{"vulnerability": "CVE-2023-27363", "sightings": [{"uuid": "510c7b1f-9618-4e74-bf36-a7243b40e411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4559", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u590d\u73b0\n\u63cf\u8ff0\uff1a\u798f\u6615Foxit PDF\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1eCVE-2023-27363\u5206\u6790\u4e0e\u590d\u73b0\nURL\uff1ahttps://github.com/webraybtl/CVE-2023-27363\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u590d\u73b0", "creation_timestamp": "2023-06-14T01:32:16.000000Z"}, {"uuid": "6050e5c7-a351-4616-b6d7-48be87baa5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:47.000000Z"}, {"uuid": "a6cdabf4-169b-44fd-8640-35f0a15d50fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4558", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u798f\u6615Foxit PDF\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1eCVE-2023-27363\u5206\u6790\u4e0e\u590d\u73b0\nURL\uff1ahttps://github.com/webraybtl/fuxinFoxit\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-14T01:24:13.000000Z"}, {"uuid": "d1758d21-6f32-4708-bc23-cf6cd5983138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5343", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u798f\u6615Foxit PDF\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e(CVE-2023-27363)\nURL\uff1ahttps://github.com/CN016/-Foxit-PDF-CVE-2023-27363-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T08:59:27.000000Z"}, {"uuid": "7292f42d-2fa7-4c50-ab4b-37ae814c67fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "seen", "source": "https://t.me/GhostPrincess/11698", "content": "Top 3 trending CVEs on Twitter\n\nPast 24 hrs:\nCVE-2023-27363: 247K (audience size)\nCVE-2023-32243: 188.3K\nCVE-2023-24932: 164K\n\nPast 7 days:\nCVE-2023-24932: 4.5M\nCVE-2023-29336: 3.2M\nCVE-2023-27350: 3M\n\nhttps://cvetrends.com", "creation_timestamp": "2023-05-16T03:30:50.000000Z"}, {"uuid": "216c13e0-1966-4011-9e86-ef48f52980da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "Telegram/-b-qMPUhNEk8olHqBHs_gQiuQJEaHOrfj_GBdvva9qKtPF4", "content": "", "creation_timestamp": "2024-04-24T02:47:37.000000Z"}, {"uuid": "e4e29159-03c8-45ca-8e63-b71a06227ea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2996", "content": "Foxit pdf reader exportxfadata exposed dangerous method remote code execution vulnerability (cve-2023-27363).\n\nhttps://github.com/j00sean/SecBugs/tree/main/CVEs%2FCVE-2023-27363\n\n#cve #cybersecurity #exploit", "creation_timestamp": "2023-05-16T08:21:03.000000Z"}, {"uuid": "ac942c68-3199-4599-b4cc-e7fbeb777a1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2983", "content": "Tools - Hackers Factory \n\nSubDomainizer\n\nA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.\n\nhttps://github.com/nsonaniya2010/SubDomainizer\n\n#cybersecurity #infosec #pentesting\n\nDSC_SVC_REMOTE\n\nThis code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.\n\nhttps://github.com/VirtualAlllocEx/DSC_SVC_REMOTE\n\n#malware #cybersecurity #infosec\n\nKovid Rootkit\n\nA full-feature LKM intended for use against Linux kernel v5+.\n\nhttps://github.com/carloslack/KoviD\n\n#infosec #pentesting #redteam\n\nNimbo-C2\n\nNimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage of .NET on Windows (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much easier and robust using Powershell, hence this combination is made. The Linux agent is slimer and capable only of basic commands, including ELF loading using the memfd technique.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n#infosec #pentesting #redteam\n\nCVE-2023-27363\n\nFoxit pdf reader exportxfadata exposed dangerous method remote code execution vulnerability (cve-2023-27363).\n\nhttps://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2023-27363\n\n#cve #cybersecurity #exploit\n\nwpfinger\n\nWordPress scanning tool.\n\n\u2022 Core version detection\n\u2022 Plugin scanning through fingerprinting\n\u2022 Vulnerability output, using database from Wordfence\n\nhttps://github.com/LeakIX/wpfinger\n\n#pentesting #redteam #bugbounty\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-05-13T11:34:03.000000Z"}, {"uuid": "90a6e872-d968-409d-a1c8-c9919a9e9e77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8307", "content": "#exploit\n1. CVE-2023-27363:\nFoxit PDF Reader exportXFAData Exposed Dangerous Method RCE Vulnerability\nhttps://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2023-27363\n\n2. CVE-2023-29087:\nShannon Baseband SIP Retry-After Header Heap Buffer Overflow\nhttps://packetstormsecurity.com/files/172295\n\n3. CVE-2023-2156:\nLinux IPv6 \"Route of Death\" 0day\nhttps://www.interruptlabs.co.uk/articles/linux-ipv6-route-of-death", "creation_timestamp": "2023-05-16T13:31:40.000000Z"}, {"uuid": "54011f28-0fed-4ebb-9c8a-1dfdbf55553a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/788", "content": "CVE-2023-27363 : Foxit PDF Reader / Editor <= 12.1.1.15289 - 'exportXFAData Exposed Dangerous Method' - Remote Code Execution \nPOC : https://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2023-27363\nXFA / PW : https://github.com/siberas/arpwn\nDetails : https://www.zerodayinitiative.com/advisories/ZDI-23-491/", "creation_timestamp": "2023-08-04T14:30:58.000000Z"}, {"uuid": "13fdabdc-329b-4bf8-910b-8886d3d34133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27363", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/566", "content": "https://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2023-27363", "creation_timestamp": "2023-05-16T03:43:57.000000Z"}]}