https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 07:34:58 +0000 https://vulnerability.circl.lu/sighting/7783dd98-9cac-4f56-83e9-025e8b1beb5d/export {"uuid": "7783dd98-9cac-4f56-83e9-025e8b1beb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39420", "type": "seen", "source": "https://t.me/cibsecurity/70074", "content": "\u203c CVE-2023-39420 \u203c\n\nThe RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an \"admin\" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T16:19:01.000000Z"} {"uuid": "7783dd98-9cac-4f56-83e9-025e8b1beb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39420", "type": "seen", "source": "https://t.me/cibsecurity/70074", "content": "\u203c CVE-2023-39420 \u203c\n\nThe RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an \"admin\" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T16:19:01.000000Z"} https://vulnerability.circl.lu/sighting/7783dd98-9cac-4f56-83e9-025e8b1beb5d/export Thu, 07 Sep 2023 16:19:01 +0000 https://vulnerability.circl.lu/sighting/59264e12-b612-4b7f-91f6-8a5beedc997c/export {"uuid": "59264e12-b612-4b7f-91f6-8a5beedc997c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39420", "type": "seen", "source": "https://t.me/cibsecurity/70064", "content": "\u203c CVE-2023-39424 \u203c\n\nA vulnerability in\u00c2\u00a0RDPngFileUpload.dll, as used in the\u00c2\u00a0IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials.\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-09T16:37:50.000000Z"} {"uuid": "59264e12-b612-4b7f-91f6-8a5beedc997c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39420", "type": "seen", "source": "https://t.me/cibsecurity/70064", "content": "\u203c CVE-2023-39424 \u203c\n\nA vulnerability in\u00c2\u00a0RDPngFileUpload.dll, as used in the\u00c2\u00a0IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials.\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-09T16:37:50.000000Z"} https://vulnerability.circl.lu/sighting/59264e12-b612-4b7f-91f6-8a5beedc997c/export Sat, 09 Sep 2023 16:37:50 +0000