https://vulnerability.circl.lu/sightings/feed 2026-06-04T08:13:44.735149+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/c4b56ab6-e8f6-4836-857a-b38aca16b06e/export 2026-06-04T08:13:45.065109+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c4b56ab6-e8f6-4836-857a-b38aca16b06e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3907", "type": "seen", "source": "https://t.me/cibsecurity/54005", "content": "\u203c CVE-2022-3907 \u203c\n\nThe Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:40:09.000000Z"} 2022-12-05T20:40:09+00:00 https://vulnerability.circl.lu/sighting/34c55716-6200-46ba-bbeb-90b222ec3383/export 2026-06-04T08:13:45.065035+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "34c55716-6200-46ba-bbeb-90b222ec3383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39072", "type": "seen", "source": "https://t.me/cibsecurity/56066", "content": "\u203c CVE-2022-39072 \u203c\n\nThere is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vulnerability to execute stored XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-06T22:25:06.000000Z"} 2023-01-06T22:25:06+00:00 https://vulnerability.circl.lu/sighting/2c83a703-099c-4314-b146-5f6508b888c0/export 2026-06-04T08:13:45.064867+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2c83a703-099c-4314-b146-5f6508b888c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39073", "type": "seen", "source": "https://t.me/cibsecurity/56072", "content": "\u203c CVE-2022-39073 \u203c\n\nThere is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-06T22:25:15.000000Z"} 2023-01-06T22:25:15+00:00 https://vulnerability.circl.lu/sighting/207bf214-4124-4737-8576-61172ab02a03/export 2026-06-04T08:13:45.064795+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "207bf214-4124-4737-8576-61172ab02a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39073", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2198", "content": "\u200b\u200bCVE-2022-39073\n\nProof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.\n\nhttps://github.com/v0lp3/CVE-2022-39073\n\n#cve #exploit", "creation_timestamp": "2023-01-11T03:31:50.000000Z"} 2023-01-11T03:31:50+00:00 https://vulnerability.circl.lu/sighting/69f2eb51-3af2-4634-8f45-80d12bf4f85a/export 2026-06-04T08:13:45.064717+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "69f2eb51-3af2-4634-8f45-80d12bf4f85a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39071", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39071\n\ud83d\udd39 Description: There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission.\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:40:41.363Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664", "creation_timestamp": "2025-01-13T21:12:17.000000Z"} 2025-01-13T21:12:17+00:00 https://vulnerability.circl.lu/sighting/5262919c-45a6-490b-bb9e-cad05d261688/export 2026-06-04T08:13:45.064640+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5262919c-45a6-490b-bb9e-cad05d261688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39074", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1399", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39074\n\ud83d\udd39 Description: There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:39:36.919Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664", "creation_timestamp": "2025-01-13T21:12:21.000000Z"} 2025-01-13T21:12:21+00:00 https://vulnerability.circl.lu/sighting/bf8d00d2-2eb5-457f-b168-040b45dfcf5e/export 2026-06-04T08:13:45.064534+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "bf8d00d2-2eb5-457f-b168-040b45dfcf5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39075", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1401", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39075\n\ud83d\udd39 Description: There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission.\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:38:46.616Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664", "creation_timestamp": "2025-01-13T21:12:26.000000Z"} 2025-01-13T21:12:26+00:00 https://vulnerability.circl.lu/sighting/1383524a-8417-4790-8219-cf03a8ff9d13/export 2026-06-04T08:13:45.061699+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "1383524a-8417-4790-8219-cf03a8ff9d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39070", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13793", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39070\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T04:29:24.706Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1027824", "creation_timestamp": "2025-04-29T05:11:37.000000Z"} 2025-04-29T05:11:37+00:00