{"vulnerability": "CVE-2022-3387", "sightings": [{"uuid": "df652bcd-bcf7-40c7-85c0-ce796cfa9359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-33873", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_16/2022", "content": "", "creation_timestamp": "2022-10-10T10:25:16.000000Z"}, {"uuid": "f1752e27-9d12-4af6-8629-d073a0d2b113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33873", "type": "seen", "source": "https://t.me/cibsecurity/51681", "content": "\u203c CVE-2022-33873 \u203c\n\nAn improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to execute arbitrary command in the underlying shell.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:25.000000Z"}, {"uuid": "90caed03-51f4-45ae-a843-4aa7dabab49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33872", "type": "seen", "source": "https://t.me/cibsecurity/51679", "content": "\u203c CVE-2022-33872 \u203c\n\nAn improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:23.000000Z"}, {"uuid": "e7cf3dba-8274-4743-9c39-b7617c9bc7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33879", "type": "seen", "source": "https://t.me/cibsecurity/45253", "content": "\u203c CVE-2022-33879 \u203c\n\nThe initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:07.000000Z"}, {"uuid": "74dcd018-1214-4327-80fe-57497f5d6e84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33879", "type": "seen", "source": "https://t.me/ctinow/180545", "content": "https://ift.tt/B9EeULF\nCVE-2022-33879 | Oracle Commerce Guided Search 11.3.2 Workbench denial of service", "creation_timestamp": "2024-02-07T07:06:24.000000Z"}, {"uuid": "23aa8955-05a2-45d0-b80e-8d0be3ea0ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33876", "type": "seen", "source": "https://t.me/cibsecurity/54085", "content": "\u203c CVE-2022-33876 \u203c\n\nMultiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:41:04.000000Z"}, {"uuid": "14f69b0f-7fef-45c6-820a-cda92923c627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33874", "type": "seen", "source": "https://t.me/cibsecurity/51672", "content": "\u203c CVE-2022-33874 \u203c\n\nAn improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T07:06:45.000000Z"}, {"uuid": "d8687452-92d8-4de0-8dd2-050807ddc875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3387", "type": "seen", "source": "https://t.me/cibsecurity/52188", "content": "\u203c CVE-2022-3387 \u203c\n\nAdvantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T00:29:05.000000Z"}, {"uuid": "233559d5-386a-40dc-914e-db90df3fc8c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33875", "type": "seen", "source": "https://t.me/cibsecurity/54083", "content": "\u203c CVE-2022-33875 \u203c\n\nAn improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:41:02.000000Z"}]}