{"vulnerability": "CVE-2022-3187", "sightings": [{"uuid": "2ef4e7e9-b927-43f0-b668-96661953142b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3187", "type": "seen", "source": "https://t.me/cibsecurity/55102", "content": "\u203c CVE-2022-3187 \u203c\n\nDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T02:14:14.000000Z"}, {"uuid": "ff2df9ab-e546-4ee3-aa43-eb995b2a32e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31877", "type": "seen", "source": "https://t.me/cibsecurity/53589", "content": "\u203c CVE-2022-31877 \u203c\n\nAn issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-28T18:28:12.000000Z"}, {"uuid": "567a4e45-cabb-46ff-b693-fa53fc832570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31876", "type": "seen", "source": "https://t.me/cibsecurity/44766", "content": "\u203c CVE-2022-31876 \u203c\n\nnetgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-18T00:23:21.000000Z"}, {"uuid": "5ab591c2-e994-4d45-acc3-ba7e376868ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31879", "type": "seen", "source": "https://t.me/cibsecurity/46989", "content": "\u203c CVE-2022-31879 \u203c\n\nOnline Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-26T16:34:30.000000Z"}, {"uuid": "a3cb8383-67c5-4d3c-bb36-d4fb124eaa15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31873", "type": "seen", "source": "https://t.me/cibsecurity/44759", "content": "\u203c CVE-2022-31873 \u203c\n\nTrendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-18T00:23:11.000000Z"}, {"uuid": "a8e38eec-2bb8-4838-9e1a-5d2581086324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31874", "type": "seen", "source": "https://t.me/cibsecurity/44763", "content": "\u203c CVE-2022-31874 \u203c\n\nASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-18T00:23:18.000000Z"}]}