{"vulnerability": "CVE-2023-3263", "sightings": [{"uuid": "d54c16de-4339-4775-9f58-10e17cc1d13b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32632", "type": "seen", "source": "https://t.me/true_secator/4958", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u0435\u0441\u0438\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 10 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u043e\u0442\u043e\u0432\u044b\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440 Yifan YF325.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Yifan YF325 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\nYifan YF325 \u2014 \u044d\u0442\u043e \u0441\u043e\u0442\u043e\u0432\u043e\u0435 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0441\u0435\u0442\u0438 Wi-Fi \u0438 Ethernet.\n\n\u041a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u0441\u0430\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, YF325 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 M2M-\u043e\u0431\u043b\u0430\u0441\u0442\u044f\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044b \u0441\u0430\u043c\u043e\u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f, \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442 \u0438 \u0441\u0435\u0442\u0438, \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0443\u044e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044f\u044e, \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044e, \u0444\u0438\u043d\u0430\u043d\u0441\u044b, POS, \u0432\u043e\u0434\u043e\u0441\u043d\u0430\u0431\u0436\u0435\u043d\u0438\u0435, \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u043a\u0440\u0443\u0436\u0430\u044e\u0449\u0435\u0439 \u0441\u0440\u0435\u0434\u044b, \u043f\u043e\u0447\u0442\u0443, \u043f\u043e\u0433\u043e\u0434\u0443, \u0438 \u0442\u0434.\n\n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u043d\u0438\u0445 TALOS-2023-1762 (CVE-2023-24479) \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443  CVSS 9,8 \u0438\u0437 10. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0414\u0440\u0443\u0433\u0430\u044f TALOS-2023-1752 (CVE-2023-32645) \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043d\u043e \u0432 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043b\u0430\u0434\u043a\u0438 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 TALOS-2023-1767 (CVE-2023-32632) \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 Talos \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430,  \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u043c\u044b\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438, \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n- TALOS-2023-1761\u00a0(CVE-2023-35055 \u0438 CVE-2023-35056),\n- TALOS-2023-1763\u00a0(CVE-2023-34365),\n- TALOS-2023-1764\u00a0(CVE-2023-34346),\n- TALOS-2023-1765\u00a0(CVE-2023-31272),\n- TALOS-2023-1766\u00a0(CVE-2023-34426),\n- TALOS-2023-1787\u00a0(CVE-2023-35965 \u0438 CVE-2023-35966),\n- TALOS-2023-1788\u00a0(CVE-2023-35967 \u0438 CVE-2023-35968).\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0432\u0441\u0435 \u043e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u044e\u0442 \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8. \n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043e\u0442 Yifan, \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441\u00a0\u043f\u043e\u043b\u0438\u0442\u0438\u043a\u043e\u0439 Cisco \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0432\u0441\u0435 \u0440\u0438\u0441\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0441\u043e \u0441\u0432\u043e\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2023-10-12T19:17:31.000000Z"}, {"uuid": "97e7bd19-c1e4-49c0-ac55-636e58e4ecf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32634", "type": "seen", "source": "https://t.me/cibsecurity/72186", "content": "\u203c CVE-2023-32634 \u203c\n\nAn authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-12T20:23:24.000000Z"}, {"uuid": "1ee59ce8-4ac1-4d5e-bd6e-87080c5d3926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32632", "type": "seen", "source": "https://t.me/cibsecurity/72115", "content": "\u203c CVE-2023-32632 \u203c\n\nA command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T20:17:42.000000Z"}, {"uuid": "fd73fcbd-93f6-4a7f-a923-fe35cd38c399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32633", "type": "seen", "source": "https://t.me/ctinow/208006", "content": "https://ift.tt/NMPcXmd\nCVE-2023-32633", "creation_timestamp": "2024-03-14T18:22:40.000000Z"}, {"uuid": "4e483f6e-9b8e-443e-88e9-2100d1ed6a28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32633", "type": "seen", "source": "https://t.me/ctinow/208023", "content": "https://ift.tt/NMPcXmd\nCVE-2023-32633", "creation_timestamp": "2024-03-14T18:26:55.000000Z"}, {"uuid": "0422387a-3d7c-4dae-944f-bab6dc7fc73d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3263", "type": "seen", "source": "https://t.me/cibsecurity/68428", "content": "\u203c CVE-2023-3263 \u203c\n\nThe Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T12:19:15.000000Z"}, {"uuid": "690cb1be-b2bf-4b09-b209-6839ee8622f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32636", "type": "seen", "source": "https://t.me/cibsecurity/70562", "content": "\u203c CVE-2023-32636 \u203c\n\nA flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T00:24:49.000000Z"}, {"uuid": "481fb90f-d520-48a5-a8a6-ea92dd9bd4f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32635", "type": "seen", "source": "https://t.me/cibsecurity/66999", "content": "\u203c CVE-2023-32635 \u203c\n\nXBRL data create application version 7.0 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T12:11:41.000000Z"}, {"uuid": "96341df9-6bf3-4dfc-89e9-a6bab8673302", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32639", "type": "seen", "source": "https://t.me/cibsecurity/67202", "content": "\u203c CVE-2023-32639 \u203c\n\nApplicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T07:26:46.000000Z"}, {"uuid": "6dd4d6b3-0127-46c8-9015-57c4b6211947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32637", "type": "seen", "source": "https://t.me/cibsecurity/67211", "content": "\u203c CVE-2023-32637 \u203c\n\n** UNSUPPPORTED WHEN ASSIGNED ** GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:01.000000Z"}]}