{"vulnerability": "CVE-2022-2294", "sightings": [{"uuid": "d3bec8ca-8aed-47d8-848c-df28b233e8fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "a45b6947-c2bd-4b3a-9997-aeadad215913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-17T18:10:03.000000Z"}, {"uuid": "5c3c3e89-9ba9-4b8c-b883-1d7e1d7adad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "1ccc9852-bef1-4ee0-88e6-63be2345d55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "20dee24e-c28e-4e57-a0a3-32e8ad310125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "MISP/bd1c3290-9486-4bf9-ae59-fe17c0948133", "content": "", "creation_timestamp": "2023-09-06T13:44:15.000000Z"}, {"uuid": "edf55698-79ac-4803-84cb-81c4abff17f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971545", "content": "", "creation_timestamp": "2024-12-24T20:30:55.871024Z"}, {"uuid": "a67fb1ec-624b-4f43-b7b5-f8873335d4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971693", "content": "", "creation_timestamp": "2024-12-24T20:32:55.060724Z"}, {"uuid": "6eb2b264-2f76-4e56-b0f8-9dabe8e7a692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "5f88b3a0-a67c-4fec-9868-37df2b231dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "4bd84e97-a0a3-4852-a541-b985e963f866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "cc6719e1-1444-41e1-8a97-33f3904b232a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-30)", "content": "", "creation_timestamp": "2025-03-30T00:00:00.000000Z"}, {"uuid": "18f0e2d5-eb8a-40e6-9dfa-2ee7b3d9b440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "455b61d7-61a2-4fb0-bae3-b9fbbe064790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "2b288d6f-3d15-484c-b3eb-6d25e66bbc2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "8762b1df-9d69-4e01-ad5e-32f7c220f0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "472f946f-2efa-4a96-9f5f-e4fa064ac499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "79598397-5736-4b43-8dce-4a943eceaee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-07)", "content": "", "creation_timestamp": "2025-03-07T00:00:00.000000Z"}, {"uuid": "1e0f40d7-04a1-470b-a23d-e5567705367a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}, {"uuid": "d219c586-4eee-4622-95b7-b7b42a8b9556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:34.000000Z"}, {"uuid": "79665158-e55f-46bb-8922-ffa33eaffc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-16)", "content": "", "creation_timestamp": "2025-04-16T00:00:00.000000Z"}, {"uuid": "b909b661-5bd3-464d-9de8-e860cc6c2543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:34.000000Z"}, {"uuid": "214e7bd6-daa3-4f04-a4f7-28f96d6f5dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-19)", "content": "", "creation_timestamp": "2025-05-19T00:00:00.000000Z"}, {"uuid": "8931f964-50e9-4502-8ea6-70fc5e6d5338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "5ceab656-8817-43cc-afee-752edfa92bc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/post/linux/gather/vcenter_secrets_dump.rb", "content": "", "creation_timestamp": "2022-11-02T11:13:25.000000Z"}, {"uuid": "4b50a544-40e7-4ac0-bb9a-7e852b85fcdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "48023b98-cfd9-47ac-bb0e-0888aa470c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-20)", "content": "", "creation_timestamp": "2025-11-20T00:00:00.000000Z"}, {"uuid": "c5b271e0-fa06-4708-b8a1-d964394d4ba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "d0740707-dced-42dc-b0b6-c822b3660101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/spring_cloud_gateway_rce.rb", "content": "", "creation_timestamp": "2022-10-12T17:23:12.000000Z"}, {"uuid": "892fdb73-b69d-4bd6-8ba3-aae4579f0cda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3m4eeur6ow22o", "content": "", "creation_timestamp": "2025-10-29T21:21:06.902909Z"}, {"uuid": "f8b2756a-aafb-4c9b-aa08-80a1a8d631aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:41.000000Z"}, {"uuid": "6101780c-c7eb-4011-b361-908ce7be37d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vmwgfx_fd_priv_esc.rb", "content": "", "creation_timestamp": "2023-01-31T19:59:14.000000Z"}, {"uuid": "e93732cd-a3cf-43e2-85ee-fe0f535bc691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:32.000000Z"}, {"uuid": "643fb33e-81a7-4cc8-ba1f-74c08adbdb18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:54.000000Z"}, {"uuid": "11b7cf85-e74d-4f8a-9be3-560773eba906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:53.000000Z"}, {"uuid": "b2872a32-7422-4285-bc8b-dd6023741929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://gist.github.com/aw-junaid/ed30afd1f8d04325e68a70aa2e002932", "content": "", "creation_timestamp": "2026-01-30T19:25:35.000000Z"}, {"uuid": "66f82eb1-9f44-42b3-93ab-a3325f6941a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "03c6d943-d008-4f79-8fa8-7ceeb8b5c7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22947", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4d081038-c409-4d67-94e4-67c87ad27f09", "content": "", "creation_timestamp": "2026-02-02T12:27:47.095358Z"}, {"uuid": "44005301-9660-47be-b5c7-d4c831768943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "c403f14b-441c-4dfd-a05f-c05daf2b5048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "35a86c18-0d88-4706-b604-e7a0729da11a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=828", "content": "", "creation_timestamp": "2022-07-05T04:00:00.000000Z"}, {"uuid": "acf67ed1-6ca5-4538-ad18-f66443386f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=829", "content": "", "creation_timestamp": "2022-07-07T04:00:00.000000Z"}, {"uuid": "25233b64-cc12-47a8-a58e-94bb96dea380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1678", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947 memshell\nURL\uff1ahttps://github.com/viemsr/spring_cloud_gateway_memshell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-18T09:29:00.000000Z"}, {"uuid": "e46ae1f0-cf12-468a-b26d-f1b7e867694f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b4a75922-8ba0-42bf-b698-374611cf6e66", "content": "", "creation_timestamp": "2026-02-02T12:27:15.257191Z"}, {"uuid": "c430deed-730e-4ad9-9df9-74bfb4904832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22948", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bc0d12b9-dcac-429d-b23d-8261d773156e", "content": "", "creation_timestamp": "2026-02-02T12:26:33.233512Z"}, {"uuid": "20ad190c-e913-405a-93f3-c3b091e0ed90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1675", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947_POC_EXP\nURL\uff1ahttps://github.com/Wrin9/CVE-2022-22947\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-17T10:03:15.000000Z"}, {"uuid": "d717b30d-6a81-4b94-9587-7c8fdaf363ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "8dd44a4e-df56-4ac9-9ce9-2109d270e042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9210", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Zero-Day: CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter.\n\nhttps://www.pentera.io/blog/information-disclosure-in-vmware-vcenter/", "creation_timestamp": "2022-03-30T04:44:10.000000Z"}, {"uuid": "3adf5a2d-ea46-4407-9a8e-6afcb866e40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1716", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1apoc for CVE-2022-22947\nURL\uff1ahttps://github.com/Nathaniel1025/CVE-2022-22947\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-25T12:45:55.000000Z"}, {"uuid": "b910bfbe-9207-4826-b316-aeda58fe6474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/spring_cloud_gateway_cve_2022_22947", "content": "", "creation_timestamp": "2022-03-11T07:28:25.000000Z"}, {"uuid": "fd84acd3-849c-4581-8a29-8f256be48929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1584", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API \u8fdc\u7a0b\u547d\u4ee4\u6267\u884c CVE-2022-22947\nURL\uff1ahttps://github.com/dbgee/CVE-2022-22947", "creation_timestamp": "2022-03-04T09:52:10.000000Z"}, {"uuid": "ac24a5cd-f0b5-4e95-9cc3-1a59938035a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1577", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpringCloudGatewayRCE - CVE-2022-22947 / Code By:Tas9er\nURL\uff1ahttps://github.com/Tas9er/SpringCloudGatewayRCE", "creation_timestamp": "2022-03-03T19:48:33.000000Z"}, {"uuid": "a5c4ec76-222a-4d7e-8e87-a8699275ca53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1eExp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947\nURL\uff1ahttps://github.com/Axx8/CVE-2022-22947_Rce_Exp", "creation_timestamp": "2022-03-03T13:15:08.000000Z"}, {"uuid": "f85a4fbf-9e34-494c-a733-6f26a8d6523b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1571", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring cloud gateway code injection : CVE-2022-22947\nURL\uff1ahttps://github.com/Vulnmachines/spring-cve-2022-22947", "creation_timestamp": "2022-11-26T10:04:51.000000Z"}, {"uuid": "0beda150-87c7-495c-bcc1-40a17d1d6107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1587", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a\u6279\u91cfurl\u68c0\u6d4bSpring-Cloud-Gateway-CVE-2022-22947\nURL\uff1ahttps://github.com/Xd-tl/CVE-2022-22947-Rce_POC", "creation_timestamp": "2022-03-04T15:01:13.000000Z"}, {"uuid": "24f13fdd-7fb1-4288-b0a9-30714415c496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1586", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947\u6279\u91cf\u68c0\u6d4b\u811a\u672c\uff0c\u56de\u663e\u547d\u4ee4\u6ca1\u8fdb\u884c\u6b63\u5219\uff0c\u5927\u4f6c\u4eec\u5148\u7528\u7740\uff0c\u540e\u7eed\u518d\u66f4\nURL\uff1ahttps://github.com/chaosec2021/CVE-2022-22947-POC", "creation_timestamp": "2022-03-04T11:35:08.000000Z"}, {"uuid": "7f5e61d6-0b6e-48f2-bc20-6e7a317409df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2090", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aResolving the CVE-2022-22948 vulnerability\nURL\uff1ahttps://github.com/kaanymz/researching-cve-2022-22948-vcenter\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-03T15:29:01.000000Z"}, {"uuid": "5060972e-0996-4dff-8afb-f2e3b7a920fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1863", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947 reproduce\nURL\uff1ahttps://github.com/aesm1p/CVE-2022-22947-POC-Reproduce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T10:18:23.000000Z"}, {"uuid": "c2134a5e-f941-4aea-8125-311e2266ebf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1620", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947_EXP,CVE-2022-22947_RCE\nURL\uff1ahttps://github.com/aodsec/CVE-2022-22947", "creation_timestamp": "2022-03-08T09:34:34.000000Z"}, {"uuid": "dd620eb0-3767-41bb-abd9-7afe5cfcbce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "Telegram/CZb6STvQK1otsp1MCGSeurR30C35BHHh-T_l964ZueqioxI", "content": "", "creation_timestamp": "2025-08-08T15:00:06.000000Z"}, {"uuid": "2bd48eff-03a7-4549-ad83-5e293bb223e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1570", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947 RCE\nURL\uff1ahttps://github.com/shakeman8/CVE-2022-22947-RCE", "creation_timestamp": "2022-03-03T10:49:20.000000Z"}, {"uuid": "f5a6929e-91e3-4240-9254-ef7d28da58d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1569", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947\nURL\uff1ahttps://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947", "creation_timestamp": "2022-03-03T07:20:24.000000Z"}, {"uuid": "b6631277-a57b-4d2a-91db-00e2ff92374d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1585", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring-Cloud-Gateway-CVE-2022-22947\nURL\uff1ahttps://github.com/nu0l/cve-2022-22947", "creation_timestamp": "2022-03-04T10:13:38.000000Z"}, {"uuid": "484e7ee6-1dab-49b5-8246-eb43bf754ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1599", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u547d\u4ee4\u6267\u884c\uff08CVE-2022-22947\uff09\u6279\u91cf\u68c0\u6d4b\u5de5\u5177\nURL\uff1ahttps://github.com/YutuSec/SpEL", "creation_timestamp": "2022-03-07T09:20:07.000000Z"}, {"uuid": "4899b5a5-fdec-46f0-9e2e-e97e8dda5a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1604", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)\nURL\uff1ahttps://github.com/mrknow001/CVE-2022-22947", "creation_timestamp": "2022-03-07T16:27:46.000000Z"}, {"uuid": "ae1fb700-223a-4f0f-9b89-2ef585cf65ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "25dbfc56-4e23-4962-a3cf-696c7a8d619b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1913", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aburp\u88ab\u52a8\u626b\u63cf\u63d2\u4ef6\uff0c\u76ee\u524d\u53ea\u6709CVE-2022-22947\nURL\uff1ahttps://github.com/F6JO/Burp_VulPscan\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-11T06:29:02.000000Z"}, {"uuid": "8257f981-d0c2-4638-93b1-7e634390e0dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1638", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947 Exploit script\nURL\uff1ahttps://github.com/An0th3r/CVE-2022-22947-exp", "creation_timestamp": "2022-03-10T03:54:47.000000Z"}, {"uuid": "5f48ebc2-350a-4021-aee9-5cf9bb22d81f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1653", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring-cloud-gateway-rce  CVE-2022-22947\nURL\uff1ahttps://github.com/k3rwin/spring-cloud-gateway-rce", "creation_timestamp": "2022-03-13T10:03:53.000000Z"}, {"uuid": "8a7f737d-a33e-48c5-8e3f-0bf24ffd1f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1792", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring-Cloud-Gateway-CVE-2022-22947\nURL\uff1ahttps://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T10:28:05.000000Z"}, {"uuid": "d214f519-1e2d-4a90-9e18-4712d7fcba54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1738", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aScanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter\nURL\uff1ahttps://github.com/PenteraIO/CVE-2022-22948\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-29T16:53:05.000000Z"}, {"uuid": "6cef5e12-105a-4dd8-a647-3a82be654363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1750", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway RCE - CVE-2022-22947 \nURL\uff1ahttps://github.com/sagaryadav8742/springcloudRCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T23:37:00.000000Z"}, {"uuid": "44105bf4-704d-4604-89e7-6693f261b37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2209", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u547d\u4ee4\u6267\u884c\uff08CVE-2022-22947\uff09 \u6ce8\u5165\u54e5\u65af\u62c9\u5185\u5b58\u9a6c\nURL\uff1ahttps://github.com/V35HR4J/CVE-2022-1598\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-16T16:11:20.000000Z"}, {"uuid": "d63178f6-96ad-4840-ba68-75304d734bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2208", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u547d\u4ee4\u6267\u884c\uff08CVE-2022-22947\uff09 \u6ce8\u5165\u54e5\u65af\u62c9\u5185\u5b58\u9a6c\nURL\uff1ahttps://github.com/0730Nophone/CVE-2022-22947-\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-16T15:34:32.000000Z"}, {"uuid": "7e9fa601-da60-4759-9f58-99aec4af4d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2206", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u5185\u5b58\u9a6c\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u547d\u4ee4\u6267\u884c\uff08CVE-2022-22947\uff09 \u6ce8\u5165\u54e5\u65af\u62c9\u5185\u5b58\u9a6c\nURL\uff1ahttps://github.com/0730Nophone/CVE-2022-22947\n\n\u6807\u7b7e\uff1a#\u5185\u5b58\u9a6c", "creation_timestamp": "2022-05-17T11:59:21.000000Z"}, {"uuid": "8f94acce-df12-4f8d-94ac-0f96d8bf5033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2043", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22947 \u6ce8\u5165Godzilla\u5185\u5b58\u9a6c\nURL\uff1ahttps://github.com/whwlsfb/cve-2022-22947-godzilla-memshell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-26T06:02:19.000000Z"}, {"uuid": "6a2d5935-871d-4001-ae94-76212cc848c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2072", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aResolving the CVE-2022-22948 vulnerability\nURL\uff1ahttps://github.com/kaanymz/vcenter-cve-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T11:55:04.000000Z"}, {"uuid": "2f73964d-7338-49a9-9b6f-4bd4e760d5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aburpsuite \u7684Spring\u6f0f\u6d1e\u626b\u63cf\u63d2\u4ef6\u3002SpringVulScan\uff1a\u652f\u6301\u68c0\u6d4b\uff1a\u8def\u7531\u6cc4\u9732|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977\nURL\uff1ahttps://github.com/tpt11fb/SpringVulScan\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-20T01:10:15.000000Z"}, {"uuid": "95a7f6ed-47e6-4143-9fa5-5bdf67de4021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4604", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u5185\u5b58\u9a6c\n\u63cf\u8ff0\uff1aCVE-2022-22947\u6ce8\u5165\u54e5\u65af\u62c9\u5185\u5b58\u9a6c\nURL\uff1ahttps://github.com/Zh0um1/CVE-2022-22947\n\n\u6807\u7b7e\uff1a#\u5185\u5b58\u9a6c", "creation_timestamp": "2023-06-21T15:51:49.000000Z"}, {"uuid": "97d57869-6cc0-4386-b602-d9ff61c3a039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2570", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aNacos\u4e0bSpring-Cloud-Gateway CVE-2022-22947\u5229\u7528\nURL\uff1ahttps://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-25T05:16:35.000000Z"}, {"uuid": "6df15e23-ddfb-41f2-88ac-5dc6703377fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2466", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e Spring_Cloud_Gateway_RCE_POC-CVE-2022-22947\nURL\uff1ahttps://github.com/YDH777/CVE-2022-22947-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-08T09:57:13.000000Z"}, {"uuid": "dda42fbd-15b0-4424-a9fd-f9a0f33812ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2472", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a\u6279\u91cf\u68c0\u6d4bSpring Cloud Gateway \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e Spring_Cloud_Gateway_RCE_POC-CVE-2022-22947\nURL\uff1ahttps://github.com/stayfoolish777/CVE-2022-22947-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-16T22:44:57.000000Z"}, {"uuid": "8c7cb097-9108-45ac-bb78-9ebf7fc089c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/itsec_news/942", "content": "\u200b\u26a1\ufe0f Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u0430\u0436\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Chrome.