{"vulnerability": "CVE-2022-2602", "sightings": [{"uuid": "d01543ad-4625-40c1-afcd-2a8f6b0aa545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/netrunnerz/365", "content": "CVE-2022-2602\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free \u0432 \u044f\u0434\u0440\u0435 Linux\n\n\u0412 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430/\u0432\u044b\u0432\u043e\u0434\u0430 io_uring \u044f\u0434\u0440\u0430 \u041e\u0421 Linux, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 5.1 \u0438 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.0.3, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n#CVE", "creation_timestamp": "2022-12-10T20:20:18.000000Z"}, {"uuid": "0285cf20-1104-4f45-8ce2-c6feffd8f019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/278", "content": "#Cybersecurity news - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aOkta says its GitHub account hacked, source code stolen\n\nhttps://www.bleepingcomputer.com/news/security/okta-says-its-github-account-hacked-source-code-stolen/\n\n\u200aGodFather Android malware targets 400 banks, crypto exchanges\n\nhttps://www.bleepingcomputer.com/news/security/godfather-android-malware-targets-400-banks-crypto-exchanges/\n\n\u200aeviltree: searching for user provided keywords/regex in files\n\nhttps://securityonline.info/eviltree-searching-for-user-provided-keywords-regex-in-files/\n\n\u200aHackers Use New BrasDex Android Malware to Steal Users\u2019 Banking Details\n\nhttps://gbhackers.com/new-brasdex-android-malware/\n\n\u200aAre These 7 Security Gaps in Your APIs?\n\nhttps://latesthackingnews.com/2022/12/21/are-these-7-security-gaps-in-your-apis/\n\n\u200aBug Bytes #186 \u2013 Winter Festival Edition\n\nhttps://blog.intigriti.com/2022/12/21/bug-bytes-186-winter-festival-edition/\n\n\u200aSquarephish - An advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes\n\nhttp://www.kitploit.com/2022/12/squarephish-advanced-phishing-tool-that.html\n\n\u200aHow to spy on people on iOS\n\nhttps://infosecwriteups.com/how-to-spy-on-people-on-ios-516651069844?source=rss----7b722bfd1b8d---4\n\n\u200aTryHackMe\u200a\u2014\u200aWarzone 2 Write-up with Answers\n\nhttps://infosecwriteups.com/tryhackme-warzone-2-write-up-with-answers-51030b8639d4?source=rss----7b722bfd1b8d---4\n\n\u200aAdvent of Cyber 2022 [Day 20] Firmware | Binwalkin\u2019 around the Christmas tree-Simple Write up\n\nhttps://infosecwriteups.com/advent-of-cyber-2022-day-20-firmware-binwalkin-around-the-christmas-tree-simple-write-up-345f9525d20c?source=rss----7b722bfd1b8d---4\n\n\u200aPoC Code for Linux Kernel Privilege Escalation Flaw (CVE-2022-2602) Published\n\nhttps://securityonline.info/poc-code-for-linux-kernel-privilege-escalation-flaw-cve-2022-2602-published/\n\n\u200aMulti-Cloud Architectures Driving Changes for Compliance and Audit Requirements\n\nhttps://latesthackingnews.com/2022/12/21/multi-cloud-architectures-driving-changes-for-compliance-and-audit-requirements/\n\n\u200aFBI warns of search engine ads pushing malware, phishing\n\nhttps://www.bleepingcomputer.com/news/security/fbi-warns-of-search-engine-ads-pushing-malware-phishing/\n\n\u200aData exfiltration using a COVID-bit attack | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/covid-bit-attack/46665/\n\n\u200aPassword theft bug chain patched in Passwordstate credential manager\n\nhttps://portswigger.net/daily-swig/password-theft-bug-chain-patched-in-passwordstate-credential-manager\n\n\u200aAndroid Parental Control Apps Riddled with Security and Privacy Risks\n\nhttps://restoreprivacy.com/android-parental-control-apps-security-and-privacy-risks/\n\n\u200aRussians hacked JFK airport\u2019s taxi dispatch system for profit\n\nhttps://www.bleepingcomputer.com/news/security/russians-hacked-jfk-airport-s-taxi-dispatch-system-for-profit/\n\n\u200aFCC proposes record $300 million fine against  auto warranty robocall campaign\n\nhttps://www.cyberscoop.com/fcc-robocall-fine-autowarranty/\n\n\u200aChris Inglis to resign as national cyber director\n\nhttps://www.cyberscoop.com/inglis-resign-national-cyber-director/\n\u200a\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2022-12-28T16:14:18.000000Z"}, {"uuid": "9a7dd548-1941-4c52-ba8b-fad95057c2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"}, {"uuid": "59a5e0dd-1d85-44ac-95ca-94789476b5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26023", "type": "seen", "source": "https://t.me/true_secator/3632", "content": "Cisco Talos \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 InRouter302 InHand Networks, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 \u0438 \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nInRouter \u2014 \u044d\u0442\u043e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0439 LTE-\u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0432\u043a\u0435\u043b\u044e\u044f\u0430\u044f VPN-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u043e \u043b\u0438\u0448\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u043c Talos \u0424\u0440\u0430\u043d\u0447\u0435\u0441\u043a\u043e \u0411\u0435\u043d\u0432\u0435\u043d\u0443\u0442\u043e \u0432 InRouter302.\n\n\u0420\u0430\u043d\u0435\u0435 Talos \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u043b\u0430, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443.\n\nTALOS-2022-1523\u00a0(CVE-2022-25932) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f\u00a0TALOS-2022-1472 \u0438\u00a0TALOS-2022-1474 \u043d\u0435 \u0438\u043c\u0435\u043b\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043e\u0442\u043b\u0430\u0434\u043a\u0438.\n\nInRouter302 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0443\u0441\u043b\u0443\u0433\u0438 telnet \u0438 SSHD.\u00a0\u041f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430.\n\n\u0418\u0437 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0432\u0430\u0436\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0432\u0432\u0435\u0441\u0442\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0444\u043b\u0430\u0433\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0434\u0440\u0443\u0433\u0438\u0445: \u0422\u0410\u041b\u041e\u0421-2022-1518 (CVE-2022-29481), TALOS-2022-1519 (CVE-2022-30543), \u0422\u0410\u041b\u041e\u0421-2022-1520 (CVE-2022-26023) \u0438 \u0422\u0410\u041b\u041e\u0421-2022-1521 (CVE-2022-28689.\n\nTALOS-2022-1522\u00a0(CVE-2022-29888) \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441.\n\n\u041f\u0440\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0440\u0443\u0448\u0430\u044f \u0435\u0433\u043e \u0440\u0430\u0431\u043e\u0442\u0443 \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b.", "creation_timestamp": "2022-10-28T11:12:28.000000Z"}, {"uuid": "e6e2e43c-c4d3-4b77-987a-c4cb669a3e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26024", "type": "seen", "source": "https://t.me/cibsecurity/52915", "content": "\u203c CVE-2022-26024 \u203c\n\nImproper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:52:07.000000Z"}, {"uuid": "9527a0b3-48cc-4d53-b626-5cfe81efa29f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26022", "type": "seen", "source": "https://t.me/cibsecurity/40041", "content": "\u203c CVE-2022-26022 \u203c\n\nOmron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:20:24.000000Z"}, {"uuid": "c614e3b0-ba98-46b4-821a-06911c803acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2565", "content": "#CVE-2022\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-20607\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-4646\n\nPoC for the CVE-2022-41082 Vulnerability Effecting Microsoft Exchange