{"vulnerability": "CVE-2022-4426", "sightings": [{"uuid": "7479d5de-cefa-4c3c-a4b9-ae6615237670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://gist.github.com/chun-awa/e6879725f088efee7ad390b3b9cfdd28", "content": "", "creation_timestamp": "2025-10-28T14:51:52.000000Z"}, {"uuid": "a2a97430-a8ab-49fa-b180-96413311bd23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44262", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwze4vouy32n", "content": "", "creation_timestamp": "2025-08-22T21:02:32.276496Z"}, {"uuid": "e9e5192b-b2d1-4517-9b02-4b17846a9040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2732", "content": "\ud83d\udca5CVE-2022-44268 ImageMagick Arbitrary Local File Read\n\ud83d\udca5CVE-2022-44268 ImageMagick Arbitrary File Read PoC\n\ud83d\udca5CVE-2022-44268 Arbitrary File Read PoC - PNG generator\n\ud83d\udca5Payload generator and extractor for CVE-2022-44268 written in Python\n\ud83d\udca5cve-2022-44268-detector - detect malicious PNGs\n\nby PrivateShizo", "creation_timestamp": "2023-02-18T23:38:46.000000Z"}, {"uuid": "413048f2-e6bb-4e33-bea3-698bb11ed1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://gist.github.com/strikoder/f5e743bbd00685453bb0b990f0aa22a5", "content": "", "creation_timestamp": "2025-12-30T09:06:47.000000Z"}, {"uuid": "71fc03a4-b1a0-4ec0-bc00-aa6839256e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10648", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator.\n\nhttps://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", "creation_timestamp": "2023-02-05T00:34:43.000000Z"}, {"uuid": "99190308-0515-4f46-a22c-eb07e94e4b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44261", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8484", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44261\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Avery Dennison Monarch Printer M9855 is vulnerable to Cross Site Scripting (XSS).\n\ud83d\udccf Published: 2023-02-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T18:09:17.388Z\n\ud83d\udd17 References:\n1. https://github.com/IthacaLabs/AveryDennison/tree/main/AveryDennison_MonarchM9855_XSS\n2. https://github.com/IthacaLabs/AveryDennison/blob/main/AveryDennison_MonarchM9855_XSS/AveryDennison_MonarchM9855_XSS_CVE-2022-44261.txt", "creation_timestamp": "2025-03-24T18:22:46.000000Z"}, {"uuid": "6694a7e9-1e52-4ad8-9c92-af910528942f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44260", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13514", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44260\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function.\n\ud83d\udccf Published: 2022-11-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T19:57:38.057Z\n\ud83d\udd17 References:\n1. https://brief-nymphea-813.notion.site/LR350-bof-setIpPortFilterRules-0fad7347f4d74a919a79f5745a8c5421", "creation_timestamp": "2025-04-25T20:07:55.000000Z"}, {"uuid": "2019028c-ae46-443f-b899-06dd09e3ff8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/156", "content": "ImageMagick: The hidden vulnerability behind your online images\n\n\ud83d\udc64 by Bryan Gonzalez\n\nIn a recent APT Simulation engagement, the Ocelot team identified that ImageMagick was used to process images in a Drupal-based website, and hence, the team decided to try to find new vulnerabilities in this component. As a result, two zero days were identified:\n   \u2022 CVE-2022-44267: ImageMagick 7.1.0-49 is vulnerable to Denial of Service. \n   \u2022 CVE-2022-44268: ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary remote file.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n    \u2022 How to trigger the exploitation?