{"vulnerability": "CVE-2022-3771", "sightings": [{"uuid": "e694cfd6-5940-403e-b066-6938cf43c817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37719", "type": "seen", "source": "https://t.me/cibsecurity/56867", "content": "\u203c CVE-2022-37719 \u203c\n\nA Cross-Site Request Forgery (CSRF) in the management portal of JetNexus/EdgeNexus ADC 4.2.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-02T14:40:11.000000Z"}, {"uuid": "1a446fd1-5488-42e6-bef9-51515174e0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37718", "type": "seen", "source": "https://t.me/cibsecurity/56863", "content": "\u203c CVE-2022-37718 \u203c\n\nThe management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands through a specially crafted payload. This vulnerability can also be exploited from an unauthenticated context via unspecified vectors\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T20:24:01.000000Z"}, {"uuid": "0fbce629-fed3-4ec4-9e53-bd57d3f0789e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3771", "type": "seen", "source": "https://t.me/cibsecurity/52282", "content": "\u203c CVE-2022-3771 \u203c\n\nA vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier VDB-212501 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-31T17:37:50.000000Z"}, {"uuid": "8d991fda-4db7-43bc-a1ab-c76556ff6eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37710", "type": "seen", "source": "https://t.me/cibsecurity/52580", "content": "\u203c CVE-2022-37710 \u203c\n\nPatterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or EXE file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-07T02:33:47.000000Z"}]}