\n\n\ud83d\udcac \u0412 \u0441\u0432\u0435\u0436\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u043f\u0430\u0441\u043d\u0443\u044e 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-2294, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u0443\u0447\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebRTC.\n\n0-day \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u042f\u043d \u0412\u043e\u0436\u0442\u0435\u0441\u0435\u043a, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Avast Threat Intelligence. Google \u043d\u0435 \u0441\u0442\u0430\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438, \u043a\u0430\u0441\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0435\u0435 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435. \u0421\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0445\u043e\u0447\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\nCVE-2022-2294 \u0441\u0442\u0430\u043b\u0430 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome. \u0414\u043e \u043d\u0435\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c CVE-2022-0609, CVE-2022-1096 \u0438 CVE-2022-1364.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b  \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 103.0.5060.114 \u043d\u0430 \u0432\u0441\u0435\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e \u043c\u0435\u0440\u0435 \u0438\u0445 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f.\n\n#Google #0day #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #GoogleChrome #\u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-07-05T09:35:16.000000Z"}, {"uuid": "0c599283-060e-47a4-86b5-c044a87ef46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "Telegram/jW6gAEx0X-7rlKDcpeYmlHPMlF_kfSwPpGXtV0Ykb6N88uc", "content": "", "creation_timestamp": "2026-03-31T03:00:07.000000Z"}, {"uuid": "fe1501c2-f19c-4c3c-b9e2-abba36038aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/itsec_news/1646", "content": "\u200b\u26a1\ufe0f Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Chrome.\n\n\ud83d\udcac Chrome \u0432\u0435\u0440\u0441\u0438\u0438 107 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0442 Google \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-3723, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u0411\u0440\u0435\u0448\u044c \u0432 \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0435\u0439 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript Chromium V8. \u0410 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043f\u0440\u043e \u043d\u0435\u0435 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Avast.\n\nGoogle \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043f\u0440\u043e \u0442\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041d\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e CVE-2022-3723, \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0430\u0441\u043a\u0440\u043e\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0431\u043d\u043e\u0432\u0438\u0442 Chrome.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u0443\u0436\u0435 \u0441\u0435\u0434\u044c\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f Google \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443, \u043d\u0438\u0436\u0435 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d \u043f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a:\n\nCVE-2022-3075 \u2013 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 IPC-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Mojo;\n\nCVE-2022-2856 \u2013 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Intents;\n\nCVE-2022-2294 \u2013 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebRTC (Web Real-Time Communications);\n\nCVE-2022-1364 \u2013 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript Chrome V8;\n\nCVE-2022-1096 \u2013 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript Chrome V8;\n\nCVE-2022-0609 \u2013 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0430\u043d\u0438\u043c\u0430\u0446\u0438\u0438;\n\nIT-\u0433\u0438\u0433\u0430\u043d\u0442 \u043d\u0435 \u0441\u0442\u0430\u043b \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a \u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438\u0445 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0435.\n\n#Google #Chrome #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-10-30T10:05:47.000000Z"}, {"uuid": "63e08457-9354-4ddf-9ec0-f42a0bd83db6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6570", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u7684\u5229\u7528\u5de5\u5177\uff0c\u5de5\u5177\u76ee\u524d\u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\uff0c\u76ee\u524d\u4ec5\u4e3a\u7b2c\u4e00\u4e2a\u7248\u672c\uff0c\u540e\u7eed\u4f1a\u6dfb\u52a0\u66f4\u591a\u6f0f\u6d1ePOC\uff0c\u4ee5\u53ca\u66f4\u591a\u7684\u6301\u4e45\u5316\u5229\u7528\u65b9\u5f0f\nURL\uff1ahttps://github.com/charonlight/SpringExploitGUI\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-06T09:03:50.000000Z"}, {"uuid": "b3c637a6-04aa-49d4-9e69-34f87dbf67e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1252", "content": "springcloudRCE\nSpring Cloud Gateway RCE - CVE-2022-22947\nhttps://github.com/sagaryadav8742/springcloudRCE\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-07T15:00:52.000000Z"}, {"uuid": "9316911e-a97f-4f1a-b35d-89aef369fa0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1579", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u547d\u4ee4\u6267\u884c\uff08CVE-2022-22947\uff09\nURL\uff1ahttps://github.com/helloexp/CVE-2022-22947", "creation_timestamp": "2022-03-04T02:32:21.000000Z"}, {"uuid": "d124a97b-80d8-45f0-b41e-ff1ffa65806a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/poxek/1234", "content": "CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-05T12:57:16.000000Z"}, {"uuid": "780f35ac-7b25-4d6c-9fe9-8a8285ef59b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/avleonovrus/35", "content": "\u041c\u0430\u0439\u043a\u0440\u043e\u0441\u043e\u0444\u0442 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0442\u0432\u043e\u0440\u044f\u0442 \u0434\u0438\u0447\u044c, \u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u043f\u043e\u0432\u043e\u0434 \u043d\u0435 \u043f\u0430\u0442\u0447\u0438\u0442\u044c \u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b. \u0412\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430. \u041d\u0443 \u0438 \u0442\u043e\u0447\u043d\u043e \u043d\u0435 \u043f\u043e\u0432\u043e\u0434 \u043d\u0435 \u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \ud83d\ude42 \u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0432\u0438\u0434\u044f\u0448\u043a\u0430 \u043f\u0440\u043e \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 Patch Tuesday \u0431\u0443\u0434\u0435\u0442, \u043d\u043e \u043a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043f\u043e\u0440\u0430\u043d\u044c\u0448\u0435, \u0432\u044b\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u0440\u0435\u043f\u043e\u0440\u0442 Vulristics. \u0422\u0435\u043f\u0435\u0440\u044c \u0432\u0441\u0451 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u043d\u0435\u0441\u0443 \u0432 \u0442\u0435\u043b\u0435\u0436\u0435\u043d\u044c\u043a\u0443 avleonovrus. \ud83d\ude09\n\n\u0427\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u0430\u0437\u0430\u0442\u044c, \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0438\u0437\u0430\u0446\u0438\u044f \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e. \u0421\u0432\u0435\u0440\u0445\u0443 \u0441\u043f\u0438\u0441\u043a\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432\u0436\u0438\u0432\u0443\u044e Elevation of Privilege \u0432 Windows CSRSS (CVE-2022-22047), \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u0435\u0439\u043d\u0441\u0442\u0440\u0438\u043c\u043d\u044b\u0435 \u043c\u0435\u0434\u0438\u0430 \u043f\u0440\u043e\u0442\u0440\u0443\u0431\u0438\u043b\u0438. \u041c\u043e\u0436\u043d\u043e \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u041f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0432\u0438\u0434\u043d\u043e. \n\n\u0414\u0430\u043b\u044c\u0448\u0435 \u043c\u0435\u043d\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. Remote Code Execution \u0432 Remote Procedure Call Runtime (CVE-2022-22038). \u0422\u0443\u0442 \u0443 Microsoft \u0435\u0441\u0442\u044c POC \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430. \u041d\u043e \u0432\u0440\u044f\u0434 \u043b\u0438 \u0434\u043e\u0432\u0435\u0434\u0443\u0442 \u0434\u043e \u0447\u0435\u0433\u043e-\u0442\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e, \u0442.