\n\u25cf CVE-2022-44267: Denial of service\n\u25cf CVE-2022-44268: Arbitrary Remote Leak\n\nOriginal link: https://www.metabaseq.com/imagemagick-zero-days/\n\nTry this link if the previous one isn't working: https://web.archive.org/web/20230201234130/https://www.metabaseq.com/imagemagick-zero-days/", "creation_timestamp": "2023-02-02T07:42:21.000000Z"}, {"uuid": "62f61e37-4f92-40c3-ab52-0c38e0c457d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44267", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/156", "content": "ImageMagick: The hidden vulnerability behind your online images\n\n\ud83d\udc64 by Bryan Gonzalez\n\nIn a recent APT Simulation engagement, the Ocelot team identified that ImageMagick was used to process images in a Drupal-based website, and hence, the team decided to try to find new vulnerabilities in this component. As a result, two zero days were identified:\n   \u2022 CVE-2022-44267: ImageMagick 7.1.0-49 is vulnerable to Denial of Service. \n   \u2022 CVE-2022-44268: ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary remote file.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n    \u2022 How to trigger the exploitation?\n\u25cf CVE-2022-44267: Denial of service\n\u25cf CVE-2022-44268: Arbitrary Remote Leak\n\nOriginal link: https://www.metabaseq.com/imagemagick-zero-days/\n\nTry this link if the previous one isn't working: https://web.archive.org/web/20230201234130/https://www.metabaseq.com/imagemagick-zero-days/", "creation_timestamp": "2023-02-02T07:42:21.000000Z"}, {"uuid": "5d2d8345-3c6c-4380-8c3c-3c492ae8621d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/monkey_hacker/46", "content": "\ud83d\udca5CVE-2022-44268 ImageMagick Arbitrary Local File Read\n\ud83d\udca5CVE-2022-44268 ImageMagick Arbitrary File Read PoC\n\ud83d\udca5CVE-2022-44268 Arbitrary File Read PoC - PNG generator\n\ud83d\udca5Payload generator and extractor for CVE-2022-44268 written in Python\n\ud83d\udca5cve-2022-44268-detector - detect malicious PNGs\n\nby PrivateShizo", "creation_timestamp": "2023-02-21T11:55:52.000000Z"}, {"uuid": "2966e285-329d-4a6c-9de1-be4726a712a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/157", "content": "\ud83e\uddd9\u200d\u2642\ufe0f CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read.\n\nHow does it work? See here in high quality \ud83d\udc47\n\nhttps://github.com/Mike-n1/HowDoesItWork/blob/main/CVE-2022-44268.png?raw=true", "creation_timestamp": "2023-02-02T13:43:25.000000Z"}, {"uuid": "1627bcc7-6859-42d3-8206-7aa05e3bfb3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/wgpfP3OAeLzqKxg7og5RZ0T8vV03o_xu5bEkLe-WWQnH", "content": "", "creation_timestamp": "2023-10-22T23:57:47.000000Z"}, {"uuid": "7c8b143f-1e2b-4282-9a90-2ac8b76b8ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/psNrPCLGRgRxWvJUXe6PzXSn-7B8yrdrg7z2vX8JTkP0jmc", "content": "", "creation_timestamp": "2025-06-05T03:00:05.000000Z"}, {"uuid": "0686a832-193c-4f05-bf84-885ce4cee893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/KhC0uve1HmTeEvhqwksyMX2W11OeXpJ6qbMRuV3YPv3O", "content": "", "creation_timestamp": "2023-10-22T23:51:34.000000Z"}, {"uuid": "6b6ec0cf-c278-45d6-b0fc-aa7ec2675961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/NEH04jZVzMC7Uhxr7pU4j07tdvi6Ol2J8-O3cMbMxBrnZ3Q", "content": "", "creation_timestamp": "2023-02-06T06:03:12.000000Z"}, {"uuid": "3c1397da-0651-48e9-85e1-c5f77602fc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/pqI3z7mdKPBC2SicqREefaq4bONYt_czMUA0dF7ooh4UXhw", "content": "", "creation_timestamp": "2023-02-02T21:27:26.000000Z"}, {"uuid": "c6c2c4fd-edce-4caa-84df-813fff81f3f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/iMM2x3UNTTbD4MOrhR81QbtFwd6wto2bf8z011jSc6ktsqc", "content": "", "creation_timestamp": "2023-02-06T06:05:50.000000Z"}, {"uuid": "74b92f4d-bc99-4152-b069-d8fb741cceb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1381", "content": "", "creation_timestamp": "2023-02-07T15:48:25.000000Z"}, {"uuid": "a81a9351-7f75-48ce-9815-8d1263831beb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44262", "type": "seen", "source": "https://t.me/arpsyndicate/81", "content": "#ExploitObserverAlert\n\nCVE-2022-44262\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-44262. ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE).\n\nFIRST-EPSS: 0.003020000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-11T04:39:24.000000Z"}, {"uuid": "a1e96c2a-6f05-4529-b680-3377b7a8c891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://t.me/arpsyndicate/603", "content": "#ExploitObserverAlert\n\nCVE-2022-44268\n\nDESCRIPTION: Exploit Observer has 62 entries related to CVE-2022-44268. ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).\n\nFIRST-EPSS: 0.013800000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-27T22:42:33.000000Z"}, {"uuid": "0672e31d-8d8e-4e40-bdf1-ac7a57f2d282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://t.me/OnlineHacKingX/49", "content": "\ud83e\uddd9\u200d\u2642\ufe0f CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read.\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\u2665\ufe0f Channel - @KaliLinux_Hacker \ud83c\udfee\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501", "creation_timestamp": "2023-06-11T16:56:36.000000Z"}, {"uuid": "0b6178db-645a-459d-b2ba-f53297bc935c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1379", "content": "CVE-2022-44268\nArbitrary File Read PoC - PNG generator", "creation_timestamp": "2023-02-07T15:48:25.000000Z"}, {"uuid": "a9c1ee4a-eabd-49bb-ade6-e7bce6ecb549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2615", "content": "CVE-2022-44268 ImageMagick Arbitrary File Read \n\nhttps://www.metabaseq.com/imagemagick-zero-days/", "creation_timestamp": "2023-03-21T09:10:37.000000Z"}, {"uuid": "3c24d345-043b-47e6-bb11-44aa3373e308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1367", "content": "CVE-2022-44268\nArbitrary File Read PoC - PNG generator\nPoC", "creation_timestamp": "2023-02-06T14:22:44.000000Z"}, {"uuid": "8cadf97a-2a0e-456a-8317-d5ec0dd362f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://t.me/proxy_bar/1355", "content": "\u042f \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0441\u0442\u0430\u0432\u043b\u044e \u044d\u0442\u043e \u0437\u0434\u0435\u0441\u044c - \u042b\u0422\u042c \nCVE-2022-44268 POC", "creation_timestamp": "2023-02-02T21:05:59.000000Z"}, {"uuid": "8c3e1d5b-8a27-40d8-a254-7519eaf07daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://t.me/cibsecurity/57631", "content": "\u203c CVE-2022-44268 \u203c\n\nImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-07T00:23:40.000000Z"}, {"uuid": "06b1cd49-61a1-41a8-84fd-1b42a028e5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/ircuBAsHFXcjmvku-nAin4kK5CanHcLKNXjEFaHFZbXDYyY", "content": "", "creation_timestamp": "2023-02-16T07:22:06.000000Z"}, {"uuid": "cc67ebaf-66fb-4f58-9208-3ec4c5951b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44263", "type": "seen", "source": "https://t.me/cibsecurity/56992", "content": "\u203c CVE-2022-44263 \u203c\n\nDentsply Sirona Sidexis <= 4.3 is vulnerable to Incorrect Access Control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:44:04.000000Z"}, {"uuid": "3fe2a40d-4c5a-4395-8a25-66633c540bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44267", "type": "seen", "source": "https://t.me/cibsecurity/57633", "content": "\u203c CVE-2022-44267 \u203c\n\nImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-07T00:23:41.000000Z"}, {"uuid": "0eff7204-e499-4657-99a7-57a24a32ee84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4426", "type": "seen", "source": "https://t.me/cibsecurity/56202", "content": "\u203c CVE-2022-4426 \u203c\n\nThe Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:19.000000Z"}, {"uuid": "0ffdc2c0-8b02-4ae7-9e35-6b6239580beb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44260", "type": "seen", "source": "https://t.me/cibsecurity/53422", "content": "\u203c CVE-2022-44260 \u203c\n\nTOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T18:13:58.000000Z"}, {"uuid": "1141514d-2c1f-4772-ad7d-359b9b2a8315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "https://t.me/thehackernews/3011", "content": "Researchers discover new vulnerabilities in the ImageMagick image processing program that could lead to DoS (CVE-2022-44267) or arbitrary remote file leaks (CVE-2022-44268).