{"vulnerability": "CVE-2023-2188", "sightings": [{"uuid": "c816f8b3-66b8-4acb-8b79-d8bacc917898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21887", "type": "seen", "source": "MISP/591f3235-7ebf-44cf-a316-d90d36580532", "content": "", "creation_timestamp": "2024-12-19T13:09:26.000000Z"}, {"uuid": "cffa02d4-dbc2-45e5-ad19-a4e9a47594b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21882", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5993", "content": "| PRION:CVE-2023-22110 3.3 https://vulners.com/prion/PRION:CVE-2023-22110 | PRION:CVE-2023-22104 3.3 https://vulners.com/prion/PRION:CVE-2023-22104 | PRION:CVE-2023-22103 3.3 https://vulners.com/prion/PRION:CVE-2023-22103 | PRION:CVE-2023-22097 3.3 https://vulners.com/prion/PRION:CVE-2023-22097 | PRION:CVE-2023-22092 3.3 https://vulners.com/prion/PRION:CVE-2023-22092 | PRION:CVE-2023-22084 3.3 https://vulners.com/prion/PRION:CVE-2023-22084 | PRION:CVE-2023-22078 3.3 https://vulners.com/prion/PRION:CVE-2023-22078 | PRION:CVE-2023-22070 3.3 https://vulners.com/prion/PRION:CVE-2023-22070 | PRION:CVE-2023-22068 3.3 https://vulners.com/prion/PRION:CVE-2023-22068 | PRION:CVE-2023-22066 3.3 https://vulners.com/prion/PRION:CVE-2023-22066 | PRION:CVE-2023-22065 3.3 https://vulners.com/prion/PRION:CVE-2023-22065 | PRION:CVE-2023-22064 3.3 https://vulners.com/prion/PRION:CVE-2023-22064 | PRION:CVE-2023-22057 3.3 https://vulners.com/prion/PRION:CVE-2023-22057 | PRION:CVE-2023-22056 3.3 https://vulners.com/prion/PRION:CVE-2023-22056 | PRION:CVE-2023-22054 3.3 https://vulners.com/prion/PRION:CVE-2023-22054 | PRION:CVE-2023-22032 3.3 https://vulners.com/prion/PRION:CVE-2023-22032\n| PRION:CVE-2023-22028 3.3 https://vulners.com/prion/PRION:CVE-2023-22028 | PRION:CVE-2023-22026 3.3 https://vulners.com/prion/PRION:CVE-2023-22026\n| PRION:CVE-2023-22015 3.3 https://vulners.com/prion/PRION:CVE-2023-22015\n| PRION:CVE-2023-22007 3.3 https://vulners.com/prion/PRION:CVE-2023-22007 | PRION:CVE-2023-21982 3.3 https://vulners.com/prion/PRION:CVE-2023-21982 | PRION:CVE-2023-21976 3.3 https://vulners.com/prion/PRION:CVE-2023-21976\n| PRION:CVE-2023-21972 3.3 https://vulners.com/prion/PRION:CVE-2023-21972\n| PRION:CVE-2023-21950 3.3 https://vulners.com/prion/PRION:CVE-2023-21950\n| PRION:CVE-2023-21887 3.3 https://vulners.com/prion/PRION:CVE-2023-21887\n| PRION:CVE-2023-21883 3.3 https://vulners.com/prion/PRION:CVE-2023-21883\n| PRION:CVE-2023-21882 3.3 https://vulners.com/prion/PRION:CVE-2023-21882 | PRION:CVE-2023-21881 3.3 https://vulners.com/prion/PRION:CVE-2023-21881\n| PRION:CVE-2023-21879 3.3 https://vulners.com/prion/PRION:CVE-2023-21879\n| PRION:CVE-2023-21878 3.3 https://vulners.com/prion/PRION:CVE-2023-21878 | PRION:CVE-2023-21876 3.3 https://vulners.com/prion/PRION:CVE-2023-21876 | PRION:CVE-2022-39400 3.3 https://vulners.com/prion/PRION:CVE-2022-39400\n| PRION:CVE-2022-21641 3.3 https://vulners.com/prion/PRION:CVE-2022-21641\n| PRION:CVE-2022-21640 3.3 https://vulners.com/prion/PRION:CVE-2022-21640\n| PRION:CVE-2022-21638 3.3 https://vulners.com/prion/PRION:CVE-2022-21638\n| PRION:CVE-2022-21637 3.3 https://vulners.com/prion/PRION:CVE-2022-21637 | PRION:CVE-2022-21633 3.3 