\u043a. Exploitation Less Likely. \n\n\u041c\u0435\u0436\u0434\u0443 \u0438\u044e\u043d\u044c\u0441\u043a\u0438\u043c \u0438 \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u043c Patch Tuesday \u0432\u044b\u0448\u043b\u0430 Memory Corruption \u0432 Microsoft Edge (CVE-2022-2294), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0438\u0434\u0438\u043c\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 RCE \u0438 Google \u043f\u0438\u0448\u0443\u0442, \u0447\u0442\u043e \u043e\u043d\u0430 \u0432\u0436\u0438\u0432\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f.   \n\n\u0415\u0449\u0451 \u0437\u0430\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0432 \u044d\u0442\u043e\u043c Patch Tuesday \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u0442\u043e EoP. \u0422\u0430\u043a\u0436\u0435 \u043e\u0447\u0435\u043d\u044c \u043c\u043d\u043e\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Azure Site Recovery. \u0418 EoP, \u0438 RCE, \u0438 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0441 \u043d\u0435\u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438 \u0443\u0440\u043e\u0432\u043d\u044f \u0437\u0440\u0435\u043b\u043e\u0441\u0442\u0438 POC. \u041f\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e  Azure Site Recovery \u044d\u0442\u043e \"Site Recovery is a native disaster recovery as a service (DRaaS)\", \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0434\u043e\u043b\u0436\u043d\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f \u0441\u0430\u043c\u0438\u043c\u0438 Microsoft, \u043d\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0442\u0430\u043c \u0435\u0441\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0445\u043e\u0441\u0442\u0430\u0445 Microsoft Azure Site Recovery suite \u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0447\u0430\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u0442\u043e \u0432 \u043d\u0435\u043c. Tenable \u043f\u0440\u043e CVE-2022-33675 \u043f\u0438\u0448\u0443\u0442, \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e SYSTEM.\n\n@avleonovrus #Microsoft #PatchTuesday #Vulristics", "creation_timestamp": "2023-09-21T09:26:48.000000Z"}, {"uuid": "14ad7f57-20ae-479e-8199-30b3e63fca70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/poxek/2398", "content": "#CVE\n\nWebRTC Heap Buffer Overflow Vulnerability\nCVE-2022-2294\n\nWebRTC, \u043f\u0440\u043e\u0435\u043a\u0442 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c \u0441\u0432\u044f\u0437\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c shellcode. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 WebRTC, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Google Chrome, \u043d\u043e \u043d\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u044f\u0441\u044c \u0438\u043c.", "creation_timestamp": "2022-08-29T15:00:04.000000Z"}, {"uuid": "fc60ee3a-ebf2-4280-9121-98e842ca656f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "published-proof-of-concept", "source": "https://t.me/avleonovrus/36", "content": "\u0412\u0438\u0434\u044f\u0448\u0435\u0447\u043a\u0430 \u043f\u0440\u043e \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 Microsoft Patch Tuesday \u0438 \u043f\u0440\u043e \u0442\u043e, \u0447\u0442\u043e Microsoft \u0442\u0432\u043e\u0440\u0438\u0442 \u0434\u0438\u0447\u044c. \u0412 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0435 \u0432\u0441\u0435 \u0442\u043e \u0436\u0435, \u043e \u0447\u0435\u043c \u0442\u0443\u0442 \u043f\u0438\u0441\u0430\u043b. \u041d\u0443 \u0438 \u043f\u0440\u043e \u0440\u0435\u043f\u043e\u0440\u0442 \u043c\u0430\u0439\u043a\u0440\u043e\u0441\u043e\u0444\u0442\u043e\u0432\u0441\u043a\u0438\u0439 \u0442\u043e\u0436\u0435 \u043d\u0430\u043a\u0438\u043d\u0443\u043b \u043d\u0435\u043c\u043d\u043e\u0436\u043a\u043e \u0434\u043b\u044f \u0437\u0430\u0442\u0440\u0430\u0432\u043a\u0438. \ud83d\ude42\n\n\u2014-\n\nHello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn't be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in theory, should be more or less neutral, does this\u2026 This is a clear signal. It's not about business anymore. \n\nI'll take a closer look at this report in the next episode of the Vulnerability Management news, but for now let's take a look at Microsoft July Patch Tuesday. Yes, the vendor is behaving strangely, but Microsoft products need to be patched. Right? At least for now. And tracking vulnerabilities is always a good thing. \ud83d\ude42\n\n01:32 CSRSS Elevation of Privilege (CVE-2022-22047)\n04:36 RPC Remote Code Execution (CVE-2022-22038)\n05:44 Microsoft Edge Memory Corruption (CVE-2022-2294)\n06:55 32 vulnerabilities in Azure Site Recovery\n\nVideo: https://youtu.be/HjfxxcqWrH4\nVideo2 (for Russia): https://vk.com/video-149273431_456239096\nBlogpost: https://avleonov.com/2022/07/23/microsoft-patch-tuesday-july-2022-propaganda-report-csrss-eop-rpc-rce-edge-azure-site-recovery/\nFull report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_july2022_report_with_comments_ext_img.html\n\n@avleonovrus #microsoft #patchtuesday", "creation_timestamp": "2023-10-21T12:56:55.000000Z"}, {"uuid": "d745704d-6380-486c-98da-78aa34f4171b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1461", "content": "CVE-2022-22947\nSpring Cloud Gateway Actuator API SpEL Code Injection\nhttps://github.com/twseptian/cve-2022-22947\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-05-03T09:04:03.000000Z"}, {"uuid": "80d487a3-e16e-4969-859c-1ce571374984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/poxek/2110", "content": "\u0428\u043f\u0438\u043e\u043d DevilsTongue \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e 0-day \u0432 Google Chrome\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e 0-day \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0430\u0442\u0447\u0435\u0439. \u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u043e \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u0430\u044f \u0432 Chrome \u0432 2022 \u0433\u043e\u0434\u0443.\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-27T17:00:35.000000Z"}, {"uuid": "8be7ffdd-76bd-4bc6-9ea9-8ecac807f826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/poxek/2077", "content": "Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild\nThe shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native apps.\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2023-07-21T09:03:37.000000Z"}, {"uuid": "c0011123-d995-45df-824d-cd18ed8f9806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1957", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)\nURL\uff1ahttps://github.com/twseptian/cve-2022-22947\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T15:50:52.000000Z"}, {"uuid": "11085de4-7c0f-4d43-8c37-b247ad58f84f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/cyberbannews_ir/6182", "content": "\ud83d\uded1\u0627\u0635\u0644\u0627\u062d \u0686\u0647\u0627\u0631\u0645\u06cc\u0646 \u0628\u0627\u06af \u0627\u0645\u0646\u06cc\u062a\u06cc \u06af\u0648\u06af\u0644 \u06a9\u0631\u0648\u0645 \u062f\u0631 \u0633\u0627\u0644 2022\n\n \u06af\u0648\u06af\u0644 \u0628\u0627 \u0647\u062f\u0641 \u0627\u0635\u0644\u0627\u062d \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u062c\u062f\u06cc\u060c \u0646\u0633\u062e\u0647 103.0.5060.114 \u06a9\u0631\u0648\u0645 \u0631\u0627 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u0648\u0631\u062f \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0647\u0627\u062c\u0645\u06cc\u0646 \u0642\u0631\u0627\u0631 \u062f\u0627\u0634\u062a\u060c \u0686\u0647\u0627\u0631\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0635\u0644\u0627\u062d \u0634\u062f\u0647 \u06a9\u0631\u0648\u0645 \u062f\u0631 \u0633\u0627\u0644 2022 \u0627\u0633\u062a.\n\n\u06af\u0648\u06af\u0644 \u0627\u0632 \u0648\u062c\u0648\u062f \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 CVE-2022-2294 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u0637\u0644\u0639 \u0627\u0633\u062a. \n\n#\u0627\u0645\u0646\u06cc\u062a_\u0648\u0628\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/3AtVMcH\n\n@cyberbannews_ir", "creation_timestamp": "2022-07-06T02:02:08.000000Z"}, {"uuid": "1eca782d-1bce-4d5b-85de-8ec3cca91f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "Telegram/cJEcDU9cf4Dk8Ba7quvMkUZfv4A1JE3RWzAD-VOFLtw7nw", "content": "", "creation_timestamp": "2023-11-02T15:04:03.000000Z"}, {"uuid": "a4595d7a-95bf-47cb-958a-8e7ae2deda77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/alexmakus/4742", "content": "\u0422\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Chrome \u043f\u043e\u0434 Windows - CVE-2022-2294 \u044f\u043a\u043e\u0431\u044b \u043c\u043e\u0436\u0435\u0442 \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f. \u0422\u0430\u043c \u0440\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 WebRTC, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0430\u043c \u043e\u0442 \u043f\u0430\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0437\u0430\u0449\u0438\u0442\u044b. \u0414\u0435\u0442\u0430\u043b\u0435\u0439 \u043f\u0440\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e Google \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442. \u042d\u0442\u043e \u0443\u0436\u0435 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Chrome \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443. \n\n\nhttps://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html", "creation_timestamp": "2022-07-05T11:38:18.000000Z"}, {"uuid": "bc2ee7dd-d400-4270-b1b5-1b7e0919f7a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/CyberBulletin/110", "content": "\u26a1Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.