{"vulnerability": "CVE-2022-2894", "sightings": [{"uuid": "bf209789-5f6e-47bc-bec0-d9bb31ce3fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28948", "type": "seen", "source": "https://bsky.app/profile/stefanprodan.com/post/3lnkv2n3bis2i", "content": "", "creation_timestamp": "2025-04-24T14:08:41.287101Z"}, {"uuid": "a9dde10b-21b7-44f7-80c2-b0e4af7838e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28948", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lnm5nxrhxs2r", "content": "", "creation_timestamp": "2025-04-25T02:15:19.808427Z"}, {"uuid": "95cecc97-315e-45a0-9862-29b7dc800085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28946", "type": "seen", "source": "https://t.me/cibsecurity/43000", "content": "\u203c CVE-2022-28946 \u203c\n\nAn issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T22:29:56.000000Z"}, {"uuid": "b9639bf1-ac09-4b04-8c4c-49a4a3ad33c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28948", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lxjtviko5k25", "content": "", "creation_timestamp": "2025-08-29T10:27:14.195691Z"}, {"uuid": "12c8a39e-d903-4171-bec1-494dc7e625f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2894", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2894\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file.\n\ud83d\udccf Published: 2022-08-31T20:54:55.197Z\n\ud83d\udccf Modified: 2025-04-16T17:48:12.800Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06", "creation_timestamp": "2025-04-16T17:57:00.000000Z"}, {"uuid": "36c56e09-367e-4cf8-a304-59d6402c8cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28944", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/661", "content": "CVE-2022-28944 : EMCO Software Multiple Products Unauthenticated Update Remote Code Execution\nhttps://github.com/gerr-re/cve-2022-28944", "creation_timestamp": "2023-01-15T15:25:18.000000Z"}, {"uuid": "4d7fc8e2-48d6-4f35-9b12-b4f769bc3808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28944", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2268", "content": "#exploit\n1. CVE-2022-28944/CVE-2022-24644:\nEMCO Software Multiple Products/KeyMouse 3.08 (Win) - Unauth. Update RCE\nhttps://github.com/gerr-re/cve-2022-28944\nhttps://github.com/gerr-re/cve-2022-24644\n\n2. Client-Side SSRF to Google Cloud Project Takeover [Google VRP]\nhttps://blog.geekycat.in/client-side-ssrf-to-google-cloud-project-takeover\n\n3. CVE-2022-3656:\nSymbolic Link Following + Upload Warning Bypass\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=1345275#c34", "creation_timestamp": "2023-01-15T14:05:50.000000Z"}, {"uuid": "b53490ae-d86f-48cc-9b0e-ca191efa4676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28944", "type": "seen", "source": "https://t.me/cibsecurity/43186", "content": "\u203c CVE-2022-28944 \u203c\n\nCertain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. \u00c2\u00b6\u00c2\u00b6 Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T22:35:52.000000Z"}, {"uuid": "5516f423-2640-42a8-a989-40a52ef7194b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28948", "type": "seen", "source": "https://t.me/cibsecurity/43011", "content": "\u203c CVE-2022-28948 \u203c\n\nAn issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T00:29:56.000000Z"}, {"uuid": "c26881a2-4503-4691-8e0c-6bf28f7a6279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28940", "type": "seen", "source": "https://t.me/cibsecurity/41943", "content": "\u203c CVE-2022-28940 \u203c\n\nIn H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization. It sends a large amount of data through ajaxmsg to carry out DOS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T20:35:34.000000Z"}, {"uuid": "ffc4dd83-1160-493a-be25-691886bbe15a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28944", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7548", "content": "#exploit\n1. CVE-2022-28944/CVE-2022-24644:\nEMCO Software Multiple Products/KeyMouse 3.08 (Win) - Unauth. Update RCE\nhttps://github.com/gerr-re/cve-2022-28944\nhttps://github.com/gerr-re/cve-2022-24644\n\n2. Client-Side SSRF to Google Cloud Project Takeover [Google VRP]\nhttps://blog.geekycat.in/client-side-ssrf-to-google-cloud-project-takeover\n\n3. CVE-2022-3656:\nSymbolic Link Following + Upload Warning Bypass\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=1345275#c34", "creation_timestamp": "2023-01-14T12:57:01.000000Z"}]}