{"vulnerability": "CVE-2022-32223", "sightings": [{"uuid": "4fc3c799-25d6-4919-b0c5-fbfaf87258ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32223", "type": "seen", "source": "https://t.me/cibsecurity/46245", "content": "\u203c CVE-2022-32223 \u203c\n\nNode.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and \u00e2\u20ac\u0153C:\\Program Files\\Common Files\\SSL\\openssl.cnf\u00e2\u20ac\ufffd exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T18:32:37.000000Z"}, {"uuid": "70752e11-b6c3-4195-ae08-1b2ea0e42908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32223", "type": "seen", "source": "https://t.me/crackcodes/838", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccRetbleed: Arbitrary Speculative Code Execution with Return Instructions\n\ud83d\udcccExecuting Arbitrary Code Over a Phone Line Thanks to the XBAND Video Game Modem\n\ud83d\udcccRolling PWN Attack Affecting Honda Vehicles\n\ud83d\udcccCVE-2022-32223 Discovery: DLL Hijacking via npm CLI\n\ud83d\udcccFrom Prototype Pollution to Remote Code Execution in Blitz.js\n\ud83d\udcccAttacking Active Directory: 0 to 0.9\n\ud83d\udcccCVE-2022-29885 \u2013 Apache Tomcat Cluster Service DoS\n\ud83d\udcccCVE-2022-29593\n\ud83d\udcccNorth South University / Bangladesh / email login\n\ud83d\udcccdeeppaste Leak\n\ud83d\udcccLivejournalfull Leak\n\ud83d\udcccGemotest Crm Leak\n\ud83d\udcccSplunk Attack\n\ud83d\udcccNzyme - WiFi Defense System\n\ud83d\udcccProject-Whis - Advanced HTTP Botnet\n\ud83d\udcccCode Signing Certificate Cloning Attack\n\ud83d\udcccRetbleed - Arbitrary Speculative Code Execution with Return Instruction.\n\ud83d\udcccConfluence Pre-Auth RCE.\n\ud83d\udcccmicrosoft-rpc-fuzzing-tools\n\ud83d\udcccCVE-2022-26135\n\ud83d\udcccXSS Payload List\n\ud83d\udcccheaders for hackers | PHP #ssrf | #cve-2020-7066 Video\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-16T09:11:59.000000Z"}, {"uuid": "dee57752-be96-4338-a5bf-760c5f970126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32223", "type": "seen", "source": "Telegram/tvagmoXGD-sjRG5teDO-DfPH2_iB-IEEjYRnLqN5-gAxoA", "content": "", "creation_timestamp": "2022-07-15T08:17:26.000000Z"}, {"uuid": "166bbd76-1fdb-4371-8ee5-8ff1699a7898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32223", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6843", "content": "#Blue_Team_Techniques\nCVE-2022-32223 Discovery: DLL Hijacking via npm CLI\nhttps://blog.aquasec.com/cve-2022-32223-dll-hijacking", "creation_timestamp": "2022-09-21T11:03:01.000000Z"}]}