\n\nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now!", "creation_timestamp": "2024-07-18T15:42:23.000000Z"}, {"uuid": "ef1a4bf2-ecda-425f-9d89-db28d15d1472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "Telegram/fM8hdjxLz40JGYPGE9ZFMBr-RWT0zMxxwLIwpRZXCCCJO7DN", "content": "", "creation_timestamp": "2025-02-14T10:00:29.000000Z"}, {"uuid": "5c100ed9-338d-4935-95bd-0d58dd4c5af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "Telegram/l5uto4RTTVtNTCXQW2FGYRiamjp1g6VC6GGax2xyWPBA5lja", "content": "", "creation_timestamp": "2025-02-06T02:39:17.000000Z"}, {"uuid": "8b73461e-1226-4539-a1c8-a27bd7b0fcd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "Telegram/KY4PVd45dzhnz_l3x8aBIZwbkHWB1w1Cp1_7dnD8vo88jQ", "content": "", "creation_timestamp": "2023-11-20T04:04:42.000000Z"}, {"uuid": "9e243352-d9bd-4d71-b10a-0fe35f6b6551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "https://t.me/arpsyndicate/1936", "content": "#ExploitObserverAlert\n\nCVE-2022-22942\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-22942.\n\nFIRST-EPSS: 0.002090000", "creation_timestamp": "2023-12-18T07:13:48.000000Z"}, {"uuid": "ce3cc7c6-f5df-4bfc-b189-48ce5b79b1c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "https://t.me/arpsyndicate/2870", "content": "#ExploitObserverAlert\n\nCVE-2022-22942\n\nDESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2022-22942. The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.\n\nFIRST-EPSS: 0.000720000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-16T18:33:08.000000Z"}, {"uuid": "134a9cc2-2a49-46db-aab6-6bad9a19f1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/arpsyndicate/2882", "content": "#ExploitObserverAlert\n\nCVE-2022-2294\n\nDESCRIPTION: Exploit Observer has 27 entries in 3 file formats related to CVE-2022-2294. Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\nFIRST-EPSS: 0.006130000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-16T20:58:09.000000Z"}, {"uuid": "4e627de9-020d-4f05-a36f-82a7d280cb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3510", "content": "https://github.com/sule01u/SBSCAN\n\nspring Penetration testing framework support\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965", "creation_timestamp": "2023-11-03T08:19:51.000000Z"}, {"uuid": "73df1864-a346-4fa7-aa7d-4cb952eeb632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/295", "content": "CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter.\n\nNew zero-day vulnerability joins a chain of recently discovered vulnerabilities capable of operating an end-to-end attack on ESXi. Organizations should evaluate risk and apply vCenter client patches immediately.\n\n\ud83c\udf00 Executive Summary\n\nPentera Labs\u2019 Senior Security Researcher, Yuval Lazar, discovered an Information Disclosure vulnerability impacting more than 500,000 appliances running default vCenter Server deployments.\n\nThis finding is critical given its potential global impact. According to VMware \u2013 more than 80 percent of virtualized workloads are running on VMware technology, including 100 percent of Fortune 500 and Fortune Global 100 companies.\n\nhttps://www.pentera.io/blog/information-disclosure-in-vmware-vcenter/\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "18fc2f88-f8cc-4d25-91ce-5b165ffe223a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/GrayHatsHack/8266", "content": "\u26a1Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.\n\nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now!", "creation_timestamp": "2024-07-18T16:04:12.000000Z"}, {"uuid": "e93af6c8-c68b-4033-b101-5d134f99d2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "Telegram/pHQFnbMvCS4mBi_52yyeHAIHYFk9gFz4_M5wCYmj8kARmA", "content": "", "creation_timestamp": "2022-07-24T09:35:20.000000Z"}, {"uuid": "5408dbe3-80af-4cb6-9720-b1ebd8dd567a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1207", "content": "CVE-2022-22947 Spring Cloud Gateway RCE\n\n#CVE-2022-22947 #RCE #Exploit #CodeExecution\n#Hacking #BugBountry #SpringCloudGateway\n\nhttps://reconshell.com/cve-2022-22947-spring-cloud-gateway-rce/", "creation_timestamp": "2022-03-05T14:24:22.000000Z"}, {"uuid": "03a09cab-17d1-4e5f-a967-f7e5de0bdfc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/dilagrafie/3442", "content": "\u26a1Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.\n\nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now!", "creation_timestamp": "2024-07-18T15:42:49.000000Z"}, {"uuid": "a428246a-1de7-4ab0-a885-664cdc529ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/GrayHatsHack/6967", "content": "\u26a1Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.\n\nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now!", "creation_timestamp": "2024-07-18T16:04:12.000000Z"}, {"uuid": "5d51c8db-2618-4659-8d31-91e197d6f6e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/419", "content": "https://github.com/Vulnmachines/spring-cve-2022-22947", "creation_timestamp": "2022-03-04T03:28:25.000000Z"}, {"uuid": "dd011d75-2438-4a5b-84a6-c3134192c7d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/freelearningtech/1267", "content": "*\ud83d\udd30Chrome Zero-day Abused to Spread Spyware to Target Journalists*\ud83d\udd30\n\nThe spyware vendor from Israel, Candiru, was discovered abusing a zero-day vulnerability in Google Chrome to spy on journalists and high-interest individuals from the Middle East, using a spyware called DevilsTongue.\n\n\n*The abuse of zero-day*\n\nAvast researchers spotted the vulnerability and reported it to Google. Further, they disclosed the details after examining DevilsTongue attacks on their clients.\nCandiru started abusing the zero-day in March and targeting users in Palestine, Turkey, Yemen, and Lebanon.\nThe flaw, tracked as CVE-2022-2294, is a high-severity heap-based buffer overflow in WebRTC. Its successful exploitation may lead to code execution on the targeted device.\nAfter being reported to Google, the tech firm patched the exploited zero-day on July 4, which has been under active exploitation in cyberattacks.\n\nSince the bug exists in WebRTC, it also impacts Safari browser but the exploit found only work on Windows.\n\n*Attack vectors*\n\nThe spyware operators have used watering holes and spear-phishing tactics in their attacks.\nThis attack requires no interaction with the victim, such as clicking on a link or downloading a file. \nInstead, a user is made to open an already compromised website or the one created by hackers in a Chromium-based browser or Chrome. \nIn one instance, the attackers infected a website used by a news agency in Lebanon and inserted JavaScript snippets to enable XSS attacks, and redirected targets to the exploit server.\nIn the Lebanon case, the zero-day allowed shellcode execution inside a renderer process and further chained with a sandbox escape flaw that Avast failed to recover for investigation.\n\n*What was the target?*\n\nAfter the initial infection, the DevilsTongue spyware used a BYOVD (bring your own driver) step to elevate the privileges and achieve read and write rights to the infected device's memory. Researchers believe the cybercriminals used the spyware to learn about what news stories the targeted journalist are working on.\n\n*Conclusion*\n\nThe recent report sheds light on the dangers of services offered by commercial spyware vendors. These vendors are developing or buying zero-day exploits to target people asked by their clients. Thus, always protect data with powerful encryption and update devices with the latest security updates.", "creation_timestamp": "2022-07-30T13:19:16.000000Z"}, {"uuid": "579b62e0-5b59-4674-aa20-e46ddd22dc33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/MrVGunz/313", "content": "UPDATE your Google Chrome browser for Windows, macOS, Linux and Android devices to patch a newly discovered high-severity zero-day vulnerability (CVE-2022-2294) that is being exploited in the wild.