{"vulnerability": "cve-2023-4108", "sightings": [{"uuid": "f410ba6c-2b00-4447-a9ba-9c1168a12e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://www.knime.com/security/advisories#CVE-2026-4649", "content": "", "creation_timestamp": "2026-03-25T03:00:10.000000Z"}, {"uuid": "b867e2ba-5047-4dae-b473-2b74aeda1437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/cvedetector/5355", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8646 - Apache HTTP Server/Open-Redirect vulnerability in Glassfish\", \n  \"Content\": \"CVE ID : CVE-2024-8646 \nPublished : Sept. 11, 2024, 2:15 p.m. | 37\u00a0minutes ago \nDescription : In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed.  \nThis vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish.  \nThis vulnerability only affects applications that are explicitly deployed to the root context ('/'). \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T17:00:45.000000Z"}, {"uuid": "fc88769d-8f1a-4f77-9ce8-56841ee96744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41080", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3169", "content": "Hackers Factory \n\nlazy way to create CVE-2023-38831 winrar file for testing\n\nhttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc\n\nCVE-2022-39986 PoC\n\nhttps://github.com/WhiteOwl-Pub/RaspAP-CVE-2022-39986-PoC\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nHVCI-loldrivers-check\nChecks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.\n\nhttps://github.com/trailofbits/HVCI-loldrivers-check\n\nGolang Secure Coding Practices guide\n\nhttps://github.com/OWASP/Go-SCP\n\n#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nEvolutionary encryption framework based on scalable complexity over time.\n\nhttps://github.com/jofpin/temcrypt\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nBash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.\n\nhttps://github.com/ozpingux/BasicLinuxForensicScript\n\nyou want an #investigation on user accounts,  \n\nSnoop, a #cli #python #tool, scans various sites, forums, and social networks for the presence of the username.\n\ngithub.com/snooppr/snoop\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-27T17:49:56.000000Z"}, {"uuid": "5adc3dc4-2389-4529-9178-ae7a5adbddb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/arpsyndicate/3249", "content": "#ExploitObserverAlert\n\nCVE-2023-41080\n\nDESCRIPTION: Exploit Observer has 11 entries in 3 file formats related to CVE-2023-41080. URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.  The vulnerability is limited to the ROOT (default) web application.\n\nFIRST-EPSS: 0.002440000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T07:19:34.000000Z"}, {"uuid": "4883c254-5c8d-4c1b-be80-f0d6f7e214f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41089", "type": "seen", "source": "https://t.me/cibsecurity/72607", "content": "\u203c CVE-2023-41089 \u203c\n\nThe affected product is vulnerable to an improper authentication vulnerability, which may allow an attacker to impersonate a legitimate user as long as the device keeps the session active, since the attack takes advantage of the cookie header to generate \"legitimate\" requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T22:34:48.000000Z"}, {"uuid": "31ca973d-0194-420f-b59f-046d2d5c175e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41088", "type": "seen", "source": "https://t.me/cibsecurity/72596", "content": "\u203c CVE-2023-41088 \u203c\n\nThe affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. The attacker can later us the information within it to access the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T22:34:35.000000Z"}, {"uuid": "88e4d307-ba11-457f-82f7-31ca096e90a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41085", "type": "seen", "source": "https://t.me/cibsecurity/71920", "content": "\u203c CVE-2023-41085 \u203c\n\nWhen IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T16:16:42.000000Z"}, {"uuid": "9f9b43fe-3eb0-4551-adab-07d952baa689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41086", "type": "seen", "source": "https://t.me/cibsecurity/71454", "content": "\u203c CVE-2023-41086 \u203c\n\nCross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T07:40:56.000000Z"}, {"uuid": "2aaae35f-b822-413f-9307-5d35eca34aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41084", "type": "seen", "source": "https://t.me/cibsecurity/70673", "content": "\u203c CVE-2023-41084 \u203c\n\n** UNSUPPPORTED WHEN ASSIGNED ** Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-19T05:17:25.000000Z"}, {"uuid": "255d08a9-aa28-427d-a155-73ea5806f731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41080", "type": "seen", "source": "https://t.me/cibsecurity/69217", "content": "\u203c CVE-2023-41080 \u203c\n\nURL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.The vulnerability is limited to the ROOT (default) web application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-26T00:14:32.000000Z"}, {"uuid": "a2398f4d-d6a1-4a1d-b4ef-4c05944d3069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41081", "type": "seen", "source": "https://t.me/cibsecurity/70373", "content": "\u203c CVE-2023-41081 \u203c\n\nThe mod_jk component of Apache Tomcat Connectors\u00c2\u00a0in some circumstances, such as when a configuration included\u00c2\u00a0\"JkOptions +ForwardDirectories\" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker.\u00c2\u00a0Such an implicit mapping could result in the unintended exposure of the\u00c2\u00a0status worker and/or bypass security constraints configured in httpd. As\u00c2\u00a0of JK 1.2.49, the implicit mapping functionality has been removed and all\u00c2\u00a0mappings must now be via explicit configuration.\u00c2\u00a0Only mod_jk is affected\u00c2\u00a0by this issue. The ISAPI redirector is not affected.This issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48.Users are recommended to upgrade to version 1.2.49, which fixes the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T14:23:34.000000Z"}, {"uuid": "6323bd99-9459-4861-a3ba-674897a6c848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4108", "type": "seen", "source": "https://t.me/cibsecurity/68320", "content": "\u203c CVE-2023-4108 \u203c\n\nMattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T12:27:15.000000Z"}, {"uuid": "1ea8eeb9-ae58-434c-87b2-21224e19eb94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41080", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8921", "content": "#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\nhttps://github.com/shiomiyan/CVE-2023-41080\n\n3. CVE-2023-39063:\nRaidenFTPD Buffer Overflow\nhttps://github.com/AndreGNogueira/CVE-2023-39063", "creation_timestamp": "2023-08-27T15:11:36.000000Z"}]}