{"vulnerability": "CVE-2022-2394", "sightings": [{"uuid": "d4a3ad56-fe11-44a8-bea3-170c24e2b2be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23940", "type": "seen", "source": "MISP/4c20a67f-a4c2-4cca-86c4-710293720e5d", "content": "", "creation_timestamp": "2024-08-01T12:09:53.000000Z"}, {"uuid": "6f0b223f-3652-408a-a803-a1cbfdbe2103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23943", "type": "seen", "source": "https://t.me/true_secator/2878", "content": "\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 QNAP-\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043e\u0445 \u0434\u043b\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 NAS.\n\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u0441\u0438\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CVE-2022-22721\u00a0\u0438\u00a0CVE-2022-23943 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,8/10, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Apache HTTP Server 2.4.52 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u0422\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c NAS \u043f\u043e\u044f\u0441\u043d\u0438\u043b, \u0447\u0442\u043e CVE-2022-22721 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 32-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 QNAP NAS, \u0430 CVE-2022-23943 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0438 mod_sed \u0432 Apache HTTP Server \u043d\u0430 \u0441\u0432\u043e\u0435\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u043e\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, QNAP \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u00ab1M\u00bb \u0434\u043b\u044f LimitXMLRequestBody, \u0447\u0442\u043e\u0431\u044b \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 CVE-2022-22721 \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c mod_sed \u043a\u0430\u043a \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f CVE-2022-23943.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u043d\u0443\u0442\u0440\u0438\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043d\u044b\u0439 \u0444\u0438\u043b\u044c\u0442\u0440 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e mod_sed \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0432 HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Apache \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 NAS, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS.\n\n\u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e QNAP \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Linux, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Dirty Pipe, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 root. \u0418 \u044d\u0442\u043e \u0435\u0449\u0435 \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e QNAP \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 OpenSSL, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0431\u043e\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0430\u0437\u0432\u043e\u0434\u0438\u0442 \u0440\u0443\u043a\u0430\u043c\u0438 \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u043e\u0434\u043e\u0436\u0434\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u0430\u043c\u0435\u043a\u0430\u044f \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043b\u0443\u0447\u0448\u0435 \u0441\u043f\u0440\u044f\u0442\u0430\u0442\u044c \u043f\u043e\u0434\u0430\u043b\u044c\u0448\u0435 NAS \u0432 \u0447\u0443\u043b\u0430\u043d \u0438 \u043d\u0430\u0433\u043b\u0443\u0445\u043e \u0437\u0430\u043a\u043e\u043b\u043e\u0442\u0438\u0442\u044c \u0434\u0432\u0435\u0440\u044c.", "creation_timestamp": "2022-04-22T14:43:01.000000Z"}, {"uuid": "bdf0fd52-968d-41c2-91bc-6b236cbc7633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23943", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/5115", "content": "tatacommunications-ts.com\n\nhttps://115.110.196.19\n\nCVE-2022-23943\nCVE-2023-25690\nCVE-2024-40898", "creation_timestamp": "2024-12-15T07:36:23.000000Z"}, {"uuid": "93a11a7e-6b1d-4db1-bea5-0dc8d6472a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23940", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1646", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-23940\nURL\uff1ahttps://github.com/manuelz120/CVE-2022-23940", "creation_timestamp": "2022-03-11T06:40:37.000000Z"}, {"uuid": "28ef06c4-1a46-49cb-92ef-eb94254c2147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23943", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "3a5b7d16-706f-448b-8fed-aeab856aa126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23948", "type": "seen", "source": "https://t.me/cibsecurity/50228", "content": "\u203c CVE-2022-23948 \u203c\n\nA flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:26.000000Z"}, {"uuid": "7f69b88f-9db0-4e63-8afc-30de56e7e25c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23943", "type": "seen", "source": "Telegram/do7SEmaZSZzAwpb8k2KX9Ha2rRGWjldXI58V8NqM8OWFL24", "content": "", "creation_timestamp": "2022-06-20T00:43:24.000000Z"}, {"uuid": "37af4de4-4093-4b84-ab75-4f1f8d016eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23949", "type": "seen", "source": "https://t.me/cibsecurity/50234", "content": "\u203c CVE-2022-23949 \u203c\n\nIn Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:35.000000Z"}, {"uuid": "c1cfae7c-de75-40af-ba4b-f116273531eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2394", "type": "seen", "source": "https://t.me/cibsecurity/46578", "content": "\u203c CVE-2022-2394 \u203c\n\nPuppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-19T22:40:54.000000Z"}, {"uuid": "60a4c2da-ffcb-4f4c-a378-5afc600ab100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23947", "type": "seen", "source": "https://t.me/cibsecurity/36889", "content": "\u203c CVE-2022-23947 \u203c\n\nA stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-05T02:42:22.000000Z"}, {"uuid": "41c522cb-56d6-4fff-bfd1-2f8b8be585bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23942", "type": "seen", "source": "https://t.me/cibsecurity/41442", "content": "\u203c CVE-2022-23942 \u203c\n\nApache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-26T20:37:15.000000Z"}, {"uuid": "63b5b93f-44d6-43c1-b6aa-94c24b9531f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23943", "type": "seen", "source": "https://t.me/cibsecurity/38851", "content": "\u203c CVE-2022-23943 \u203c\n\nOut-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T13:18:04.000000Z"}, {"uuid": "3aa75afb-2800-4dcf-bb02-4fb089a5585f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23944", "type": "seen", "source": "https://t.me/cibsecurity/36217", "content": "\u203c CVE-2022-23944 \u203c\n\nUser can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-25T16:18:52.000000Z"}, {"uuid": "d743c1e5-6029-49cb-8357-da967f3a7373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23945", "type": "seen", "source": "https://t.me/cibsecurity/36215", "content": "\u203c CVE-2022-23945 \u203c\n\nMissing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-25T16:18:49.000000Z"}]}