\n\nDetails: https://thehackernews.com/2022/07/update-google-chrome-browser-to-patch.html", "creation_timestamp": "2022-07-08T21:58:31.000000Z"}, {"uuid": "fd919372-e97e-4e69-841a-789d31fc9d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "exploited", "source": "https://t.me/true_secator/2816", "content": "\u0415\u0441\u043b\u0438 \u043c\u044b \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0437\u043e\u043b\u043e\u0442\u044b\u0445 72 \u0447\u0430\u0441\u043e\u0432, \u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e Spring4Shell \u043e\u0431 \u044d\u0442\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u0431\u044b\u0442\u044c.\n\u00a0\n\u041f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044b \u0432 \u043f\u0435\u0440\u0432\u044b\u0435 \u0436\u0435 \u0434\u043d\u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965. \u0415\u0449\u0435 \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u00a0\u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\u00a0\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22963, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Spring Cloud, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\u00a0\u0422\u0440\u0435\u0442\u044c\u0435\u0439 \u0434\u044b\u0440\u043e\u0439 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22950, DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u00a0\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point, \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 37 000 \u0430\u0442\u0430\u043a Spring4Shell. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0448\u0435\u0441\u0442\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Spring4Shell, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u043f\u043e \u0447\u0438\u0441\u043b\u0443 \u0436\u0435\u0440\u0442\u0432 - \u0415\u0432\u0440\u043e\u043f\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 20%. \n\u00a0\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430 \u0434\u043e\u043b\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 28% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\u00a0\n\u041f\u043e\u043a\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e \u0437\u0430\u043d\u044f\u0442\u044b \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 RCE \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0445\u043e\u0434\u043e\u043c. \u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u0430\u043a \u0434\u043b\u044f Spring4Shell, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f CVE-2022-22963.\n\u00a0\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 Spring Framework 5.3.18 \u0438 5.2.20, \u0430 \u0442\u0430\u043a\u0436\u0435 Spring Boot 2.5.12, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RCE, \u0430\u00a0\u0442\u0430\u043a\u0436\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e.\u00a0\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e CVE-2022-22963 \u0438 CVE-2022-22947 \u0432 Spring Cloud Function \u0438 Spring Cloud Gateway.", "creation_timestamp": "2022-04-06T20:32:36.000000Z"}, {"uuid": "ce7bb60c-0261-44f7-8896-c38d86465e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22945", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2654", "content": "\u0421\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Tianfu Cup \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 VMware \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0435. \u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 - \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 NSX Data Center \u0434\u043b\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 vSphere.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0431\u0430\u0433\u0443 \u0441\u043c\u043e\u0433\u043b\u0438 \u0414\u0438\u043c\u0438\u0442\u0440\u0438 \u0414\u0438 \u041a\u0440\u0438\u0441\u0442\u043e\u0444\u0430\u0440\u043e \u0438 \u041f\u0448\u0435\u043c\u0435\u043a \u0420\u0435\u0448\u043a\u0435 \u0438\u0437 \u0431\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 SECFORCE, \u043f\u0440\u0438\u0447\u0435\u043c \u0432 \u0445\u043e\u0434\u0435 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0430 VMware Cloud Director - \u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0443\u043f\u043d\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 (CLI) CVE-2022-22945 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 NSX Edge \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u00a0\u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,8. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\nCVE-2022-22945 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 NSX Edge, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440, \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0435 \u0441\u0435\u0442\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0441\u0432\u044f\u0437\u044c \u043c\u0435\u0436\u0434\u0443 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0446\u0435\u043d\u0442\u0440\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043c\u0438\u0440\u043e\u043c.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043c\u043e\u0433\u0443\u0442 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c SSH \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0435 NSX Edge, \u0447\u0442\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435 Linux, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430.\u00a0\u042d\u0442\u0430 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u044c\u044e. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0439\u0442\u0438 \u0438\u0437 \u044d\u0442\u043e\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 \u0432 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0447\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c SSH-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u043b\u044e\u0431\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2022-22945 \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f MitM-\u0430\u0442\u0430\u043a.\n\nVMware \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 NSX Data Center \u0434\u043b\u044f vSphere, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u044e 6.4.13.\u00a0\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e Cloud Foundation (NSX-V) \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c, \u043e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0435\u0449\u0435 \u043d\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043e.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0431\u043b\u043e\u0433\u0435 SECFORCE.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0430 \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 SECFORCE \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043b\u0443\u0436\u0431\u0435 SSH, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0439 \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0435 NSX Edge, \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430\u043c\u0438, \u0435\u0441\u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0438 \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c \u0438\u0437 \u0441\u0435\u0442\u0438.", "creation_timestamp": "2022-02-21T14:04:00.000000Z"}, {"uuid": "566e67cf-6a29-448b-b1f0-0df23501b846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/16574", "content": "https://github.com/LY613313/CVE-2022-22947", "creation_timestamp": "2022-08-04T14:51:24.000000Z"}, {"uuid": "f5e0b06a-d482-4886-90c0-38865c375842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/true_secator/3130", "content": "Google \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u0439 \u0437\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u0433\u043e\u0434 0-day \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f 103.0.5060.114 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u043a\u0430\u043d\u0430\u043b\u0435 Stable Desktop \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u0443\u0447\u0438\u00a0\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebRTC, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 01 \u0438\u044e\u043b\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u042f\u043d \u0412\u043e\u0439\u0442\u0435\u0441\u0435\u043a \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Avast Threat Intelligence. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0430\u0440\u044c\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 RCE \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a CVE-2022-2294 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Chrome \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b: CVE-2022-2295, \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8, \u0438 CVE-2022-2296, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 Chrome OS.\n\n\u0412 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 Chrome 103 (103.0.5060.71) \u0434\u043b\u044f Android \u0441\u043a\u043e\u0440\u043e \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0438 \u043d\u0430 Google Play.