{"vulnerability": "cve-2022-44621", "sightings": [{"uuid": "0a4933bd-3fda-48d2-bb49-afdcf09865d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/349", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "b39fd121-f9e8-4b87-978e-85383d67b4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11432", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44621\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.\n\ud83d\udccf Published: 2022-12-30T10:31:52.614Z\n\ud83d\udccf Modified: 2025-04-11T14:45:20.170Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/7ctchj24dofgsj9g1rg1245cms9myb34", "creation_timestamp": "2025-04-11T14:51:02.000000Z"}, {"uuid": "f9a74787-63f9-4b82-946a-48640d8b3444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2232", "content": "#CyberSecurity news -  \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aCan these researchers help defend satellite systems targeted by hackers?\n\nhttps://www.cyberscoop.com/space-satellite-cybersecurity-sparta/\n\n\u200aBitRAT malware campaign uses stolen bank data for phishing\n\nhttps://www.bleepingcomputer.com/news/security/bitrat-malware-campaign-uses-stolen-bank-data-for-phishing/\n\n\u200aPoland warns of attacks by Russia-linked Ghostwriter hacking group\n\nhttps://www.bleepingcomputer.com/news/security/poland-warns-of-attacks-by-russia-linked-ghostwriter-hacking-group/\n\n\u200aRail giant Wabtec discloses data breach after Lockbit ransomware attack\n\nhttps://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/\n\n\u200aOver 60,000 Exchange servers vulnerable to ProxyNotShell attacks\n\nhttps://www.bleepingcomputer.com/news/security/over-60-000-exchange-servers-vulnerable-to-proxynotshell-attacks/\n\n\u200aOngoing Flipper Zero phishing attacks target infosec community\n\nhttps://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/\n\n\u200aCVE-2022-43396 &amp; CVE-2022-44621: Command injection in Apache Kylin\n\nhttps://securityonline.info/cve-2022-43396-cve-2022-44621-command-injection-in-apache-kylin/\n\n\u200aCVE-2022-43931: Critical Vulnerability in Synology VPN Plus Server software\n\nhttps://securityonline.info/cve-2022-43931-critical-vulnerability-in-synology-vpn-plus-server-software/\n\n\u200aPowerMeUp: powershell scripts for post exploitation\n\nhttps://securityonline.info/powermeup-powershell-scripts-for-post-exploitation/\n\n\u200aLockbit Ransomware Group Apologized For the Attack On Hospital for Sick Children\n\nhttps://gbhackers.com/lockbit-ransomware-group-apologized/\n\n\u200aTop 10 Open Port Scanner and Port Checker Tools for 2023\n\nhttps://gbhackers.com/open-port-scanner-port-checker-tools/\n\nBitRAT Now Sharing Sensitive Bank Data as a Lure\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure\n\n\u200b\u200bDebloating Windows 10 with one command and no scripts\n\nhttps://gabrielsieben.tech/2023/01/02/debloating-windows-10-with-one-command-and-no-scripts\n\n\u200b\u200bBug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass\n\nhttps://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/\n\n\u200aBitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information\n\nhttps://cybersecuritynews.com/bitrat-malware-uses-phishing-emails/\n\n\u200aPoC Code for NodeBB Account Takeover Flaw (CVE-2022-46164) Published\n\nhttps://securityonline.info/poc-code-for-nodebb-account-takeover-flaw-cve-2022-46164-published/\n\n\u200aVillain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions\n\nhttp://www.kitploit.com/2023/01/villain-windows-and-linux-backdoor.html\n\n\u200aToyota Discloses Data Breach \u2013 Customers\u2019 Personal Information Exposed\n\nhttps://gbhackers.com/toyota-discloses-data-breach/\n\n\u200aOFRAK : Unpack, Modify, And Repack Binaries\n\nhttps://kalilinuxtutorials.com/ofrak/\n\n\u200aLABScon Replay | InkySquid: The Missing Arsenal\n\nhttps://www.sentinelone.com/labs/labscon-replay-inkysquid-the-missing-arsenal/\n\n\u200aOver 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell\n\nhttps://gbhackers.com/unpatched-proxynotshell/\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-05T13:41:52.000000Z"}, {"uuid": "6ca4d78b-dc43-406b-8042-eda6e9b7e8af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44621", "type": "seen", "source": "https://t.me/cibsecurity/55554", "content": "\u203c CVE-2022-44621 \u203c\n\nDiagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-30T14:14:03.000000Z"}]}