{"vulnerability": "cve-2023-4281", "sightings": [{"uuid": "3e41770d-9291-48d8-9958-e14e9c74ba30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42817", "type": "seen", "source": "https://t.me/cibsecurity/71009", "content": "\u203c CVE-2023-42817 \u203c\n\nPimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including \u00e2\u20ac\u0153%s\u00e2\u20ac\ufffd (from \u00e2\u20ac\u0153%suggest%) is parsed by sprintf() even though it\u00e2\u20ac\u2122s supposed to be output literally to the user. The translations may be accessible by a user with comparatively lower overall access (as the translation permission cannot be scoped to certain \u00e2\u20ac\u0153modules\u00e2\u20ac\ufffd) and a skilled attacker might be able to exploit the parsing of the translation string in the dialog box. This issue has been patched in commit `abd77392` which is included in release 1.1.2. Users are advised to update to version 1.1.2 or apply the patch manually.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-25T22:39:31.000000Z"}, {"uuid": "e8ab1579-0b44-4f05-af85-8a0d31e50689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4281", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5199", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4281 vulnerability. \nURL\uff1ahttps://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T13:31:46.000000Z"}, {"uuid": "0e2e3d3c-4e49-4813-9477-6d7ec63b9a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4281", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5198", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4281 vulnerability. \nURL\uff1ahttps://github.com/b0marek/CVE-2023-4281\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T12:27:29.000000Z"}, {"uuid": "a42de083-20da-4b82-98a6-0ea98d64a3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5382", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-42819\nURL\uff1ahttps://github.com/C1ph3rX13/CVE-2023-42819\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T08:59:17.000000Z"}, {"uuid": "84726bd5-48b5-45b6-933d-e7dcdf6e8ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42811", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-42811\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:N)\n\ud83d\udd39 Description: aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decrypt_in_place_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag verification fails. If a program using the `aes-gcm` crate's `decrypt_in_place*` APIs accesses the buffer after decryption failure, it will contain a decryption of an unauthenticated input. Depending on the specific nature of the program this may enable Chosen Ciphertext Attacks (CCAs) which can cause a catastrophic breakage of the cipher including full plaintext recovery. Version 0.10.3 contains a fix for this issue.\n\ud83d\udccf Published: 2023-09-22T15:19:15.445Z\n\ud83d\udccf Modified: 2025-06-18T14:22:56.534Z\n\ud83d\udd17 References:\n1. https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq\n2. https://docs.rs/aes-gcm/latest/src/aes_gcm/lib.rs.html#309\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYQCICN6BVC6I75O3F6W4VK4J3MOYDJU/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U67ZSMNX5V3WTBYPUYF45PSFG4SF5SGF/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBB6TBDAGEQ2WIINR34F3DPSN3FND6K/", "creation_timestamp": "2025-06-18T14:41:48.000000Z"}, {"uuid": "500b90b5-6bbe-4e18-a804-9eba74e18494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42818", "type": "seen", "source": "https://t.me/cibsecurity/71156", "content": "\u203c CVE-2023-42818 \u203c\n\nJumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-28T00:41:53.000000Z"}, {"uuid": "9a0a197b-4f59-4719-8177-2077f8dd19cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9902", "content": "#exploit\n1. CVE-2023-42820,\nCVE-2023-42820,\nCVE-2023-42819:\nJumpserver Preauth RCE Exploit Chain\nhttps://sites.google.com/site/zhiniangpeng/blogs/Jumpserver\n\n2. CVE-2024-20931:\nA new attack surface for JNDI injection\nhttps://github.com/GlassyAmadeus/CVE-2024-20931\n\n3. CVE-2024-22899 - 22903:\nExploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery\nhttps://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain", "creation_timestamp": "2024-02-07T20:22:24.000000Z"}, {"uuid": "3347b8b9-d2f9-4397-bc84-895ad8ddb5e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42812", "type": "seen", "source": "https://t.me/cibsecurity/70954", "content": "\u203c CVE-2023-42812 \u203c\n\nGalaxy is an open-source platform for FAIR data analysis. Prior to version 22.05, Galaxy is vulnerable to server-side request forgery, which allows a malicious to issue arbitrary HTTP/HTTPS requests from the application server to internal hosts and read their responses. Version 22.05 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T20:31:56.000000Z"}, {"uuid": "1cb9cd76-802c-43f3-9352-e4945961c9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42811", "type": "seen", "source": "https://t.me/cibsecurity/70953", "content": "\u203c CVE-2023-42811 \u203c\n\naes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decrypt_in_place_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag verification fails. If a program using the `aes-gcm` crate's `decrypt_in_place*` APIs accesses the buffer after decryption failure, it will contain a decryption of an unauthenticated input. Depending on the specific nature of the program this may enable Chosen Ciphertext Attacks (CCAs) which can cause a catastrophic breakage of the cipher including full plaintext recovery. Version 0.10.3 contains a fix for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T20:31:55.000000Z"}, {"uuid": "ffb23c0c-bcc0-472e-9f03-f662731d9a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42810", "type": "seen", "source": "https://t.me/cibsecurity/70919", "content": "\u203c CVE-2023-42810 \u203c\n\nsysteminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-21T22:30:42.000000Z"}, {"uuid": "ffa4472b-4d6b-42be-9b62-988aee74d27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2706", "content": "#exploit\n1. CVE-2023-42820,\nCVE-2023-42820,\nCVE-2023-42819:\nJumpserver Preauth RCE Exploit Chain\nhttps://sites.google.com/site/zhiniangpeng/blogs/Jumpserver\n\n2. CVE-2024-20931:\nA new attack surface for JNDI injection\nhttps://github.com/GlassyAmadeus/CVE-2024-20931\n\n3. CVE-2024-22899 - 22903:\nExploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery\nhttps://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain", "creation_timestamp": "2024-08-16T09:13:13.000000Z"}, {"uuid": "ab0c4ca2-a7bb-4448-8a1c-1411aeaba073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-42811", "type": "published-proof-of-concept", "source": "https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq", "content": "", "creation_timestamp": "2023-09-21T22:54:07.000000Z"}]}