Auto Generated CVE annotations [Tue Dec 27 14:32:24 UTC 2022] 🤖

cves/2020/CVE-2020-35476.yaml

@@ -4,10 +4,11 @@ info:
   name: OpenTSDB <= 2.4.0 - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: "OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory."
+  description: OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory.
   reference:
     - https://github.com/OpenTSDB/opentsdb/issues/2051
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35476
+    - http://packetstormsecurity.com/files/170331/OpenTSDB-2.4.0-Command-Injection.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

cves/2022/CVE-2022-23854.yaml

@@ -10,11 +10,12 @@ info:
     - https://packetstormsecurity.com/files/cve/CVE-2022-23854
     - https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854
+    - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02
   classification:
     cve-id: CVE-2022-23854
   metadata:
-    verified: true
     shodan-query: http.html:"InTouch Access Anywhere"
+    verified: "true"
   tags: lfi,packetstorm,cve,cve2022,aveva,intouch
 
 requests: