{"vulnerability": "CVE-2022-38766", "sightings": [{"uuid": "b3656ac5-dc19-4cdf-bc1a-818c8351088d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "seen", "source": "https://t.me/cibsecurity/55807", "content": "\u203c CVE-2022-38766 \u203c\n\nThe remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T18:17:18.000000Z"}, {"uuid": "c7a675b7-92ab-41ea-be41-a6ff30e58dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6693", "content": "#exploit\n1. CVE-2022-24637:\nOpen web analytics info disclosure to RCE\nhttps://github.com/watchdog2000/cve-2022-24637_open-web-analytics-info-disclosure-to-rce\n\n2. CVE-2022-38766:\nPoC for vulnerability in Renault ZOE Keyless System\nhttps://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766", "creation_timestamp": "2022-08-29T11:37:02.000000Z"}, {"uuid": "c56850b7-d71e-4a17-bebb-c18440f72caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/182", "content": "Drone Hacking Tool\n\nA GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nDrones, as a high mobility item that can be carried around easily and launched, are becoming cheaper and more popular among the public, they can be seen almost anywhere nowadays.\n\nHowever, the drone built-in flying cameras could use for illegal usage like candid photos on private property. This shows drones clearly present risks to public safety and personal privacy.\n\nTherefore, we are working on using wireless connection methods (Wi-Fi, GPS) to hack it and take over. In this project, our goal is to capture drones to stop users with malicious intent for proof of concept and a sense of accomplishment.\n\nhttps://github.com/HKSSY/Drone-Hacking-Tool\n\nzyxel ipc camera pwn\n\nThis is a minimal proof of concept to remotely open a root shell on a Zyxel IP enabled camera. Known vulnerable models are:\n\n\u25ab\ufe0f Zyxel IPC-3605N\n\u25ab\ufe0f Zyxel IPC-4605N\n\nhttps://github.com/hydrogen18/zyxel_ipc_camera_pwn\n\nRFID Gooseneck\n\nTraditional RFID badge cloning methods require you to be within 3 feet of your target, so how can you conduct a socially distanced physical penetration test and clone a badge if you must stay at least 6 feet from a person? Since 2020, companies have increasingly adopted a hybrid work environment, allowing employees to partially work remotely which has decreased the amount of foot traffic in and out of a building at any given time. \n\nSo after throwing around some ideas I thought, why not create a mobile long-range reader device that we could deploy early in the morning at a client site and let it do all the work for us. This project guide contains an entry-level hardware design that you can build in a day and deploy in the field in order to increase your chances of remotely cloning an RFID badge.\n\nHere's the full build guide for making your own RFID Goosneck Long Range Reader!\n\nhttps://github.com/sh0ckSec/RFID-Gooseneck\n\nExchangeFinder\n\nA simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange.\n\nhttps://github.com/mhaskar/ExchangeFinder\n\nCVE-2022-24637\n\nOpen Web Analytics (OWA) before 1.7.4 allows an UNAUTHENTICATED remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '", "creation_timestamp": "2022-12-19T00:22:37.000000Z"}, {"uuid": "99d0f93f-a34c-44d8-bf9a-51c7df5d5bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "seen", "source": "https://t.me/arpsyndicate/533", "content": "#ExploitObserverAlert\n\nCVE-2022-38766\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-38766. The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2023-11-24T14:55:39.000000Z"}, {"uuid": "525c4336-fa76-4673-8bd8-32956569836b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2152", "content": "Drone Hacking Tool\n\nA GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nDrones, as a high mobility item that can be carried around easily and launched, are becoming cheaper and more popular among the public, they can be seen almost anywhere nowadays.\n\nHowever, the drone built-in flying cameras could use for illegal usage like candid photos on private property. This shows drones clearly present risks to public safety and personal privacy.\n\nTherefore, we are working on using wireless connection methods (Wi-Fi, GPS) to hack it and take over. In this project, our goal is to capture drones to stop users with malicious intent for proof of concept and a sense of accomplishment.\n\nhttps://github.com/HKSSY/Drone-Hacking-Tool\n\nzyxel ipc camera pwn\n\nThis is a minimal proof of concept to remotely open a root shell on a Zyxel IP enabled camera. Known vulnerable models are:\n\n\u25ab\ufe0f Zyxel IPC-3605N\n\u25ab\ufe0f Zyxel IPC-4605N\n\nhttps://github.com/hydrogen18/zyxel_ipc_camera_pwn\n\nRFID Gooseneck\n\nTraditional RFID badge cloning methods require you to be within 3 feet of your target, so how can you conduct a socially distanced physical penetration test and clone a badge if you must stay at least 6 feet from a person? Since 2020, companies have increasingly adopted a hybrid work environment, allowing employees to partially work remotely which has decreased the amount of foot traffic in and out of a building at any given time. \n\nSo after throwing around some ideas I thought, why not create a mobile long-range reader device that we could deploy early in the morning at a client site and let it do all the work for us. This project guide contains an entry-level hardware design that you can build in a day and deploy in the field in order to increase your chances of remotely cloning an RFID badge.\n\nHere's the full build guide for making your own RFID Goosneck Long Range Reader!\n\nhttps://github.com/sh0ckSec/RFID-Gooseneck\n\nExchangeFinder\n\nA simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange.\n\nhttps://github.com/mhaskar/ExchangeFinder\n\nCVE-2022-24637\n\nOpen Web Analytics (OWA) before 1.7.4 allows an UNAUTHENTICATED remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '", "creation_timestamp": "2022-12-19T00:22:37.000000Z"}, {"uuid": "758f529e-9468-431c-923e-cfc474f8a100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/475", "content": "CVE-2022-38766 : PoC for vulnerability in Renault ZOE Keyless System\nhttps://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766", "creation_timestamp": "2022-09-27T07:30:24.000000Z"}, {"uuid": "5d4c8b97-75e4-4c9a-bf75-25223806008a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3048", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for vulnerability in Renault ZOE Keyless System(CVE-2022-38766)\nURL\uff1ahttps://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-26T16:58:46.000000Z"}, {"uuid": "a950e3a3-2843-4c06-a1d0-5255c776a29c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11254", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38766\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.\n\ud83d\udccf Published: 2023-01-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T15:37:10.779Z\n\ud83d\udd17 References:\n1. https://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766", "creation_timestamp": "2025-04-10T15:48:56.000000Z"}, {"uuid": "f26b0cdb-a40c-4174-886d-53c68abff7c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38766", "type": "seen", "source": "https://t.me/arpsyndicate/1643", "content": "#ExploitObserverAlert\n\nCVE-2022-38766\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-38766. The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2023-12-10T15:08:46.000000Z"}]}