From d1b4deb472a4d6743a7d742d18a6103682ed23fb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 3 May 2024 02:01:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/32xxx/CVE-2023-32153.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32154.json | 68 +++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32155.json | 68 +++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32156.json | 68 +++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32157.json | 68 +++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32158.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32159.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32160.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32161.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32164.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32165.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32166.json | 73 ++++++++++++++++++++++++++++++++-- 2023/32xxx/CVE-2023-32167.json | 73 ++++++++++++++++++++++++++++++++-- 13 files changed, 877 insertions(+), 52 deletions(-) diff --git a/2023/32xxx/CVE-2023-32153.json b/2023/32xxx/CVE-2023-32153.json index e4cd8dcc95f..e32efab3853 100644 --- a/2023/32xxx/CVE-2023-32153.json +++ b/2023/32xxx/CVE-2023-32153.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32153", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the EmailFrom parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19550." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "DIR-2640", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-545/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-545/" + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10323" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/32xxx/CVE-2023-32154.json b/2023/32xxx/CVE-2023-32154.json index 93c83b5ebb0..afcd632a795 100644 --- a/2023/32xxx/CVE-2023-32154.json +++ b/2023/32xxx/CVE-2023-32154.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32154", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19797." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mikrotik", + "product": { + "product_data": [ + { + "product_name": "RouterOS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-710/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-710/" + } + ] + }, + "source": { + "lang": "en", + "value": "Angelboy(@scwuaptx) and NiNi (@terrynini38514) from DEVCORE Research Team" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32155.json b/2023/32xxx/CVE-2023-32155.json index 28c839c67c7..001dedd7e14 100644 --- a/2023/32xxx/CVE-2023-32155.json +++ b/2023/32xxx/CVE-2023-32155.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32155", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability.\n\nThe specific flaw exists within the bcmdhd driver. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-20733." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tesla", + "product": { + "product_data": [ + { + "product_name": "Model 3", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-971/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-971/" + } + ] + }, + "source": { + "lang": "en", + "value": "David BERARD (@_p0ly_) and Vincent DEHORS (@vdehors) from Synacktiv (@Synacktiv)" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32156.json b/2023/32xxx/CVE-2023-32156.json index 069822f49e0..eb05dca914e 100644 --- a/2023/32xxx/CVE-2023-32156.json +++ b/2023/32xxx/CVE-2023-32156.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32156", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU. Was ZDI-CAN-20734." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", + "cweId": "CWE-367" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tesla", + "product": { + "product_data": [ + { + "product_name": "Model 3", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-972/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-972/" + } + ] + }, + "source": { + "lang": "en", + "value": "David BERARD (@_p0ly_) and Vincent DEHORS (@vdehors) from Synacktiv (@Synacktiv)" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9, + "baseSeverity": "CRITICAL" } ] } diff --git a/2023/32xxx/CVE-2023-32157.json b/2023/32xxx/CVE-2023-32157.json index 9aabda56fbc..b9f49d5152e 100644 --- a/2023/32xxx/CVE-2023-32157.json +++ b/2023/32xxx/CVE-2023-32157.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the bsa_server process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of an unprivileged user in a sandboxed process. Was ZDI-CAN-20737." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tesla", + "product": { + "product_data": [ + { + "product_name": "Model 3", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-973/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-973/" + } + ] + }, + "source": { + "lang": "en", + "value": "David BERARD (@_p0ly_) and Vincent DEHORS (@vdehors) from Synacktiv (@Synacktiv)" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/32xxx/CVE-2023-32158.json b/2023/32xxx/CVE-2023-32158.json index 9b60ef37778..f67efa40e29 100644 --- a/2023/32xxx/CVE-2023-32158.json +++ b/2023/32xxx/CVE-2023-32158.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32158", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17764." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PDF-XChange", + "product": { + "product_data": [ + { + "product_name": "PDF-XChange Editor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.3.361.