A Deep Dive Into Attempted Exploitation of CVE-2023-33538
Essential information
- Published
- 17/04/2026 08:35
- Modified
- 17/04/2026 10:47
- Tags
- 2026-04-17 CVE-2023-33538 command injection condi condi botnet firmware analysis iot exploitation mirai mirai botnet tp-link routers wifi routers
- Related entities
- 13 vulnerabilities (cve), 9 observables, 19 techniques (mitre), 2 malware, 2 others
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (13)
Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
- Attack vector
- Network
- Published
- 10/11/2025
- Modified
- 21/12/2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable …
- Attack vector
- NETWORK
- EPSS
- 0.0003 (P7.6%)
- Published
- 09/01/2026
- Modified
- 17/04/2026
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
- Attack vector
- NETWORK
- Published
- 29/01/2026
- Modified
- 27/03/2026
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm. The impacted products could be …
- Attack vector
- Network
- Published
- 16/06/2025
- Modified
- 21/12/2025
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 …
- Attack vector
- Local
- Complexity
- LOW
- Published
- 16/05/2025
- Modified
- 17/04/2026
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 29/01/2026
- Modified
- 10/04/2026
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
- Attack vector
- Network
- Published
- 24/10/2025
- Modified
- 21/12/2025
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by …
- Attack vector
- LOCAL
- Published
- 13/08/2025
- Modified
- 17/04/2026
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, …
- Attack vector
- Network
- Published
- 05/12/2025
- Modified
- 29/05/2026
Rejected reason: This CVE is a duplicate of CVE-2025-55182.
- Published
- 20/12/2025
- Modified
- 21/12/2025
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue …
- Attack vector
- NETWORK
- Published
- 19/12/2025
- Modified
- 26/01/2026
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges …
- Attack vector
- Network
- Published
- 12/04/2024
- Modified
- 21/12/2025
Observables (9)
-
3fbd2a2e82ceb5e91eadbad02cb45ac618324da9b1895d81ebe7de765dca30e7 -
56f21f412e898ad9e3ee05d5f44c44d9d7bcb9ecbfbdb9de11b8fa5a637aeef6 -
919f292a07a37f163f88527e725406187c8ecc637387ad24853fe49ce4e6ddf4 -
9df711c3aef2bba17b622ddfd955452f8d8eb55899528fbc13d9540c52f13402 -
4caaa18982cd4056fead54b98d57f9a2a1ddd654cf19a7ba2366dfadbd6033da -
534b654531a6a540a144da9545ee343e1046f843d7de4c1091b46c3ee66a508b -
c321933e4e5970ba7299fe21778dab9398994c22ca0ba0422c6cbc3fbb95ea26 -
00078aeeaca54b5d3c1237e964e9f956690b782e4ea160d81edc3c6b44e7f620 -
7bbb21fec19512d932b7a92652ed0c8f0fedea89f34b9d6f267cf39de0eb9b20
Techniques (MITRE) (19)
-
Valid Accounts MITRE
-
Service Stop MITRE
-
Encrypted Channel MITRE
-
Web Protocols MITRE
-
Data Encrypted for Impact MITRE
-
Remote System Discovery MITRE
-
Create or Modify System Process MITRE
-
Exploit Public-Facing Application MITRE
-
Ingress Tool Transfer MITRE
-
Unix Shell MITRE
-
Account Manipulation MITRE
-
Network Service Discovery MITRE
Malware (2)
Others (2)
-
bot.ddosvps.cc
-
cnc.vietdediserver.shop