https://vulners.com/prion/PRION:CVE-2022-21633\n| PRION:CVE-2022-21632 3.3 https://vulners.com/prion/PRION:CVE-2022-21632\n| PRION:CVE-2022-21617 3.3 https://vulners.com/prion/PRION:CVE-2022-21617 | PRION:CVE-2022-21608 3.3 https://vulners.com/prion/PRION:CVE-2022-21608 | PRION:CVE-2022-21607 3.3 https://vulners.com/prion/PRION:CVE-2022-21607", "creation_timestamp": "2023-11-15T17:01:59.000000Z"}, {"uuid": "04d42ae4-873b-421d-9af9-2176e93066df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21881", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5993", "content": "| PRION:CVE-2023-22110 3.3 https://vulners.com/prion/PRION:CVE-2023-22110 | PRION:CVE-2023-22104 3.3 https://vulners.com/prion/PRION:CVE-2023-22104 | PRION:CVE-2023-22103 3.3 https://vulners.com/prion/PRION:CVE-2023-22103 | PRION:CVE-2023-22097 3.3 https://vulners.com/prion/PRION:CVE-2023-22097 | PRION:CVE-2023-22092 3.3 https://vulners.com/prion/PRION:CVE-2023-22092 | PRION:CVE-2023-22084 3.3 https://vulners.com/prion/PRION:CVE-2023-22084 | PRION:CVE-2023-22078 3.3 https://vulners.com/prion/PRION:CVE-2023-22078 | PRION:CVE-2023-22070 3.3 https://vulners.com/prion/PRION:CVE-2023-22070 | PRION:CVE-2023-22068 3.3 https://vulners.com/prion/PRION:CVE-2023-22068 | PRION:CVE-2023-22066 3.3 https://vulners.com/prion/PRION:CVE-2023-22066 | PRION:CVE-2023-22065 3.3 https://vulners.com/prion/PRION:CVE-2023-22065 | PRION:CVE-2023-22064 3.3 https://vulners.com/prion/PRION:CVE-2023-22064 | PRION:CVE-2023-22057 3.3 https://vulners.com/prion/PRION:CVE-2023-22057 | PRION:CVE-2023-22056 3.3 https://vulners.com/prion/PRION:CVE-2023-22056 | PRION:CVE-2023-22054 3.3 https://vulners.com/prion/PRION:CVE-2023-22054 | PRION:CVE-2023-22032 3.3 https://vulners.com/prion/PRION:CVE-2023-22032\n| PRION:CVE-2023-22028 3.3 https://vulners.com/prion/PRION:CVE-2023-22028 | PRION:CVE-2023-22026 3.3 https://vulners.com/prion/PRION:CVE-2023-22026\n| PRION:CVE-2023-22015 3.3 https://vulners.com/prion/PRION:CVE-2023-22015\n| PRION:CVE-2023-22007 3.3 https://vulners.com/prion/PRION:CVE-2023-22007 | PRION:CVE-2023-21982 3.3 https://vulners.com/prion/PRION:CVE-2023-21982 | PRION:CVE-2023-21976 3.3 https://vulners.com/prion/PRION:CVE-2023-21976\n| PRION:CVE-2023-21972 3.3 https://vulners.com/prion/PRION:CVE-2023-21972\n| PRION:CVE-2023-21950 3.3 https://vulners.com/prion/PRION:CVE-2023-21950\n| PRION:CVE-2023-21887 3.3 https://vulners.com/prion/PRION:CVE-2023-21887\n| PRION:CVE-2023-21883 3.3 https://vulners.com/prion/PRION:CVE-2023-21883\n| PRION:CVE-2023-21882 3.3 https://vulners.com/prion/PRION:CVE-2023-21882 | PRION:CVE-2023-21881 3.3 https://vulners.com/prion/PRION:CVE-2023-21881\n| PRION:CVE-2023-21879 3.3 https://vulners.com/prion/PRION:CVE-2023-21879\n| PRION:CVE-2023-21878 3.3 https://vulners.com/prion/PRION:CVE-2023-21878 | PRION:CVE-2023-21876 3.3 https://vulners.com/prion/PRION:CVE-2023-21876 | PRION:CVE-2022-39400 3.3 https://vulners.com/prion/PRION:CVE-2022-39400\n| PRION:CVE-2022-21641 3.3 https://vulners.com/prion/PRION:CVE-2022-21641\n| PRION:CVE-2022-21640 3.3 https://vulners.com/prion/PRION:CVE-2022-21640\n| PRION:CVE-2022-21638 3.3 https://vulners.com/prion/PRION:CVE-2022-21638\n| PRION:CVE-2022-21637 3.3 