 82webmaster\nDate: 14.05.2024\n\nPoc : Webmirchi - Blind Sql Injection\nDork: intext:Powered by Webmirchi\nDate: 14.05.2024\n\nPoc : Castel Digital Authentication Bypass\nDork: intext:Castel Digital\nDate: 12.05.2024\n\nPoc : Kobiz Design - Sql Injection\nDork: intext:Desing by Kobiz Design Co\nDate: 06.05.2024\n\nPoc : Oracuz - Blind Sql Injection\nDork: intext:Design by Oracuz\nDate: 05.05.2024\n\nPoc : Kobiz Design - Blind Sql Injection\nDork: intext:Desing by Kobiz Design Co\nDate: 05.05.2024\n\nPoc : Sandhya Branding Agency - Blind Sql Injection\nDork: intext:Powered by : Sandhya Branding Agency\nDate: 04.05.2024\n\nPoc : Webenlive - Sql Injection\nDork: intext:Design: Webenlive\nDate: 04.05.2024\n\nPoc : BitraTech - Sql Injection\nDork: intext:Powered By BitraTech\nDate: 04.05.2024\n\nPoc : Bigem Teknoloji - Blind Sql Injection\nDork: intext:Designed by Bigem Teknoloji\nDate: 04.05.2024\n\nPoc : fvgfl - SQL Injection vulnerability\nDork: intext:Web Design fvgfl\nDate: 27.04.2024\n\nPoc : Hikvision Camera - Remote command execution\nDork: In Shodan search engine, the filter is Web Version=3.1.3.150324 http.favicon.hash:999357577\nDate: 25.04.2024\n\nPoc : North Wales - Sql Injection\nDork: intext:Web Design North Wales\nDate: 21.04.2024\n\nPoc : Solar-Log Base 2000- Broken Access Control\nDork: In Shodan search engine, the filter is Server: IPC@CHIP http.favicon.hash:-1334408578 655744600\nDate: 21.04.2024\n\nPoc : Bigem Teknoloji - Sql Injection\nDork: intext:Designed by Bigem Teknoloji\nDate: 14.04.2024\n\nPoc : SolarView Compact 6.00 - Command Injection\nDork: http.html:solarview compact\nDate: 06.04.2024\n\nPoc : SolarView Compact 6.00 - Command Injection Bypass authentication\nDork: http.html:solarview compact\nDate: 30.03.2024\n\nPoc : Chenarkhayyam - Sql Injection And Waf , Cdn Bypass\nDork: intext:\u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0633\u0627\u06cc\u062a \u0686\u0646\u0627\u0631 \u062e\u06cc\u0627\u0645\nDate: 24.03.2024\n\nPoc : SolarView Compact 6.00 Command Injection\nDork: http.html:solarview compact\nDate: 20.03.2024\n\nPoc : Webenlive - Blind Sql Injection\nDork: intext:Design: Webenlive\nDate: 16.03.2024\n\nPoc : Schneider Electric v1.0 - Directory traversal &amp; Broken Authentication \nDork: inurl:/scada-vis\nDate: 16.03.2024\n\nPoc : SiteOmat Fueling System - Default Password\nDork: intitle:SiteOmat Loader\nDate: 16.03.2024\n\nPoc : Sandhya Branding Agency - Sql Injection\nDork: intext:Powered by : Sandhya Branding Agency\nDate: 11.03.2024\n\nPoc : elFinder Web file manager Version 2.1.53 Remote Command Execution\nDork: intitle:elFinder 2.1.53\nDate: 06.03.2024\n\nPoc : GL.iNet AR300M v3.216 Remote Code Execution CVE-2023-46456 Exploit\nDork: intitle:GL.iNet Admin Panel\nDate: 03.03.2024\n\nPoc : Agencia NUBA- Sql Injection\nDork: intext:Dise\u00f1o y Programaci\u00f3n Agencia NUBA\nDate: 28.02.2024\n\nPoc : Ficus Global - Blind Sql Injection\nDork: intext:Designed &amp; Maintained by Ficus Global\nDate: 28.02.2024\n\nPoc : Axiomatic - Sql Injection\nDork: intext:Design by Axiomatic.it\nDate: 25.02.2024\n\nPoc : Stealth Media Ltd - Blind Sql Injection\nDork: intext:Website Designed &amp; Developed By Stealth Media Ltd.\nDate: 25.02.2024\n\nPoc : Agencia NUBA - Blind Sql Injection\nDork: intext:Dise\u00f1o y Programaci\u00f3n Agencia NUBA\nDate: 25.02.2024\n\nPoc : Ticico - Blind SQL Injection\nDork: inurl:adminco intext:yetkili\nDate: 20.02.2024\n\nPoc : iCT Sky SQL Injection\nDork: intext:IT Partner iCT Sky\nDate: 11.02.2024\n\nPoc : Laravel Env file Access Open Directory\nDork: intitle:index of env.cgi \nDate: 07.02.2024\n\nPoc : EuroMedya - No Redirect/Admin Panel Bypass\nDork: -\nDate: 03.02.2024\n\nPoc : Loca Software - Sql Injection/Admin Panel Bypass\nDork: intext:bu web sitesi LOCA YAZILIM B\u0130L\u0130\u015e\u0130M TEK. LTD. \u015eT\u0130.\nDate: 03.02.2024\n\nPoc : Juniper-SRX-Firewalls&amp;EX-switches (PreAuth-RCE) (PoC)\nDork: http.favicon.hash:2141724739\nDate: 02.02.2024\n\nPoc : Techbrightsolutions - Sql Injection/Admin Panel Bypass\nDork: intext:by TechbrightSolutions login\nDate: 02.02.2024\n\nPoc : Wordpress wp-recipe-maker Cross Site Scripting\nDork: [N/A]\nDate: 01.02.2024\n\nPoc : HostCarts Digital - Sql Injection\nDork: intext:Powered by HostCarts Digital\nDate: 30.01.2024", "creation_timestamp": "2024-09-16T04:34:45.000000Z"}, {"uuid": "fe08c784-a0ba-4786-9020-a1dbac9bf215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/198910", "content": "https://ift.tt/EftCphV\nGL.iNet AR300M v3.216 Remote Code Execution CVE-2023-46456 Exploit", "creation_timestamp": "2024-03-03T23:21:29.000000Z"}, {"uuid": "7c7d142b-d68f-4c91-a4ec-e220a5da27bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/198908", "content": "https://ift.tt/EftCphV\nGL.iNet AR300M v3.216 Remote Code Execution CVE-2023-46456 Exploit", "creation_timestamp": "2024-03-03T23:16:26.000000Z"}, {"uuid": "40c5b261-62db-4c58-8f9d-c1d036c2c475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/198770", "content": "https://ift.tt/zVWe791\n[remote] GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit", "creation_timestamp": "2024-03-03T15:16:52.000000Z"}, {"uuid": "9428b3e2-c41e-4db2-8445-e648636ed6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "seen", "source": "https://t.me/ctinow/161791", "content": "https://ift.tt/Eihj37r\nCVE-2023-46456 | GL.iNet GL-AR300M up to 3.216 OpenVPN Client File Upload os command injection", "creation_timestamp": "2024-01-02T14:36:35.000000Z"}, {"uuid": "b1497efd-5d86-4651-baa1-2fbdf58eabc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46456", "type": "published-proof-of-concept", "source": "https://t.me/VulnerabilityNews/35410", "content": "[remote] GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit\nRead More", "creation_timestamp": "2024-03-03T15:14:56.000000Z"}]}