{"vulnerability": "cve-2022-37703", "sightings": [{"uuid": "5ddf955f-e471-4bcb-ac1a-6efc2ef204af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37703", "type": "seen", "source": "https://t.me/arpsyndicate/849", "content": "#ExploitObserverAlert\n\nCVE-2022-37703\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2022-37703. In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 1.4\nNVD-ES: 1.8", "creation_timestamp": "2023-12-01T09:02:55.000000Z"}]}