{"vulnerability": "CVE-2022-2416", "sightings": [{"uuid": "4b7e0d5c-4815-44b1-8a07-80d2125fc9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2416", "type": "seen", "source": "https://t.me/cibsecurity/67565", "content": "\u203c CVE-2022-2416 \u203c\n\nIn affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T12:39:05.000000Z"}, {"uuid": "f38298e2-e188-4553-9f6f-d76a17126ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24163", "type": "seen", "source": "https://t.me/cibsecurity/36810", "content": "\u203c CVE-2022-24163 \u203c\n\nTenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:30:42.000000Z"}, {"uuid": "2ccef609-44af-400a-86dc-38337ba4ec45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24165", "type": "seen", "source": "https://t.me/cibsecurity/36831", "content": "\u203c CVE-2022-24165 \u203c\n\nTenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:36:44.000000Z"}, {"uuid": "2566e4a3-46a3-418d-bb2d-3382dcebf74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24160", "type": "seen", "source": "https://t.me/cibsecurity/36828", "content": "\u203c CVE-2022-24160 \u203c\n\nTenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetDeviceName. This vulnerability allows attackers to cause a Denial of Service (DoS) via the devName parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:36:40.000000Z"}, {"uuid": "b6898e0f-cbb8-4feb-a324-a3d52b7b5839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24168", "type": "seen", "source": "https://t.me/cibsecurity/36820", "content": "\u203c CVE-2022-24168 \u203c\n\nTenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupStartIP and IPGroupEndIP parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:30:54.000000Z"}, {"uuid": "928f84ad-5909-41b5-80f6-eb0aebcc8b78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24167", "type": "seen", "source": "https://t.me/cibsecurity/36819", "content": "\u203c CVE-2022-24167 \u203c\n\nTenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:30:53.000000Z"}]}