{"vulnerability": "CVE-2022-2964", "sightings": [{"uuid": "b7787c14-2f5c-4598-9009-1c0c47f8d134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2964", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "7d0fbaf5-0a4e-4cf7-82ae-d4c7262c4eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29649", "type": "seen", "source": "https://t.me/cibsecurity/49827", "content": "\u203c CVE-2022-29649 \u203c\n\nQsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-15T18:27:51.000000Z"}, {"uuid": "d6e60741-2433-4f4e-a693-601264d784dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29644", "type": "seen", "source": "https://t.me/cibsecurity/42897", "content": "\u203c CVE-2022-29644 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:33.000000Z"}, {"uuid": "6162ea62-620e-4537-8e3f-60d149cf500a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29648", "type": "seen", "source": "https://t.me/cibsecurity/43686", "content": "\u203c CVE-2022-29648 \u203c\n\nA cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T18:35:42.000000Z"}, {"uuid": "3758736d-0d98-4611-bc7f-d686517cd4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29642", "type": "seen", "source": "https://t.me/cibsecurity/42903", "content": "\u203c CVE-2022-29642 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:41.000000Z"}, {"uuid": "fd1b49df-28ba-411e-8d97-f0c0a2dcd0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29640", "type": "seen", "source": "https://t.me/cibsecurity/42899", "content": "\u203c CVE-2022-29640 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:35.000000Z"}, {"uuid": "a4e0e47a-a28e-48fe-900c-fd27d4c7a610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29641", "type": "seen", "source": "https://t.me/cibsecurity/42898", "content": "\u203c CVE-2022-29641 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:34.000000Z"}, {"uuid": "74cfb7a2-ce41-4ad2-9ccb-fec64f7bf642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29645", "type": "seen", "source": "https://t.me/cibsecurity/42894", "content": "\u203c CVE-2022-29645 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:30.000000Z"}, {"uuid": "b47c1c84-3f41-4ce1-80c9-f1a4dad27c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29643", "type": "seen", "source": "https://t.me/cibsecurity/42892", "content": "\u203c CVE-2022-29643 \u203c\n\nTOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:27.000000Z"}, {"uuid": "9aea21c6-7703-450b-bb82-62a528abc32d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29646", "type": "seen", "source": "https://t.me/cibsecurity/42901", "content": "\u203c CVE-2022-29646 \u203c\n\nAn access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T16:28:38.000000Z"}]}