{"vulnerability": "CVE-2022-2119", "sightings": [{"uuid": "3d0bbdac-5afe-499c-a3f4-c64eabc19024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21191", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10473", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21191\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P)\n\ud83d\udd39 Description: Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath  function.\n\ud83d\udccf Published: 2023-01-13T05:00:01.119Z\n\ud83d\udccf Modified: 2025-04-04T14:55:31.631Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-GLOBALMODULESPATH-3167973\n2. https://github.com/lorenzomigliorero/npm-node-utils/blob/b55dd81c597db657c9751332bb2242403fd3e26b/index.js%23L186\n3. https://github.com/rosen-vladimirov/global-modules-path/releases/tag/v3.0.0\n4. https://github.com/rosen-vladimirov/global-modules-path/commit/edbdaff077ea0cf295b1469923c06bbccad3c180", "creation_timestamp": "2025-04-04T15:36:59.000000Z"}, {"uuid": "7289e6e2-7347-4adf-bb1e-83efa56e8b5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21190", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/42698", "content": "\u203c CVE-2022-21190 \u203c\n\nThis affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-14T00:27:24.000000Z"}, {"uuid": "4e8a49f7-12fd-428f-b9e2-874deefb2955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21196", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21196\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.\n\ud83d\udccf Published: 2022-02-18T17:50:16.878Z\n\ud83d\udccf Modified: 2025-04-16T16:45:52.748Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02", "creation_timestamp": "2025-04-16T16:56:19.000000Z"}, {"uuid": "c9f3a758-e897-4fe9-b95d-f85371d6412e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21198", "type": "seen", "source": "Telegram/xbf7RgubljmZeKAr0HL-Vo_weeZFB4txvAuNL25GKBYMSo96", "content": "", "creation_timestamp": "2025-02-06T02:41:39.000000Z"}, {"uuid": "a2d5864e-af64-48d3-9f07-6e3d163527e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21198", "type": "seen", "source": "Telegram/P6rbDOAjZ9dWxxqEqqfp9RCvkW7JTg1or_85lYTIwDepCc6U", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "29b5d654-6e90-4b8b-b26d-f50416da4311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21191", "type": "seen", "source": "https://t.me/cibsecurity/56479", "content": "\u203c CVE-2022-21191 \u203c\n\nVersions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:08.000000Z"}, {"uuid": "e4b2fc5f-95e5-4f6a-a460-ab7a5c359618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21197", "type": "seen", "source": "https://t.me/cibsecurity/48396", "content": "\u203c CVE-2022-21197 \u203c\n\nImproper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:59.000000Z"}, {"uuid": "c25e7acb-fb26-4765-8666-2aec24f876b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21195", "type": "seen", "source": "https://t.me/cibsecurity/43093", "content": "\u203c CVE-2022-21195 \u203c\n\nAll versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-21T00:31:01.000000Z"}, {"uuid": "2ad1e4a6-823f-4e44-8a20-f3e7db477a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21199", "type": "seen", "source": "https://t.me/cibsecurity/36493", "content": "\u203c CVE-2022-21199 \u203c\n\nAn information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:22:19.000000Z"}, {"uuid": "3a620469-6594-4386-95b5-da64932b7db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21194", "type": "seen", "source": "https://t.me/cibsecurity/38764", "content": "\u203c CVE-2022-21194 \u203c\n\nThe following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T12:14:35.000000Z"}, {"uuid": "a265b7af-ad53-4b46-84df-5167960ae4d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21196", "type": "seen", "source": "https://t.me/cibsecurity/37715", "content": "\u203c CVE-2022-21196 \u203c\n\nMMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T20:40:13.000000Z"}, {"uuid": "921d366f-2055-4e64-8741-f39d31ff1e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21193", "type": "seen", "source": "https://t.me/cibsecurity/36990", "content": "\u203c CVE-2022-21193 \u203c\n\nDirectory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-08T14:36:59.000000Z"}]}