{"vulnerability": "cve-2023-28434", "sightings": [{"uuid": "2d67b252-4264-4580-b523-ce045a7ba9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-09-19T18:10:01.000000Z"}, {"uuid": "391b3872-b2fe-46f1-9608-d29ce2f2e418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971887", "content": "", "creation_timestamp": "2024-12-24T20:35:16.036816Z"}, {"uuid": "35eab2e2-6509-4a30-a0a2-98bf4d3ef009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lezuydfphi2n", "content": "", "creation_timestamp": "2025-01-06T00:30:35.010698Z"}, {"uuid": "be5c43b8-7c7c-4e03-8d0d-5c825a9206bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-28434", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0df09428-2a3f-49b5-9106-82db439c7146", "content": "", "creation_timestamp": "2026-02-02T12:26:50.226352Z"}, {"uuid": "c46eac71-7b9d-4312-adb2-6dea4c1d744d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:46.000000Z"}, {"uuid": "3d0b74b3-d2f2-444f-a0f7-cc854200bd5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4018", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-28434 nuclei templates\nURL\uff1ahttps://github.com/Mr-xn/CVE-2023-28432\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-23T15:55:52.000000Z"}, {"uuid": "b18be476-5f9a-4b82-997a-3d7aa5c3f47d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4016", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-28434 nuclei templates\nURL\uff1ahttps://github.com/Mr-xn/CVE-2023-28434\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-23T14:52:47.000000Z"}, {"uuid": "4b97b7b7-701a-4123-890e-10bf16502551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4052", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aEXP for CVE-2023-28434 MinIO unauthorized to RCE\nURL\uff1ahttps://github.com/AbelChe/evil_minio\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-27T09:01:16.000000Z"}, {"uuid": "99db11af-0505-46a6-ab78-28038d9b2d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "exploited", "source": "https://t.me/thehackernews/3824", "content": "An unknown attacker exploited vulnerabilities (CVE-2023-28432 and CVE-2023-28434) in MinIO storage system for unauthorized code execution. How did they backdoor it? \n \nDetails revealed by Security Joes: https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html", "creation_timestamp": "2023-09-04T16:15:50.000000Z"}, {"uuid": "d5887121-cb7d-4a7b-af6a-f8791cd52ecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 < Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}, {"uuid": "4064801a-de52-4482-b7dd-96ef2a4b5422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "https://t.me/cibsecurity/60516", "content": "\u203c CVE-2023-28434 \u203c\n\nMinio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T23:35:58.000000Z"}, {"uuid": "a47818ec-f452-4e4a-8059-46b5e9273a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "seen", "source": "https://t.me/Rootsec_2/962", "content": "#exploit\n1. CVE-2023-28434:\nMinIO unauthorized to RCE\nhttps://github.com/AbelChe/evil_minio\n\n2. CVE-2023-3959, CVE-2023-4249:\nMultiple critical vulnerabilities in Zavio IP cameras\nhttps://bugprove.com/knowledge-hub/cve-2023-3959-cve-2023-4249-multiple-critical-vulnerabilities-in-zavio-ip-cameras\n\n3. CVE-2023-4809:\nFreeBSD pf bypass when using IPv6\nhttps://www.enricobassetti.it/2023/09/cve-2023-4809-freebsd-pf-bypass-when-using-ipv6", "creation_timestamp": "2024-08-16T08:24:29.000000Z"}, {"uuid": "66d89f17-aa6a-4c98-b170-1cdaa2562d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1110", "content": "https://github.com/AbelChe/evil_minio\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nCVE\u51fa\u53e3-2023-28434 MinIO\u672a\u6388\u6743\u5230RCE\n#github #exploit", "creation_timestamp": "2023-10-09T18:28:04.000000Z"}, {"uuid": "7d837377-a6d2-4395-be6a-003ee75a1186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28434", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9015", "content": "#exploit\n1. CVE-2023-28434:\nMinIO unauthorized to RCE\nhttps://github.com/AbelChe/evil_minio\n\n2. CVE-2023-3959, CVE-2023-4249:\nMultiple critical vulnerabilities in Zavio IP cameras\nhttps://bugprove.com/knowledge-hub/cve-2023-3959-cve-2023-4249-multiple-critical-vulnerabilities-in-zavio-ip-cameras\n\n3. CVE-2023-4809:\nFreeBSD pf bypass when using IPv6\nhttps://www.enricobassetti.it/2023/09/cve-2023-4809-freebsd-pf-bypass-when-using-ipv6", "creation_timestamp": "2023-09-13T11:01:01.000000Z"}]}