{"vulnerability": "CVE-2022-4012", "sightings": [{"uuid": "abaf3bc7-dca8-47b9-966b-b8fe4b06181d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40123", "type": "seen", "source": "https://t.me/cibsecurity/50821", "content": "\u203c CVE-2022-40123 \u203c\n\nmojoPortal v2.7 was discovered to contain a path traversal vulnerability via the \"f\" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-03T16:40:16.000000Z"}, {"uuid": "e296b72f-7d43-4836-917a-6bfde7b672c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40126", "type": "seen", "source": "https://t.me/cibsecurity/50727", "content": "\u203c CVE-2022-40126 \u203c\n\nA misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T16:35:04.000000Z"}, {"uuid": "95cd6b66-052d-47f3-8cc0-9aa9e39dd78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7200", "content": "#exploit\n1. CVE-2022-40127:\nApache Airflow &lt;2.4.0 DAG example_bash_operator RCE\nhttps://github.com/Mr-xn/CVE-2022-40127\n\n2. Chromium V8 Engine Exploits\nhttps://github.com/anvbis/chrome.v8.n-days", "creation_timestamp": "2022-11-19T13:07:01.000000Z"}, {"uuid": "a78411ef-1c69-4b7a-ad65-544ca5447a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10482", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Apache Airflow &lt; 2.4.0 DAG example_bash_operator RCE POC.\n\nhttps://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-24T13:01:10.000000Z"}, {"uuid": "b6e90f2e-c54b-4c64-a708-1525d61ca0ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14131", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40127\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0.\n\ud83d\udccf Published: 2022-11-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T18:58:45.160Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/25960\n2. https://lists.apache.org/thread/cf132hgm6jvzvsbpsozl3plf1r4cwysy\n3. http://www.openwall.com/lists/oss-security/2022/11/14/2", "creation_timestamp": "2025-04-30T19:13:45.000000Z"}, {"uuid": "e4acc017-a683-4ef4-a703-d3ddb6da13ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/85158", "content": "Internet Bug Bounty: CVE-2022-40127: RCE in Apache Airflow &lt;2.4.0 bash example\n\nhttps://ift.tt/K1mhCXI", "creation_timestamp": "2023-01-05T19:31:50.000000Z"}, {"uuid": "4e971875-a0eb-4752-8e03-a1c0a126f65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/34113", "content": "https://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-19T15:29:51.000000Z"}, {"uuid": "59cf9529-74f9-45dd-aa90-00a29886a322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1424", "content": "https://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-20T22:47:46.000000Z"}, {"uuid": "210b3698-2e8a-47d7-8ab2-d39a740be0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40122", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17298", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40122\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer_action.php.\n\ud83d\udccf Published: 2022-09-23T21:16:12.000Z\n\ud83d\udccf Modified: 2025-05-22T14:16:36.182Z\n\ud83d\udd17 References:\n1. https://github.com/zakee94/online-banking-system/issues/15\n2. https://github.com/0clickjacking0/BugReport/blob/main/online-banking-system/sql_injection10.md", "creation_timestamp": "2025-05-22T14:44:45.000000Z"}, {"uuid": "2add2fda-a834-4bc8-9a57-34bd574308bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40129", "type": "seen", "source": "https://t.me/true_secator/3700", "content": "\u041c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 RCE-\u043e\u0448\u0438\u0431\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u041f\u041e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f PDF-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Foxit Reader.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u00a0\u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445\u00a0\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 JavaScript Foxit Reader, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nCVE-2022-32774, CVE-2022-38097, CVE-2022-37332 \u0438 CVE-2022-40129 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,8 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u041e \u043d\u0438\u0445 Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0432 Foxit \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435.\u00a0\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Cisco, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 PDF-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043c\u043e\u0436\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0430\u043d\u0435\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0436\u0435\u043b\u0430\u044e\u0449\u0435\u043c\u0443 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u0415\u0441\u043b\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u043e\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044f \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Foxit \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e, \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u044b, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442.\n\nFoxit \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e 12.0.1.124306 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0443\u044e \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\u00a0\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.", "creation_timestamp": "2022-11-14T12:09:05.000000Z"}, {"uuid": "3c2f17cf-ac7e-4822-83f6-ea40e2a3dcb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40129", "type": "seen", "source": "https://t.me/cibsecurity/53245", "content": "\u203c CVE-2022-40129 \u203c\n\nA use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:16.000000Z"}, {"uuid": "1407e910-39d0-4e10-adf8-e6170f4b51fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40128", "type": "seen", "source": "https://t.me/cibsecurity/52679", "content": "\u203c CVE-2022-40128 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin &lt;= 3.3.2 on WordPress leading to export file download.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T22:35:46.000000Z"}]}