{"vulnerability": "CVE-2022-3626", "sightings": [{"uuid": "cf1f3d1e-de22-492e-9cd3-72f9e2ac96c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:01.000000Z"}, {"uuid": "1f3d0d5c-04cf-41c8-bb81-a009a8de7ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "published-proof-of-concept", "source": "https://t.me/JerusalemElectronicArmy/179", "content": "#\u0627\u062e\u0628\u0627\u0631_\u0633\u0627\u064a\u0628\u0631 \n\u062a\u0642\u0631\u064a\u0631 \u064a\u062a\u062d\u062f\u062b \u0639\u0646 \u0647\u062c\u0645\u0627\u062a \u062a\u0633\u0645\u0649 Mirai Botnet  \u0644\u0627\u0633\u062a\u0647\u062f\u0627\u0641 \u0623\u062c\u0647\u0632\u0629 Linux \u0648\u0625\u0646\u062a\u0631\u0646\u062a \u0627\u0644\u0623\u0634\u064a\u0627\u0621\n\u0639\u0646 \u0637\u0631\u064a\u0642 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u062a\u0627\u0644\u064a\u0629:\n\n    CVE-2012-4869: FreePBX Elastix Remote Command Execution Vulnerability\n    Gitorious Remote Command Execution Vulnerability\n    CVE-2014-9727: FRITZ!Box Webcam Remote Command Execution Vulnerability\n    Mitel AWC Remote Command Execution Vulnerability\n    CVE-2017-5173: Geutebruck IP Cameras Remote Command Execution Vulnerability\n    CVE-2019-15107: Webmin Command Injection Vulnerability\n    Spree Commerce Arbitrary Command Execution Vulnerability\n    FLIR Thermal Camera Remote Command Execution Vulnerability\n    CVE-2020-8515: DrayTek Vigor Remote Command Execution Vulnerability\n    CVE-2020-15415: DrayTek Vigor Remote Command Injection Vulnerability\n    CVE-2022-36267: Airspan AirSpot Remote Command Execution Vulnerability\n    CVE-2022-26134: Atlassian Confluence Remote Code Execution Vulnerability\n    CVE-2022-4257: C-Data Web Management System Command Injection Vulnerability\n\nhttps://unit42.paloaltonetworks.com/mirai-variant-v3g4/", "creation_timestamp": "2023-02-19T12:43:33.000000Z"}, {"uuid": "60691e6f-fc16-4142-b59b-8c333daa7935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3626", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15316", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3626\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.\n\ud83d\udccf Published: 2022-10-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T15:07:46.052Z\n\ud83d\udd17 References:\n1. https://gitlab.com/libtiff/libtiff/-/issues/426\n2. https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json\n4. https://security.netapp.com/advisory/ntap-20230110-0001/\n5. https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html", "creation_timestamp": "2025-05-07T15:22:29.000000Z"}, {"uuid": "c05408d6-30fb-43e8-8e97-3deaa1c9de1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "seen", "source": "https://t.me/arpsyndicate/2754", "content": "#ExploitObserverAlert\n\nCVE-2022-36267\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-36267. In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.\n\nFIRST-EPSS: 0.694210000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T14:34:03.000000Z"}, {"uuid": "5a9c6476-4292-49b9-8e68-1cff16e00169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/63", "content": "#exploit\n1. CVE-2023-40713:\nExploiting GOG Galaxy XPC service for privilege escalation in macOS\nhttps://securityintelligence.com/x-force/exploiting-gog-galaxy-xpc-service-privilege-escalation-macos\n\n2. CVE-2023-6560:\nio_uring_io_uaddr_map() Dangerous Multi-Page Handling\nhttps://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html\n\n3. CVE-2022-36267:\nAirspan AirSpot 5410 - Unauth Remote CI\nhttps://github.com/0xNslabs/CVE-2022-36267-PoC", "creation_timestamp": "2024-01-10T03:34:04.000000Z"}, {"uuid": "9d98db47-3eb1-4125-aff8-7b3ff56e237a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36264", "type": "seen", "source": "https://t.me/cibsecurity/47749", "content": "\u203c CVE-2022-36264 \u203c\n\nIn Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-08T18:24:07.000000Z"}, {"uuid": "b16ba3a8-1b52-4376-838e-3b5bde76356c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3626", "type": "seen", "source": "https://t.me/cibsecurity/51927", "content": "\u203c CVE-2022-3626 \u203c\n\nLibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-21T20:22:45.000000Z"}, {"uuid": "c09552c3-d3d6-4ad9-8b33-5594ff80880f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "seen", "source": "https://t.me/cibsecurity/47741", "content": "\u203c CVE-2022-36267 \u203c\n\nIn Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-08T18:23:55.000000Z"}, {"uuid": "713c9063-feef-454e-90f9-044335bdd099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36263", "type": "seen", "source": "https://t.me/cibsecurity/48442", "content": "\u203c CVE-2022-36263 \u203c\n\nStreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T18:17:27.000000Z"}, {"uuid": "c1101ea2-6fa5-4f6f-928a-061c8c953323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9759", "content": "#exploit\n1. CVE-2023-40713:\nExploiting GOG Galaxy XPC service for privilege escalation in macOS\nhttps://securityintelligence.com/x-force/exploiting-gog-galaxy-xpc-service-privilege-escalation-macos\n\n2. CVE-2023-6560:\nio_uring_io_uaddr_map() Dangerous Multi-Page Handling\nhttps://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html\n\n3. CVE-2022-36267:\nAirspan AirSpot 5410 - Unauth Remote CI\nhttps://github.com/0xNslabs/CVE-2022-36267-PoC", "creation_timestamp": "2024-01-10T10:59:58.000000Z"}, {"uuid": "00c24bde-e048-4887-b26c-b7df59455542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36262", "type": "seen", "source": "https://t.me/cibsecurity/48158", "content": "\u203c CVE-2022-36262 \u203c\n\nAn issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T16:37:54.000000Z"}, {"uuid": "cb34b7ef-6cd0-40d8-8cbf-4c510198d2d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36266", "type": "seen", "source": "https://t.me/cibsecurity/47731", "content": "\u203c CVE-2022-36266 \u203c\n\nIn Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a stored XSS vulnerability. As the binary file /home/www/cgi-bin/login.cgi does not check if the user is authenticated, a malicious actor can craft a specific request on the login.cgi endpoint that contains a base32 encoded XSS payload that will be accepted and stored. A successful attack will results in the injection of malicious scripts into the user settings page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-08T18:23:41.000000Z"}, {"uuid": "7da789aa-ec8b-4a51-9527-bfa82c563969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36264", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10122", "content": "#exploit\n1. CVE-2023-36049:\nMicrosoft .NET CRLF Injection Arbitrary File Write/Deletion\nhttps://www.zerodayinitiative.com/blog/2024/3/6/cve-2023-36049-microsoft-net-crlf-injection-arbitrary-file-writedeletion-vulnerability\n\n2. CVE-2022-36266, CVE-2022-36267, CVE-2022-36264, CVE-2022-36265:\nAirspan AirSpot 5410 Vulnerabilities\nhttps://neroteam.com/blog/airspan-airspot-5410-vulnerability-report", "creation_timestamp": "2024-03-11T07:14:50.000000Z"}, {"uuid": "9854f1be-ea9e-4125-9547-ab9dddc997ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36266", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10122", "content": "#exploit\n1. CVE-2023-36049:\nMicrosoft .NET CRLF Injection Arbitrary File Write/Deletion\nhttps://www.zerodayinitiative.com/blog/2024/3/6/cve-2023-36049-microsoft-net-crlf-injection-arbitrary-file-writedeletion-vulnerability\n\n2. CVE-2022-36266, CVE-2022-36267, CVE-2022-36264, CVE-2022-36265:\nAirspan AirSpot 5410 Vulnerabilities\nhttps://neroteam.com/blog/airspan-airspot-5410-vulnerability-report", "creation_timestamp": "2024-03-11T07:14:50.000000Z"}, {"uuid": "6505c372-ab05-41f6-884a-1d573b17c870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36265", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10122", "content": "#exploit\n1. CVE-2023-36049:\nMicrosoft .NET CRLF Injection Arbitrary File Write/Deletion\nhttps://www.zerodayinitiative.com/blog/2024/3/6/cve-2023-36049-microsoft-net-crlf-injection-arbitrary-file-writedeletion-vulnerability\n\n2. CVE-2022-36266, CVE-2022-36267, CVE-2022-36264, CVE-2022-36265:\nAirspan AirSpot 5410 Vulnerabilities\nhttps://neroteam.com/blog/airspan-airspot-5410-vulnerability-report", "creation_timestamp": "2024-03-11T07:14:50.000000Z"}, {"uuid": "663bf77f-59b2-464a-adda-7c85b112b123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "seen", "source": "https://t.me/Rootsec_2/2468", "content": "#exploit\n1. CVE-2023-40713:\nExploiting GOG Galaxy XPC service for privilege escalation in macOS\nhttps://securityintelligence.com/x-force/exploiting-gog-galaxy-xpc-service-privilege-escalation-macos\n\n2. CVE-2023-6560:\nio_uring_io_uaddr_map() Dangerous Multi-Page Handling\nhttps://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html\n\n3. CVE-2022-36267:\nAirspan AirSpot 5410 - Unauth Remote CI\nhttps://github.com/0xNslabs/CVE-2022-36267-PoC", "creation_timestamp": "2024-08-16T09:01:20.000000Z"}, {"uuid": "b41943dc-6b96-4526-9594-0d147a4e8baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36267", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10122", "content": "#exploit\n1. CVE-2023-36049:\nMicrosoft .NET CRLF Injection Arbitrary File Write/Deletion\nhttps://www.zerodayinitiative.com/blog/2024/3/6/cve-2023-36049-microsoft-net-crlf-injection-arbitrary-file-writedeletion-vulnerability\n\n2. CVE-2022-36266, CVE-2022-36267, CVE-2022-36264, CVE-2022-36265:\nAirspan AirSpot 5410 Vulnerabilities\nhttps://neroteam.com/blog/airspan-airspot-5410-vulnerability-report", "creation_timestamp": "2024-03-11T07:14:50.000000Z"}]}