{"vulnerability": "CVE-2022-2658", "sightings": [{"uuid": "f9cffeb8-9e6a-4fb5-a03b-1c79012e3dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26585", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lo7pvr3vs726", "content": "", "creation_timestamp": "2025-05-02T21:02:23.743483Z"}, {"uuid": "d8655779-8803-4bc4-b695-39687145913b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26585", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-26585.yaml", "content": "", "creation_timestamp": "2025-05-01T11:20:11.000000Z"}, {"uuid": "dc1dfed8-654a-4f80-9c0b-f168153d4a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26588", "type": "seen", "source": "https://t.me/cibsecurity/40421", "content": "\u203c CVE-2022-26588 \u203c\n\nA Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-09T00:13:36.000000Z"}, {"uuid": "927ae475-245e-41dc-a6f7-42e60a97f6a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26581", "type": "seen", "source": "https://t.me/cibsecurity/54790", "content": "\u203c CVE-2022-26581 \u203c\n\nThe ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows the execution of the systool utility in production mode, allowing unauthenticated attackers to perform privileged actions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-17T00:24:41.000000Z"}, {"uuid": "782d35e1-99b2-4903-ac53-5290e6efc188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26580", "type": "seen", "source": "https://t.me/cibsecurity/54789", "content": "\u203c CVE-2022-26580 \u203c\n\nPAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discovered to be vulnerable to command injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-17T00:24:40.000000Z"}, {"uuid": "56ffc9d4-d692-444a-acda-c0ebd0ce2cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26582", "type": "seen", "source": "https://t.me/cibsecurity/54784", "content": "\u203c CVE-2022-26582 \u203c\n\nThe systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-17T00:24:35.000000Z"}]}