{"vulnerability": "cve-2022-42046", "sightings": [{"uuid": "0b1c8920-7c04-4677-b2a9-33c9ed6450e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12216", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42046\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation\n\ud83d\udccf Published: 2022-12-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T13:49:47.544Z\n\ud83d\udd17 References:\n1. https://www.wfs.games/news/20221220_01.html\n2. https://github.com/kkent030315/CVE-2022-42046", "creation_timestamp": "2025-04-17T13:57:44.000000Z"}, {"uuid": "7c2ad387-e1e2-4be3-871f-de5b36fc9c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1244", "content": "CVE-2022-42046 \u041d\u0430\u043a\u043e\u043d\u0435\u0446 \u0442\u043e \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438\nlocal privilege escalation \nPOC download\n\n#windows #lpe #poc", "creation_timestamp": "2022-12-24T18:08:16.000000Z"}, {"uuid": "ca2de34e-1f35-4616-b79d-10fe89d592a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "Telegram/nU64cDh9rC1iAv0ayZCXDB2sBPF8UJVvRNq6y7sS3rfJEpk", "content": "", "creation_timestamp": "2023-01-16T18:50:15.000000Z"}, {"uuid": "53dda7d6-4e5c-444d-9618-9084e92b198b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1992", "content": "\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046", "creation_timestamp": "2022-12-26T06:05:48.000000Z"}, {"uuid": "c323e1c5-946c-4dc3-b467-3fbdef00a75a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "seen", "source": "https://t.me/cibsecurity/55035", "content": "\u203c CVE-2022-42046 \u203c\n\nWFS, Inc HeavenBurnsRed 2020.3.15.7141260 is vulnerable to Local Privilege Escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T02:12:32.000000Z"}, {"uuid": "5c7ff10b-8901-4963-8730-82f4fcac36c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10569", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation.\n\nhttps://github.com/kkent030315/CVE-2022-42046", "creation_timestamp": "2022-12-25T20:07:40.000000Z"}, {"uuid": "f3c00932-234a-4ef3-b359-95dd3470cc07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "Telegram/W2ZlalC5mJ8ZRkvFIjQ93EEmmEmNdqHBJuv4Pr9toFSeM4s", "content": "", "creation_timestamp": "2023-02-06T08:42:05.000000Z"}, {"uuid": "c68f9632-daae-4f64-a268-9a4f2d21c818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3626", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM\nURL\uff1ahttps://github.com/Live-Hack-CVE/CVE-2022-36966\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-24T10:53:07.000000Z"}, {"uuid": "134c91fd-0b66-4507-b7aa-9fe766ec0357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"}, {"uuid": "a2749c3f-3891-4116-9ac2-560f76ef8e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1974", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25PoC of wfshbr64.sys LPE(Windows Kernel Mode Anti-Cheat Driver, CVE-2022-42046)\n\nwfshbr64.sys and wfshbr32.sys specially crafted payload allows arbitrary user to perform bitwise operation with arbitrary EPROCESS offset and flags value to purposely elevate the game process to CodeGen Full protection by manipulating EPROCESS.Protection and EPROCESS.SignatureLevel flags (security hole as a feature).\n\n\u26a0\ufe0fThe driver is signed by Microsoft hardware compatibility publisher that is submitted via Microsoft Hardware Program.", "creation_timestamp": "2022-12-24T17:38:18.000000Z"}, {"uuid": "e1a11ddf-b0cc-41c8-b2d4-13afa0c9c92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2565", "content": "#CVE-2022\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-20607\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-4646\n\nPoC for the CVE-2022-41082 Vulnerability Effecting Microsoft Exchange Servers\n\nhttps://github.com/balki97/CVE-2022-41082-POC\n\nCVE-2022-2602\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\nCVE-2022-2602\nhttps://github.com/Live-Hack-CVE/CVE-2022-4633\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-25574\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-36966\n\n@BlueRedTeam", "creation_timestamp": "2023-01-29T12:39:15.000000Z"}, {"uuid": "347bdb8c-939d-4e4c-901f-e128418dd93d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7421", "content": "#exploit\n1. CVE-2022-42046:\nwfshbr64.sys\u00a0LPE\nhttps://github.com/kkent030315/CVE-2022-42046\n\n2. Exploit script to get RCE by using LFI and Mail log poisoning\nhttps://github.com/Ananthavijay/Mail-log-Manipulation", "creation_timestamp": "2022-12-25T14:45:38.000000Z"}, {"uuid": "73a98997-4c26-4bbe-aaf6-9d3738c8c23e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42046", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4467", "content": "CVE-2022-42046 ( local privilege escalation )\n\nPOC \n\n#windows #poc\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:39.000000Z"}]}