{"vulnerability": "CVE-2022-3090", "sightings": [{"uuid": "b86c50f8-28c6-44bf-b731-a3b7b5ebca4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3090", "type": "seen", "source": "https://t.me/cibsecurity/53111", "content": "\u203c CVE-2022-3090 \u203c\n\nRed Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T00:18:03.000000Z"}, {"uuid": "0466c3de-e8d5-4284-bc7b-9dd13f57de87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30904", "type": "seen", "source": "https://t.me/cibsecurity/57361", "content": "\u203c CVE-2022-30904 \u203c\n\nIn Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-02T00:16:36.000000Z"}, {"uuid": "e7fccb18-c614-47f2-b352-47613f37d4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30903", "type": "seen", "source": "https://t.me/cibsecurity/44438", "content": "\u203c CVE-2022-30903 \u203c\n\nNokia \"G-2425G-A\" Bharti Airtel Routers Hardware version \"3FE48299DEAA\" Software Version \"3FE49362IJHK42\" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T22:19:06.000000Z"}, {"uuid": "1e62e3f4-e34a-4122-93a1-d2ef89e22486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30909", "type": "seen", "source": "https://t.me/cibsecurity/44038", "content": "\u203c CVE-2022-30909 \u203c\n\nH3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T18:32:41.000000Z"}]}