Servers\n\nhttps://github.com/balki97/CVE-2022-41082-POC\n\nCVE-2022-2602\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\nCVE-2022-2602\nhttps://github.com/Live-Hack-CVE/CVE-2022-4633\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-25574\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-36966\n\n@BlueRedTeam", "creation_timestamp": "2023-01-29T12:39:15.000000Z"}, {"uuid": "64b8a2e6-8f5a-4aa6-bc35-3aa94a7a434f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/GithubRedTeam/3624", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-2602\nURL\uff1ahttps://github.com/Live-Hack-CVE/CVE-2022-4633\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-22T12:25:58.000000Z"}, {"uuid": "73db70c2-13b5-42f4-b8a0-cb71bbc005d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3623", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-2602\nURL\uff1ahttps://github.com/LukeGix/CVE-2022-2602\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-22T11:27:45.000000Z"}, {"uuid": "2ce7af22-fe2c-47f0-96fb-4d74467b6b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/poxek/2619", "content": "CVE-2022-2602\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free \u0432 \u044f\u0434\u0440\u0435 Linux\n\n\u0412 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430/\u0432\u044b\u0432\u043e\u0434\u0430 io_uring \u044f\u0434\u0440\u0430 \u041e\u0421 Linux, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 5.1 \u0438 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.0.3, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Use-After-Free, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n#CVE", "creation_timestamp": "2022-12-10T15:19:45.000000Z"}, {"uuid": "7c54027d-cacf-4cce-a0ce-7e566090083c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2194", "content": "#Cybersecurity news - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aOkta says its GitHub account hacked, source code stolen\n\nhttps://www.bleepingcomputer.com/news/security/okta-says-its-github-account-hacked-source-code-stolen/\n\n\u200aGodFather Android malware targets 400 banks, crypto exchanges\n\nhttps://www.bleepingcomputer.com/news/security/godfather-android-malware-targets-400-banks-crypto-exchanges/\n\n\u200aeviltree: searching for user provided keywords/regex in files\n\nhttps://securityonline.info/eviltree-searching-for-user-provided-keywords-regex-in-files/\n\n\u200aHackers Use New BrasDex Android Malware to Steal Users\u2019 Banking Details\n\nhttps://gbhackers.com/new-brasdex-android-malware/\n\n\u200aAre These 7 Security Gaps in Your APIs?\n\nhttps://latesthackingnews.com/2022/12/21/are-these-7-security-gaps-in-your-apis/\n\n\u200aBug Bytes #186 \u2013 Winter Festival Edition\n\nhttps://blog.intigriti.com/2022/12/21/bug-bytes-186-winter-festival-edition/\n\n\u200aSquarephish - An advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes\n\nhttp://www.kitploit.com/2022/12/squarephish-advanced-phishing-tool-that.html\n\n\u200aHow to spy on people on iOS\n\nhttps://infosecwriteups.com/how-to-spy-on-people-on-ios-516651069844?source=rss----7b722bfd1b8d---4\n\n\u200aTryHackMe\u200a\u2014\u200aWarzone 2 Write-up with Answers\n\nhttps://infosecwriteups.com/tryhackme-warzone-2-write-up-with-answers-51030b8639d4?source=rss----7b722bfd1b8d---4\n\n\u200aAdvent of Cyber 2022 [Day 20] Firmware | Binwalkin\u2019 around the Christmas tree-Simple Write up\n\nhttps://infosecwriteups.com/advent-of-cyber-2022-day-20-firmware-binwalkin-around-the-christmas-tree-simple-write-up-345f9525d20c?source=rss----7b722bfd1b8d---4\n\n\u200aPoC Code for Linux Kernel Privilege Escalation Flaw (CVE-2022-2602) Published\n\nhttps://securityonline.info/poc-code-for-linux-kernel-privilege-escalation-flaw-cve-2022-2602-published/\n\n\u200aMulti-Cloud Architectures Driving Changes for Compliance and Audit Requirements\n\nhttps://latesthackingnews.com/2022/12/21/multi-cloud-architectures-driving-changes-for-compliance-and-audit-requirements/\n\n\u200aFBI warns of search engine ads pushing malware, phishing\n\nhttps://www.bleepingcomputer.com/news/security/fbi-warns-of-search-engine-ads-pushing-malware-phishing/\n\n\u200aData