Home
» Risk & Exploitation
» Daily threat intelligence
» May 2, 2023
May 2, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Fs S3900 24t4s Firmware: public exploit or PoC linked (privilege escalation)
6 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2023-25438
Genomedics Millegpg privilege escalation
Public exploit or PoC available
Exploit activity linked
Potential privilege escalation to admin/root
Genomedics Millegpg privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2023-29983
Companymaps Project Companymaps cross-site scripting
Public exploit or PoC available
Exploit activity linked
Companymaps Project Companymaps cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2023-1730
Supportcandy SQL Injection
CVSS 9.8
Internet-facing CMS deployments affected
New critical Supportcandy SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
FS S3900-24T4S devices allow authenticated attackers with guest access to escalate their privileges and reset the admin password.
Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditl...
SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_de...
An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could a...
OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing.
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.
D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow.
Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth.
View critical disclosures
cvelogic
Threat Intelligence