{"vulnerability": "cve-2022-3837", "sightings": [{"uuid": "85a68135-50ec-4121-b7a6-70a5e0fc9862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38375", "type": "seen", "source": "https://t.me/ics_cert/712", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0635\u0646\u0639\u062a\u06cc\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0634\u0628\u06a9\u0647 Fortinet FortiNAC \u0628\u0647 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0631\u0648\u0646\u062f \u0645\u062c\u0648\u0632 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP POST\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 00937-2023\nCVE-2022-38375\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631 (VPN \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0647 \u0645\u062d\u0635\u0648\u0644 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://www.fortiguard.com/psirt/FG-IR-22-329\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2024-07-06T04:18:19.000000Z"}, {"uuid": "f7e632c5-bf50-4ed3-b1f7-48179c34f8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1284", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2025-04-29T05:54:25.000000Z"}, {"uuid": "549df1a4-b788-4f36-9076-35a85d7e0887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/200332", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-38374 Exploit hediye\", \n  \"author\": \" (MuhammedTr768)\",\n  \"Detection Date\": \"12 Feb 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-12T20:42:57.000000Z"}, {"uuid": "22df3ee2-474e-4157-8c5b-c909b9cd12c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/400417", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-38374 Exploit hediye\", \n  \"author\": \" (MuhammedTr768)\",\n  \"Detection Date\": \"16 Dec 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-16T11:55:42.000000Z"}, {"uuid": "cac140cd-0389-432d-8680-0275d5328adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/600", "content": "CVE-2022-38374 : Fortinet FortiADC 7.0.0 &gt; 7.0.2 &amp; 6.2.0 &gt; 6.2.4 -\u00a0Unauthorized Code / Command Execution \nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T21:29:01.000000Z"}, {"uuid": "bd878863-1685-418a-8c80-a85014cf014a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1511", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection vulnerability using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T15:13:52.000000Z"}, {"uuid": "20bd9973-a5cc-4e5e-8dee-9540ceb5efd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1490", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2022-11-25T12:20:39.000000Z"}, {"uuid": "3db6473a-cac5-43e3-b868-58ee64ee120c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38377", "type": "seen", "source": "https://t.me/cibsecurity/53502", "content": "\u203c CVE-2022-38377 \u203c\n\nAn improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and authenticated admin user assigned to a specific ADOM to access other ADOMs information such as device information and dashboard information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-25T18:20:22.000000Z"}, {"uuid": "125fa240-f9af-4572-8c5f-3ee1b19643d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38371", "type": "seen", "source": "https://t.me/cibsecurity/51095", "content": "\u203c CVE-2022-38371 \u203c\n\nA vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions), Nucleus Source Code (Versions including affected FTP server). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T14:25:41.000000Z"}, {"uuid": "feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7247", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2024-10-12T06:42:59.000000Z"}, {"uuid": "8bcf716b-f789-436f-a677-76fd0848cb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/23", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.", "creation_timestamp": "2022-12-21T07:09:35.000000Z"}, {"uuid": "54ca2b51-3767-4115-9adf-71db8b9f9417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38378", "type": "seen", "source": "https://t.me/cibsecurity/58345", "content": "\u203c CVE-2022-38378 \u203c\n\nAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:33.000000Z"}, {"uuid": "45784218-e404-4c52-bd4e-91968e107b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3837", "type": "seen", "source": "https://t.me/cibsecurity/53996", "content": "\u203c CVE-2022-3837 \u203c\n\nThe Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:57.000000Z"}, {"uuid": "6a8bd71f-ee73-4f3e-9cca-f6260a119c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38379", "type": "seen", "source": "https://t.me/cibsecurity/54077", "content": "\u203c CVE-2022-38379 \u203c\n\nImproper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:40:56.000000Z"}]}