Jul 31, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Ivanti Endpoint Manager Mobile (EPMM) added to CISA KEV — confirmed in-the-wild exploitation.
  • Webkul Uvdesk: public exploit or PoC linked
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2023-35081 Ivanti Endpoint Manager Mobile (EPMM) Path Traversal

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2023-39147 Webkul Uvdesk

  • Public exploit or PoC available
  • Exploit activity linked

Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.

Critical exposure

CVE-2023-34635 Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection.

  • CVSS 9.8

New critical Wifi-soft Unibox Administration SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2023-35081 KEV

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal

View KEV additions

Exploit & PoC activity

CVE-2023-39147 Exploit

An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-42183 CVSS 9.1

Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF).

CVE-2023-34635 CVSS 9.8

Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection.

CVE-2023-34644 CVSS 9.8

Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S...

CVE-2023-34842 CVSS 9.8

Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to...

CVE-2023-36089 CVSS 9.8

Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain escalated privileges via func...

CVE-2023-36090 CVSS 9.8

Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers to gain escalated privileges via phpcgi.

CVE-2023-36091 CVSS 9.8

Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers to gain escalated privileges via via function phpc...

CVE-2023-36092 CVSS 9.8

Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main.

CVE-2023-37771 CVSS 9.8

Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php.

CVE-2023-39122 CVSS 9.8

BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter.

View critical disclosures

cvelogic Threat Intelligence