{"vulnerability": "cve-2023-3375", "sightings": [{"uuid": "441ac159-209e-4e59-823f-3a7065fb2592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33758", "type": "seen", "source": "https://t.me/arpsyndicate/2989", "content": "#ExploitObserverAlert\n\nCVE-2023-33758\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33758. Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the CLIENT_NAME and DEVICE_GUID fields in the login component.", "creation_timestamp": "2024-01-26T15:43:12.000000Z"}, {"uuid": "d9a50009-57da-4888-9a3b-bff95abf03b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3375", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ly7rpb3bgbr2", "content": "", "creation_timestamp": "2025-09-07T03:48:20.930514Z"}, {"uuid": "f881fba4-f9e8-40e7-b50e-d3c34f45e66e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33757", "type": "seen", "source": "https://t.me/arpsyndicate/3039", "content": "#ExploitObserverAlert\n\nCVE-2023-33757\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33757. A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.", "creation_timestamp": "2024-01-26T19:02:12.000000Z"}, {"uuid": "1ba1af2e-75a9-4fe3-93fe-3b7ece6de513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33759", "type": "seen", "source": "https://t.me/arpsyndicate/3013", "content": "#ExploitObserverAlert\n\nCVE-2023-33759\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-33759. SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack.", "creation_timestamp": "2024-01-26T17:30:42.000000Z"}, {"uuid": "e5e592de-940c-4c4f-b21b-5c0278232a66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33757", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33757\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.\n\ud83d\udccf Published: 2024-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T19:34:27.669Z\n\ud83d\udd17 References:\n1. https://github.com/twignet/splicecom", "creation_timestamp": "2025-06-20T19:43:31.000000Z"}, {"uuid": "c80219e6-e8bd-44f3-afb9-660176f36c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33758", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19046", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33758\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the CLIENT_NAME and DEVICE_GUID fields in the login component.\n\ud83d\udccf Published: 2024-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T19:35:13.162Z\n\ud83d\udd17 References:\n1. https://github.com/twignet/splicecom", "creation_timestamp": "2025-06-20T19:43:30.000000Z"}, {"uuid": "1e82e766-81f8-4bdb-804c-49c9038cd895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33758", "type": "seen", "source": "https://t.me/ctinow/177171", "content": "https://ift.tt/rp3WGo0\nCVE-2023-33758 Exploit", "creation_timestamp": "2024-01-31T23:16:59.000000Z"}, {"uuid": "8d4ac28a-fa08-4618-9d01-b1438bac272a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33759", "type": "seen", "source": "https://t.me/ctinow/187247", "content": "https://ift.tt/FmkJlG6\nCVE-2023-33759 | SpliceCom Maximiser Soft PBX up to 1.5 excessive authentication", "creation_timestamp": "2024-02-18T13:41:45.000000Z"}, {"uuid": "d1a20a39-a6fb-4299-8ac2-5158ea3af76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33758", "type": "seen", "source": "https://t.me/ctinow/187246", "content": "https://ift.tt/pk0ge8C\nCVE-2023-33758 | SpliceCom Maximiser Soft PBX up to 1.5 Login CLIENT_NAME/DEVICE_GUID cross site scripting", "creation_timestamp": "2024-02-18T13:41:44.000000Z"}, {"uuid": "0f8c74b1-5d9b-4ce6-859c-409f310255dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33757", "type": "seen", "source": "https://t.me/ctinow/187245", "content": "https://ift.tt/M7ofSUt\nCVE-2023-33757 | SpliceCom iPCS/iPCS2 certificate validation", "creation_timestamp": "2024-02-18T13:41:43.000000Z"}, {"uuid": "d4cdc00a-0428-4279-8931-1024ac810cda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33757", "type": "seen", "source": "https://t.me/ctinow/177170", "content": "https://ift.tt/t6IaiMo\nCVE-2023-33757 Exploit", "creation_timestamp": "2024-01-31T23:16:58.000000Z"}, {"uuid": "cbf0d6c5-2eea-48ad-81b9-235e60703cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33759", "type": "seen", "source": "https://t.me/ctinow/173338", "content": "https://ift.tt/WVKAivX\nCVE-2023-33759", "creation_timestamp": "2024-01-25T09:26:29.000000Z"}, {"uuid": "e4a01803-7f54-4b01-aa09-fb794210e9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33759", "type": "seen", "source": "https://t.me/ctinow/177261", "content": "https://ift.tt/GWDEOvr\nCVE-2023-33759 Exploit", "creation_timestamp": "2024-02-01T02:17:00.000000Z"}, {"uuid": "1220edad-abec-493e-8ada-a50191d38df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33757", "type": "seen", "source": "https://t.me/ctinow/173336", "content": "https://ift.tt/Im2NCER\nCVE-2023-33757", "creation_timestamp": "2024-01-25T09:26:27.000000Z"}, {"uuid": "3e1b0376-3e4c-44d2-bd9b-ae1f907c0150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3375", "type": "seen", "source": "https://t.me/cibsecurity/69869", "content": "\u203c CVE-2023-3375 \u203c\n\nUnrestricted Upload of File with Dangerous Type vulnerability in Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T20:17:17.000000Z"}, {"uuid": "44ddb8c2-440a-47c3-9d0d-d2cf8e83396d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33758", "type": "seen", "source": "https://t.me/ctinow/173337", "content": "https://ift.tt/nwEM1NX\nCVE-2023-33758", "creation_timestamp": "2024-01-25T09:26:28.000000Z"}, {"uuid": "91eccf2f-fbcd-4fc7-8028-6245c02e56d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33756", "type": "seen", "source": "https://t.me/cibsecurity/67996", "content": "\u203c CVE-2023-33756 \u203c\n\nAn issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows attackers to execute a directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T18:14:09.000000Z"}]}