\n\n\u0414\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043e\u0440\u0433\u0430\u043d\u0438\u0447\u0435\u043d \u0434\u043e \u0442\u0435\u0445, \u043f\u043e\u0440 \u043f\u043e\u043a\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u043d\u0430\u043a\u0430\u0442\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0441 \u0447\u0435\u043c \u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0442\u044c.", "creation_timestamp": "2022-07-05T11:15:46.000000Z"}, {"uuid": "342c00d2-b976-4970-b1ef-424f9aff5dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1260", "content": "\u200b\u200bCVE-2022-22947\n\nSpring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)\n\nApplications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.\n\nhttps://github.com/crowsec-edtech/CVE-2022-22947\n\n#cve", "creation_timestamp": "2022-10-20T17:20:10.000000Z"}, {"uuid": "ac553529-8cea-41e5-be19-06d25e0d4c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/true_secator/3207", "content": "\u0420\u044f\u0434\u044b \u0431\u043e\u0440\u0446\u043e\u0432 \u0441 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u043f\u043e\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f. \n\n\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 Microsoft, Google \u0438 Citizen Lab \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u0440\u0430\u0437\u043e\u0431\u043b\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043a\u0430\u0442\u0438\u043b\u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Avast, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e Candiru \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c 0-day \u0432 Google Chrome \u0434\u043b\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0437\u0430 \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043b\u0438\u0446\u0430\u043c\u0438 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u041f\u041e DevilsTongue.\n\n\u041f\u043e\u0441\u043b\u0435 \u043d\u0430\u0435\u0437\u0434\u0430 Citizen Lab \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0441\u043e\u0444\u0442\u0430 \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u043b \u0432\u0441\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 DevilsTongue \u0438 \u0443\u0448\u0435\u043b \u0432 \u0442\u0435\u043d\u044c, \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043e\u0441\u043d\u0430\u0449\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u0440\u0441\u0435\u043d\u0430\u043b\u0430.\n\n\u041d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0432\u0437\u044f\u043b\u0438 CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 WebRTC \u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u0431\u0430\u0433\u0438, \u043a\u0430\u043a \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435, \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d Google 4 \u0438\u044e\u043b\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  0-day \u0442\u043e\u0433\u0434\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0422\u0435\u043f\u0435\u0440\u044c \u043e\u043d\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Avast.\n\nCandiru \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0440\u0442\u0435 2022 \u0433\u043e\u0434\u0430, \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u0446\u0435\u043b\u0438 \u0432 \u041b\u0438\u0432\u0430\u043d\u0435, \u0422\u0443\u0440\u0446\u0438\u0438, \u0419\u0435\u043c\u0435\u043d\u0435 \u0438 \u041f\u0430\u043b\u0435\u0441\u0442\u0438\u043d\u0435.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u0443\u044e \u0442\u0430\u043a\u0442\u0438\u043a\u0443 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0432\u043e\u0434\u043e\u043f\u043e\u0439, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0441 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chromium \u043e\u0431\u0440\u0430\u0449\u0430\u043b\u0438\u0441\u044c \u0436\u0435\u0440\u0442\u0432\u044b, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043f\u043e\u0441\u043b\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u0434\u043b\u043e\u043c\u0438\u043b\u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0432 \u041b\u0438\u0432\u0430\u043d\u0435 \u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0438 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u044b JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 XXS \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0446\u0435\u043b\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c. \n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c, \u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0431\u0438\u0440\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u044f\u0437\u044b\u043a\u0430, \u0447\u0430\u0441\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u044f\u0441\u0430, \u044d\u043a\u0440\u0430\u043d\u0430, \u0442\u0438\u043f\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u043f\u0430\u043c\u044f\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 cookie \u0438 \u0434\u0440.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 \u041b\u0438\u0432\u0430\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f 0-day \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0430\u043a\u0442\u043e\u0440\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0448\u0435\u043b\u043b-\u043a\u043e\u0434 \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Avast \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438. \u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0441\u0440\u0435\u0434\u0435 Windows.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f DevilsTongue \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b BYOVD, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u043a \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\nAvast \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438, \u0447\u0442\u043e BYOVD, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 Candiru, \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u043b\u0441\u044f 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0434\u0430\u0436\u0435 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Avast \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0442\u043e\u0447\u043d\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0446\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u043e\u043b\u0430\u0433\u0430\u044f, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f \u0437\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0438\u044f\u043c\u0438, \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c: \u043f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0443 \u044d\u0442\u043e\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0442\u043e\u0447\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435.", "creation_timestamp": "2022-07-22T14:01:03.000000Z"}, {"uuid": "c2a7397e-735c-4459-b375-a09e5ac9104a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22942", "type": "seen", "source": "https://t.me/ctinow/165591", "content": "https://ift.tt/r6Ycwlf\nCVE-2022-22942 | Vmware Photon OS 3.0/4.0 vmwgfx Driver use after free", "creation_timestamp": "2024-01-10T08:06:54.000000Z"}, {"uuid": "d66cb259-e757-4f41-9d27-ad1ddfb2cccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://t.me/crackcodes/884", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccAndroidForums.com Leak\n\ud83d\udcccAll Shopify Stores in USA \u2013 Email Database 145 000\n\ud83d\udcccInsurance Agents and Brokers 31 000\n\ud83d\udcccHCL_AppScan_Standard_v10.0.8_Cracked\n\ud83d\udcccPakistani Documents Leak\n\ud83d\udcccPakistan Fortinet SSL VPN CVE-2018-13379\n\ud83d\udccciMesh.com Leak\n\ud83d\udcccAptoide.com Leak\n\ud83d\udcccromwe.com Leak\n\ud83d\udcccCloud Attack Vectors\n\ud83d\udcccTproxy: A cli tool to proxy and analyze TCP connections\n\ud83d\udcccRaider - Web Authentication Testing Framework\n\ud83d\udcccDiagTrackEoP - Just another way to abuse SeImpersonate privilege.\n\ud83d\udcccSQLI Dorks Generator\n\ud83d\udcccEthical_Hacking\n\ud83d\udcccDorks collections list\n\ud83d\udcccNinjaDroid - Simple tool to reverse engineering #Android APK packages\n\ud83d\udcccSMBaloo - A CVE-2020-0796 (aka \u201cSMBGhost\u201d) exploit for Windows ARM64\n\ud83d\udcccCMSeeK - CMS Detection and Exploitation suite \u2013 Scan WordPress, Joomla, Drupal and over 180 other CMSs\n\ud83d\udcccMsfMania - Command line tool developed in Python that is designed to bypass antivirus software on Windows and Linux/Mac in the future.