{"vulnerability": "CVE-2022-36923", "sightings": [{"uuid": "2438e1a3-e559-4809-aeac-0dd989c890e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-25)", "content": "", "creation_timestamp": "2026-01-25T00:00:00.000000Z"}, {"uuid": "99ba38d6-5b30-4983-951e-3d754b49e9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mah44ebmsa2t", "content": "", "creation_timestamp": "2025-12-20T21:02:58.181186Z"}, {"uuid": "5781056d-b08e-4ef4-80f9-06fc3080c7f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/496", "content": "CVE-2022-36923 : ManageEngine OpManager getUserAPIKey Authentication Bypass\nhttps://y4er.com/posts/cve-2022-36923-manageengine-opmanager-getuserapikey-authentication-bypass", "creation_timestamp": "2022-09-30T22:29:01.000000Z"}, {"uuid": "bdf00b38-66bc-4e83-bf1b-b1aa12221e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "seen", "source": "https://t.me/cibsecurity/47898", "content": "\u203c CVE-2022-36923 \u203c\n\nZoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:26:24.000000Z"}, {"uuid": "53acfa59-28d7-4697-9e6d-a1e877f42d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "seen", "source": "https://gist.github.com/xelphene/22d7af679f62d3cd4ec309d2b81d00ff", "content": "", "creation_timestamp": "2025-12-19T06:33:39.000000Z"}, {"uuid": "929938af-9bae-4302-b5a3-af165fcbecc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "seen", "source": "https://gist.github.com/xelphene/c91fd8498c474d4f024a43a144a8cd3b", "content": "", "creation_timestamp": "2025-12-19T06:35:19.000000Z"}, {"uuid": "97e298dc-ce95-4295-8e4b-7c3e44c5cb0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36923", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6761", "content": "#exploit\n1. Exploiting Flipper Zero\u2019s NFC file loader\nhttps://vvx7.io/posts/2022/09/your-amiibos-haunted\n\n2. CVE-2022-36923:\nManageEngine OpManager getUserAPIKey Authentication Bypass\nhttps://y4er.com/posts/cve-2022-36923-manageengine-opmanager-getuserapikey-authentication-bypass\n\n3. CVE-2022-22706/CVE-2021-39793:\nMali GPU driver makes read-only imported pages host-writable\nhttps://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-39793.html", "creation_timestamp": "2022-09-08T13:17:27.000000Z"}]}