{"vulnerability": "CVE-2022-4471", "sightings": [{"uuid": "db9479b9-a0fe-4786-af99-14dc5fa3eba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44719", "type": "seen", "source": "https://t.me/cibsecurity/65767", "content": "\u203c CVE-2022-44719 \u203c\n\nAn issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T00:14:47.000000Z"}, {"uuid": "400c1893-e0a4-4806-ae21-844e68f824ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44710", "type": "seen", "source": "https://t.me/true_secator/3828", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PatchTuesday \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 0-day, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443, \u0438 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 49 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432.\n\n\u0428\u0435\u0441\u0442\u044c \u0438\u0437 49 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044f RCE.\n\n\u0415\u0441\u043b\u0438 \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c, \u0442\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e: 19 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 2 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 23 - RCE, 3 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 3 - \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, 1 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0420\u0430\u043d\u0435\u0435 5 \u0434\u0435\u043a\u0430\u0431\u0440\u044f \u0431\u044b\u043b\u043e \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 25 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Microsoft Edge.\n\n\u0414\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u043b\u043e\u0441\u044c, \u0438 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043f\u0440\u0438\u0447\u0435\u043c \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f, \u0430 \u0434\u0440\u0443\u0433\u0430\u044f - \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2022-44698\u00a0- \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows SmartScreen, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0423\u0438\u043b\u043b\u043e\u043c \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u043e\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 Mark of the Web (MOTW), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0442\u0435\u0440\u0435 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440 \u0432 Microsoft Office, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0433\u0438 MOTW.\n\n\u041a\u0430\u043a \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e,\u00a0\u0441\u043e\u0437\u0434\u0430\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b JavaScript, \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0431\u0435\u0437 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 MOTW.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445 \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u043e\u044f\u043d QBot\u00a0\u0438 ransomware Magniber.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2022-44710\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u044f\u0434\u0440\u0430 DirectX, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432. \u0415\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u041b\u0443\u043a\u0430 \u041f\u0440\u0438\u0431\u0430\u043d\u0438\u0447.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e PatchTuesday \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-12-15T08:37:15.000000Z"}, {"uuid": "bca2f201-ebf7-412e-9608-3bbaa6f7be85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44710", "type": "seen", "source": "https://t.me/cibsecurity/54460", "content": "\u203c CVE-2022-44710 \u203c\n\nDirectX Graphics Kernel Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T22:28:04.000000Z"}, {"uuid": "4181b6bf-2505-44ed-9fbc-12037d9f3fb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44717", "type": "seen", "source": "https://t.me/cibsecurity/57037", "content": "\u203c CVE-2022-44717 \u203c\n\nAn issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T16:39:28.000000Z"}, {"uuid": "626be74d-0511-42ea-a455-a9b22f63e8f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44718", "type": "seen", "source": "https://t.me/cibsecurity/57041", "content": "\u203c CVE-2022-44718 \u203c\n\nAn issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T16:39:35.000000Z"}, {"uuid": "e58121d1-7b0b-4ac7-aeb0-ca8379b80c97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44713", "type": "seen", "source": "https://t.me/cibsecurity/54455", "content": "\u203c CVE-2022-44713 \u203c\n\nMicrosoft Outlook for Mac Spoofing Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T22:27:58.000000Z"}, {"uuid": "475cc342-27fb-42e8-9ec6-3e3831e58b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4471", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8430", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4471\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks\n\ud83d\udccf Published: 2023-02-13T14:32:30.170Z\n\ud83d\udccf Modified: 2025-03-21T19:47:47.404Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c6cf792b-054c-4d77-bcae-3b700f42130b", "creation_timestamp": "2025-03-21T20:24:53.000000Z"}, {"uuid": "394da6aa-1766-4c02-8308-e779de59c6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44715", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9418", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44715\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T17:44:41.380Z\n\ud83d\udd17 References:\n1. https://www.netscout.com/securityadvisories", "creation_timestamp": "2025-03-28T18:28:18.000000Z"}]}