exfiltration using a COVID-bit attack | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/covid-bit-attack/46665/\n\n\u200aPassword theft bug chain patched in Passwordstate credential manager\n\nhttps://portswigger.net/daily-swig/password-theft-bug-chain-patched-in-passwordstate-credential-manager\n\n\u200aAndroid Parental Control Apps Riddled with Security and Privacy Risks\n\nhttps://restoreprivacy.com/android-parental-control-apps-security-and-privacy-risks/\n\n\u200aRussians hacked JFK airport\u2019s taxi dispatch system for profit\n\nhttps://www.bleepingcomputer.com/news/security/russians-hacked-jfk-airport-s-taxi-dispatch-system-for-profit/\n\n\u200aFCC proposes record $300 million fine against  auto warranty robocall campaign\n\nhttps://www.cyberscoop.com/fcc-robocall-fine-autowarranty/\n\n\u200aChris Inglis to resign as national cyber director\n\nhttps://www.cyberscoop.com/inglis-resign-national-cyber-director/\n\u200a\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2022-12-28T16:14:18.000000Z"}, {"uuid": "1eaaac80-eaf7-436f-a720-a78cf575b613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1909", "content": "\ud83d\udd25CVE-2022-2602 Exploit using inode locking technique.\n\n\ud83d\udcd5DirtyCred: Escalating Privilege in Linux Kernel\n\n\ud83d\udd16Blog posts: \nDirtyCred Remastered: how to turn an UAF into Privilege Escalation\n\nCVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF", "creation_timestamp": "2023-01-07T23:29:50.000000Z"}, {"uuid": "648fcff8-f4be-4a61-8c0e-4f5e05b9701c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1908", "content": "\ud83d\udd25CVE-2022-2602 Exploit using userfaultfd technique", "creation_timestamp": "2022-12-21T14:45:16.000000Z"}, {"uuid": "528ce907-1587-45dd-9fd3-f5d9fc17c8c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1907", "content": "|CVE-2022-2602 Kernel Exploit|\n\n\ud83d\udd25The vulnerability is an UAF that impacts the registered file descriptor functionality in the io_uring subsystem. It's possible to register a file in the io_uring context, free it from the Unix Garbage Collector(GC) and re-use it with the requested io_uring operation (for example, a writev operation). To exploit the bug, it was a matter of replace the freed file structure with a read-only file (e.g. /etc/passwd), in order to write into it, and achieve a good timing with a small race window.", "creation_timestamp": "2022-12-21T14:45:16.000000Z"}, {"uuid": "e28d0908-b670-425e-ae09-06a52e19a5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1941", "content": "\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n#cve", "creation_timestamp": "2022-12-22T17:02:37.000000Z"}, {"uuid": "99c9104d-8292-4b81-8e12-2106764ca7ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/crackcodes/1919", "content": "#exploit\n1. CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521:\nRemote DoS in Linux kernel WILC1000 wireless driver\nhttps://securitylab.github.com/advisories/GHSL-2022-112_GHSL-2022-115_wilc1000\n\n2. CVE-2022-2602:\nio_uring kernel exploit\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n3. Directory Traversal Vulnerability in Huawei HG255s Products\nhttps://infosecwriteups.com/directory-ttraversal-vulnerability-in-huawei-hg255s-products-dce941a1d015", "creation_timestamp": "2023-01-07T23:30:10.000000Z"}, {"uuid": "b55959b1-691f-482d-937f-cbc5c78b2eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1935", "content": "\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n#cve", "creation_timestamp": "2022-12-22T15:38:37.000000Z"}, {"uuid": "35cd0aac-c770-4ee7-b44c-d3e5276db494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/ctinow/164576", "content": "https://ift.tt/37ihS1L\nCVE-2022-2602", "creation_timestamp": "2024-01-08T19:26:21.000000Z"}, {"uuid": "c6511421-509b-4333-a1e4-2f3bfc51a7d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7399", "content": "#exploit\n1. CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521:\nRemote