https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 15 Jun 2026 02:44:08 +0000 https://vulnerability.circl.lu/sighting/e7a3f07f-0f0d-41d5-ad72-198d3bcfa252/export {"uuid": "e7a3f07f-0f0d-41d5-ad72-198d3bcfa252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6670", "content": "#exploit\n1. CVE-2022-23779:\nInternal Hostname Disclosure Vulnerability\nhttps://github.com/Vulnmachines/Zoho_CVE-2022-23779\n\n2. CVE-2022-37153:\nXSS vulnerability in Artica Proxy 4.30.0\nhttps://github.com/Fjowel/CVE-2022-37153\n\n3. CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:\nMozilla Firefox RCE + SBX full chain complete\nhttps://github.com/mistymntncop/CVE-2022-1802", "creation_timestamp": "2022-08-25T15:01:03.000000Z"} {"uuid": "e7a3f07f-0f0d-41d5-ad72-198d3bcfa252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6670", "content": "#exploit\n1. CVE-2022-23779:\nInternal Hostname Disclosure Vulnerability\nhttps://github.com/Vulnmachines/Zoho_CVE-2022-23779\n\n2. CVE-2022-37153:\nXSS vulnerability in Artica Proxy 4.30.0\nhttps://github.com/Fjowel/CVE-2022-37153\n\n3. CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:\nMozilla Firefox RCE + SBX full chain complete\nhttps://github.com/mistymntncop/CVE-2022-1802", "creation_timestamp": "2022-08-25T15:01:03.000000Z"} https://vulnerability.circl.lu/sighting/e7a3f07f-0f0d-41d5-ad72-198d3bcfa252/export Thu, 25 Aug 2022 15:01:03 +0000 https://vulnerability.circl.lu/sighting/db389376-7b60-4f21-89c6-3bc3e36d1db7/export {"uuid": "db389376-7b60-4f21-89c6-3bc3e36d1db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/952", "content": "CVE-2022-23779\n\u0412\u043e\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u0435\u0448\u043d\u043e \u0431\u0443\u0434\u0435\u0442\nZoho Internal Hostname Disclosure Vulnerability\nStep 1: curl -ILk https://IP:port/themes\nStep 2: Read the HTTP redirect response and anaylze the Location HTTP response header.\n*\nBONUS #Shodan : title:\"ManageEngine Desktop Central 10\"\ngithub\n#zoho #funnyExploit", "creation_timestamp": "2022-09-06T17:34:37.000000Z"} {"uuid": "db389376-7b60-4f21-89c6-3bc3e36d1db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/952", "content": "CVE-2022-23779\n\u0412\u043e\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u0435\u0448\u043d\u043e \u0431\u0443\u0434\u0435\u0442\nZoho Internal Hostname Disclosure Vulnerability\nStep 1: curl -ILk https://IP:port/themes\nStep 2: Read the HTTP redirect response and anaylze the Location HTTP response header.\n*\nBONUS #Shodan : title:\"ManageEngine Desktop Central 10\"\ngithub\n#zoho #funnyExploit", "creation_timestamp": "2022-09-06T17:34:37.000000Z"} https://vulnerability.circl.lu/sighting/db389376-7b60-4f21-89c6-3bc3e36d1db7/export Tue, 06 Sep 2022 17:34:37 +0000 https://vulnerability.circl.lu/sighting/fefe22ea-ccb5-4f0e-96b9-3b2cff27221d/export {"uuid": "fefe22ea-ccb5-4f0e-96b9-3b2cff27221d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/tYT7tTTfhGxqZ9lCl1roOH_fSnqZvveWSp3QRbA5RMgY4O0", "content": "", "creation_timestamp": "2022-09-12T18:40:13.000000Z"} {"uuid": "fefe22ea-ccb5-4f0e-96b9-3b2cff27221d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/tYT7tTTfhGxqZ9lCl1roOH_fSnqZvveWSp3QRbA5RMgY4O0", "content": "", "creation_timestamp": "2022-09-12T18:40:13.000000Z"} https://vulnerability.circl.lu/sighting/fefe22ea-ccb5-4f0e-96b9-3b2cff27221d/export Mon, 12 Sep 2022 18:40:13 +0000 https://vulnerability.circl.lu/sighting/37290469-5bd8-42bd-a8b8-b4a00fb4efad/export {"uuid": "37290469-5bd8-42bd-a8b8-b4a00fb4efad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23770", "type": "seen", "source": "https://t.me/cibsecurity/51609", "content": "\u203c CVE-2022-23770 \u203c\n\nThis vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:27.000000Z"} {"uuid": "37290469-5bd8-42bd-a8b8-b4a00fb4efad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23770", "type": "seen", "source": "https://t.me/cibsecurity/51609", "content": "\u203c CVE-2022-23770 \u203c\n\nThis vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:27.000000Z"} https://vulnerability.circl.lu/sighting/37290469-5bd8-42bd-a8b8-b4a00fb4efad/export Mon, 17 Oct 2022 20:13:27 +0000 https://vulnerability.circl.lu/sighting/238ceba9-4892-4a76-8daa-4384b68e2846/export {"uuid": "238ceba9-4892-4a76-8daa-4384b68e2846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/cibsecurity/51614", "content": "\u203c CVE-2022-23771 \u203c\n\nThis vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:32.000000Z"} {"uuid": "238ceba9-4892-4a76-8daa-4384b68e2846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/cibsecurity/51614", "content": "\u203c CVE-2022-23771 \u203c\n\nThis vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:32.000000Z"} https://vulnerability.circl.lu/sighting/238ceba9-4892-4a76-8daa-4384b68e2846/export Mon, 17 Oct 2022 20:13:32 +0000 https://vulnerability.circl.lu/sighting/9c85bccd-1373-4c21-9de7-406b2dfde836/export {"uuid": "9c85bccd-1373-4c21-9de7-406b2dfde836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7959", "content": "#exploit\n1. CVE-2022-23773:\ncmd/go in Go <1.16.14, 1.17.x - 1.17.7 can misinterpret branch names that falsely appear to be version tags (incorrect access control)\nhttps://github.com/Liuyushung/CVE-2022-23773-Reproduce\n\n2. Privilege Escalation in Windows 7/8/10 through Atom Table Hijacking\nhttps://github.com/SleepTheGod/Windows-Atom-Table-Hijacking", "creation_timestamp": "2023-03-20T11:00:50.000000Z"} {"uuid": "9c85bccd-1373-4c21-9de7-406b2dfde836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7959", "content": "#exploit\n1. CVE-2022-23773:\ncmd/go in Go <1.16.14, 1.17.x - 1.17.7 can misinterpret branch names that falsely appear to be version tags (incorrect access control)\nhttps://github.com/Liuyushung/CVE-2022-23773-Reproduce\n\n2. Privilege Escalation in Windows 7/8/10 through Atom Table Hijacking\nhttps://github.com/SleepTheGod/Windows-Atom-Table-Hijacking", "creation_timestamp": "2023-03-20T11:00:50.000000Z"} https://vulnerability.circl.lu/sighting/9c85bccd-1373-4c21-9de7-406b2dfde836/export Mon, 20 Mar 2023 11:00:50 +0000 https://vulnerability.circl.lu/sighting/8b4dc983-0550-4eef-83ff-11e07bf748f2/export {"uuid": "8b4dc983-0550-4eef-83ff-11e07bf748f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/-lA5S7bF_9fg00AkY0276s8aRc0a8omHD1XMrZmagJv5s5U", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"} {"uuid": "8b4dc983-0550-4eef-83ff-11e07bf748f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/-lA5S7bF_9fg00AkY0276s8aRc0a8omHD1XMrZmagJv5s5U", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"} https://vulnerability.circl.lu/sighting/8b4dc983-0550-4eef-83ff-11e07bf748f2/export Mon, 20 Mar 2023 18:22:35 +0000 https://vulnerability.circl.lu/sighting/6d33b2b9-57c5-42bc-bb07-93034fa1e4ad/export {"uuid": "6d33b2b9-57c5-42bc-bb07-93034fa1e4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/Hf1ne2KE1RxRMHH1MuIpxYeGJo5De7WS5II8RmNn3nXZte8", "content": "", "creation_timestamp": "2023-03-28T18:19:12.000000Z"} {"uuid": "6d33b2b9-57c5-42bc-bb07-93034fa1e4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/Hf1ne2KE1RxRMHH1MuIpxYeGJo5De7WS5II8RmNn3nXZte8", "content": "", "creation_timestamp": "2023-03-28T18:19:12.000000Z"} https://vulnerability.circl.lu/sighting/6d33b2b9-57c5-42bc-bb07-93034fa1e4ad/export Tue, 28 Mar 2023 18:19:12 +0000 https://vulnerability.circl.lu/sighting/8a7b36b6-95f9-4cc9-a925-f54f5b6b47af/export {"uuid": "8a7b36b6-95f9-4cc9-a925-f54f5b6b47af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15755", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23771\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:49:10.046Z\n\ud83d\udd17 References:\n1. https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66964", "creation_timestamp": "2025-05-09T15:25:50.000000Z"} {"uuid": "8a7b36b6-95f9-4cc9-a925-f54f5b6b47af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15755", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23771\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:49:10.046Z\n\ud83d\udd17 References:\n1. https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66964", "creation_timestamp": "2025-05-09T15:25:50.000000Z"} https://vulnerability.circl.lu/sighting/8a7b36b6-95f9-4cc9-a925-f54f5b6b47af/export Fri, 09 May 2025 15:25:50 +0000 https://vulnerability.circl.lu/sighting/d4a77e21-8233-403c-af0c-ca966b689590/export {"uuid": "d4a77e21-8233-403c-af0c-ca966b689590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/kEi9aG3in_m6wEBgriTJElzfBktIEkXFyp3h_KxyuN5JDe4", "content": "", "creation_timestamp": "2026-01-10T09:00:04.000000Z"} {"uuid": "d4a77e21-8233-403c-af0c-ca966b689590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/kEi9aG3in_m6wEBgriTJElzfBktIEkXFyp3h_KxyuN5JDe4", "content": "", "creation_timestamp": "2026-01-10T09:00:04.000000Z"} https://vulnerability.circl.lu/sighting/d4a77e21-8233-403c-af0c-ca966b689590/export Sat, 10 Jan 2026 09:00:04 +0000