Aug 20, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-39617 Totolink X5000r Firmware RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Totolink X5000r Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-39618 Totolink X5000r Firmware RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Totolink X5000r Firmware RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-39747 Tp-link Tl-wr841n V8 Firmware Buffer Overflow

  • CVSS 9.8

New critical Tp-link Tl-wr841n V8 Firmware Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-24989 CVSS 9.8

TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters f...

CVE-2023-39617 CVSS 9.8

TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulne...

CVE-2023-39618 CVSS 9.8

TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface.

CVE-2023-39747 CVSS 9.8

TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at...

CVE-2023-39749 CVSS 9.8

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource.

CVE-2023-39750 CVSS 9.8

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6.

CVE-2023-39751 CVSS 9.8

TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via the pSize parameter at /userRpm/PingIframeRpm.

View critical disclosures

cvelogic Threat Intelligence