{"vulnerability": "CVE-2023-2180", "sightings": [{"uuid": "47b76bbf-c134-48e8-803f-a95cba4baddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-21803", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=970", "content": "", "creation_timestamp": "2023-02-15T04:00:00.000000Z"}, {"uuid": "060a82d7-d742-42ed-9035-0b745d4435d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2180", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2180\n\ud83d\udd39 Description: The KIWIZ Invoices Certification &amp; PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server)\n\ud83d\udccf Published: 2023-05-15T12:15:35.070Z\n\ud83d\udccf Modified: 2025-01-24T20:44:08.757Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/4d3b90d8-8a6d-4b72-8bc7-21f861259a1b", "creation_timestamp": "2025-01-24T21:05:21.000000Z"}, {"uuid": "a58dd0b9-419d-443a-9f44-ba580f73720e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21808", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21808\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: .NET and Visual Studio Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-02-14T20:09:27.030Z\n\ud83d\udccf Modified: 2025-02-28T21:13:45.998Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808", "creation_timestamp": "2025-02-28T21:37:35.000000Z"}, {"uuid": "455b6b97-14cb-46d4-abe4-c649310f5ed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21801", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11536", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21801\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-02-14T19:33:06.778Z\n\ud83d\udccf Modified: 2025-04-12T03:55:21.711Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21801", "creation_timestamp": "2025-04-12T04:51:12.000000Z"}, {"uuid": "53ced1ab-3d14-4eb8-af25-4493d5fc25df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21800", "type": "published-proof-of-concept", "source": "Telegram/Ho3etU7nV-tmmbRdfdYMQ67MVKjbi2SAANDwH7DHwQo2BZw", "content": "", "creation_timestamp": "2023-03-23T21:36:39.000000Z"}, {"uuid": "db2484ef-1e80-4550-9f51-22522806e0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21809", "type": "seen", "source": "https://t.me/arpsyndicate/2353", "content": "#ExploitObserverAlert\n\nCVE-2023-21809\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21809. Microsoft Defender for Endpoint Security Feature Bypass Vulnerability\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-03T20:21:26.000000Z"}, {"uuid": "39f25a91-f48d-4b9c-b47d-66657d4fd999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21800", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/2119", "content": "CVE-2023-21800 : Windows Installer Elevation of Privilege\nBlog : https://blog.doyensec.com//2023/03/21/windows-installer.html\n\n@Professional_c_h\n@Card_crack_hack", "creation_timestamp": "2023-07-28T12:30:53.000000Z"}, {"uuid": "ea629151-ab09-4a93-84b1-52199a79b669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2180", "type": "seen", "source": "https://t.me/cibsecurity/64130", "content": "\u203c CVE-2023-2180 \u203c\n\nThe KIWIZ Invoices Certification &amp; PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T16:43:23.000000Z"}, {"uuid": "eefe7b59-77fe-415f-b7ef-0fe92c318546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21806", "type": "seen", "source": "https://t.me/cibsecurity/58167", "content": "\u203c CVE-2023-21806 \u203c\n\nPower BI Report Server Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:41:56.000000Z"}, {"uuid": "b17b1f00-b93f-4870-abf4-1cb697c0f5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21801", "type": "seen", "source": "https://t.me/cibsecurity/58164", "content": "\u203c CVE-2023-21801 \u203c\n\nMicrosoft PostScript Printer Driver Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:41:51.000000Z"}, {"uuid": "10b1e249-0b50-465d-a5fb-cd28a0305529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21804", "type": "seen", "source": "https://t.me/cibsecurity/58163", "content": "\u203c CVE-2023-21804 \u203c\n\nWindows Graphics Component Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:41:50.000000Z"}, {"uuid": "b71771c8-709b-48e4-b909-17ea70f69183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21807", "type": "seen", "source": "https://t.me/cibsecurity/58162", "content": "\u203c CVE-2023-21807 \u203c\n\nMicrosoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:41:49.000000Z"}, {"uuid": "ab48bd36-565e-45cb-9639-00d1c0007285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21805", "type": "seen", "source": "https://t.me/cibsecurity/58175", "content": "\u203c CVE-2023-21805 \u203c\n\nWindows MSHTML Platform Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:42:06.000000Z"}, {"uuid": "f9b94cf2-9d0e-4c9d-aa64-3dca91ce5499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21808", "type": "seen", "source": "https://t.me/cibsecurity/58191", "content": "\u203c CVE-2023-21808 \u203c\n\n.NET and Visual Studio Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T00:35:55.000000Z"}, {"uuid": "c22464b4-b4f7-4aa8-b11c-c4c41868ba46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21800", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7977", "content": "#exploit\n1. CVE-2023-28115:\nSnappy PHP Vulnerability: PHAR deserialization allowing RCE\nhttps://github.com/KnpLabs/snappy/security/advisories/GHSA-gq6w-q6wh-jggc\n\n2. CVE-2022-37337, CVE-2022-38452, CVE-2022-36429: \nNetgear Orbi Satellite router vulnerable to arbitrary command execution\nhttps://blog.talosintelligence.com/vulnerability-spotlight-netgear-orbi-router-vulnerable-to-arbitrary-command-execution\n\n3. CVE-2023-21800:\nWindows Installer EoP\nhttps://blog.doyensec.com//2023/03/21/windows-installer.html", "creation_timestamp": "2023-03-23T11:05:11.000000Z"}]}