{"vulnerability": "cve-2022-3981", "sightings": [{"uuid": "0a62d3a0-19f7-4867-8d49-012946e0be54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39811", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9421", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39811\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it allows an attacker to view pages that are not allowed, and modify the system configuration, bypassing all controls (without checking for user identity).\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T17:38:58.492Z\n\ud83d\udd17 References:\n1. https://www.gruppotim.it/it/footer/red-team.html", "creation_timestamp": "2025-03-28T18:28:20.000000Z"}, {"uuid": "e169e2c1-3342-454e-bfbc-dc967ed03bc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39812", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9435", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39812\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request (not possible using the GUI) to an arbitrary directory. Because the application does not check in which directory a file will be uploaded, an attacker can perform a variety of attacks that can result in unauthorized access to the server.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T19:20:42.666Z\n\ud83d\udd17 References:\n1. https://www.gruppotim.it/it/footer/red-team.html", "creation_timestamp": "2025-03-28T19:29:00.000000Z"}, {"uuid": "61c53a34-de71-49c1-b446-56485675858d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39813", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9436", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39813\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T19:19:36.430Z\n\ud83d\udd17 References:\n1. https://www.gruppotim.it/it/footer/red-team.html", "creation_timestamp": "2025-03-28T19:29:01.000000Z"}, {"uuid": "dbb28c9c-75a7-4092-88a9-f3204c026c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39818", "type": "seen", "source": "https://t.me/arpsyndicate/2202", "content": "#ExploitObserverAlert\n\nCVE-2022-39818\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-39818. In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system.", "creation_timestamp": "2023-12-28T06:06:02.000000Z"}, {"uuid": "dd96faa3-a899-44e1-b0a3-c41100e22e80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39818", "type": "seen", "source": "https://t.me/ctinow/162721", "content": "https://ift.tt/LF9r5dq\nCVE-2022-39818 Exploit", "creation_timestamp": "2024-01-04T01:17:22.000000Z"}, {"uuid": "91f9ec8b-6cec-4f54-a94e-61d246e15c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39818", "type": "seen", "source": "https://t.me/ctinow/159140", "content": "https://ift.tt/bdnfTOo\nCVE-2022-39818", "creation_timestamp": "2023-12-25T07:26:49.000000Z"}, {"uuid": "f49b92c3-d709-44fa-81cd-3b67fb09ebf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39815", "type": "seen", "source": "https://t.me/cibsecurity/49736", "content": "\u203c CVE-2022-39815 \u203c\n\nIn NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /CGI-BIN/OTNE_1-14/runBatch.cgi via the file HTTP POST parameter, /CGI-BIN/OTNE_1-14/getRadioTLs.cgi via the context HTTP POST parameter, /CGI-BIN/OTNE_1-14/runRouteReport.cgi via the file HTTP POST parameter or /CGI-BIN/RemoteCommandManager.cgi via the command HTTP POST parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T00:28:25.000000Z"}, {"uuid": "a99706ee-98aa-4e31-b2cd-ce0c76d3361b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39817", "type": "seen", "source": "https://t.me/cibsecurity/49735", "content": "\u203c CVE-2022-39817 \u203c\n\nIn NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occur in /cgi-bin/R14.2/easy1350.pl via the id or host HTTP GET parameter, or /cgi-bin/R14.2/cgi-bin/R14.2/host.pl via the host HTTP GET parameter. Exploitation requires an authenticated attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T00:26:01.000000Z"}, {"uuid": "7cba8f06-aed5-4b1f-8257-43629c24fcee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39816", "type": "seen", "source": "https://t.me/cibsecurity/49730", "content": "\u203c CVE-2022-39816 \u203c\n\nIn NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext password) occur in /cgi-bin/R14.2/cgi-bin/R14.2/host.pl on the edit configuration page. Exploitation requires an authenticated attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T00:25:54.000000Z"}, {"uuid": "b55d0140-b63d-4192-accb-3e5495784e3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39819", "type": "seen", "source": "https://t.me/cibsecurity/49728", "content": "\u203c CVE-2022-39819 \u203c\n\nIn NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /cgi-bin/R14.2/log.pl via the cmd HTTP GET parameter and /cgi-bin/R14.2/checkping.pl via the addr HTTP GET parameter. This allows authenticated users to execute commands on the operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T00:25:53.000000Z"}, {"uuid": "302aa1d8-b556-4814-9794-53f0cb364a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39810", "type": "seen", "source": "https://t.me/cibsecurity/49551", "content": "\u203c CVE-2022-39810 \u203c\n\nAn issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be possible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T20:30:25.000000Z"}]}