{"vulnerability": "cve-2022-4806", "sightings": [{"uuid": "4cca478c-e29a-4b4a-81f6-fd2615098cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48066", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9386", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48066\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T16:18:32.023Z\n\ud83d\udd17 References:\n1. https://befitting-vinca-933.notion.site/Totolink-A830R-V4-1-2cu-5182-Login-Authentication-Bypass-Vulnerability-e0dfe09f136a4cf59e3754edbd934c15", "creation_timestamp": "2025-03-28T16:27:51.000000Z"}, {"uuid": "04841c18-a466-4fc6-bc2f-7c86a68de78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48067", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48067\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T16:03:54.619Z\n\ud83d\udd17 References:\n1. https://befitting-vinca-933.notion.site/Totolink-A830R-V4-1-2cu-5182-Sensitive-Information-Disclosure-567f4a17d5cc401b97e5c3e61aae8ca0", "creation_timestamp": "2025-03-28T16:28:10.000000Z"}, {"uuid": "fc244563-a10e-4650-b614-4c4fd774312d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-48064", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "dee13a7b-b0d8-4f65-b7ef-09e42566f0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48067", "type": "seen", "source": "https://t.me/cibsecurity/57048", "content": "\u203c CVE-2022-48067 \u203c\n\nAn information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T18:34:31.000000Z"}, {"uuid": "8f487112-e07b-46ec-a1d9-52631db47fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48066", "type": "seen", "source": "https://t.me/cibsecurity/57046", "content": "\u203c CVE-2022-48066 \u203c\n\nAn issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T18:34:29.000000Z"}, {"uuid": "c0cd20aa-c78e-44fd-8df9-ff86c9cc09c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48069", "type": "seen", "source": "https://t.me/cibsecurity/57045", "content": "\u203c CVE-2022-48069 \u203c\n\nTotolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T18:34:28.000000Z"}, {"uuid": "0d858c9f-072f-4e3a-ad0c-4f08b80e3d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48065", "type": "seen", "source": "https://t.me/cibsecurity/68964", "content": "\u203c CVE-2022-48065 \u203c\n\nGNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:18:09.000000Z"}, {"uuid": "62233e1e-1b57-4adb-9edc-e6c960e857ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4806", "type": "seen", "source": "https://t.me/cibsecurity/55483", "content": "\u203c CVE-2022-4806 \u203c\n\nImproper Access Control in GitHub repository usememos/memos prior to 0.9.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T16:12:24.000000Z"}]}