{"vulnerability": "CVE-2022-31813", "sightings": [{"uuid": "8acc937f-a71e-4184-a32b-82949af217d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01", "content": "", "creation_timestamp": "2025-05-13T10:00:00.000000Z"}, {"uuid": "7a894752-9596-46bd-a63f-9d54a6b01d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "seen", "source": "https://t.me/cibsecurity/44129", "content": "\u203c CVE-2022-31813 \u203c\n\nApache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T20:33:43.000000Z"}, {"uuid": "ed90ba52-4039-46e1-adcb-f5ecc251d861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "d19b1662-b44a-4508-b5c8-d1ba9495c1b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/356", "content": "CVE-2022-31813 : Apache HTTP Server 2.4.53 Forwarding Addresses is Hard\nhttps://www.synacktiv.com/publications/cve-2022-31813-forwarding-addresses-is-hard.html", "creation_timestamp": "2022-07-29T09:00:00.000000Z"}, {"uuid": "4c091ace-1082-4d3c-86b8-75d68ecaf374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/75", "content": "Top Security News for 27/07/2022\n\nVRChat Security Update Throws the Metaverse Into Chaos\nhttps://www.vice.com/en_us/article/y3pv8v/vrchat-security-update-throws-the-metaverse-into-chaos \n\nZyxel authentication bypass patch analysis (CVE-2022-0342)\nhttps://www.reddit.com/r/netsec/comments/w8few6/zyxel_authentication_bypass_patch_analysis/ \n\nWhat\u2019s New in the 2022 Cost of a Data Breach Report\nhttps://securityintelligence.com/posts/whats-new-2022-cost-of-a-data-breach-report/ \n\nExperts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware\nhttps://thehackernews.com/2022/07/experts-find-similarities-between.html \n\nHackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection\nhttps://thehackernews.com/2022/07/hackers-increasingly-using-webassembly.html \n\nHunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app\nhttps://www.reddit.com/r/netsec/comments/w8qn2n/hunting_for_mass_assignment_vulnerabilities_using/ \n\nBypass AMSI in local process hooking NtCreateSection\nhttps://www.reddit.com/r/netsec/comments/w8ehda/bypass_amsi_in_local_process_hooking/ \n\nLockBit Ransomware Claims Pwn Of Italy's Tax Agency\nhttps://packetstormsecurity.com/news/view/33667/LockBit-Ransomware-Claims-Pwn-Of-Italys-Tax-Agency.html \n\nISC StormCast for Wednesday, July 27th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8104 \n\nCVE-2022-31813: Forwarding addresses is hard\nhttps://www.reddit.com/r/netsec/comments/w8llor/cve202231813_forwarding_addresses_is_hard/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-07-27T08:31:04.000000Z"}, {"uuid": "4ce5fa3e-00ab-4342-9230-7cd008761216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "published-proof-of-concept", "source": "Telegram/kM42HgldlfA8QwVmwCT4PRPpwGPvjQvwwRQ7JxFcRXWr7Q", "content": "", "creation_timestamp": "2022-08-04T11:40:49.000000Z"}, {"uuid": "4799429c-5905-4460-8963-46a5af751d40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/923", "content": "Updates On Hackbyte Forum:-\n\n\n1. [BG] HappyDreams.bg / Sleepshop.bg \u2013 Server Data\n2. msn.com Leak\n3. (ImHex) A Hex Editor for Reverse Engineers\n4. Rapid7 Nexpose 6.6.153 Crack\n5. CompTIA A+ Certification Study Guide\n6. Lockbit3.0-MpClient-Defender-PoC: Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC\n7. CVE-2022-31813: Forwarding addresses is hard\n8. Corrupting memory without memory corruption\n9. How the WordPress Gets Hacked in 2022 \u2013 Initial Reconnaissance\n10. Spear Phishing on Modern Platforms\n11. Scraping Login Credentials With XSS\n12. Building a Self-Destructing USB Drive.\n13. SSTImap \u2013 Automatic SSTI detection tool with interactive interface\n14. sante.gov.dz Leak\n15. ekz Group Leaked\n16. Overload Layer 7 DDOS\n17. Black-Dragon - An Advanced Automation Tool For Web-Recon Developed For Linux Systems.\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-08-05T04:50:53.000000Z"}, {"uuid": "25d73aea-7050-46e1-9a09-8a5eb6fff638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6480", "content": "#exploit\n1. CVE-2022-31813:\nForwarding Addresses is Hard\nhttps://www.synacktiv.com/publications/cve-2022-31813-forwarding-addresses-is-hard.html\n\n2. CVE-2022-34907, CVE-2022-34906:\nCritical vulnerabilities in FileWave\u2019s mobile device management (MDM) system\nhttps://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm", "creation_timestamp": "2022-07-28T12:16:44.000000Z"}, {"uuid": "4d4b5fa8-4c68-43bf-8832-9d97b2047137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31813", "type": "seen", "source": "https://t.me/LearnExploit/3598", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0648\u0628 \u0633\u0631\u0648\u0631 APACHE \n\n\u062f\u0631 \u0646\u0633\u062e\u0647\u200c 2.4.53 \u0648\u0628 \u0633\u0631\u0648\u0631 Apache \u0648 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0645\u0627 \u0642\u0628\u0644 \u0622\u0646\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc (9.8 \u0627\u0632 10) \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2022-31813 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0645\u0637\u0627\u0628\u0642 \u0628\u0627 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0627\u06af\u0631 \u0647\u0650\u062f\u0631 Connection \u0633\u0645\u062a \u06a9\u0644\u0627\u06cc\u0646\u062a \u0627\u0632 \u0646\u0648\u0639 hop-by-hop \u0628\u0627\u0634\u062f\u060c \u0648\u0628 \u0633\u0631\u0648\u0631 Apache \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06a9\u0647 \u0647\u062f\u0631\u0647\u0627\u06cc X-Forwarded-* \u0631\u0627 \u0628\u0647 \u0633\u0631\u0648\u0631 \u0627\u0635\u0644\u06cc \u0627\u0631\u0633\u0627\u0644 \u0646\u0646\u0645\u0627\u06cc\u062f. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u062f\u0648\u0631 \u0632\u062f\u0646 \"\u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631IP\" \u062f\u0631 \u0633\u0631\u0648\u0631 \u0627\u0635\u0644\u06cc \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f.\n\n\u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0631\u0627 \u0628\u0647 \u0646\u0633\u062e\u0647 2.4.54-1 \u06cc\u0627 \u0628\u0627\u0644\u0627\u062a\u0631 \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u06cc\u062f.\n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-07-01T15:28:50.000000Z"}]}