{"vulnerability": "cve-2023-5142", "sightings": [{"uuid": "4527b2a3-c8eb-4073-8939-f4cd01fd3517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5142", "type": "seen", "source": "https://t.me/arpsyndicate/311", "content": "#ExploitObserverAlert\n\nCVE-2023-5142\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5142. A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-11-21T07:28:54.000000Z"}, {"uuid": "fd914f84-c8bd-48f7-8287-b3b6bafe8201", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51429", "type": "seen", "source": "https://t.me/cibsecurity/73887", "content": "\u203c\ufe0fCVE-2023-51429\u203c\ufe0f\n\n Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:33:32.000000Z"}, {"uuid": "b2f3b795-4255-4fd6-9b77-4e5cb9caae71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51428", "type": "seen", "source": "https://t.me/cibsecurity/73886", "content": "\u203c\ufe0fCVE-2023-51428\u203c\ufe0f\n\n Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:33:27.000000Z"}, {"uuid": "fcf3d241-7673-4728-b481-82ae788d028e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51427", "type": "seen", "source": "https://t.me/cibsecurity/73885", "content": "\u203c\ufe0fCVE-2023-51427\u203c\ufe0f\n\n Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.   \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:33:22.000000Z"}, {"uuid": "605610fc-3cc8-453b-bd90-62a227092067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51422", "type": "seen", "source": "https://t.me/cibsecurity/73973", "content": "\u203c\ufe0fCVE-2023-51422\u203c\ufe0f\n\nDeserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin Create liveevergreenautomatedinstant webinars, stream  Zoom Meetings  WebinarIgnition.This issue affects Webinar Plugin Create liveevergreenautomatedinstant webinars, stream  Zoom Meetings  WebinarIgnition from na through 3.05.0.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:40:39.000000Z"}, {"uuid": "25fe0814-d886-47d2-a2f5-421cffe4368f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51423", "type": "seen", "source": "https://t.me/cibsecurity/74077", "content": "\u203c\ufe0fCVE-2023-51423\u203c\ufe0f\n\nImproper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team Webinar Plugin Create liveevergreenautomatedinstant webinars, stream  Zoom Meetings  WebinarIgnition.This issue affects Webinar Plugin Create liveevergreenautomatedinstant webinars, stream  Zoom Meetings  WebinarIgnition from na through 3.05.0.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-01T01:32:48.000000Z"}, {"uuid": "30429065-88a5-4a40-a24e-86bfe9f1114d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51421", "type": "seen", "source": "https://t.me/cibsecurity/73985", "content": "\u203c\ufe0fCVE-2023-51421\u203c\ufe0f\n\nUnrestricted Upload of File with Dangerous Type vulnerability in Soft8Soft LLC Verge3D Publishing and ECommerce.This issue affects Verge3D Publishing and ECommerce from na through 4.5.2.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:41:38.000000Z"}, {"uuid": "bd69742c-1555-464b-a150-120528ab611a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51426", "type": "seen", "source": "https://t.me/cibsecurity/73884", "content": "\u203c\ufe0fCVE-2023-51426\u203c\ufe0f\n\n Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:33:17.000000Z"}, {"uuid": "ef3701c8-7e21-4750-9017-e6c6237f0444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51420", "type": "seen", "source": "https://t.me/cibsecurity/73936", "content": "\u203c\ufe0fCVE-2023-51420\u203c\ufe0f\n\nImproper Control of Generation of Code 'Code Injection' vulnerability in Soft8Soft LLC Verge3D Publishing and ECommerce.This issue affects Verge3D Publishing and ECommerce from na through 4.5.2.  \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:37:34.000000Z"}, {"uuid": "db1d227f-362e-401f-9e4e-187a16df053a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51422", "type": "seen", "source": "https://t.me/ctinow/170850", "content": "https://ift.tt/08zinRk\nCVE-2023-51422 | Saleswonder Webinar Plugin up to 3.05.0 on WordPress deserialization", "creation_timestamp": "2024-01-21T14:47:08.000000Z"}, {"uuid": "eb8a29e2-523d-434f-9571-56776d3d2547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51421", "type": "seen", "source": "https://t.me/ctinow/170848", "content": "https://ift.tt/6PVMS8v\nCVE-2023-51421 | Soft8Soft Verge3D Publishing and E-Commerce Plugin up to 4.5.2 on WordPress unrestricted