{"vulnerability": "CVE-2022-4310", "sightings": [{"uuid": "cf9ac73f-a4b8-445e-bfb3-08fa1d5f9c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43103", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14850", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43103\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:58:18.132Z\n\ud83d\udd17 References:\n1. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#formsetqosband", "creation_timestamp": "2025-05-05T13:19:12.000000Z"}, {"uuid": "249d2c8b-13fa-4fb9-8293-6e56464940d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43102", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14849", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43102\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:59:09.575Z\n\ud83d\udd17 References:\n1. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#fromsetsystimesub_496104strcpychar-v6-s", "creation_timestamp": "2025-05-05T13:19:11.000000Z"}, {"uuid": "b9a71207-1fd6-4ee8-8f54-857a881fb57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43104", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14853", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43104\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:49:57.387Z\n\ud83d\udd17 References:\n1. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#fromsetwirelessrepeatsub_45cd64sub_45cad8sub_45bb10", "creation_timestamp": "2025-05-05T13:19:15.000000Z"}, {"uuid": "c2d30282-25a0-42c3-86cc-888fc8c84639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43109", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14856", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43109\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: D-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:46:54.546Z\n\ud83d\udd17 References:\n1. https://www.dlink.com/en/security-bulletin/\n2. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/%E5%8F%8B%E8%AE%AF/dir-823g/cve_v1.0.2.pdf", "creation_timestamp": "2025-05-05T13:19:21.000000Z"}, {"uuid": "1c05e3ee-e1b4-4dba-9862-7b394779787d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43108", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14855", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43108\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:47:38.482Z\n\ud83d\udd17 References:\n1. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#formsetfirewallcfg", "creation_timestamp": "2025-05-05T13:19:20.000000Z"}, {"uuid": "d2c1bf01-1d34-4584-9551-8e8d2fc22313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43105", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14854", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43105\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.\n\ud83d\udccf Published: 2022-11-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T12:49:24.778Z\n\ud83d\udd17 References:\n1. https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#fromsetwifigusetbasic", "creation_timestamp": "2025-05-05T13:19:16.000000Z"}, {"uuid": "2e5849eb-62d7-4595-ac5d-a5701ab082c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43107", "type": "seen", "source": "https://t.me/cibsecurity/52512", "content": "\u203c CVE-2022-43107 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:49.000000Z"}, {"uuid": "2b6f2363-3a83-406b-a73f-14f0917794f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43104", "type": "seen", "source": "https://t.me/cibsecurity/52520", "content": "\u203c CVE-2022-43104 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:21:02.000000Z"}, {"uuid": "84170fd1-f662-4e80-8cbb-0cc21d622bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43109", "type": "seen", "source": "https://t.me/cibsecurity/52519", "content": "\u203c CVE-2022-43109 \u203c\n\nD-Link DIR-823G v1.0.2 was found to contain a command injection vulnerability in the function SetNetworkTomographySettings. This vulnerability allows attackers to execute arbitrary commands via a crafted packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:21:01.000000Z"}, {"uuid": "7775a8f9-eb71-4fac-97ac-23ec5e2dc68e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43103", "type": "seen", "source": "https://t.me/cibsecurity/52518", "content": "\u203c CVE-2022-43103 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:21:00.000000Z"}, {"uuid": "73684a81-64bd-4543-8fdd-b6af2a913d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4310", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11154", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4310\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs\n\ud83d\udccf Published: 2023-01-09T22:13:26.488Z\n\ud83d\udccf Modified: 2025-04-09T19:23:59.359Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/b1aef75d-0c84-4702-83fc-11f0e98a0821", "creation_timestamp": "2025-04-09T19:48:33.000000Z"}, {"uuid": "fdb5c9dd-cb5e-4b05-baae-ad96363d73ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4310", "type": "seen", "source": "https://t.me/cibsecurity/56187", "content": "\u203c CVE-2022-4310 \u203c\n\nThe Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:27:57.000000Z"}, {"uuid": "854932e6-70d7-49d8-8b13-143233cac8a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43101", "type": "seen", "source": "https://t.me/cibsecurity/52510", "content": "\u203c CVE-2022-43101 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:47.000000Z"}, {"uuid": "56fe18b3-9ccb-4e69-8d29-d73ae713d478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43108", "type": "seen", "source": "https://t.me/cibsecurity/52511", "content": "\u203c CVE-2022-43108 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:48.000000Z"}, {"uuid": "ca0fb04d-ce0c-466b-aee8-8ddaed66b0d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43105", "type": "seen", "source": "https://t.me/cibsecurity/52508", "content": "\u203c CVE-2022-43105 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:45.000000Z"}, {"uuid": "47cd68f6-af9d-4b4b-9932-4c4629516585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43102", "type": "seen", "source": "https://t.me/cibsecurity/52507", "content": "\u203c CVE-2022-43102 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:41.000000Z"}, {"uuid": "476b8019-a49c-4e4d-b798-cd872f241c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43106", "type": "seen", "source": "https://t.me/cibsecurity/52506", "content": "\u203c CVE-2022-43106 \u203c\n\nTenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-03T17:20:40.000000Z"}]}