https://vulners.com/prion/PRION:CVE-2022-21637 | PRION:CVE-2022-21633 3.3 https://vulners.com/prion/PRION:CVE-2022-21633\n| PRION:CVE-2022-21632 3.3 https://vulners.com/prion/PRION:CVE-2022-21632\n| PRION:CVE-2022-21617 3.3 https://vulners.com/prion/PRION:CVE-2022-21617 | PRION:CVE-2022-21608 3.3 https://vulners.com/prion/PRION:CVE-2022-21608 | PRION:CVE-2022-21607 3.3 https://vulners.com/prion/PRION:CVE-2022-21607", "creation_timestamp": "2023-11-15T17:01:59.000000Z"}, {"uuid": "18ef5f37-b470-430f-86c4-4dd31d73af3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21887", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5993", "content": "| PRION:CVE-2023-22110 3.3 https://vulners.com/prion/PRION:CVE-2023-22110 | PRION:CVE-2023-22104 3.3 https://vulners.com/prion/PRION:CVE-2023-22104 | PRION:CVE-2023-22103 3.3 https://vulners.com/prion/PRION:CVE-2023-22103 | PRION:CVE-2023-22097 3.3 https://vulners.com/prion/PRION:CVE-2023-22097 | PRION:CVE-2023-22092 3.3 https://vulners.com/prion/PRION:CVE-2023-22092 | PRION:CVE-2023-22084 3.3 https://vulners.com/prion/PRION:CVE-2023-22084 | PRION:CVE-2023-22078 3.3 https://vulners.com/prion/PRION:CVE-2023-22078 | PRION:CVE-2023-22070 3.3 https://vulners.com/prion/PRION:CVE-2023-22070 | PRION:CVE-2023-22068 3.3 https://vulners.com/prion/PRION:CVE-2023-22068 | PRION:CVE-2023-22066 3.3 https://vulners.com/prion/PRION:CVE-2023-22066 | PRION:CVE-2023-22065 3.3 https://vulners.com/prion/PRION:CVE-2023-22065 | PRION:CVE-2023-22064 3.3 https://vulners.com/prion/PRION:CVE-2023-22064 | PRION:CVE-2023-22057 3.3 https://vulners.com/prion/PRION:CVE-2023-22057 | PRION:CVE-2023-22056 3.3 https://vulners.com/prion/PRION:CVE-2023-22056 | PRION:CVE-2023-22054 3.3 https://vulners.com/prion/PRION:CVE-2023-22054 | PRION:CVE-2023-22032 3.3 https://vulners.com/prion/PRION:CVE-2023-22032\n| PRION:CVE-2023-22028 3.3 https://vulners.com/prion/PRION:CVE-2023-22028 | PRION:CVE-2023-22026 3.3 https://vulners.com/prion/PRION:CVE-2023-22026\n| PRION:CVE-2023-22015 3.3 https://vulners.com/prion/PRION:CVE-2023-22015\n| PRION:CVE-2023-22007 3.3 https://vulners.com/prion/PRION:CVE-2023-22007 | PRION:CVE-2023-21982 3.3 https://vulners.com/prion/PRION:CVE-2023-21982 | PRION:CVE-2023-21976 3.3 https://vulners.com/prion/PRION:CVE-2023-21976\n| PRION:CVE-2023-21972 3.3 https://vulners.com/prion/PRION:CVE-2023-21972\n| PRION:CVE-2023-21950 3.3 https://vulners.com/prion/PRION:CVE-2023-21950\n| PRION:CVE-2023-21887 3.3 https://vulners.com/prion/PRION:CVE-2023-21887\n| PRION:CVE-2023-21883 3.3 https://vulners.com/prion/PRION:CVE-2023-21883\n| PRION:CVE-2023-21882 3.3 https://vulners.com/prion/PRION:CVE-2023-21882 | PRION:CVE-2023-21881 3.3 https://vulners.com/prion/PRION:CVE-2023-21881\n| PRION:CVE-2023-21879 3.3 https://vulners.com/prion/PRION:CVE-2023-21879\n| PRION:CVE-2023-21878 3.3 https://vulners.com/prion/PRION:CVE-2023-21878 | PRION:CVE-2023-21876 3.3 https://vulners.com/prion/PRION:CVE-2023-21876 | PRION:CVE-2022-39400 3.3 https://vulners.com/prion/PRION:CVE-2022-39400\n| PRION:CVE-2022-21641 3.3 https://vulners.com/prion/PRION:CVE-2022-21641\n| PRION:CVE-2022-21640 3.3 https://vulners.com/prion/PRION:CVE-2022-21640\n| PRION:CVE-2022-21638 