{"vulnerability": "CVE-2022-3174", "sightings": [{"uuid": "ef703d48-669a-480f-b069-23363497c214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-31749", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113902922517927039", "content": "", "creation_timestamp": "2025-01-27T23:31:08.883392Z"}, {"uuid": "930a220e-e775-48f8-be4e-836232d2d32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgr6grohte27", "content": "", "creation_timestamp": "2025-01-28T00:16:09.259584Z"}, {"uuid": "3acb8d06-3d11-48be-b601-99649fa269c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31749\n\ud83d\udd25 CVSS Score: 6.4 (CVSS_V3)\n\ud83d\udd39 Description: An argument injection vulnerability in the diagnose and import pac commands in WatchGuard Fireware OS before 12.8.1, 12.1.4, and 12.5.10 allows an authenticated remote attacker with unprivileged credentials to upload or read files to limited, arbitrary locations on WatchGuard Firebox and XTM appliances\n\ud83d\udccf Published: 2025-01-28T00:32:15Z\n\ud83d\udccf Modified: 2025-01-28T00:32:15Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2022-31749\n2. https://www.rapid7.com/blog/post/2022/06/23/cve-2022-31749-watchguard-authenticated-arbitrary-file-read-write-fixed\n3. https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00019", "creation_timestamp": "2025-01-28T01:08:24.000000Z"}, {"uuid": "7f3d90aa-3b47-4d69-a562-a39a5a02e371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:02.000000Z"}, {"uuid": "6ee1c9e5-cbe0-45ef-bb95-c1ff0e387229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2651", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSimple PoC-checker for CVE-2022-31749 by 1vere$k\nURL\uff1ahttps://github.com/iveresk/cve-2022-31749\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-06T09:23:15.000000Z"}, {"uuid": "8c76a424-1e40-454f-9673-33d4256e146a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "seen", "source": "https://t.me/cvedetector/16545", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-31749 - \"WatchGuard Fireware OS Arbitrary File Upload and Read Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2022-31749 \nPublished : Jan. 28, 2025, 12:15 a.m. | 45\u00a0minutes ago \nDescription : An argument injection vulnerability in the diagnose and import pac commands in WatchGuard Fireware OS before 12.8.1, 12.1.4, and 12.5.10 allows an authenticated remote attacker with unprivileged credentials to upload or read files to limited, arbitrary locations on WatchGuard Firebox and XTM appliances \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T02:04:02.000000Z"}, {"uuid": "087a6933-3db1-4df6-8e8e-8054d1c0ead1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31749", "type": "seen", "source": "Telegram/FlbpZxwGLg_14gNa6x2fJWCMwoXvP9ZnUL8VhBYBj1XXgyWi", "content": "", "creation_timestamp": "2025-01-28T03:22:55.000000Z"}, {"uuid": "de3066c0-98ba-4777-b61c-5060969e96ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31741", "type": "seen", "source": "https://t.me/cibsecurity/55172", "content": "\u203c CVE-2022-31741 \u203c\n\nA crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:09.000000Z"}, {"uuid": "0cba7d21-3f0d-4374-9fd9-d5b08350cb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31747", "type": "seen", "source": "https://t.me/cibsecurity/55154", "content": "\u203c CVE-2022-31747 \u203c\n\nMozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:23:49.000000Z"}]}