{"vulnerability": "CVE-2022-4170", "sightings": [{"uuid": "74759468-1bd5-42ce-88d9-8ef8dad02614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41706", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13844", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41706\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.\n\ud83d\udccf Published: 2022-11-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T14:50:37.587Z\n\ud83d\udd17 References:\n1. https://github.com/spatie/browsershot/\n2. https://fluidattacks.com/advisories/eminem/", "creation_timestamp": "2025-04-29T15:11:52.000000Z"}, {"uuid": "da1a39f9-f406-4540-8a37-f644758b022a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41705", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13843", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41705\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.\n\ud83d\udccf Published: 2022-11-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T14:51:54.093Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/headhunterz/\n2. https://github.com/uasoft-indonesia/badaso/", "creation_timestamp": "2025-04-29T15:11:51.000000Z"}, {"uuid": "792bfa88-2275-4a3d-8cd6-7d3a938a548d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41707", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15608", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41707\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the application. This is possible because the application exposes user data to the public.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T20:07:33.561Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/coldplay/\n2. https://github.com/relatedcode/Messenger", "creation_timestamp": "2025-05-08T20:23:49.000000Z"}, {"uuid": "1b9e738a-c6ed-454a-83f2-ccaf0083fdfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41703", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41703\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the feature flag \"ALLOW_ADHOC_SUBQUERY\" disabled (default value).  This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.\n\n\n\n\ud83d\udccf Published: 2023-01-16T10:14:01.332Z\n\ud83d\udccf Modified: 2025-04-08T20:33:49.417Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/g7jjw0okxjk5y57pbbxy19ydw42kqcos", "creation_timestamp": "2025-04-08T20:46:48.000000Z"}, {"uuid": "b9a1d0b7-1002-4978-a72d-66fab3e3b911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41709", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41709\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Markdownify version 1.4.1 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Markdownify. This is possible because the application has the \"nodeIntegration\" option enabled.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T20:04:07.255Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/adams/\n2. https://github.com/amitmerchant1990/electron-markdownify", "creation_timestamp": "2025-05-08T20:23:53.000000Z"}, {"uuid": "8a06bce5-6eb8-417e-927f-fcdca45f809b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41708", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15610", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41708\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T20:06:09.780Z\n\ud83d\udd17 References:\n1. https://github.com/relatedcode/Messenger\n2. https://fluidattacks.com/advisories/tiesto/", "creation_timestamp": "2025-05-08T20:23:51.000000Z"}, {"uuid": "a7ff67f4-10db-4678-b1a3-ecc214c47240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41706", "type": "seen", "source": "https://t.me/cibsecurity/53518", "content": "\u203c CVE-2022-41706 \u203c\n\nBrowsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-25T20:15:41.000000Z"}, {"uuid": "5cf2df27-d592-4f3b-8053-6593cc7b2627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41702", "type": "seen", "source": "https://t.me/cibsecurity/52185", "content": "\u203c CVE-2022-41702 \u203c\n\nThe affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T00:29:02.000000Z"}, {"uuid": "34339f85-d896-4a77-b0b1-47cae3897bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41705", "type": "seen", "source": "https://t.me/cibsecurity/53510", "content": "\u203c CVE-2022-41705 \u203c\n\nBadaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-25T20:15:30.000000Z"}, {"uuid": "1eda73f6-0540-4838-ba84-9cccd3ec8630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4170", "type": "seen", "source": "https://t.me/cibsecurity/54225", "content": "\u203c CVE-2022-4170 \u203c\n\nThe rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T20:18:33.000000Z"}, {"uuid": "7332f66e-be8e-4d96-abda-f737e56a97ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41701", "type": "seen", "source": "https://t.me/cibsecurity/52174", "content": "\u203c CVE-2022-41701 \u203c\n\nThe affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutShift API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T00:28:48.000000Z"}, {"uuid": "ff6f8c03-2318-44ac-acfe-c0afe14d4a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41708", "type": "seen", "source": "https://t.me/cibsecurity/51816", "content": "\u203c CVE-2022-41708 \u203c\n\nRelatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:25.000000Z"}, {"uuid": "6933b312-f76f-434c-9e71-5de45d37a3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4170", "type": "seen", "source": "https://t.me/cultofwire/1098", "content": "ANSI Terminal security in 2023 and finding 10 CVEs.\n\n\u041a\u0440\u0443\u0442\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0442 \u0414\u044d\u0432\u0438\u0434\u0430 \u041b\u0438\u0434\u0431\u0435\u0439\u0442\u0430 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432 \u0441 \u0430\u043a\u0446\u0435\u043d\u0442\u043e\u043c \u043d\u0430 \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u043a\u043e\u0434\u043e\u043c. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 10 CVE \u0434\u043b\u044f \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 (Remote Code Execution, RCE), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u041c\u0435\u043d\u0435\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0437\u0434\u0435\u0441\u044c: \nThe Terminal Escapes: Engineering unexpected execution from command line interfaces\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 CVE \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u0430:\n- CVE-2022-45872 - iTerm2 DECRQSS\n- CVE-2022-44702 - Windows Terminal + WSL working directory\n- CVE-2022-47583 - mintty DECRQSS\n- CVE-2022-45063 - xterm OSC 50\n- CVE-2022-46387 - ConEmu Title\n- CVE-2023-39150 - ConEmu Title Take 2\n- CVE-2022-4170  - rxvt-unicode background\n- CVE-2022-23465 - SwiftTerm DECRQSS\n- CVE-2022-46663 - less OSC 8\n- CVE-2023-39726 - mintty OSC 50\n- CVE-2023-40359 - xterm ReGIS\n- CVE-2023-40216 - OpenBSD wscons parameter overflow", "creation_timestamp": "2023-11-08T13:02:31.000000Z"}]}