{"vulnerability": "CVE-2022-3254", "sightings": [{"uuid": "9324c575-fd56-4fdb-8ab1-704ac0df3a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32540", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17002", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32540\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\n\ud83d\udccf Published: 2022-09-30T16:38:54.000Z\n\ud83d\udccf Modified: 2025-05-20T16:15:31.413Z\n\ud83d\udd17 References:\n1. https://psirt.bosch.com/security-advisories/bosch-sa-464066.html", "creation_timestamp": "2025-05-20T16:40:46.000000Z"}, {"uuid": "d7f0e9b4-43de-43ac-85aa-5343692075ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/poxek/2371", "content": "#CVE\n\nUnauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers\nCVE-2022-32548\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Trellix Threat Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c CVE-2022-32548, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 DrayTek. \u0410\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0431\u0435\u0437 \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0435\u0441\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c. \u0410\u0442\u0430\u043a\u0430 \u043e\u0434\u043d\u0438\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c \u043c\u044b\u0448\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0438\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0410\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c. \u0412\u0441\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u0438\u043c\u0435\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.", "creation_timestamp": "2022-08-26T15:00:04.000000Z"}, {"uuid": "ea0d0ca3-9cb1-46b3-a131-17c99875dd57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "Telegram/xxRaxVI1gR5FP04Wc_U4-0Y2xWdwmht_siqYhLchpXSnPME", "content": "", "creation_timestamp": "2023-10-11T20:09:29.000000Z"}, {"uuid": "6e562d84-1dad-4d1a-9e4b-2ee34fc091ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "Telegram/3KGSVBcUEI8daJAV77erOipGt_ffS4VChajyk7mqZZk-Lkw", "content": "", "creation_timestamp": "2022-10-07T14:26:04.000000Z"}, {"uuid": "5e1d2fe6-bfd7-4c7c-8fc4-35071b23c529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32544", "type": "seen", "source": "https://t.me/cibsecurity/48345", "content": "\u203c CVE-2022-32544 \u203c\n\nOperation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T12:41:32.000000Z"}, {"uuid": "06b06660-f2f9-4b21-b8cf-0af6bd005ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32549", "type": "seen", "source": "https://t.me/cibsecurity/44945", "content": "\u203c CVE-2022-32549 \u203c\n\nApache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-22T18:28:37.000000Z"}, {"uuid": "d569db2f-1bd9-49fd-b92a-7455413464a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2437", "content": "#CVE-2022\nDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\n\nhttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC\n\n@BlueRedTeam", "creation_timestamp": "2022-11-09T02:49:30.000000Z"}, {"uuid": "791ed61b-e6b1-4522-89b3-4ffb006d49ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3254", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memet74z3y2i", "content": "", "creation_timestamp": "2026-02-11T21:03:01.073161Z"}, {"uuid": "5ae27647-fa48-441c-9c11-9812a84382c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3182", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\nURL\uff1ahttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-06T17:24:54.000000Z"}, {"uuid": "1a91b079-44b6-47f0-85c4-98d6c67e3f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1164", "content": "#CVE-2022-32548\n\nhttps://github.com/rftg1000/CVE-2022-32548-RCE-POC", "creation_timestamp": "2023-07-28T18:26:40.000000Z"}, {"uuid": "2b1ae678-3478-4634-bb6b-0036ebd5a841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3254", "type": "seen", "source": "https://t.me/cibsecurity/52301", "content": "\u203c CVE-2022-3254 \u203c\n\nThe WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-31T19:38:14.000000Z"}, {"uuid": "d2f0a3cd-c681-403f-8624-cfb75af2446b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/cibsecurity/47513", "content": "\ud83d\udd74 Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks \ud83d\udd74\n\nSMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2022-08-05T00:12:11.000000Z"}, {"uuid": "90d552e0-6f3c-4abd-817e-d78e759d1eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32547", "type": "seen", "source": "https://t.me/cibsecurity/44673", "content": "\u203c CVE-2022-32547 \u203c\n\nIn ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T22:20:49.000000Z"}, {"uuid": "e03164ff-db96-4b40-8fea-bb452c825ebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/thehackernews/2443", "content": "Researchers discovered a critical unauthenticated RCE vulnerability (CVE-2022-32548) affecting 29 different router models from DrayTek that can be exploited to gain full access over targeted networks.\n\nRead details: https://thehackernews.com/2022/08/critical-rce-bug-could-let-hackers.html", "creation_timestamp": "2022-08-04T15:13:26.000000Z"}, {"uuid": "b6914b02-3cb6-42f2-b404-99117199a86d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6788", "content": "#exploit\n1. CVE-2022-36804:\nA critical vulnerability in Atlassian Bitbucket Server/Data Center\nhttps://github.com/CEOrbey/CVE-2022-36804-MASS-RCE\n\n2. CVE-2022-32548:\nDrayTek unauthenticated RCE vulnerability in /cgi-bin/wlogin.cgi via username field\nhttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC", "creation_timestamp": "2022-11-08T05:19:47.000000Z"}, {"uuid": "6dc910e8-ae03-424b-ba72-8add71131782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1566", "content": "#exploit\n1. CVE-2023-5521:\nRoot takeover via signature spoofing in tiann/kernelsu\nhttps://huntr.com/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1\n\n2. CVE-2023-4632:\nLPE in Lenovo System\u00a0Updater\nhttps://enigma0x3.net/2023/10/26/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater\n\n3. CVE-2022-32548:\nDrayTek unauthenticated RCE in /cgi-bin/wlogin.cgi\nhttps://github.com/MosaedH/CVE-2022-32548-RCE-POC", "creation_timestamp": "2024-08-16T08:40:14.000000Z"}, {"uuid": "5f106864-98a7-45e4-bc7c-dec88c8d76fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-3254", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3miwohyeb252i", "content": "", "creation_timestamp": "2026-04-07T21:03:04.911028Z"}, {"uuid": "7406ecfc-f4c4-4ff0-9f6f-31ebb8d278a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3109", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\nURL\uff1ahttps://github.com/uisvit/CVE-2022-32548-RCE-MASS\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-24T14:31:25.000000Z"}, {"uuid": "3e9b58a9-ef60-43f9-8c1d-b42500760fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32540", "type": "seen", "source": "https://t.me/cibsecurity/50782", "content": "\u203c CVE-2022-32540 \u203c\n\nInformation Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-30T20:36:21.000000Z"}, {"uuid": "bc912f8a-22b1-4aea-9582-3a63ca3d1780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32546", "type": "seen", "source": "https://t.me/cibsecurity/44683", "content": "\u203c CVE-2022-32546 \u203c\n\nA vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T22:21:00.000000Z"}, {"uuid": "2b43bfa5-f5a7-4365-969a-802b4a32ca6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32545", "type": "seen", "source": "https://t.me/cibsecurity/44679", "content": "\u203c CVE-2022-32545 \u203c\n\nA vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T22:20:57.000000Z"}, {"uuid": "0f403656-25e6-4b19-b9b8-4e204b613759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9277", "content": "#exploit\n1. CVE-2023-5521:\nRoot takeover via signature spoofing in tiann/kernelsu\nhttps://huntr.com/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1\n\n2. CVE-2023-4632:\nLPE in Lenovo System\u00a0Updater\nhttps://enigma0x3.net/2023/10/26/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater\n\n3. CVE-2022-32548:\nDrayTek unauthenticated RCE in /cgi-bin/wlogin.cgi\nhttps://github.com/MosaedH/CVE-2022-32548-RCE-POC", "creation_timestamp": "2023-10-28T12:33:01.000000Z"}, {"uuid": "3163e259-d261-4f92-a00f-085c263ac6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3254", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-3254.yaml", "content": "", "creation_timestamp": "2026-02-06T15:04:17.000000Z"}]}