{"vulnerability": "CVE-2022-2992", "sightings": [{"uuid": "88d661db-1785-4fa4-9a86-6d82b927a345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gitlab_github_import_rce_cve_2022_2992.rb", "content": "", "creation_timestamp": "2023-02-14T22:23:51.000000Z"}, {"uuid": "085fe031-1cf9-477a-97f6-466e3442f934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "Telegram/Qahgv_yYIyA3kzVr1z_AWBylMiyjPwrWyfefrMSht9YAvmg", "content": "", "creation_timestamp": "2023-01-02T12:53:10.000000Z"}, {"uuid": "e01f109a-1603-445c-8335-706d03431667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "Telegram/svK4kHNDHZ_Def8Oth7PJq9-9JuxBN1fVJ912OIPd5FK-fA", "content": "", "creation_timestamp": "2022-11-13T03:15:00.000000Z"}, {"uuid": "6c6e8eab-a7b0-4904-9b8e-25d27bb36fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29922", "type": "seen", "source": "https://t.me/cibsecurity/49791", "content": "\u203c CVE-2022-29922 \u203c\n\nImproper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS600 product. This issue affects: Hitachi Energy MicroSCADA Pro SYS600 version 9.4 FP2 Hotfix 4 and earlier versions Hitachi Energy MicroSCADA X SYS600 version 10 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T22:31:44.000000Z"}, {"uuid": "7832d58b-c7bf-44da-a90b-92b92ded59d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:45.000000Z"}, {"uuid": "fcd5c538-4b7b-4118-b05e-f7a4bdc76dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "c713942f-6d67-4987-8a15-dd10f7282d4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1026", "content": "CVE-2022-2992\nAuthenticated Remote Command Execution in Gitlab via GitHub import.\n*\nA vulnerability in GitLab CE/EE affecting all versions from 11.10 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.\nExploit and Readme\n\n#exploit", "creation_timestamp": "2022-10-10T07:03:55.000000Z"}, {"uuid": "03e688ef-7759-4918-aa57-dc9a204d77c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/25958", "content": "https://github.com/CsEnox/CVE-2022-2992", "creation_timestamp": "2022-10-09T14:07:43.000000Z"}, {"uuid": "9fb0246d-5f61-4d29-9932-0b2aee4258f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "7ad6f9f5-7c3d-469c-8ccb-91d0f9b0821f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16310", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2992\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T14:27:30.020Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/371884\n2. https://hackerone.com/reports/1679624\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2992.json\n4. http://packetstormsecurity.com/files/171008/GitLab-GitHub-Repo-Import-Deserialization-Remote-Code-Execution.html", "creation_timestamp": "2025-05-14T14:31:55.000000Z"}, {"uuid": "525195d7-7fb9-4e9f-8579-0664e331a9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "published-proof-of-concept", "source": "Telegram/h2-8cMxm2rjhROEHHz1DsUtKgyqNrT29ZVXlVrWu3InrfQk", "content": "", "creation_timestamp": "2022-10-22T06:36:59.000000Z"}, {"uuid": "f3eb53cf-3041-4655-b45b-12fcd984489f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29923", "type": "seen", "source": "https://t.me/cibsecurity/46716", "content": "\u203c CVE-2022-29923 \u203c\n\nAuthenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.4.1 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T22:12:17.000000Z"}, {"uuid": "6268bb61-9610-4e11-a865-8313c1964f90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2992", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/6946", "content": "#exploit\nCVE-2022-2992:\nAuthenticated RCE in Gitlab via GitHub import\nhttps://github.com/CsEnox/CVE-2022-2992", "creation_timestamp": "2022-10-11T02:32:29.000000Z"}]}