{"vulnerability": "cve-2023-2311", "sightings": [{"uuid": "674bc0f4-d8ed-43a1-b0c8-980c0608b6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23119", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8948", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23119\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.\n\ud83d\udccf Published: 2023-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T18:57:53.822Z\n\ud83d\udd17 References:\n1. https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/SkYce4f5o\n2. https://community.ui.com/tags/security/releases", "creation_timestamp": "2025-03-26T19:26:24.000000Z"}, {"uuid": "3b580552-eeec-4f2b-8666-4083092f25a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2311", "type": "seen", "source": "https://t.me/cibsecurity/67409", "content": "\u203c CVE-2023-2311 \u203c\n\nInsufficient policy enforcement in File System API in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-29T07:30:10.000000Z"}, {"uuid": "16e5d117-b935-4916-aef5-d566d856fefb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23110", "type": "seen", "source": "https://t.me/cibsecurity/57404", "content": "\u203c CVE-2023-23110 \u203c\n\nAn exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers firmware version 1.0.0.3 and earlier. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-02T18:44:57.000000Z"}, {"uuid": "744966c8-d9e4-4357-b429-49b08afea989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23119", "type": "seen", "source": "https://t.me/cibsecurity/57410", "content": "\u203c CVE-2023-23119 \u203c\n\nThe use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-02T20:15:04.000000Z"}]}