\n\ud83d\udcccSome nigeria student Leak\n\ud83d\udcccBitfinex.com 22k Leak\n\ud83d\udcccA repository of Windows persistence mechanisms\n\ud83d\udcccDefeating Javascript Obfuscation\n\ud83d\udcccspring cloud gateway RCE | CVE-2022-22947 By :- VulnMachines\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-24T09:26:19.000000Z"}, {"uuid": "4d41c4f3-abee-4573-a2d4-aec02bc55eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22945", "type": "seen", "source": "https://t.me/cibsecurity/37592", "content": "\u203c CVE-2022-22945 \u203c\n\nVMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:36:17.000000Z"}, {"uuid": "a75ea791-4b45-4b0e-b7db-05313aa5cc5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22944", "type": "seen", "source": "https://t.me/cibsecurity/38332", "content": "\u203c CVE-2022-22944 \u203c\n\nVMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:27.000000Z"}, {"uuid": "e005e511-b184-4045-8259-07e08adf5e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://t.me/cibsecurity/38402", "content": "\u203c CVE-2022-22947 \u203c\n\nIn spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T00:26:42.000000Z"}, {"uuid": "06750966-ae31-41d0-a0d3-6a257dbdced4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22946", "type": "seen", "source": "https://t.me/cibsecurity/38436", "content": "\u203c CVE-2022-22946 \u203c\n\nIn spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom certificates.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T18:27:15.000000Z"}, {"uuid": "b5ae3854-260e-4bb7-9061-12e842390d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22943", "type": "seen", "source": "https://t.me/cibsecurity/38395", "content": "\u203c CVE-2022-22943 \u203c\n\nVMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T00:26:35.000000Z"}, {"uuid": "eedc7047-ddc3-4bc7-8009-bcb658d563e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/thehackernews/2341", "content": "UPDATE your Google Chrome browser for Windows, macOS, Linux and Android devices to patch a newly discovered high-severity zero-day vulnerability (CVE-2022-2294) that is being exploited in the wild.\n\nDetails: https://thehackernews.com/2022/07/update-google-chrome-browser-to-patch.html", "creation_timestamp": "2022-07-05T04:57:49.000000Z"}, {"uuid": "55e0db88-d483-44b1-9114-0ed1ac35ff39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/androidMalware/1587", "content": "Google patched security issues in Chrome for Android, one of the exploit exists in the wild (CVE-2022-2294, CVE-2022-2295)\nhttps://chromereleases.googleblog.com/2022/07/chrome-for-android-update.html", "creation_timestamp": "2022-07-05T06:27:47.000000Z"}, {"uuid": "fe6c3d72-bdce-4047-856e-200a0b55b4d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/cibsecurity/39771", "content": "\u203c CVE-2022-22948 \u203c\n\nThe vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T22:11:27.000000Z"}, {"uuid": "d5bca10b-ad24-40a8-bd4f-9b8089af3c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22941", "type": "seen", "source": "https://t.me/cibsecurity/39767", "content": "\u203c CVE-2022-22941 \u203c\n\nAn issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T20:11:41.000000Z"}, {"uuid": "32b2a002-f0d3-4942-bc45-7b65c51ce920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22945", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5466", "content": "#Cloud_Security\n1. Find any single factor sign ins to Azure resources such as the Azure portal\nhttps://github.com/reprise99/Sentinel-Queries/blob/main/Azure%20Active%20Directory/Identity-SingleFactorConnectionstoAzure.kql\n2. CLI shell injection vulnerability in VMware NSX Edge (CVE-2022-22945)\nhttps://www.secforce.com/blog/escaping-vmwares-nsx-edge-os-jailed-shell", "creation_timestamp": "2022-02-22T11:05:09.000000Z"}, {"uuid": "4d067317-c870-400a-a5fd-e6ac4dab497b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "exploited", "source": "https://t.me/thehackernews/5269", "content": "\ud83d\udea8 ALERT: Cisco patches critical vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins. \n \nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now! \n \nRead: https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html", "creation_timestamp": "2024-07-18T08:04:42.000000Z"}, {"uuid": "45e3477d-e441-422b-bdb4-95f7d1e85193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1874", "content": "#CVE-2022\n\nSpring-Cloud-Gateway-CVE-2022-22947\n\nhttps://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947\n\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T21:02:10.000000Z"}, {"uuid": "4f3fa164-c1cd-4f0e-8753-21dc088abaaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1856", "content": "#CVE-2022\nSpring Cloud Gateway RCE - CVE-2022-22947 \n\nhttps://github.com/sagaryadav8742/springcloudRCE\n\n@BlueRedTeam", "creation_timestamp": "2022-03-31T01:38:38.000000Z"}, {"uuid": "138428ba-f782-4cba-9aad-6bab0e26c0b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/GhostClanInt/25310", "content": "\u26a1Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins.\n\nCVE-2022-22948 could be exploited with crafted HTTP requests\u2014Patch now!", "creation_timestamp": "2024-07-18T16:16:33.000000Z"}, {"uuid": "5fcf651f-bd13-4c3b-bf7f-38bc22e2c8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5554", "content": "#exploit\n1. CVE-2022-0824:\nPost-Auth Reverse Shell\nhttps://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell\n\n2. CVE-2022-22947:\nSpring Cloud Gateway RCE\nhttps://github.com/shakeman8/CVE-2022-22947-RCE", "creation_timestamp": "2022-03-07T19:00:18.000000Z"}, {"uuid": "ceca531e-6ce7-4236-bf79-16df4cff12a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "exploited", "source": "https://t.me/thehackernews/2401", "content": "Spyware sold by Israeli company Candiru has been caught exploiting a recently discovered zero-day vulnerability in Google Chrome (CVE-2022-2294) to attack journalists.\n\nRead details: https://thehackernews.com/2022/07/candiru-spyware-caught-exploiting.html", "creation_timestamp": "2022-12-30T14:13:30.000000Z"}, {"uuid": "bd1759b6-0a19-4979-bfa1-f909b54201a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1799", "content": "#CVE-2022\n\nspring-cloud-gateway-rce  CVE-2022-22947\n\nhttps://github.com/k3rwin/spring-cloud-gateway-rce\n\n@BlueRedTeam", "creation_timestamp": "2022-03-13T11:05:14.000000Z"}, {"uuid": "a075a0d1-c267-45b0-b2f3-dd791fe97e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1937", "content": "#CVE-2022\nSpring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)\n\nhttps://github.com/twseptian/cve-2022-22947\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T19:37:03.000000Z"}, {"uuid": "f4103fe9-e60d-4276-acb4-4896e4fc641f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1965", "content": "https://github.com/charonlight/SpringExploitGUI?tab=readme-ov-file\n\n\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u5229\u7528\u5de5\u5177 \u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u6279\u91cf\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\n#github #tools #Java", "creation_timestamp": "2024-02-07T09:17:47.000000Z"}, {"uuid": "ce8edeb0-2219-43c7-af46-61fda951a2cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1418", "content": "https://github.com/sule01u/SBSCAN\nspring \u6e17\u900f\u6d4b\u8bd5\u6846\u67b6 \u652f\u6301\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965\n\n#github #tools", "creation_timestamp": "2023-11-02T13:56:07.000000Z"}, {"uuid": "4468626a-2eac-428d-b99b-122b4521a89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5742", "content": "#exploit\nCVE-2022-22948:\nSensitive Information Disclosure in VMware vCenter\nhttps://www.pentera.io/blog/information-disclosure-in-vmware-vcenter", "creation_timestamp": "2022-04-04T13:21:21.000000Z"}, {"uuid": "4ddb89c5-374d-4b7f-9771-8930456dec65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/101", "content": "https://github.com/charonlight/SpringExploitGUI?tab=readme-ov-file\n\n\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u5229\u7528\u5de5\u5177 \u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u6279\u91cf\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\n#github #tools #Java", "creation_timestamp": "2024-12-21T15:49:29.000000Z"}, {"uuid": "f8680f89-a10d-4c1f-9174-27e46957b267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6726", "content": "#exploit\n1. CVE-2022-23597:\nRCE on Element Desktop via NodeIntegration in SubFrames Bypass\nhttps://blog.electrovolt.io/posts/element-rce\n\n2. CVE-2022-2294:\nHeap buffer overflow in WebRTC\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-2294.html", "creation_timestamp": "2022-09-03T13:47:50.000000Z"}, {"uuid": "72813115-3072-460a-a3aa-d4e3b3e2bec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22947", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"}, {"uuid": "ccc89c76-15f7-4194-beda-6b472542ee55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2294", "type": "seen", "source": "https://t.me/secmedia/466", "content": "\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Google Chrome \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c 103.0.5060.114. \u0415\u0433\u043e \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0432\u044b\u0445\u043e\u0434 \u043f\u0440\u0438\u0437\u0432\u0430\u043d \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.", "creation_timestamp": "2022-07-06T11:04:09.000000Z"}]}