{"vulnerability": "CVE-2022-4176", "sightings": [{"uuid": "f81c2918-d970-450d-8b3a-23e9bf618a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41761", "type": "seen", "source": "https://t.me/ctinow/169939", "content": "https://ift.tt/Te2cRUF\nCVE-2022-41761 | Nokia NFM-T R19.9 VM Manager WebUI viewlog.pl logfile path traversal", "creation_timestamp": "2024-01-18T21:21:30.000000Z"}, {"uuid": "be1d71ba-f304-485f-b2c3-b3b23246e0b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41769", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2968", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41769\n\ud83d\udd39 Description: Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2023-05-10T13:17:19.291Z\n\ud83d\udccf Modified: 2025-01-24T17:43:40.610Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00779.html", "creation_timestamp": "2025-01-24T18:05:16.000000Z"}, {"uuid": "6698e2bb-c587-446e-84d4-c3a1995dd78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41767", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11634", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41767\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T14:23:14.276Z\n\ud83d\udd17 References:\n1. https://phabricator.wikimedia.org/T316304\n2. https://security.gentoo.org/glsa/202305-24", "creation_timestamp": "2025-04-14T14:54:07.000000Z"}, {"uuid": "5d0865c7-97a5-4613-b428-3c91d1ee8bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41760", "type": "seen", "source": "https://t.me/ctinow/169927", "content": "https://ift.tt/bz1N9iw\nCVE-2022-41760 | Nokia NFM-T R19.9 Network Element Manager /oms1350/data/cpb/log filename path traversal", "creation_timestamp": "2024-01-18T20:51:25.000000Z"}, {"uuid": "edcea2a1-5223-4619-916c-a6f0487f96e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41765", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11633", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41765\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. HTMLUserTextField exposes the existence of hidden users.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T14:25:23.085Z\n\ud83d\udd17 References:\n1. https://phabricator.wikimedia.org/T309894\n2. https://security.gentoo.org/glsa/202305-24", "creation_timestamp": "2025-04-14T14:54:06.000000Z"}, {"uuid": "bdb95bcd-f95a-402c-abbe-00cfa8a453a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41762", "type": "seen", "source": "https://t.me/arpsyndicate/2208", "content": "#ExploitObserverAlert\n\nCVE-2022-41762\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-41762. An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl.", "creation_timestamp": "2023-12-28T07:51:55.000000Z"}, {"uuid": "753f9872-5fb7-4026-bb0a-4c885ed98f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41760", "type": "seen", "source": "https://t.me/arpsyndicate/2206", "content": "#ExploitObserverAlert\n\nCVE-2022-41760\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-41760. An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files.", "creation_timestamp": "2023-12-28T07:18:51.000000Z"}, {"uuid": "ea8be9fb-395c-499e-8e91-bd4762e26186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41761", "type": "seen", "source": "https://t.me/arpsyndicate/2174", "content": "#ExploitObserverAlert\n\nCVE-2022-41761\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-41761. An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files.", "creation_timestamp": "2023-12-28T01:30:45.000000Z"}, {"uuid": "e24dc0f2-d24c-462e-967e-7bd3a864fa5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41760", "type": "seen", "source": "https://t.me/ctinow/162718", "content": "https://ift.tt/10jTENQ\nCVE-2022-41760 Exploit", "creation_timestamp": "2024-01-04T01:17:18.000000Z"}, {"uuid": "c838dcda-bef5-4877-aeb6-c7a3fb09eb7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41761", "type": "seen", "source": "https://t.me/ctinow/162717", "content": "https://ift.tt/Zc7IBQK\nCVE-2022-41761 Exploit", "creation_timestamp": "2024-01-04T01:17:17.000000Z"}, {"uuid": "fc0d840e-725d-4c2e-9c56-2eb46a0461c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41762", "type": "seen", "source": "https://t.me/ctinow/162716", "content": "https://ift.tt/hQOaY93\nCVE-2022-41762 Exploit", "creation_timestamp": "2024-01-04T01:17:16.000000Z"}, {"uuid": "c1209fd8-c746-46af-ab66-4be627ae62ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41769", "type": "seen", "source": "https://t.me/cibsecurity/63774", "content": "\u203c CVE-2022-41769 \u203c\n\nImproper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:25:35.000000Z"}, {"uuid": "be1ce398-dec4-4ed6-b1b6-b194614ef491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41762", "type": "seen", "source": "https://t.me/ctinow/159145", "content": "https://ift.tt/Hd8V5R3\nCVE-2022-41762", "creation_timestamp": "2023-12-25T07:26:54.000000Z"}, {"uuid": "1f36d74c-b85c-41f5-8559-6d2020b2c5eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41761", "type": "seen", "source": "https://t.me/ctinow/159144", "content": "https://ift.tt/dYkatxw\nCVE-2022-41761", "creation_timestamp": "2023-12-25T07:26:53.000000Z"}, {"uuid": "cfe968fc-6a50-4d92-8255-7dd9bed36746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41760", "type": "seen", "source": "https://t.me/ctinow/159143", "content": "https://ift.tt/Srw3Q92\nCVE-2022-41760", "creation_timestamp": "2023-12-25T07:26:52.000000Z"}, {"uuid": "27a28157-a739-4dd1-a450-90188d6634d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41763", "type": "seen", "source": "https://t.me/cibsecurity/69851", "content": "\u203c CVE-2022-41763 \u203c\n\nAn issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T16:21:58.000000Z"}]}