{"vulnerability": "CVE-2022-3032", "sightings": [{"uuid": "80906ad4-331a-45c8-b4cc-4077c29e5e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30320", "type": "seen", "source": "https://t.me/cibsecurity/47223", "content": "\u203c CVE-2022-30320 \u203c\n\nSaia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls (SBC) PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication is done by using the S-Bus 'write byte' message to a specific address and supplying a hashed version of the password. The hashing algorithm used is based on CRC-16 and as such not cryptographically secure. An insecure hashing algorithm is used. An attacker capable of passively observing traffic can intercept the hashed credentials and trivially find collisions allowing for authentication without having to bruteforce a keyspace defined by the actual strength of the password. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T20:12:49.000000Z"}, {"uuid": "264b70ae-ed82-47c4-a6c2-187768d8a2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30321", "type": "seen", "source": "https://t.me/arpsyndicate/1682", "content": "#ExploitObserverAlert\n\nCVE-2022-30321\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-30321. go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.\n\nFIRST-EPSS: 0.001040000\nNVD-IS: 4.7\nNVD-ES: 3.9", "creation_timestamp": "2023-12-11T00:47:36.000000Z"}, {"uuid": "670b06e7-92c0-4e25-aa70-79010114bed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3032", "type": "seen", "source": "https://t.me/cibsecurity/55137", "content": "\u203c CVE-2022-3032 \u203c\n\nWhen receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:20:05.000000Z"}, {"uuid": "c014ff7b-8492-4c14-b1de-5ae6da83160b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30326", "type": "seen", "source": "https://t.me/cibsecurity/44698", "content": "\u203c CVE-2022-30326 \u203c\n\nAn issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:21:56.000000Z"}, {"uuid": "4834e79d-d21d-4de2-aeba-ee241b57b2be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30323", "type": "seen", "source": "https://t.me/cibsecurity/43329", "content": "\u203c CVE-2022-30323 \u203c\n\nHashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 3 of 3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T16:38:16.000000Z"}, {"uuid": "5e10ad26-5a37-4a24-818e-5e148f45fec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30328", "type": "seen", "source": "https://t.me/cibsecurity/44702", "content": "\u203c CVE-2022-30328 \u203c\n\nAn issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:22:02.000000Z"}, {"uuid": "b0f6216e-f918-4f22-8fcb-42d87d917b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30327", "type": "seen", "source": "https://t.me/cibsecurity/44706", "content": "\u203c CVE-2022-30327 \u203c\n\nAn issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:22:09.000000Z"}, {"uuid": "d7f390e3-d517-4943-851a-db7372473f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30324", "type": "seen", "source": "https://t.me/cibsecurity/43664", "content": "\u203c CVE-2022-30324 \u203c\n\nHashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T18:25:53.000000Z"}, {"uuid": "ee94cfc4-12ab-4b65-bee2-5dc3e4877685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30325", "type": "seen", "source": "https://t.me/cibsecurity/44700", "content": "\u203c CVE-2022-30325 \u203c\n\nAn issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:21:57.000000Z"}, {"uuid": "2e304123-be12-46fd-98a9-f2c099c86178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30329", "type": "seen", "source": "https://t.me/cibsecurity/44699", "content": "\u203c CVE-2022-30329 \u203c\n\nAn issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:21:56.000000Z"}, {"uuid": "4efbfb0f-940b-4bb0-a0ad-b217c49213ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30322", "type": "seen", "source": "https://t.me/cibsecurity/43331", "content": "\u203c CVE-2022-30322 \u203c\n\nHashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 2 of 3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T16:38:19.000000Z"}, {"uuid": "3a6a8937-ab30-4cec-a935-a52927ed2271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30321", "type": "seen", "source": "https://t.me/cibsecurity/43326", "content": "\u203c CVE-2022-30321 \u203c\n\nHashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 1 of 3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T16:38:12.000000Z"}]}