upload", "creation_timestamp": "2024-01-21T14:47:05.000000Z"}, {"uuid": "2298f6b7-c649-473a-9870-741b81e789cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51427", "type": "seen", "source": "https://t.me/ctinow/170686", "content": "https://ift.tt/lxMz2CR\nCVE-2023-51427 | Honor Magic OS prior 7.0.0.129 type confusion", "creation_timestamp": "2024-01-20T17:47:04.000000Z"}, {"uuid": "44a618c9-ee89-4fa5-8072-62dac081dbff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51426", "type": "seen", "source": "https://t.me/ctinow/170685", "content": "https://ift.tt/OBeLPKF\nCVE-2023-51426 | Honor Magic OS prior 7.0.0.129 type confusion", "creation_timestamp": "2024-01-20T17:47:03.000000Z"}, {"uuid": "20fc9faa-6921-4d5a-bb73-98d2c60d0307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51423", "type": "seen", "source": "https://t.me/ctinow/171104", "content": "https://ift.tt/c3RZGhK\nCVE-2023-51423 | Saleswonder Team Webinar Plugin up to 3.05.0 on WordPress sql injection", "creation_timestamp": "2024-01-22T11:36:48.000000Z"}, {"uuid": "19030976-8054-43e0-b731-38a7a11a241c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51420", "type": "seen", "source": "https://t.me/ctinow/170761", "content": "https://ift.tt/DUZMwdt\nCVE-2023-51420 | Soft8Soft Verge3D Publishing and E-Commerce Plugin up to 4.5.2 on WordPress code injection", "creation_timestamp": "2024-01-21T08:41:29.000000Z"}, {"uuid": "026c3a2c-54d2-4bef-bf68-22a00f58ce28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51429", "type": "seen", "source": "https://t.me/ctinow/170678", "content": "https://ift.tt/5TSAhm8\nCVE-2023-51429 | Honor Magic OS prior 7.0.0.156 information disclosure", "creation_timestamp": "2024-01-20T17:21:43.000000Z"}, {"uuid": "7d27bfda-6750-4e44-a235-06da9166dbe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51428", "type": "seen", "source": "https://t.me/ctinow/170676", "content": "https://ift.tt/G107lg2\nCVE-2023-51428 | Honor Magic OS prior 7.0.0.129 type confusion", "creation_timestamp": "2024-01-20T17:21:40.000000Z"}, {"uuid": "a571bb8c-8feb-4751-8f00-d41121940ad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51427", "type": "seen", "source": "https://t.me/ctinow/160330", "content": "https://ift.tt/MRLNTQ5\nCVE-2023-51427", "creation_timestamp": "2023-12-29T05:26:50.000000Z"}, {"uuid": "dcae4aec-feb7-49fa-96c5-fb46ec0bc722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51426", "type": "seen", "source": "https://t.me/ctinow/160329", "content": "https://ift.tt/hdPKAcg\nCVE-2023-51426", "creation_timestamp": "2023-12-29T05:26:49.000000Z"}, {"uuid": "216b6b3f-caae-47a7-9f3f-b232b47d506d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51429", "type": "seen", "source": "https://t.me/ctinow/160332", "content": "https://ift.tt/KDvxtyF\nCVE-2023-51429", "creation_timestamp": "2023-12-29T05:26:51.000000Z"}, {"uuid": "59033fc1-fcd7-47bd-a8e6-93e7df020be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51428", "type": "seen", "source": "https://t.me/ctinow/160331", "content": "https://ift.tt/ILKXyj6\nCVE-2023-51428", "creation_timestamp": "2023-12-29T05:26:50.000000Z"}, {"uuid": "2401a397-dddd-441a-9dc6-d42677f641ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51423", "type": "seen", "source": "https://t.me/ctinow/161157", "content": "https://ift.tt/RZfTJDP\nCVE-2023-51423", "creation_timestamp": "2023-12-31T19:26:47.000000Z"}, {"uuid": "80424291-fd93-4c25-880b-1a05f79b53ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51422", "type": "seen", "source": "https://t.me/ctinow/160534", "content": "https://ift.tt/1biBQHd\nCVE-2023-51422", "creation_timestamp": "2023-12-29T14:26:42.000000Z"}, {"uuid": "2d112aac-04ff-4155-a983-79a3fde3b548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51420", "type": "seen", "source": "https://t.me/ctinow/160438", "content": "https://ift.tt/1UyDrko\nCVE-2023-51420", "creation_timestamp": "2023-12-29T11:26:36.000000Z"}, {"uuid": "f479b3c0-a48e-4e73-a19e-e63be8b03b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51421", "type": "seen", "source": "https://t.me/ctinow/160554", "content": "https://ift.tt/s3nE0vD\nCVE-2023-51421", "creation_timestamp": "2023-12-29T15:26:55.000000Z"}, {"uuid": "af4c53b2-34cf-4838-b5cc-90e94edd9953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5142", "type": "seen", "source": "https://t.me/cibsecurity/70971", "content": "\u203c CVE-2023-5142 \u203c\n\nA vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-25T02:33:47.000000Z"}]}