{"vulnerability": "cve-2022-3394", "sightings": [{"uuid": "c51ef9d7-30fe-4b28-95e2-57f6fff241c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33948", "type": "seen", "source": "https://t.me/cibsecurity/45554", "content": "\u203c CVE-2022-33948 \u203c\n\nHOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-04T07:12:08.000000Z"}, {"uuid": "8aae380f-9022-477e-9179-4b0b0bafb769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33942", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6732", "content": "From Zero to Hero Part 1: Bypassing Intel DCM\u2019s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942)\n\nhttps://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942/", "creation_timestamp": "2022-11-24T02:40:00.000000Z"}, {"uuid": "5af4b00d-8679-4502-ba7c-c48d22a813f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33942", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7236", "content": "#Offensive_security\n1. Linux Password Mining\nhttps://medium.com/@tinopreter/linux-password-mining-58e341635f1c\n2. Bypassing Intel DCM\u2019s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942)\nhttps://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942", "creation_timestamp": "2022-11-24T15:41:03.000000Z"}, {"uuid": "2747b4f4-1983-412b-b91b-c4fa4c73aba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33944", "type": "seen", "source": "https://t.me/true_secator/3196", "content": "BitSight \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 GPS-\u0442\u0440\u0435\u043a\u0435\u0440\u0430\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f Micodus.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0435\u0449\u0435 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0438 \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2021 \u0433\u043e\u0434\u0430 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u043e\u0442\u0432\u0435\u0442\u0430 \u043e\u0442 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0431\u0430\u0433\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-2107, CVE-2022-2141, CVE-2022-2199, CVE-2022-34150 \u0438 CVE-2022-33944 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 GPS-\u0442\u0440\u0435\u043a\u0435\u0440 Micodus MV720 (\u0441\u0442\u043e\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 20 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432), \u043d\u043e \u0435\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Micodus \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b.\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u0435\u0432\u0430\u0439\u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0437\u0430\u0434\u0430\u0447\u0438 GPS-\u0441\u043b\u0435\u0436\u0435\u043d\u0438\u044f, \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043a\u0440\u0430\u0436\u0438, \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0442\u043e\u043f\u043b\u0438\u0432\u043e\u043f\u043e\u0434\u0430\u0447\u0438 \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c SMS, \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0435 \u0438\u043b\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435.\n\n\u041d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 1,5 \u043c\u043b\u043d. \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 169 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0433\u043e\u0441\u0441\u0435\u043a\u0442\u043e\u0440\u0435, \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u043b\u0430\u0445, \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u0445, \u0430\u044d\u0440\u043e\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439, \u043c\u0430\u0448\u0438\u043d\u043e\u0441\u0442\u0440\u043e\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439, \u0441\u0443\u0434\u043e\u0445\u043e\u0434\u043d\u043e\u0439, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u044f\u0445.\n\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u043e\u0431\u0440\u0430\u043d\u043d\u043e\u0439 BitSight \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 2,3 \u043c\u043b\u043d. \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 Micodus, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 90 000 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0442\u0430\u043a\u0438\u0435 \u0441\u0442\u0440\u0430\u043d\u044b, \u043a\u0430\u043a \u0420\u043e\u0441\u0441\u0438\u044f, \u041c\u0435\u043a\u0441\u0438\u043a\u0430, \u0427\u0438\u043b\u0438, \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u044f, \u0418\u0441\u043f\u0430\u043d\u0438\u044f, \u041f\u043e\u043b\u044c\u0448\u0430, \u0423\u043a\u0440\u0430\u0438\u043d\u0430, \u042e\u0436\u043d\u0430\u044f \u0410\u0444\u0440\u0438\u043a\u0430 \u0438 \u041c\u0430\u0440\u043e\u043a\u043a\u043e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0438\u0445 \u0447\u0438\u0441\u043b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u044b: \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u043b\u044b \u0432 \u042e\u0436\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435 \u0438 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u0435, \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0417\u0430\u043f\u0430\u0434\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u043c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0432 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u044b\u043c \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438, \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, XSS \u0438 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043f\u0440\u044f\u043c\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u043e\u0439 IDOR.\u00a0\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a: MitM, \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u0435\u0440\u0435\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u0440\u0435\u043a\u0435\u0440\u0430 \u0434\u043b\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 API.\n\n\u041f\u0440\u0438 \u043b\u044e\u0431\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 GPS-\u0442\u0440\u0435\u043a\u0435\u0440\u043e\u043c - \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 BitSight. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u0430\u0442\u0430\u043a\u0438: \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u043c\u0430\u0448\u0438\u043d\u0443 \u0438\u043b\u0438 \u0432\u0435\u0441\u044c \u0430\u0432\u0442\u043e\u043f\u0430\u0440\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0432 \u0432\u044b\u043a\u0443\u043f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0430\u0432\u0442\u043e \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f.\n\nBitSight \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432\u0441\u0435\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u043f\u043e\u0441\u043e\u0432\u0435\u0442\u043e\u0432\u0430\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Micodus \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0442\u0440\u0435\u043a\u0435\u0440\u0430 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\u00a0\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.", "creation_timestamp": "2022-07-20T14:05:04.000000Z"}, {"uuid": "867777b6-7bba-4b71-a3be-9f409f342da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33944", "type": "seen", "source": "https://t.me/cibsecurity/46686", "content": "\u203c CVE-2022-33944 \u203c\n\nThe main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter \u00e2\u20ac\u0153Device ID,\u00e2\u20ac\ufffd which accepts arbitrary device IDs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T20:12:10.000000Z"}, {"uuid": "8cb25894-5502-41ae-bcef-6597bd5783db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33942", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1500", "content": "#Offensive_security\n1. Linux Password Mining\nhttps://medium.com/@tinopreter/linux-password-mining-58e341635f1c\n2. Bypassing Intel DCM\u2019s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942)\nhttps://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942", "creation_timestamp": "2022-11-26T15:13:50.000000Z"}, {"uuid": "fa26ea7d-a4e5-4c18-bdc9-b9ac732e1ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33942", "type": "seen", "source": "https://t.me/cibsecurity/52882", "content": "\u203c CVE-2022-33942 \u203c\n\nProtection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:12.000000Z"}, {"uuid": "cb10f292-8d72-4459-a052-dcd7d45ce905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33941", "type": "seen", "source": "https://t.me/cibsecurity/49447", "content": "\u203c CVE-2022-33941 \u203c\n\nPowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products/versions are as follows: PowerCMS 6.021 and earlier (PowerCMS 6 Series), PowerCMS 5.21 and earlier (PowerCMS 5 Series), and PowerCMS 4.51 and earlier (PowerCMS 4 Series). Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T12:15:06.000000Z"}, {"uuid": "af229b38-a60b-463f-9ca1-812dc5e914d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33943", "type": "seen", "source": "https://t.me/cibsecurity/47118", "content": "\u203c CVE-2022-33943 \u203c\n\nAuthenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin &lt;= 2.0.0 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T20:36:27.000000Z"}, {"uuid": "d5a05b19-7578-47dc-83d1-339b5968e249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33942", "type": "published-proof-of-concept", "source": "https://t.me/yafcab/23", "content": "\u041a\u0440\u0443\u0442\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e \u043d\u0430\u0448\u0451\u043b, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043a \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u044e \nhttps://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942/", "creation_timestamp": "2022-11-26T18:36:05.000000Z"}]}