{"vulnerability": "CVE-2022-4699", "sightings": [{"uuid": "cfdfbadc-b641-4a98-97a2-6452779f9ade", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46996", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12758", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46996\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.\n\ud83d\udccf Published: 2022-12-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T19:08:05.279Z\n\ud83d\udd17 References:\n1. https://mirrors.neusoft.edu.cn/pypi/web/simple/request/\n2. https://github.com/SHenry07/vSphere_selfuse/\n3. https://github.com/SHenry07/vSphere_selfuse/issues/39", "creation_timestamp": "2025-04-21T20:03:32.000000Z"}, {"uuid": "a21bf8f8-91e3-463d-9215-1045935d2701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46997", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12759", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46997\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.\n\ud83d\udccf Published: 2022-12-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T19:06:22.604Z\n\ud83d\udd17 References:\n1. https://mirrors.neusoft.edu.cn/pypi/web/simple/request/\n2. https://github.com/Viralmaniar/Passhunt/\n3. https://github.com/Viralmaniar/Passhunt/issues/14", "creation_timestamp": "2025-04-21T20:03:33.000000Z"}, {"uuid": "df65c0c1-cf15-47f5-a984-a6d26f4fce5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46999", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9934", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46999\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \\App\\Manage\\Controller\\UserController.class.php.\n\ud83d\udccf Published: 2023-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T15:17:21.563Z\n\ud83d\udd17 References:\n1. https://www.yuque.com/shiyi-5yjak/hx4unh/lvalegwh46r4dgcp?singleDoc", "creation_timestamp": "2025-04-01T15:32:56.000000Z"}, {"uuid": "f632398c-fbdd-43e0-96c1-0ae37581d748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46998", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9933", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46998\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).\n\ud83d\udccf Published: 2023-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T15:18:09.656Z\n\ud83d\udd17 References:\n1. https://www.yuque.com/shiyi-5yjak/hx4unh/kgnanw3lt8wg1tx2#%20%E3%80%8Ataocms-3.0.2-ssrf%E3%80%8B", "creation_timestamp": "2025-04-01T15:32:55.000000Z"}, {"uuid": "79689026-17b9-4644-918a-fa8bad9b3625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46996", "type": "seen", "source": "https://t.me/cibsecurity/54520", "content": "\u203c CVE-2022-46996 \u203c\n\nvSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T18:22:45.000000Z"}, {"uuid": "9eaa6dff-d673-4620-888b-b22e6d40552b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46997", "type": "seen", "source": "https://t.me/cibsecurity/54519", "content": "\u203c CVE-2022-46997 \u203c\n\nPasshunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T18:22:44.000000Z"}]}