<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 12 Jul 2026 23:54:38 +0000</lastBuildDate>
    <item>
      <title>0be080d5-36a3-4d77-97fc-4403fcda9d1a</title>
      <link>https://vulnerability.circl.lu/sighting/0be080d5-36a3-4d77-97fc-4403fcda9d1a/export</link>
      <description>{"uuid": "0be080d5-36a3-4d77-97fc-4403fcda9d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/5069ba47a341c9374d265742c0ed2c0f", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n&amp;gt; **CVSS Score:** 4.7\n&amp;gt; **Published:** 2026-06-23\n&amp;gt; **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: &amp;lt;= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security&amp;gt;=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:52:32.000000Z"}</description>
      <content:encoded>{"uuid": "0be080d5-36a3-4d77-97fc-4403fcda9d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/5069ba47a341c9374d265742c0ed2c0f", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n&amp;gt; **CVSS Score:** 4.7\n&amp;gt; **Published:** 2026-06-23\n&amp;gt; **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: &amp;lt;= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security&amp;gt;=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:52:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0be080d5-36a3-4d77-97fc-4403fcda9d1a/export</guid>
      <pubDate>Wed, 24 Jun 2026 01:52:32 +0000</pubDate>
    </item>
    <item>
      <title>bb541946-6ef7-490b-9c7c-5422f46fca5f</title>
      <link>https://vulnerability.circl.lu/sighting/bb541946-6ef7-490b-9c7c-5422f46fca5f/export</link>
      <description>{"uuid": "bb541946-6ef7-490b-9c7c-5422f46fca5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/31eb26fe10a0715b39c427020e06d517", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n&amp;gt; **CVSS Score:** 4.7\n&amp;gt; **Published:** 2026-06-23\n&amp;gt; **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: &amp;lt;= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security&amp;gt;=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:41:39.000000Z"}</description>
      <content:encoded>{"uuid": "bb541946-6ef7-490b-9c7c-5422f46fca5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/31eb26fe10a0715b39c427020e06d517", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n&amp;gt; **CVSS Score:** 4.7\n&amp;gt; **Published:** 2026-06-23\n&amp;gt; **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: &amp;lt;= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security&amp;gt;=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:41:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/bb541946-6ef7-490b-9c7c-5422f46fca5f/export</guid>
      <pubDate>Wed, 24 Jun 2026 01:41:39 +0000</pubDate>
    </item>
    <item>
      <title>c44efaef-6e04-4bcc-be47-56f4281c4300</title>
      <link>https://vulnerability.circl.lu/sighting/c44efaef-6e04-4bcc-be47-56f4281c4300/export</link>
      <description>{"uuid": "c44efaef-6e04-4bcc-be47-56f4281c4300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtkjo52g", "content": "", "creation_timestamp": "2026-04-23T21:03:10.282469Z"}</description>
      <content:encoded>{"uuid": "c44efaef-6e04-4bcc-be47-56f4281c4300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtkjo52g", "content": "", "creation_timestamp": "2026-04-23T21:03:10.282469Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c44efaef-6e04-4bcc-be47-56f4281c4300/export</guid>
      <pubDate>Thu, 23 Apr 2026 21:03:10 +0000</pubDate>
    </item>
    <item>
      <title>a1548746-5800-49cb-a03b-2b2b254e47f1</title>
      <link>https://vulnerability.circl.lu/sighting/a1548746-5800-49cb-a03b-2b2b254e47f1/export</link>
      <description>{"uuid": "a1548746-5800-49cb-a03b-2b2b254e47f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-49438.yaml", "content": "", "creation_timestamp": "2026-04-21T17:45:30.000000Z"}</description>
      <content:encoded>{"uuid": "a1548746-5800-49cb-a03b-2b2b254e47f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-49438.yaml", "content": "", "creation_timestamp": "2026-04-21T17:45:30.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a1548746-5800-49cb-a03b-2b2b254e47f1/export</guid>
      <pubDate>Tue, 21 Apr 2026 17:45:30 +0000</pubDate>
    </item>
    <item>
      <title>df3b8b85-d348-42b3-a8a0-ee90ff01d7fe</title>
      <link>https://vulnerability.circl.lu/sighting/df3b8b85-d348-42b3-a8a0-ee90ff01d7fe/export</link>
      <description>{"uuid": "df3b8b85-d348-42b3-a8a0-ee90ff01d7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9643", "content": "#exploit\n1. CVE-2023-49438:\nOpen Redirect Vulnerability in Flask-Security-Too\nhttps://github.com/brandon-t-elliott/CVE-2023-49438\n\n2. CVE-2021-44026:\nSQL injection in Roundcube\nhttps://github.com/pentesttoolscom/roundcube-cve-2021-44026", "creation_timestamp": "2024-11-12T02:01:20.000000Z"}</description>
      <content:encoded>{"uuid": "df3b8b85-d348-42b3-a8a0-ee90ff01d7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9643", "content": "#exploit\n1. CVE-2023-49438:\nOpen Redirect Vulnerability in Flask-Security-Too\nhttps://github.com/brandon-t-elliott/CVE-2023-49438\n\n2. CVE-2021-44026:\nSQL injection in Roundcube\nhttps://github.com/pentesttoolscom/roundcube-cve-2021-44026", "creation_timestamp": "2024-11-12T02:01:20.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/df3b8b85-d348-42b3-a8a0-ee90ff01d7fe/export</guid>
