{"vulnerability": "cve-2022-2377", "sightings": [{"uuid": "608de869-276a-4c25-84b2-2b6f1b7e00f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1592", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-23779: Internal Hostname Disclosure Vulnerability\nURL\uff1ahttps://github.com/fbusr/CVE-2022-23779", "creation_timestamp": "2022-03-05T21:06:23.000000Z"}, {"uuid": "d4a77e21-8233-403c-af0c-ca966b689590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/kEi9aG3in_m6wEBgriTJElzfBktIEkXFyp3h_KxyuN5JDe4", "content": "", "creation_timestamp": "2026-01-10T09:00:04.000000Z"}, {"uuid": "8a7b36b6-95f9-4cc9-a925-f54f5b6b47af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15755", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23771\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:49:10.046Z\n\ud83d\udd17 References:\n1. https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66964", "creation_timestamp": "2025-05-09T15:25:50.000000Z"}, {"uuid": "6d33b2b9-57c5-42bc-bb07-93034fa1e4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/Hf1ne2KE1RxRMHH1MuIpxYeGJo5De7WS5II8RmNn3nXZte8", "content": "", "creation_timestamp": "2023-03-28T18:19:12.000000Z"}, {"uuid": "fefe22ea-ccb5-4f0e-96b9-3b2cff27221d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/tYT7tTTfhGxqZ9lCl1roOH_fSnqZvveWSp3QRbA5RMgY4O0", "content": "", "creation_timestamp": "2022-09-12T18:40:13.000000Z"}, {"uuid": "238ceba9-4892-4a76-8daa-4384b68e2846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/cibsecurity/51614", "content": "\u203c CVE-2022-23771 \u203c\n\nThis vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:32.000000Z"}, {"uuid": "37290469-5bd8-42bd-a8b8-b4a00fb4efad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23770", "type": "seen", "source": "https://t.me/cibsecurity/51609", "content": "\u203c CVE-2022-23770 \u203c\n\nThis vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:27.000000Z"}, {"uuid": "9c85bccd-1373-4c21-9de7-406b2dfde836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7959", "content": "#exploit\n1. CVE-2022-23773:\ncmd/go in Go &lt;1.16.14, 1.17.x - 1.17.7 can misinterpret branch names that falsely appear to be version tags (incorrect access control)\nhttps://github.com/Liuyushung/CVE-2022-23773-Reproduce\n\n2. Privilege Escalation in Windows 7/8/10 through Atom Table Hijacking\nhttps://github.com/SleepTheGod/Windows-Atom-Table-Hijacking", "creation_timestamp": "2023-03-20T11:00:50.000000Z"}, {"uuid": "8b4dc983-0550-4eef-83ff-11e07bf748f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/-lA5S7bF_9fg00AkY0276s8aRc0a8omHD1XMrZmagJv5s5U", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"}, {"uuid": "8ba55c88-a099-4baf-8cd6-f71681343b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "seen", "source": "https://t.me/cibsecurity/38305", "content": "\u203c CVE-2022-23779 \u203c\n\nZoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-02T18:25:11.000000Z"}, {"uuid": "db389376-7b60-4f21-89c6-3bc3e36d1db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/952", "content": "CVE-2022-23779\n\u0412\u043e\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u0435\u0448\u043d\u043e \u0431\u0443\u0434\u0435\u0442\nZoho Internal Hostname Disclosure Vulnerability\nStep 1: curl -ILk https://IP:port/themes\nStep 2: Read the HTTP redirect response and anaylze the Location HTTP response header.\n*\nBONUS #Shodan : title:\"ManageEngine Desktop Central 10\"\ngithub\n#zoho  #funnyExploit", "creation_timestamp": "2022-09-06T17:34:37.000000Z"}, {"uuid": "eca70ecf-0731-4ff0-8874-2a5aa57f4248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23774", "type": "seen", "source": "https://t.me/cibsecurity/37814", "content": "\u203c CVE-2022-25365 \u203c\n\nDocker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-19T07:38:43.000000Z"}, {"uuid": "e7a3f07f-0f0d-41d5-ad72-198d3bcfa252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6670", "content": "#exploit\n1. CVE-2022-23779:\nInternal Hostname Disclosure Vulnerability\nhttps://github.com/Vulnmachines/Zoho_CVE-2022-23779\n\n2. CVE-2022-37153:\nXSS vulnerability in Artica Proxy 4.30.0\nhttps://github.com/Fjowel/CVE-2022-37153\n\n3. CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:\nMozilla Firefox RCE + SBX full chain complete\nhttps://github.com/mistymntncop/CVE-2022-1802", "creation_timestamp": "2022-08-25T15:01:03.000000Z"}]}