{"vulnerability": "CVE-2023-3301", "sightings": [{"uuid": "abb60f21-97cb-4253-a48d-77738445a4d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "7e794cc1-e276-4d94-b5a5-5410b3221e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "MISP/b4a98411-68c8-46bf-aff8-1659046646b3", "content": "", "creation_timestamp": "2023-11-13T18:11:01.000000Z"}, {"uuid": "61815605-b7a7-4698-b735-2c14d5d8823b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971827", "content": "", "creation_timestamp": "2024-12-24T20:34:33.706307Z"}, {"uuid": "d2b6ab8c-d84f-45fb-b9a1-6d9bcfa43309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33012", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "5039bdb1-f289-4fe3-902b-8072ff0a2ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33012", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:54.000000Z"}, {"uuid": "b9d05f70-2b26-46a9-9290-ff29e964eff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33012", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "6fa911b7-c95c-4668-a824-a58a3712becf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "MISP/b4a98411-68c8-46bf-aff8-1659046646b3", "content": "", "creation_timestamp": "2025-07-07T05:16:45.000000Z"}, {"uuid": "a64145fc-3027-47bd-9879-fbb60e500f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:43.000000Z"}, {"uuid": "e4d2cc6b-f0b5-4dbc-b6de-78e0ca9b8e6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-33010", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3ba984a1-2150-4ca5-ba9b-a137c2549636", "content": "", "creation_timestamp": "2026-02-02T12:26:57.943946Z"}, {"uuid": "0adce59a-0517-4c54-8d49-665c8fa0f4d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3301", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ly3eytayuc72", "content": "", "creation_timestamp": "2025-09-05T09:50:30.337035Z"}, {"uuid": "1e3d7e5c-9908-45ca-961b-e08b6773ca5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3301", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3ly3f4dymwv2j", "content": "", "creation_timestamp": "2025-09-05T09:50:31.105820Z"}, {"uuid": "c0a2634b-976d-47ad-9c1a-f6be0757c1d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33012", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zyxel_parse_config_rce.rb", "content": "", "creation_timestamp": "2024-07-03T18:47:21.000000Z"}, {"uuid": "3ac223ea-f3f7-4b31-89b5-f6ba0b1d1c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11981", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Russia: Sandworm have breached Danish energy sector companies. \nVery nice timeline analysis.\nCVE-2023-28771 + CVE-2023-33009 + CVE-2023-33010\n\nhttps://github.com/blackorbird/APT_REPORT/blob/master/Sandworm/sektorcert-angrebet-mod-dansk-kritisk-infrastruktur-tlp-clear-en.pdf", "creation_timestamp": "2023-11-15T09:27:54.000000Z"}, {"uuid": "f3446f0c-3d48-4702-a0ab-9c7678d9fd7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33014", "type": "seen", "source": "https://t.me/cibsecurity/74145", "content": "\u203c\ufe0fCVE-2023-33014\u203c\ufe0f\n\nInformation disclosure in Core services while processing a Diag command.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:32:41.000000Z"}, {"uuid": "cb65665f-361a-4d4d-89a5-c3df6db6802d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "exploited", "source": "Telegram/7hx0Eh-1rj7GqCpsGv8vc3vl2LENad0XkZ8Du0V4VFE6pg", "content": "", "creation_timestamp": "2023-06-06T06:52:33.000000Z"}, {"uuid": "d9ad899c-4643-49dd-aa6a-ff56085b606f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33016", "type": "seen", "source": "https://t.me/cibsecurity/69827", "content": "\u203c CVE-2023-33016 \u203c\n\nTransient DOS in WLAN firmware while parsing MLO (multi-link operation).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T12:17:01.000000Z"}, {"uuid": "3ce24009-519e-4712-970e-aaf012099f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "Telegram/o33eMMvV5GbS5_yvZwxR9Wy9Vxsb16o4MXlOt7k80dQpLQ", "content": "", "creation_timestamp": "2023-05-25T19:04:24.000000Z"}, {"uuid": "3a4b97ca-5973-4f9d-911b-18656d3a9da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33019", "type": "seen", "source": "https://t.me/cibsecurity/69823", "content": "\u203c CVE-2023-33019 \u203c\n\nTransient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T12:16:57.000000Z"}, {"uuid": "eed29a22-cb33-42cb-a93c-3cbb12c54ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "exploited", "source": "https://t.me/KomunitiSiber/314", "content": "Zyxel Firewalls Under Attack! Urgent Patching Required\nhttps://thehackernews.com/2023/06/zyxel-firewalls-under-attack-urgent.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday\u00a0placed\u00a0two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\nThe vulnerabilities, tracked as\u00a0CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a", "creation_timestamp": "2023-06-06T07:25:44.000000Z"}, {"uuid": "ab4a2a3e-e7ff-48ee-91b3-3deb2db93f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "https://t.me/KomunitiSiber/262", "content": "Zyxel Issues Critical Security Patches for Firewall and VPN Products\nhttps://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html\n\nZyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution.\nBoth the flaws \u2013\u00a0CVE-2023-33009 and CVE-2023-33010\u00a0\u2013 are\u00a0buffer overflow vulnerabilities\u00a0and are rated 9.8 out of 10 on the CVSS scoring system.\nA brief description of the two issues is below -\n\nCVE-2023-33009\u00a0-", "creation_timestamp": "2023-05-25T19:12:23.000000Z"}, {"uuid": "96a1a35d-e77c-46bc-ba60-957d095f1d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33014", "type": "seen", "source": "https://t.me/ctinow/161519", "content": "https://ift.tt/BMjZuy6\nCVE-2023-33014", "creation_timestamp": "2024-01-02T07:26:55.000000Z"}, {"uuid": "6a708b3a-1001-4158-b2a9-9211e840a997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33014", "type": "seen", "source": "https://t.me/ctinow/171234", "content": "https://ift.tt/vT2VIq9\nCVE-2023-33014 | Qualcomm AR2 Gen 1 Platform Core Service information disclosure", "creation_timestamp": "2024-01-22T15:41:28.000000Z"}, {"uuid": "5626da7e-c5ca-4244-a351-10cd83058703", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "https://t.me/true_secator/4429", "content": "Zyxel \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 firewall \u0438 VPN.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c, \u043e\u0431\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u0434\u0435\u043b\u0430.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a DoS \u0438 RCE \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445. \u041f\u0440\u0438\u0447\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0431\u0430\u0433\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 Zyxel \u043a\u0430\u043a \u0440\u0430\u0437 \u0442\u0430\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 CVE-2023-33009 \u0438 CVE-2023-33010 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0443 \u043a\u0430\u0436\u0434\u043e\u0439 \u0432 9,8 \u0431\u0430\u043b\u043b\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430\u043c\u0438: ATP \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 ZLD V4.32 \u0434\u043e V5.36, USG FLEX \u043e\u0442 ZLD V4.50 \u0434\u043e V5.36, USG FLEX50 (W) / USG20 (W) - \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 VPN \u0432\u0435\u0440\u0441\u0438\u0439 \u043e\u0442 ZLD V4.25 \u0434\u043e V5.36, VPN \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 ZLD V4.30 \u0434\u043e V5.36 \u0438 ZyWALL / USG \u043e\u0442 ZLD V4.25 \u0434\u043e V4.73.\n\n\u0412 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0432\u043e\u0435\u043c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438 \u043c\u0430\u043b\u043e\u0433\u043e \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0438\u043b\u0438 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u043c \u0440\u0430\u0431\u043e\u0442\u043d\u0438\u043a\u0430\u043c, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0442\u0430\u043a\u0438\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0443\u0441\u0442\u0440\u0435\u043c\u043b\u0435\u043d\u0438\u0439 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u043e\u0432.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0434\u0430\u0431\u044b \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432. \n\n\u0412\u0435\u0434\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zyxel (CVE-2023-28771), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435,\u00a0\u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai DDoS.\u00a0\u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0443\u0436\u0435 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438.", "creation_timestamp": "2023-05-26T18:40:05.000000Z"}, {"uuid": "b8a2c0de-026f-45a0-97cc-bf664a8906dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3301", "type": "seen", "source": "https://t.me/cibsecurity/70405", "content": "\u203c CVE-2023-3301 \u203c\n\nA flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T20:23:54.000000Z"}, {"uuid": "87c748bb-1142-4b54-90eb-780fbae3cdf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33015", "type": "seen", "source": "https://t.me/cibsecurity/69830", "content": "\u203c CVE-2023-33015 \u203c\n\nTransient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T12:17:04.000000Z"}, {"uuid": "9006a7c8-670f-44d0-a031-f08021240bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33010", "type": "seen", "source": "https://t.me/cibsecurity/64679", "content": "\u203c CVE-2023-33010 \u203c\n\nA buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-24T16:26:56.000000Z"}, {"uuid": "19b2f934-be7e-48ac-ae18-2b30b7c9f5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33012", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8376", "content": "re: Zyxel VPN Series Pre-auth Remote Command Execution - Blog - VulnCheck\n\nhttps://vulncheck.com/blog/zyxel-cve-2023-33012", "creation_timestamp": "2024-02-21T19:32:40.000000Z"}, {"uuid": "2710d99e-4803-47c9-ae87-03ce72852a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33013", "type": "seen", "source": "https://t.me/cibsecurity/68454", "content": "\u203c CVE-2023-33013 \u203c\n\nA post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T20:19:29.000000Z"}]}