DoS in Linux kernel WILC1000 wireless driver\nhttps://securitylab.github.com/advisories/GHSL-2022-112_GHSL-2022-115_wilc1000\n\n2. CVE-2022-2602:\nio_uring kernel exploit\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n3. Directory Traversal in Huawei HG255s Products\nhttps://infosecwriteups.com/directory-ttraversal-vulnerability-in-huawei-hg255s-products-dce941a1d015", "creation_timestamp": "2022-12-22T06:30:04.000000Z"}, {"uuid": "4b3852b6-1ab2-4959-9dc2-1789d21af553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7426", "content": "#exploit\n1. CVE-2022-40309, CVE-2022-40308:\nApache Archiva <2.2.9 - Arbitrary Directory Delete / Arbitrary File Read\nhttps://xz.aliyun.com/t/11979\n\n2. CVE-2022-40602:\nZyXEL LTE3301-M209 - \"Backdoor\" credentials\nhttps://resolverblog.blogspot.com/2022/12/cve-2022-40602-zyxel-lte3301-m209.html\n]-> D-Link DWR-921/925/118 Hardcoded backdoor implemented by vendor:\nhttps://resolverblog.blogspot.com/2022/12/d-link-dwr-921-dwr-925-dwr-118.html\n\n3. DirtyCred Remastered: how to turn an UAF into Privilege Escalation\nhttps://exploiter.dev/blog/2022/CVE-2022-2602.html", "creation_timestamp": "2024-10-10T19:09:53.000000Z"}, {"uuid": "52c66693-2261-4708-be51-2e9e8a8a3e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "seen", "source": "https://t.me/linkersec/201", "content": "DirtyCred Remastered: how to turn an UAF into Privilege Escalation\n\nLukeGix and Alessandro Groppo published two articles about exploiting CVE-2022-2602, another use-after-free in the io_uring subsystem.\n\nThey used inode locking for pausing a kernel thread during UAF exploitation. To escalate privileges, the researchers employed the DirtyCred file exploitation technique.", "creation_timestamp": "2022-12-24T13:43:32.000000Z"}, {"uuid": "9e8108eb-978f-415b-aeb5-b44b0d941845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/208", "content": "New DirtyCred\nCVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/", "creation_timestamp": "2023-01-02T23:06:20.000000Z"}, {"uuid": "4e2a1fef-6a46-4e03-80c5-ae785f343c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1238", "content": "CVE-2022-2602 - exploit\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC Kernel Privilege Escalation  Linux\n*\n\u041e \u0447\u0435\u043c \u044d\u0442\u043e, \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0442\u0443\u0442_1 \u0438 \u0442\u0443\u0442_2\n*\nPOC (\u0442\u043e\u0447\u043d\u0435\u0435 \u0434\u0432\u0430) - \u0437\u0430\u0431\u0440\u0430\u0442\u044c\nExploit  - \u0437\u0430\u0431\u0440\u0430\u0442\u044c\n\n#linux #kernel #exploits", "creation_timestamp": "2022-12-22T08:32:57.000000Z"}, {"uuid": "af33abc6-548e-4593-aa2b-b97eb7b600ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "Telegram/1FKW7TKaRD1Ys74Gb3XBzOhSJy-5Fh2vZR0mAJ6wo0eD494", "content": "", "creation_timestamp": "2023-01-30T03:19:05.000000Z"}, {"uuid": "5f219bd0-40ed-4e74-8a74-4b425224c6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26028", "type": "seen", "source": "https://t.me/cibsecurity/52895", "content": "\u203c CVE-2022-26028 \u203c\n\nUncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:25.000000Z"}, {"uuid": "54b24bcf-faa8-432e-a731-0cf8eae014a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26023", "type": "seen", "source": "https://t.me/cibsecurity/52720", "content": "\u203c CVE-2022-26023 \u203c\n\nA leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T20:36:22.000000Z"}, {"uuid": "99a08ee2-8048-40cb-95ee-619492dd9435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2602", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4449", "content": "CVE-2022-2602 ( PoC Kernel Privilege Escalation Linux Published ( Exploit )\n\nRead\n\nRead \n\nPoC \n\nExploit \n\n#Exploit #linux \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:39.000000Z"}]}