{"vulnerability": "cve-2023-35844", "sightings": [{"uuid": "f325f483-14c1-4372-8806-e2a9cf5f15bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4628", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLightdash\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\uff08CVE-2023-35844\uff09\nURL\uff1ahttps://github.com/Szlein/CVE-2023-35844\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-26T10:27:38.000000Z"}, {"uuid": "dbf2ebde-de34-4ea4-9c69-bc468eb39547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-04)", "content": "", "creation_timestamp": "2025-04-04T00:00:00.000000Z"}, {"uuid": "d6dcbf9a-f537-4b93-91b5-81a39166ae31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-27)", "content": "", "creation_timestamp": "2025-07-27T00:00:00.000000Z"}, {"uuid": "3da7f70e-9296-4ff5-87aa-68ccd752dca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "Telegram/vwBkYa2FKnjj0pgQ43RNXfK94lQaYrM07VlvqBtAIjPacQ", "content": "", "creation_timestamp": "2023-06-28T18:06:46.000000Z"}, {"uuid": "ddd13229-49d0-446f-aa99-efb165c00be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "Telegram/6PZKKGQl03Vi6ZEkQInhbXHc7Cdk1szybYRTzghfbAVd-Q", "content": "", "creation_timestamp": "2023-07-02T10:21:51.000000Z"}, {"uuid": "d5472ef3-27d6-4bf4-8a6c-0aa6aa3ec228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "seen", "source": "https://t.me/proxy_bar/1596", "content": "CVE-2023-35844\ndirectory traversal\n\nexpl", "creation_timestamp": "2023-06-27T14:13:45.000000Z"}, {"uuid": "2fcc63cb-a603-485b-a7b6-cc0ca0589bcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3096", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory \n\n\u200b\u200bSophia Script for Windows\n\nThe largest PowerShell module on GitHub for Windows 10 & Windows 11 for fine-tuning and automating the routine tasks. It offers more than 150 unique tweaks, and shows how Windows can be configured without making any harm to it.\n\nhttps://github.com/farag2/Sophia-Script-for-Windows\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bCVE-2023-35844\n\nLightdash directory traversal.\n\nhttps://github.com/Szlein/CVE-2023-35844\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27372 \n\nSPIP < 4.2.1 - Remote Code Execution Vulnerability Scanner \ud83d\udee1\ud83d\udcbb\n\nhttps://github.com/Chocapikk/CVE-2023-27372\n\n#cve #cybersecurity #infosec\n\nUTBotCpp\n\nTool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage.\n\nhttps://github.com/UnitTestBot/UTBotCpp\n\n#cybersecurity #infosec\n\n\u200b\u200bthreat-composer\n\nA threat modeling tool to help humans to reduce time-to-value when threat modeling.\n\nhttps://github.com/awslabs/threat-composer\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-33140\n\nMicrosoft OneNote is vulnerable to spoofing attacks. The malicious user can trick the victim into clicking on a very maliciously crafted URL or download some other malicious file and execute it. When this happens the game will be over for the victim and his computer will be compromised. Exploiting the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft OneNote and then click on a specially crafted URL to be compromised by the attacker.\n\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-33140\n\n#cve #exploit #RCE\n\n\u200b\u200b\u267b\ufe0f CrackMapExec (a.k.a CME) \n\nA post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of \"Living off the Land\": abusing built-in Active Directory features/protocols to achieve it's functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.\n\nhttps://github.com/mpgn/CrackMapExec\n\nWiki:\nhttps://wiki.porchetta.industries/\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSecret Fragment exploit v2\n\nThis exploit is a V2 that provides clearer output, new code execution methods, and fixes a few bugs.\n\nDetails:\nhttps://www.ambionics.io/blog/symfony-secret-fragment\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCoffee\n\nA custom implementation of the original Cobalt Strike's beacon_inline_execute. It is written in Rust and supports most of the features of the #CobaltStrike compatibility layer. Coffee is structured so it can be used as a library in other projects too.\n\nhttps://github.com/hakaioffsec/coffee\n\n#infosec #pentesting #redteam\n\n\u200b\u200b\ud83d\udc0d Pyscan\n\nPython dependency vulnerability scanner, written in Rust.