https://vulnerability.circl.lu/sightings/feed 2026-05-07T02:41:42.987574+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/48361bae-aa5e-4f6b-afab-5793ed27e449/export 2026-05-07T02:41:43.318633+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "48361bae-aa5e-4f6b-afab-5793ed27e449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30280", "type": "seen", "source": "https://t.me/cibsecurity/62933", "content": "\u203c CVE-2023-30280 \u203c\n\nBuffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T00:25:04.000000Z"} 2023-04-27T00:25:04+00:00 https://vulnerability.circl.lu/sighting/7eca1032-78c4-47f1-93c8-343d3ea6329c/export 2026-05-07T02:41:43.318469+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7eca1032-78c4-47f1-93c8-343d3ea6329c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30282", "type": "seen", "source": "https://t.me/cibsecurity/63342", "content": "\u203c CVE-2023-30282 \u203c\n\nPrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T02:23:36.000000Z"} 2023-05-05T02:23:36+00:00 https://vulnerability.circl.lu/sighting/fd8f8315-fe86-4be7-916c-ab7c04adb21d/export 2026-05-07T02:41:43.318282+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fd8f8315-fe86-4be7-916c-ab7c04adb21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30281", "type": "seen", "source": "https://t.me/cibsecurity/64270", "content": "\u203c CVE-2023-30281 \u203c\n\nInsecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3 allows attackers to access sensitive information stored in the component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T00:32:37.000000Z"} 2023-05-17T00:32:37+00:00 https://vulnerability.circl.lu/sighting/29e07630-31e6-471c-b80e-fd34d96effc2/export 2026-05-07T02:41:43.318089+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "29e07630-31e6-471c-b80e-fd34d96effc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30285", "type": "seen", "source": "https://t.me/cibsecurity/64821", "content": "\u203c CVE-2023-30285 \u203c\n\nAn issue in Deviniti Issue Sync Synchronization v3.5.2 for Jira allows attackers to obtain the login credentials of a user via a crafted request sent to /rest/synchronizer/1.0/technicalUser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-31T16:39:50.000000Z"} 2023-05-31T16:39:50+00:00 https://vulnerability.circl.lu/sighting/e852f255-a976-4106-bd13-1d49c8f64ce4/export 2026-05-07T02:41:43.317869+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e852f255-a976-4106-bd13-1d49c8f64ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3028", "type": "seen", "source": "https://t.me/arpsyndicate/557", "content": "#ExploitObserverAlert\n\nCVE-2023-3028\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-3028. Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit. Other models are possibly affected too. Multiple vulnerabilities were identified: - The MQTT backend does not require authentication, allowing unauthorized connections from an attacker. - The vehicles publish their telemetry data (e.g. GPS Location, speed, odometer, fuel, etc) as messages in public topics. The backend also sends commands to the vehicles as MQTT posts in public topics. As a result, an attacker can access the confidential data of the entire fleet that is managed by the backend. - The MQTT messages sent by the vehicles or the backend are not encrypted or authenticated. An attacker can create and post messages to impersonate a vehicle or the backend. The attacker could then, for example, send incorrect information to the backend about the vehicle's location. - The backend can inject data into a vehicle\u00b4s CAN bus by sending a specific MQTT message on a public topic. Because these messages are not authenticated or encrypted, an attacker could impersonate the backend, create a fake message and inject CAN data in any vehicle managed by the backend. The confirmed version is\u00a0201808021036, however further versions have been also identified as potentially impacted.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-25T01:06:08.000000Z"} 2023-11-25T01:06:08+00:00 https://vulnerability.circl.lu/sighting/9e4b9f19-9c97-458f-a4f8-0965c4fd6d1e/export 2026-05-07T02:41:43.317580+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9e4b9f19-9c97-458f-a4f8-0965c4fd6d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3028", "type": "seen", "source": "https://t.me/arpsyndicate/1605", "content": "#ExploitObserverAlert\n\nCVE-2023-3028\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-3028. Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit. Other models are possibly affected too. Multiple vulnerabilities were identified: - The MQTT backend does not require authentication, allowing unauthorized connections from an attacker. - The vehicles publish their telemetry data (e.g. GPS Location, speed, odometer, fuel, etc) as messages in public topics. The backend also sends commands to the vehicles as MQTT posts in public topics. As a result, an attacker can access the confidential data of the entire fleet that is managed by the backend. - The MQTT messages sent by the vehicles or the backend are not encrypted or authenticated. An attacker can create and post messages to impersonate a vehicle or the backend. The attacker could then, for example, send incorrect information to the backend about the vehicle's location. - The backend can inject data into a vehicle\u00b4s CAN bus by sending a specific MQTT message on a public topic. Because these messages are not authenticated or encrypted, an attacker could impersonate the backend, create a fake message and inject CAN data in any vehicle managed by the backend. The confirmed version is\u00a0201808021036, however further versions have been also identified as potentially impacted.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T11:23:23.000000Z"} 2023-12-10T11:23:23+00:00 https://vulnerability.circl.lu/sighting/fb1c0e0f-55b0-4974-be40-1f9a2b604d31/export 2026-05-07T02:41:43.315237+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fb1c0e0f-55b0-4974-be40-1f9a2b604d31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3028", "type": "seen", "source": "https://t.me/arpsyndicate/2299", "content": "#ExploitObserverAlert\n\nCVE-2023-3028\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-3028. Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit. Other models are possibly affected too. Multiple vulnerabilities were identified: - The MQTT backend does not require authentication, allowing unauthorized connections from an attacker. - The vehicles publish their telemetry data (e.g. GPS Location, speed, odometer, fuel, etc) as messages in public topics. The backend also sends commands to the vehicles as MQTT posts in public topics. As a result, an attacker can access the confidential data of the entire fleet that is managed by the backend. - The MQTT messages sent by the vehicles or the backend are not encrypted or authenticated. An attacker can create and post messages to impersonate a vehicle or the backend. The attacker could then, for example, send incorrect information to the backend about the vehicle's location. - The backend can inject data into a vehicle\u00b4s CAN bus by sending a specific MQTT message on a public topic. Because these messages are not authenticated or encrypted, an attacker could impersonate the backend, create a fake message and inject CAN data in any vehicle managed by the backend. The confirmed version is\u00a0201808021036, however further versions have been also identified as potentially impacted.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-01T05:43:24.000000Z"} 2024-01-01T05:43:24+00:00