\n\nhttps://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html", "creation_timestamp": "2023-02-01T21:03:53.000000Z"}, {"uuid": "66787e64-9ac7-4c15-a3bf-d876a551aee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44262", "type": "seen", "source": "https://t.me/cibsecurity/53753", "content": "\u203c CVE-2022-44262 \u203c\n\nff4j 1.8.1 is vulnerable to Remote Code Execution (RCE).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-01T07:30:43.000000Z"}, {"uuid": "1910ce48-52dc-497f-ad71-9dfb139bf4a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44267", "type": "seen", "source": "https://t.me/thehackernews/3011", "content": "Researchers discover new vulnerabilities in the ImageMagick image processing program that could lead to DoS (CVE-2022-44267) or arbitrary remote file leaks (CVE-2022-44268).\n\nhttps://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html", "creation_timestamp": "2023-02-01T21:03:53.000000Z"}, {"uuid": "4b7c5195-d33c-486e-99a6-a677124386db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7026", "content": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read \nhttps://github.com/voidz0r/CVE-2022-44268", "creation_timestamp": "2023-02-06T06:18:56.000000Z"}, {"uuid": "5f99c62c-f1c0-479b-9963-7bbb9797d756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1474", "content": "https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", "creation_timestamp": "2024-11-11T00:20:31.000000Z"}, {"uuid": "ef32810c-1ed2-488d-b04f-29b286c3f800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7706", "content": "#exploit\n1. CVE-2022-44268:\nImageMagick arbitrary file read\nhttps://github.com/Vulnmachines/imagemagick-CVE-2022-44268\n\n2. CVE-2023-22855:\nKardex Control Center Exploit\nhttps://github.com/patrickhener/CVE-2023-22855\n\n3. CVE-2023-23333:\nCI vulnerability in SolarView Compact <6.00\nhttps://github.com/Timorlover/CVE-2023-23333", "creation_timestamp": "2023-02-07T11:01:01.000000Z"}, {"uuid": "39059549-0c3c-4da5-b0f1-34acb1722612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7989", "content": "#Threat_Research\n1. Clipchamp (MS Office Product) ATO - Google IAP AuthZ bypass\nhttps://blog.agilehunt.com/blogs/security/msrc-critical-google-iap-authorization-bypass-allows-access-to-internal-envirnment-leading-to-zero-interaction-account-takeover\n2. H1 Arbitrary Remote Leak via ImageMagick (CVE-2022-44268)\nhttps://www.metabaseq.com/imagemagick-zero-days\n]-> https://hackerone.com/reports/1858574", "creation_timestamp": "2023-03-25T13:38:49.000000Z"}, {"uuid": "b75995cc-9354-43cd-b254-d353a58aa74e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44267", "type": "published-proof-of-concept", "source": "Telegram/WOvwLGjo5xrr1_QZTyzzbYxZLR_ElEyQpL3FgO1J0vxdRJo", "content": "", "creation_timestamp": "2023-02-02T15:43:37.000000Z"}, {"uuid": "e32cd30a-97ed-43f0-8ae1-89c9dc91ab97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "published-proof-of-concept", "source": "Telegram/WOvwLGjo5xrr1_QZTyzzbYxZLR_ElEyQpL3FgO1J0vxdRJo", "content": "", "creation_timestamp": "2023-02-02T15:43:37.000000Z"}, {"uuid": "83d9a793-00e5-4751-b042-83630ac5cd40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44268", "type": "seen", "source": "Telegram/gT5_rH6SbQjCDL5CnTfdxn2Fj6qxX4lRf2Kzqc0ICHxoeYM", "content": "", "creation_timestamp": "2023-04-02T20:32:57.000000Z"}]}