Mar 22, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Linksys E8450 Firmware: public exploit or PoC linked (Command Injection)
  • WordPress plugin RCE/exploit activity: 2 CVEs flagged today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-38841 Linksys E8450 Firmware Command Injection

  • Public exploit or PoC available
  • Exploit activity linked

Linksys E8450 Firmware Command Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-27060 Lightcms Project Lightcms RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Lightcms Project Lightcms RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-27637 Tshirtecommerce Custom Product Designer SQL Injection

  • CVSS 9.8

New critical Tshirtecommerce Custom Product Designer SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-38841 Exploit

Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-25589 CVSS 9.8

New critical Arubanetworks Clearpass Policy Manager exposure disclosed.

CVE-2023-27060 CVSS 9.8

LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function.

CVE-2023-27100 CVSS 9.8

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense...

CVE-2023-27224 CVSS 9.8

An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.

CVE-2023-27637 CVSS 9.8

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop.

CVE-2023-27638 CVSS 9.8

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop.

CVE-2023-27855 CVSS 9.8

In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer.

CVE-2023-28662 CVSS 9.8

The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerabi...

CVE-2023-28667 CVSS 9.8

The Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure deserialization issue.

CVE-2023-28725 CVSS 9.1

General Bytes Crypto Application Server (CAS) 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execut...

View critical disclosures

cvelogic Threat Intelligence