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-640/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-640/" + }, + { + "url": "https://www.tracker-software.com/product/pdf-xchange-editor/history", + "refsource": "MISC", + "name": "https://www.tracker-software.com/product/pdf-xchange-editor/history" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32159.json b/2023/32xxx/CVE-2023-32159.json index 7481b47638c..7e2427b0367 100644 --- a/2023/32xxx/CVE-2023-32159.json +++ b/2023/32xxx/CVE-2023-32159.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17765." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PDF-XChange", + "product": { + "product_data": [ + { + "product_name": "PDF-XChange Editor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.3.361.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-641/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-641/" + }, + { + "url": "https://www.tracker-software.com/product/pdf-xchange-editor/history", + "refsource": "MISC", + "name": "https://www.tracker-software.com/product/pdf-xchange-editor/history" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32160.json b/2023/32xxx/CVE-2023-32160.json index 8a24be62ed3..f548bcfea60 100644 --- a/2023/32xxx/CVE-2023-32160.json +++ b/2023/32xxx/CVE-2023-32160.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32160", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17767." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PDF-XChange", + "product": { + "product_data": [ + { + "product_name": "PDF-XChange Editor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.3.361.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-642/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-642/" + }, + { + "url": "https://www.tracker-software.com/product/pdf-xchange-editor/history", + "refsource": "MISC", + "name": "https://www.tracker-software.com/product/pdf-xchange-editor/history" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32161.json b/2023/32xxx/CVE-2023-32161.json index ca70c8f1aa9..decb857d8d6 100644 --- a/2023/32xxx/CVE-2023-32161.json +++ b/2023/32xxx/CVE-2023-32161.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32161", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17778." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PDF-XChange", + "product": { + "product_data": [ + { + "product_name": "PDF-XChange Editor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.3.361.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-643/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-643/" + }, + { + "url": "https://www.tracker-software.com/product/pdf-xchange-editor/history", + "refsource": "MISC", + "name": "https://www.tracker-software.com/product/pdf-xchange-editor/history" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32164.json b/2023/32xxx/CVE-2023-32164.json index f1fcb208893..b6ff50bc250 100644 --- a/2023/32xxx/CVE-2023-32164.json +++ b/2023/32xxx/CVE-2023-32164.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32164", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TftpSendFileThread class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-19496." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "D-View", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-715/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-715/" + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332" + } + ] + }, + "source": { + "lang": "en", + "value": "Andrea Micalizzi aka rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32165.json b/2023/32xxx/CVE-2023-32165.json index dc9fbd01929..1f9ab0773b7 100644 --- a/2023/32xxx/CVE-2023-32165.json +++ b/2023/32xxx/CVE-2023-32165.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32165", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TftpReceiveFileHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19497." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "D-View", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-716/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-716/" + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332" + } + ] + }, + "source": { + "lang": "en", + "value": "Andrea Micalizzi aka rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" } ] } diff --git a/2023/32xxx/CVE-2023-32166.json b/2023/32xxx/CVE-2023-32166.json index f839b659d68..0cdb1f29f1b 100644 --- a/2023/32xxx/CVE-2023-32166.json +++ b/2023/32xxx/CVE-2023-32166.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32166", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the uploadFile function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of SYSTEM. Was ZDI-CAN-19527." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "D-View", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-717/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-717/" + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332" + } + ] + }, + "source": { + "lang": "en", + "value": "Andrea Micalizzi aka rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2023/32xxx/CVE-2023-32167.json b/2023/32xxx/CVE-2023-32167.json index 2a0aa496b77..54b178224ca 100644 --- a/2023/32xxx/CVE-2023-32167.json +++ b/2023/32xxx/CVE-2023-32167.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32167", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the uploadMib function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create or delete files in the context of SYSTEM. Was ZDI-CAN-19529." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "D-View", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-718/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-23-718/" + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332" + } + ] + }, + "source": { + "lang": "en", + "value": "Andrea Micalizzi aka rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] }