3.3 https://vulners.com/prion/PRION:CVE-2022-21638\n| PRION:CVE-2022-21637 3.3 https://vulners.com/prion/PRION:CVE-2022-21637 | PRION:CVE-2022-21633 3.3 https://vulners.com/prion/PRION:CVE-2022-21633\n| PRION:CVE-2022-21632 3.3 https://vulners.com/prion/PRION:CVE-2022-21632\n| PRION:CVE-2022-21617 3.3 https://vulners.com/prion/PRION:CVE-2022-21617 | PRION:CVE-2022-21608 3.3 https://vulners.com/prion/PRION:CVE-2022-21608 | PRION:CVE-2022-21607 3.3 https://vulners.com/prion/PRION:CVE-2022-21607", "creation_timestamp": "2023-11-15T17:01:59.000000Z"}, {"uuid": "9c3f7ed5-b854-4fd7-a34b-bcbd407281a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21883", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5993", "content": "| PRION:CVE-2023-22110 3.3 https://vulners.com/prion/PRION:CVE-2023-22110 | PRION:CVE-2023-22104 3.3 https://vulners.com/prion/PRION:CVE-2023-22104 | PRION:CVE-2023-22103 3.3 https://vulners.com/prion/PRION:CVE-2023-22103 | PRION:CVE-2023-22097 3.3 https://vulners.com/prion/PRION:CVE-2023-22097 | PRION:CVE-2023-22092 3.3 https://vulners.com/prion/PRION:CVE-2023-22092 | PRION:CVE-2023-22084 3.3 https://vulners.com/prion/PRION:CVE-2023-22084 | PRION:CVE-2023-22078 3.3 https://vulners.com/prion/PRION:CVE-2023-22078 | PRION:CVE-2023-22070 3.3 https://vulners.com/prion/PRION:CVE-2023-22070 | PRION:CVE-2023-22068 3.3 https://vulners.com/prion/PRION:CVE-2023-22068 | PRION:CVE-2023-22066 3.3 https://vulners.com/prion/PRION:CVE-2023-22066 | PRION:CVE-2023-22065 3.3 https://vulners.com/prion/PRION:CVE-2023-22065 | PRION:CVE-2023-22064 3.3 https://vulners.com/prion/PRION:CVE-2023-22064 | PRION:CVE-2023-22057 3.3 https://vulners.com/prion/PRION:CVE-2023-22057 | PRION:CVE-2023-22056 3.3 https://vulners.com/prion/PRION:CVE-2023-22056 | PRION:CVE-2023-22054 3.3 https://vulners.com/prion/PRION:CVE-2023-22054 | PRION:CVE-2023-22032 3.3 https://vulners.com/prion/PRION:CVE-2023-22032\n| PRION:CVE-2023-22028 3.3 https://vulners.com/prion/PRION:CVE-2023-22028 | PRION:CVE-2023-22026 3.3 https://vulners.com/prion/PRION:CVE-2023-22026\n| PRION:CVE-2023-22015 3.3 https://vulners.com/prion/PRION:CVE-2023-22015\n| PRION:CVE-2023-22007 3.3 https://vulners.com/prion/PRION:CVE-2023-22007 | PRION:CVE-2023-21982 3.3 https://vulners.com/prion/PRION:CVE-2023-21982 | PRION:CVE-2023-21976 3.3 https://vulners.com/prion/PRION:CVE-2023-21976\n| PRION:CVE-2023-21972 3.3 https://vulners.com/prion/PRION:CVE-2023-21972\n| PRION:CVE-2023-21950 3.3 https://vulners.com/prion/PRION:CVE-2023-21950\n| PRION:CVE-2023-21887 3.3 https://vulners.com/prion/PRION:CVE-2023-21887\n| PRION:CVE-2023-21883 3.3 https://vulners.com/prion/PRION:CVE-2023-21883\n| PRION:CVE-2023-21882 3.3 https://vulners.com/prion/PRION:CVE-2023-21882 | PRION:CVE-2023-21881 3.3 https://vulners.com/prion/PRION:CVE-2023-21881\n| PRION:CVE-2023-21879 3.3 https://vulners.com/prion/PRION:CVE-2023-21879\n| PRION:CVE-2023-21878 3.3 https://vulners.com/prion/PRION:CVE-2023-21878 | PRION:CVE-2023-21876 3.3 https://vulners.com/prion/PRION:CVE-2023-21876 | PRION:CVE-2022-39400 3.3 https://vulners.com/prion/PRION:CVE-2022-39400\n| PRION:CVE-2022-21641 3.3 https://vulners.com/prion/PRION:CVE-2022-21641\n| PRION:CVE-2022-21640 