{"vulnerability": "CVE-2022-4121", "sightings": [{"uuid": "b307e67d-2395-405f-979e-2cffc268e226", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41215", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14041", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41215\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.\n\n\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T13:59:19.624Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3251202", "creation_timestamp": "2025-04-30T14:13:09.000000Z"}, {"uuid": "b0a22df5-87f0-453a-b6bd-8820a0014b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4121", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lydw3pessk22", "content": "", "creation_timestamp": "2025-09-08T19:15:44.318056Z"}, {"uuid": "95867ec9-c139-4f83-9c5d-27ecbfaa7803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41217", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/907", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41217\n\ud83d\udd39 Description: Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.\n\ud83d\udccf Published: 2023-02-22T14:42:25.592Z\n\ud83d\udccf Modified: 2025-01-09T07:56:50.215Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/CVE-2022-41217\n2. https://csirt.divd.nl/DIVD-2022-00052", "creation_timestamp": "2025-01-09T08:14:45.000000Z"}, {"uuid": "eb95ac71-04d3-435b-a514-801bf1ff9181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41211", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14293", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41211\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.\n\n\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T13:57:21.947Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3263436", "creation_timestamp": "2025-05-01T14:15:30.000000Z"}, {"uuid": "5621c84a-3bcf-4b41-82cd-db820475b6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41212", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14544", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41212\n\ud83d\udd25 CVSS Score: 4.9 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to read a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the confidentiality of the application.\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T18:04:34.316Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3256571", "creation_timestamp": "2025-05-02T18:19:35.000000Z"}, {"uuid": "56ffc43f-bf47-4224-848b-cdbdc4576b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4121", "type": "seen", "source": "https://t.me/cibsecurity/56597", "content": "\u203c CVE-2022-4121 \u203c\n\nIn libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c was found that could lead to a remote denial of service or other potential consequences.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-17T20:40:12.000000Z"}, {"uuid": "8f960b92-4727-4979-bb08-4411efa31cb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41216", "type": "seen", "source": "https://t.me/cibsecurity/58685", "content": "\u203c CVE-2022-41216 \u203c\n\nLocal File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential information from the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T18:28:04.000000Z"}, {"uuid": "9826736a-ec2c-4c30-9ac9-dd563f00f039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41217", "type": "seen", "source": "https://t.me/cibsecurity/58684", "content": "\u203c CVE-2022-41217 \u203c\n\nCloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T18:22:38.000000Z"}, {"uuid": "acd09169-f60a-4aee-abd3-f47855f43d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41218", "type": "seen", "source": "https://t.me/cibsecurity/50179", "content": "\u203c CVE-2022-41218 \u203c\n\nIn drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T12:40:40.000000Z"}, {"uuid": "06127326-3249-450b-8ba2-72f0f7ef98dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41214", "type": "seen", "source": "https://t.me/cibsecurity/52695", "content": "\u203c CVE-2022-41214 \u203c\n\nDue to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the integrity and availability of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:55.000000Z"}, {"uuid": "036a9623-14d8-4c57-9da4-e1dcb65db9ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41215", "type": "seen", "source": "https://t.me/cibsecurity/52692", "content": "\u203c CVE-2022-41215 \u203c\n\nSAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:50.000000Z"}, {"uuid": "f195584d-efa9-4e71-86d5-0d103ecf79e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41212", "type": "seen", "source": "https://t.me/cibsecurity/52689", "content": "\u203c CVE-2022-41212 \u203c\n\nDue to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to read a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the confidentiality of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:44.000000Z"}, {"uuid": "909b2d34-627e-4e32-9c37-0d8add2c0a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41211", "type": "seen", "source": "https://t.me/cibsecurity/52687", "content": "\u203c CVE-2022-41211 \u203c\n\nDue to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:42.000000Z"}, {"uuid": "aefffb73-65f5-4bd3-ba73-7fefa2ea4fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41218", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6924", "content": "#exploit\n1. CVE-2022-41218:\nvmalloc UAF write\nhttps://github.com/V4bel/CVE-2022-41218\n\n2. CVE-2022-30206:\nWindows Print Spooler EoP Vulnerability\nhttps://github.com/Malwareman007/CVE-2022-30206\nhttps://github.com/Pwnrin/CVE-2022-30206", "creation_timestamp": "2022-10-06T11:05:16.000000Z"}]}