{"vulnerability": "CVE-2022-39986", "sightings": [{"uuid": "de0fa623-9088-41e6-b98a-1f9e8d7f3332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "552a954c-aea7-4f1d-a5f4-d89c9c5d26f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-19)", "content": "", "creation_timestamp": "2025-09-19T00:00:00.000000Z"}, {"uuid": "b25c25d9-1000-41e5-905b-b621e1f5ccb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "afdf7b7d-e376-44bc-8679-5c547a062ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "405020b1-16c6-4a83-9f31-37db9af0a781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:48.000000Z"}, {"uuid": "b244a785-c7db-4795-95c1-67fada1d1e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "d8349a5d-30ec-4fa5-93c7-c1ff8095ce5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/raspap_rce.rb", "content": "", "creation_timestamp": "2023-08-15T03:51:23.000000Z"}, {"uuid": "65af1123-1aad-4759-a8a5-b828d8dc4e77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "6837dae0-eff7-4eb0-852e-af7471c3d8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "761637c5-f33f-4038-9305-9395d82bb3d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "d61ae6ea-fba8-4c8a-968d-b4ad032fe324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "seen", "source": "https://t.me/cibsecurity/67513", "content": "\u203c CVE-2022-39986 \u203c\n\nA Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-01T18:38:44.000000Z"}, {"uuid": "428ffa78-5665-4708-aad2-6eee74adc92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39986", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3169", "content": "Hackers Factory \n\nlazy way to create CVE-2023-38831 winrar file for testing\n\nhttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc\n\nCVE-2022-39986 PoC\n\nhttps://github.com/WhiteOwl-Pub/RaspAP-CVE-2022-39986-PoC\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nHVCI-loldrivers-check\nChecks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.\n\nhttps://github.com/trailofbits/HVCI-loldrivers-check\n\nGolang Secure Coding Practices guide\n\nhttps://github.com/OWASP/Go-SCP\n\n#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nEvolutionary encryption framework based on scalable complexity over time.\n\nhttps://github.com/jofpin/temcrypt\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nBash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.\n\nhttps://github.com/ozpingux/BasicLinuxForensicScript\n\nyou want an #investigation on user accounts,  \n\nSnoop, a #cli #python #tool, scans various sites, forums, and social networks for the presence of the username.\n\ngithub.com/snooppr/snoop\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-27T17:49:56.000000Z"}]}