{"vulnerability": "CVE-2022-2625", "sightings": [{"uuid": "3c860a36-1408-4444-9c65-e8d3e68c945d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "seen", "source": "MISP/65f9cb29-4429-4318-a02e-084a7f449e16", "content": "", "creation_timestamp": "2022-09-07T14:37:32.000000Z"}, {"uuid": "fba583fc-cfbc-44d6-9876-6af556fc4a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "b33d7fd2-0cb4-4031-8857-6f876dc57d54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971706", "content": "", "creation_timestamp": "2024-12-24T20:33:03.286164Z"}, {"uuid": "62f1cc94-2443-4d64-a1eb-1781bf5f3602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "cd59e591-89c7-4eb6-a3b0-be658daeb648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26256", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/197", "content": "CVE ID : CVE-2022-26256\nSystem : Contao CMS v1.5.0\nType : RCE\n\nExploit \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 :\n\npython CVE-2022-26256.py list.txt\n\nGithub source", "creation_timestamp": "2024-07-03T12:07:35.000000Z"}, {"uuid": "3224c48a-8f9c-4243-b8ae-9d916ebe94cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-26258", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/66ca1429-5847-4166-afdd-5cf776abf2f2", "content": "", "creation_timestamp": "2026-02-02T12:27:13.811673Z"}, {"uuid": "5e14d39a-aee1-47fb-b938-1c896348cc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "exploited", "source": "https://t.me/true_secator/3387", "content": "\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Unit 42\u00a0Palo Alto Network \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0430\u0446\u0438\u0438 MooBot (\u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai) \u0432 \u0440\u0430\u043c\u043a\u0430\u0445  \u043d\u043e\u0432\u043e\u0439 \u0432\u043e\u043b\u043d\u044b \u0430\u0442\u0430\u043a, \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0441 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b D-Link \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0430\u043a \u0441\u0442\u0430\u0440\u044b\u0445, \u0442\u0430\u043a \u0438 \u043d\u043e\u0432\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\nMooBot \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Fortinet \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u041d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0431\u044b\u043b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u00a0\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0430\u043c\u0435\u0440\u0430\u0445 Hikvision \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f DDoS-\u0430\u0442\u0430\u043a.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443 Palo Alto Network, \u0431\u043e\u0442\u043d\u0435\u0442 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 D-Link, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445: CVE-2015-2051 (\u043e\u0448\u0438\u0431\u043a\u0430 D-Link HNAP SOAPAction, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430), CVE-2018-6530 (RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 D-Link SOAP), CVE-2022-26258 \u0438 CVE-2022-28958 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 D-Link, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434).\n\n\u0412\u0435\u043d\u0434\u043e\u0440 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u043d\u043e, \u043a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u043d\u0435 \u0432\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\u0438, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0434\u0432\u0430, \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 \u0438 \u043c\u0430\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b MooBot \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0446\u0435\u043b\u044f\u0445 \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0434\u0440\u0435\u0441 \u0438\u0437 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0432\u043d\u043e\u0432\u044c \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043d\u0430 C2 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Unit 42 \u0430\u0434\u0440\u0435\u0441\u0430 C2 \u043e\u0442\u043b\u0438\u0447\u0430\u044e\u0442\u0441\u044f \u043e\u0442 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435 Fortinet, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\u0412 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0432\u0441\u0435 \u0437\u0430\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0443\u0447\u0430\u0441\u0442\u0432\u0443\u044e\u0442 \u0432 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a\u0430\u0445, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 MooBot \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u043e\u0437\u043c\u0435\u0437\u0434\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433.\n\n\u0412\u0441\u0435\u043c \u043f\u0440\u043e\u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0438\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 D-Link \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u0441\u0435 \u0436\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c, \u043d\u0435\u0436\u0435\u043b\u0438 \u0441\u0442\u0430\u0442\u044c \u043d\u0435\u0432\u043e\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u044b\u043c \u043a \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c DDoS-\u0430\u0442\u0430\u043a\u0430\u043c.", "creation_timestamp": "2022-09-07T15:31:02.000000Z"}, {"uuid": "4ad32a0f-e941-459a-9e44-758e75a0358e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26255", "type": "seen", "source": "https://t.me/cibsecurity/39627", "content": "\u203c CVE-2022-26255 \u203c\n\nClash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:57.000000Z"}, {"uuid": "65adb0c4-a522-4b55-b152-865b5206a21e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2625", "type": "seen", "source": "https://t.me/cibsecurity/48368", "content": "\u203c CVE-2022-2625 \u203c\n\nA vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T22:26:42.000000Z"}, {"uuid": "4da92243-ca1e-4133-a34c-09c0fed51ab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26258", "type": "seen", "source": "https://t.me/cibsecurity/39629", "content": "\u203c CVE-2022-26258 \u203c\n\nD-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability via the Device Name parameter in /lan.asp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:58.000000Z"}, {"uuid": "2c1eb7b7-34a3-4346-9bde-01e6cb3b1d9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26259", "type": "seen", "source": "https://t.me/cibsecurity/39626", "content": "\u203c CVE-2022-26259 \u203c\n\nA buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:53.000000Z"}, {"uuid": "1f1ef38e-70ba-40c9-891b-c18f23961caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26254", "type": "seen", "source": "https://t.me/cibsecurity/39615", "content": "\u203c CVE-2022-26254 \u203c\n\nWoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-27T20:39:19.000000Z"}, {"uuid": "155b04d7-b288-4e95-8854-79b69a170b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26252", "type": "seen", "source": "https://t.me/cibsecurity/39614", "content": "\u203c CVE-2022-26252 \u203c\n\naaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows attackers to obtain the root user private SSH key(id_rsa).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-27T20:39:18.000000Z"}]}