      <pubDate>Tue, 12 Nov 2024 02:01:20 +0000</pubDate>
    </item>
    <item>
      <title>47a459e4-c97f-4e52-baba-a4b1d944374a</title>
      <link>https://vulnerability.circl.lu/sighting/47a459e4-c97f-4e52-baba-a4b1d944374a/export</link>
      <description>{"uuid": "47a459e4-c97f-4e52-baba-a4b1d944374a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://t.me/ctinow/162829", "content": "https://ift.tt/LPid1Eh\nCVE-2023-49438 Exploit", "creation_timestamp": "2024-01-04T08:16:44.000000Z"}</description>
      <content:encoded>{"uuid": "47a459e4-c97f-4e52-baba-a4b1d944374a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://t.me/ctinow/162829", "content": "https://ift.tt/LPid1Eh\nCVE-2023-49438 Exploit", "creation_timestamp": "2024-01-04T08:16:44.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/47a459e4-c97f-4e52-baba-a4b1d944374a/export</guid>
      <pubDate>Thu, 04 Jan 2024 08:16:44 +0000</pubDate>
    </item>
    <item>
      <title>90fe6331-c51f-448b-8d6a-f30efe3cc8f5</title>
      <link>https://vulnerability.circl.lu/sighting/90fe6331-c51f-448b-8d6a-f30efe3cc8f5/export</link>
      <description>{"uuid": "90fe6331-c51f-448b-8d6a-f30efe3cc8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49434", "type": "seen", "source": "https://t.me/ctinow/160989", "content": "https://ift.tt/xRUeqzk\nCVE-2023-49434 | Tenda AX9 22.03.01.46 SetNetControlList list stack-based overflow", "creation_timestamp": "2023-12-31T07:07:37.000000Z"}</description>
      <content:encoded>{"uuid": "90fe6331-c51f-448b-8d6a-f30efe3cc8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49434", "type": "seen", "source": "https://t.me/ctinow/160989", "content": "https://ift.tt/xRUeqzk\nCVE-2023-49434 | Tenda AX9 22.03.01.46 SetNetControlList list stack-based overflow", "creation_timestamp": "2023-12-31T07:07:37.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/90fe6331-c51f-448b-8d6a-f30efe3cc8f5/export</guid>
      <pubDate>Sun, 31 Dec 2023 07:07:37 +0000</pubDate>
    </item>
    <item>
      <title>4a32e406-9ed9-41db-8d65-55a0efcd994a</title>
      <link>https://vulnerability.circl.lu/sighting/4a32e406-9ed9-41db-8d65-55a0efcd994a/export</link>
      <description>{"uuid": "4a32e406-9ed9-41db-8d65-55a0efcd994a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49433", "type": "seen", "source": "https://t.me/ctinow/160956", "content": "https://ift.tt/ITAeFLz\nCVE-2023-49433 | Tenda AX9 22.03.01.46 SetVirtualServerCfg list stack-based overflow", "creation_timestamp": "2023-12-30T19:37:00.000000Z"}</description>
      <content:encoded>{"uuid": "4a32e406-9ed9-41db-8d65-55a0efcd994a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49433", "type": "seen", "source": "https://t.me/ctinow/160956", "content": "https://ift.tt/ITAeFLz\nCVE-2023-49433 | Tenda AX9 22.03.01.46 SetVirtualServerCfg list stack-based overflow", "creation_timestamp": "2023-12-30T19:37:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4a32e406-9ed9-41db-8d65-55a0efcd994a/export</guid>
      <pubDate>Sat, 30 Dec 2023 19:37:00 +0000</pubDate>
    </item>
    <item>
      <title>b39d86d4-1f5e-4c90-94e7-7db9e4b2949b</title>
      <link>https://vulnerability.circl.lu/sighting/b39d86d4-1f5e-4c90-94e7-7db9e4b2949b/export</link>
      <description>{"uuid": "b39d86d4-1f5e-4c90-94e7-7db9e4b2949b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49432", "type": "seen", "source": "https://t.me/ctinow/160955", "content": "https://ift.tt/u3bfD7O\nCVE-2023-49432 | Tenda AX9 22.03.01.46 /goform/setMacFilterCfg deviceList stack-based overflow", "creation_timestamp": "2023-12-30T19:36:59.000000Z"}</description>
      <content:encoded>{"uuid": "b39d86d4-1f5e-4c90-94e7-7db9e4b2949b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49432", "type": "seen", "source": "https://t.me/ctinow/160955", "content": "https://ift.tt/u3bfD7O\nCVE-2023-49432 | Tenda AX9 22.03.01.46 /goform/setMacFilterCfg deviceList stack-based overflow", "creation_timestamp": "2023-12-30T19:36:59.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b39d86d4-1f5e-4c90-94e7-7db9e4b2949b/export</guid>
      <pubDate>Sat, 30 Dec 2023 19:36:59 +0000</pubDate>
    </item>
    <item>
      <title>6f935d8a-a7a6-4119-ad01-0aa09cd0d997</title>
      <link>https://vulnerability.circl.lu/sighting/6f935d8a-a7a6-4119-ad01-0aa09cd0d997/export</link>
      <description>{"uuid": "6f935d8a-a7a6-4119-ad01-0aa09cd0d997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49435", "type": "seen", "source": "https://t.me/ctinow/160954", "content": "https://ift.tt/I2DpkYV\nCVE-2023-49435 | Tenda AX9 22.03.01.46 command injection", "creation_timestamp": "2023-12-30T19:36:58.000000Z"}</description>
      <content:encoded>{"uuid": "6f935d8a-a7a6-4119-ad01-0aa09cd0d997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49435", "type": "seen", "source": "https://t.me/ctinow/160954", "content": "https://ift.tt/I2DpkYV\nCVE-2023-49435 | Tenda AX9 22.03.01.46 command injection", "creation_timestamp": "2023-12-30T19:36:58.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6f935d8a-a7a6-4119-ad01-0aa09cd0d997/export</guid>
      <pubDate>Sat, 30 Dec 2023 19:36:58 +0000</pubDate>
    </item>
  </channel>
</rss>