\n\nhttps://github.com/aswinnnn/pyscan\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-28T15:16:50.000000Z"}, {"uuid": "ea12b54b-e7c0-491f-9885-b7f193191703", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/871", "content": "", "creation_timestamp": "2023-07-13T05:10:46.000000Z"}, {"uuid": "2f4adad6-f2ff-4df8-a901-253e93a971d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8570", "content": "#exploit\n1. CVE-2023-35844:\nLightdash routers path traversal\nhttps://github.com/Szlein/CVE-2023-35844\n\n2. CVE-2023-34840:\nXSS in angular-ui-notification\nhttps://github.com/Xh4H/CVE-2023-34840\n\n3. Office Suite Premium 10.9.1 - Cross Site Scripting\nhttps://packetstormsecurity.com/files/173143", "creation_timestamp": "2023-06-28T18:46:56.000000Z"}, {"uuid": "158c7bc2-3d15-48df-a6f1-ae75133dfa28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3787", "content": "\ud83d\udcdfDataLeak:\n\n\ud83d\udcccAsia Vital Components Leak : https://www.system32.ink/2023/06/asia-vital-components-leak.html\n\n\ud83d\udcccposkok_info Data Leak : https://www.system32.ink/2023/06/poskokinfo-data-leak.html\n\n\ud83d\udcccGeotecsacr Digital Marketing Agency Leak : https://www.system32.ink/2023/06/geotecsacr-digital-marketing-agency-leak.html\n\n\ud83d\udcccDarkForum Leak : https://www.system32.ink/2023/06/darkforums-data-leak.html\n\n\ud83d\udcccRussian Champion Tennis Club in Tomsk Leak : https://www.system32.ink/2023/06/russian-champion-tennis-club-in-tomsk.html\n\n\ud83e\uddeeExploits:\n\n\ud83d\udcccLightdash Exploit (CVE-2023-35844) : https://www.system32.ink/2023/06/lightdash-exploit-cve-2023-35844.html\n\n\ud83d\udcccCVE-2023-33140 OneNote Exploit : https://www.system32.ink/2023/06/cve-2023-33140-onenote-exploit.html\n\n\ud83d\udcccCVE-2023-34840 XSS POC OF angular-ui-notification : https://www.system32.ink/2023/06/cve-2023-34840-xss-poc-of-angular-ui.html\n\n\u2699\ufe0fTools:\n\n\ud83d\udcccCrackMapExec : https://www.system32.ink/2023/06/crackmapexec.html\n\n\ud83d\udcccSAFIREFUZZ - Same-Architecture Firmware Rehosting and Fuzzing : https://www.system32.ink/2023/06/safirefuzz-same-architecture-firmware.html\n\n\ud83d\udcccPwnDoc-ng - Pentest Report Generator : https://www.system32.ink/2023/06/pwndoc-ng-pentest-report-generator.html\n\n\ud83d\udcccVulnX - An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms : https://www.system32.ink/2023/06/vulnx-intelligent-bot-auto-shell.html\n\n\ud83d\udcccNetwork Signal Guru APK : https://www.system32.ink/2023/06/network-signal-guru-apk.html\n\n\ud83d\udcccGoogle CTF : https://www.system32.ink/2023/06/google-ctf.html\n\n\ud83e\udda0Rootkit ANd RAT:\n\n\ud83d\udccc888 RAT New Version 2023 ( 1.2.6 Full Setup ) For Lifetime : https://www.system32.ink/2023/06/888-rat-new-version-2023-126-full-setup.html\n\n\ud83d\udcccreveng_rtkit Rootkit : https://www.system32.ink/2023/06/revengrtkit-rootkit.html", "creation_timestamp": "2023-07-02T12:30:36.000000Z"}, {"uuid": "3bc78c0e-a1ee-4e79-bc1e-cf6377c00f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3767", "content": "\ud83d\udcdfDataLeak:\n\n\ud83d\udcccAsia Vital Components Leak : https://www.system32.ink/2023/06/asia-vital-components-leak.html\n\n\ud83d\udcccposkok_info Data Leak : https://www.system32.ink/2023/06/poskokinfo-data-leak.html\n\n\ud83d\udcccGeotecsacr Digital Marketing Agency Leak : https://www.system32.ink/2023/06/geotecsacr-digital-marketing-agency-leak.html\n\n\ud83d\udcccDarkForum Leak : https://www.system32.ink/2023/06/darkforums-data-leak.html\n\n\ud83d\udcccRussian Champion Tennis Club in Tomsk Leak : https://www.system32.ink/2023/06/russian-champion-tennis-club-in-tomsk.html\n\n\ud83e\uddeeExploits:\n\n\ud83d\udcccLightdash Exploit (CVE-2023-35844) : https://www.system32.ink/2023/06/lightdash-exploit-cve-2023-35844.html\n\n\ud83d\udcccCVE-2023-33140 OneNote Exploit : https://www.system32.ink/2023/06/cve-2023-33140-onenote-exploit.html\n\n\ud83d\udcccCVE-2023-34840 XSS POC OF angular-ui-notification : https://www.system32.ink/2023/06/cve-2023-34840-xss-poc-of-angular-ui.html\n\n\u2699\ufe0fTools:\n\n\ud83d\udcccCrackMapExec : https://www.system32.ink/2023/06/crackmapexec.html\n\n\ud83d\udcccSAFIREFUZZ - Same-Architecture Firmware Rehosting and Fuzzing : https://www.system32.ink/2023/06/safirefuzz-same-architecture-firmware.html\n\n\ud83d\udcccPwnDoc-ng - Pentest Report Generator : https://www.system32.ink/2023/06/pwndoc-ng-pentest-report-generator.html\n\n\ud83d\udcccVulnX - An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms : https://www.system32.ink/2023/06/vulnx-intelligent-bot-auto-shell.html\n\n\ud83d\udcccNetwork Signal Guru APK : https://www.system32.ink/2023/06/network-signal-guru-apk.html\n\n\ud83d\udcccGoogle CTF : https://www.system32.ink/2023/06/google-ctf.html\n\n\ud83e\udda0Rootkit ANd RAT:\n\n\ud83d\udccc888 RAT New Version 2023 ( 1.2.6 Full Setup ) For Lifetime : https://www.system32.ink/2023/06/888-rat-new-version-2023-126-full-setup.html\n\n\ud83d\udcccreveng_rtkit Rootkit : https://www.system32.ink/2023/06/revengrtkit-rootkit.html", "creation_timestamp": "2023-06-28T21:51:53.000000Z"}, {"uuid": "b0fdc1fd-ae31-445a-bead-6ab856eafa95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35844", "type": "seen", "source": "https://t.me/cibsecurity/65328", "content": "\u203c CVE-2023-35844 \u203c\n\npackages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T07:25:13.000000Z"}]}