May 2, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Fs S3900 24t4s Firmware: public exploit or PoC linked (privilege escalation)
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2023-25438 Genomedics Millegpg privilege escalation

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Genomedics Millegpg privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2023-29983 Companymaps Project Companymaps cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Companymaps Project Companymaps cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-1730 Supportcandy SQL Injection

  • CVSS 9.8
  • Internet-facing CMS deployments affected

New critical Supportcandy SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2023-30350 Exploit

FS S3900-24T4S devices allow authenticated attackers with guest access to escalate their privileges and reset the admin password.

CVE-2023-29983 Exploit

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditl...

CVE-2023-30330 Exploit

SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_de...

CVE-2023-25438 Exploit

An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-1730 CVSS 9.8

The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could a...

CVE-2023-2479 CVSS 9.8

OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.

CVE-2023-26089 CVSS 9.8

European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing.

CVE-2023-29778 CVSS 9.8

GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.

CVE-2023-29856 CVSS 9.8

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow.

CVE-2023-30869 CVSS 9.8

Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth.

View critical disclosures

cvelogic Threat Intelligence