{"vulnerability": "cve-2023-2682", "sightings": [{"uuid": "7f1bb646-a989-499e-9d0c-5dc780517164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26822", "type": "seen", "source": "Telegram/bAI5gKjH3a1sjoKq8ZkynlHkZaZ0XnlhUf643n5E735o-H8d", "content": "", "creation_timestamp": "2025-02-14T10:03:11.000000Z"}, {"uuid": "a8093829-4d69-446d-b5e3-1b96a7628a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26822", "type": "seen", "source": "https://t.me/cibsecurity/61307", "content": "\u203c CVE-2023-26822 \u203c\n\nD-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-02T02:23:18.000000Z"}, {"uuid": "2b9320f0-0103-469a-96e8-a03e9a9af98c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2682", "type": "seen", "source": "https://t.me/cibsecurity/64009", "content": "\u203c CVE-2023-2682 \u203c\n\nA vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component Mini_HTTPD. The manipulation of the argument address with the input ;id;uname${IFS}-a leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228911. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T16:26:50.000000Z"}, {"uuid": "32f4980b-dc54-44d1-98af-778198a6566c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26820", "type": "seen", "source": "https://t.me/cibsecurity/61634", "content": "\u203c CVE-2023-26820 \u203c\n\nsiteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T07:27:07.000000Z"}, {"uuid": "873d74e7-e1df-4eeb-b5d3-68b08f5fc3e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26829", "type": "seen", "source": "https://t.me/cibsecurity/61256", "content": "\u203c CVE-2023-26829 \u203c\n\nAn authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack before 13.5.9808 allows remote attackers to set a new password for any valid user account, without needing the previous known password, resulting in a full authentication bypass.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T20:22:25.000000Z"}, {"uuid": "7cb47ac7-2df1-445f-8ca8-4836c5ebbcdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26823", "type": "seen", "source": "https://t.me/cibsecurity/59627", "content": "\u203c CVE-2023-26823 \u203c\n\nAn arbitrary file upload vulnerability in the /admin/template.php component of shopEx EcShop v4.1.5 allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T00:23:42.000000Z"}]}