3.3 https://vulners.com/prion/PRION:CVE-2022-21640\n| PRION:CVE-2022-21638 3.3 https://vulners.com/prion/PRION:CVE-2022-21638\n| PRION:CVE-2022-21637 3.3 https://vulners.com/prion/PRION:CVE-2022-21637 | PRION:CVE-2022-21633 3.3 https://vulners.com/prion/PRION:CVE-2022-21633\n| PRION:CVE-2022-21632 3.3 https://vulners.com/prion/PRION:CVE-2022-21632\n| PRION:CVE-2022-21617 3.3 https://vulners.com/prion/PRION:CVE-2022-21617 | PRION:CVE-2022-21608 3.3 https://vulners.com/prion/PRION:CVE-2022-21608 | PRION:CVE-2022-21607 3.3 https://vulners.com/prion/PRION:CVE-2022-21607", "creation_timestamp": "2023-11-15T17:01:59.000000Z"}, {"uuid": "b3f9a2cc-640c-4996-b731-c5c31827e583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2188", "type": "seen", "source": "https://t.me/cibsecurity/69531", "content": "\u203c CVE-2023-2188 \u203c\n\nThe Colibri Page Builder for WordPress is vulnerable to SQL Injection via the \u00e2\u20ac\u02dcpost_id\u00e2\u20ac\u2122 parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T12:13:09.000000Z"}, {"uuid": "292275c1-35c4-46f7-b42e-8a01b6cb7e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21889", "type": "seen", "source": "https://t.me/cibsecurity/56648", "content": "\u203c CVE-2023-21889 \u203c\n\nVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:29:36.000000Z"}, {"uuid": "ead413e2-25ae-4d17-9c6a-3f0293f43953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21887", "type": "seen", "source": "https://t.me/cibsecurity/56642", "content": "\u203c CVE-2023-21887 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:26:32.000000Z"}, {"uuid": "cb5fb02e-7b0b-4f45-ae30-f38d55e164a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21885", "type": "seen", "source": "https://t.me/cibsecurity/56651", "content": "\u203c CVE-2023-21885 \u203c\n\nVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: Applies to Windows only. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:29:39.000000Z"}, {"uuid": "12120dbd-0f7c-4b5f-a2ae-3aca33dc453b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21887", "type": "exploited", "source": "https://t.me/theninjaway1337/1421", "content": "MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIES\n\nOn January 10, 2024, Ivanti\u00a0published\u00a0a security advisory regarding two vulnerabilities in Ivanti Connect Secure VPN. These vulnerabilities, which were exploited in the wild, are identified as CVE-2023-46805 and CVE-2023-21887. The exploitation of these vulnerabilities was quickly adopted by a number of threat actors, resulting in a broad\u00a0range\u00a0of malicious activities.\nCheck Point Research has been tracking these exploitations and identified several activity clusters targeting vulnerable Connect Secure VPN appliances. As in many other mass-exploitation of 1-day vulnerabilities cases, differentiating and identifying the different actors is quite challenging. With this in mind, we decided to investigate the inner workings of one distinct cluster that caught our attention, by a threat actor we called Magnet Goblin.\n\nhttps://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/", "creation_timestamp": "2024-03-12T11:57:05.000000Z"}]}