{"vulnerability": "CVE-2022-4462", "sightings": [{"uuid": "f9a74787-63f9-4b82-946a-48640d8b3444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2232", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "011d8161-b13d-438e-9bf9-f9a13ba4ce08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44629", "type": "seen", "source": "https://t.me/cibsecurity/68186", "content": "\u203c CVE-2022-44629 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin &lt;=\u00c2\u00a02.0.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T14:15:49.000000Z"}, {"uuid": "d960a834-baf6-4409-b28e-9f3fb01ed2ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44625", "type": "seen", "source": "https://t.me/cibsecurity/62059", "content": "\u203c CVE-2022-44625 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting') vulnerability in Zephilou Cyklodev WP Notify plugin &lt;=\u00c2\u00a01.2.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T16:24:55.000000Z"}, {"uuid": "cd5aaed1-ae03-4db9-908a-5a89c8c71a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4462", "type": "seen", "source": "https://t.me/cibsecurity/59745", "content": "\u203c CVE-2022-4462 \u203c\n\nAn issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord Webhook URL through viewing the raw API response.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T22:22:16.000000Z"}, {"uuid": "6ca4d78b-dc43-406b-8042-eda6e9b7e8af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "seen", "source": "https://t.me/cibsecurity/55554", "content": "\u203c CVE-2022-44621 \u203c\n\nDiagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-30T14:14:03.000000Z"}, {"uuid": "b37b2a85-f362-4e71-8a35-a6ec55c5f5e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44624", "type": "seen", "source": "https://t.me/cibsecurity/52516", "content": "\u203c CVE-2022-44624 \u203c\n\nIn JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:56.000000Z"}, {"uuid": "28b70c14-1e52-4cfc-9a3f-8b77584d0cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44622", "type": "seen", "source": "https://t.me/cibsecurity/52503", "content": "\u203c CVE-2022-44622 \u203c\n\nIn JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:37.000000Z"}, {"uuid": "9730316d-4422-42e5-a292-f4930fe5a9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44623", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14135", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44623\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T18:52:54.855Z\n\ud83d\udd17 References:\n1. https://www.jetbrains.com/privacy-security/issues-fixed/", "creation_timestamp": "2025-04-30T19:13:48.000000Z"}, {"uuid": "b39fd121-f9e8-4b87-978e-85383d67b4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11432", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44621\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.\n\ud83d\udccf Published: 2022-12-30T10:31:52.614Z\n\ud83d\udccf Modified: 2025-04-11T14:45:20.170Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/7ctchj24dofgsj9g1rg1245cms9myb34", "creation_timestamp": "2025-04-11T14:51:02.000000Z"}, {"uuid": "3b0d39cd-5157-4802-95a7-afa66d7908a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44620", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13029", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44620\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.\n\ud83d\udccf Published: 2022-12-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T13:55:14.349Z\n\ud83d\udd17 References:\n1. http://www.unimo.co.jp/table_notice/index.php?act=1&amp;resid=1666831567-004418\n2. https://jvn.jp/en/vu/JVNVU94514762/index.html", "creation_timestamp": "2025-04-23T14:05:03.000000Z"}, {"uuid": "0a4933bd-3fda-48d2-bb49-afdcf09865d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/349", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "a9986d19-a51e-4f2b-8e55-60b28ab11e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44623", "type": "seen", "source": "https://t.me/cibsecurity/52509", "content": "\u203c CVE-2022-44623 \u203c\n\nIn JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:46.000000Z"}, {"uuid": "f00f6632-ad94-4753-b93a-a3ae47680792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44627", "type": "seen", "source": "https://t.me/cibsecurity/52538", "content": "\u203c CVE-2022-44627 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin &lt;= 1.8.12 on WordPress allows attackers to create or delete sitemaps.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T23:25:59.000000Z"}, {"uuid": "946a5e34-8ef3-4eca-a003-ca61b2ecaa2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44628", "type": "seen", "source": "https://t.me/cibsecurity/52537", "content": "\u203c CVE-2022-44628 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JumpDEMAND Inc. 4ECPS Web Forms plugin &lt;= 0.2.17 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T23:25:58.000000Z"}]}