{"vulnerability": "cve-2022-2890", "sightings": [{"uuid": "ce36e806-57a6-4669-b99a-0cb97e5dbd49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2890", "type": "seen", "source": "https://t.me/cibsecurity/48481", "content": "\u203c CVE-2022-2890 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:35.000000Z"}, {"uuid": "d5f3d1e2-64ff-4955-b668-5c16c2988135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28907", "type": "seen", "source": "https://t.me/cibsecurity/42245", "content": "\u203c CVE-2022-28907 \u203c\n\nTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T18:34:12.000000Z"}, {"uuid": "5e09a14a-9f96-4582-bad8-8bac49657d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28909", "type": "seen", "source": "https://t.me/cibsecurity/42244", "content": "\u203c CVE-2022-28909 \u203c\n\nTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T18:34:10.000000Z"}, {"uuid": "4482791c-2347-4c35-a0ed-9dde93fbb839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28901", "type": "seen", "source": "https://t.me/cibsecurity/42246", "content": "\u203c CVE-2022-28901 \u203c\n\nA command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T18:34:14.000000Z"}, {"uuid": "8699f6fd-554a-467f-bc1b-767524bccb91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28907", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "db5d2d85-d105-479b-8aa0-50a06ee5549a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28907", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-14)", "content": "", "creation_timestamp": "2025-07-14T00:00:00.000000Z"}, {"uuid": "6ea2cc5c-c2fc-4463-82e8-0c0c0965211e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28906", "type": "seen", "source": "https://t.me/cibsecurity/42256", "content": "\u203c CVE-2022-28906 \u203c\n\nTOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T18:34:29.000000Z"}, {"uuid": "4564b7d8-0a4c-41b9-afbb-b4902b854e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28906", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltzsfqwusi2w", "content": "", "creation_timestamp": "2025-07-15T21:02:19.517356Z"}, {"uuid": "356f98e6-43c8-4f62-9010-f59d790aaf50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28907", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltzsfqzx6x2f", "content": "", "creation_timestamp": "2025-07-15T21:02:20.125862Z"}, {"uuid": "35c8c207-2457-4fdb-a513-479c61b6a6d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28907", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "660a9d50-43c4-40f9-800d-fca1baeb1342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28908", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw54xgs52h", "content": "", "creation_timestamp": "2025-07-23T21:02:21.756756Z"}]}