{"vulnerability": "CVE-2022-4435", "sightings": [{"uuid": "e0863052-d0e8-450a-8ea2-2758b6e000af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4435", "type": "seen", "source": "https://t.me/cibsecurity/55989", "content": "\u203c CVE-2022-4435 \u203c\n\nA buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-05T20:19:11.000000Z"}, {"uuid": "391424b9-f9ef-4357-a98d-ae79648ba1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44356", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13438", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44356\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.\n\ud83d\udccf Published: 2022-11-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T14:52:07.412Z\n\ud83d\udd17 References:\n1. https://github.com/strik3r0x1/Vulns/blob/main/Wavlink%20WL-WN531G3.md", "creation_timestamp": "2025-04-25T15:07:37.000000Z"}, {"uuid": "a81ad488-0369-4e0f-8bf3-2fbd9d8e3678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44355", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13437", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44355\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.\n\ud83d\udccf Published: 2022-11-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T14:53:56.101Z\n\ud83d\udd17 References:\n1. https://github.com/strik3r0x1/Vulns/blob/main/SolarView%20Compact%20XSS%20up%20to%207.0.md", "creation_timestamp": "2025-04-25T15:07:36.000000Z"}, {"uuid": "36a67de9-582d-4c05-a83e-1227a6afc568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44351", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13066", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44351\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.\n\ud83d\udccf Published: 2022-12-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T15:58:38.545Z\n\ud83d\udd17 References:\n1. https://github.com/zorlan/skycaiji/issues/46", "creation_timestamp": "2025-04-23T16:04:30.000000Z"}, {"uuid": "f30c0bb6-4d66-4b67-af8d-73d4b5232ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44354", "type": "seen", "source": "https://t.me/cibsecurity/53666", "content": "\u203c CVE-2022-44354 \u203c\n\nSolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T20:29:02.000000Z"}, {"uuid": "9dc4a6cf-c174-4c48-a611-6c5f6a570b1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44351", "type": "seen", "source": "https://t.me/cibsecurity/54141", "content": "\u203c CVE-2022-44351 \u203c\n\nSkycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-07T22:11:55.000000Z"}, {"uuid": "80bdc54e-d467-4b83-a404-b4e6d2fe1153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44355", "type": "seen", "source": "https://t.me/cibsecurity/53662", "content": "\u203c CVE-2022-44355 \u203c\n\nSolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T20:28:56.000000Z"}, {"uuid": "55e19580-75c3-490c-9802-d7b8319bc270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44356", "type": "seen", "source": "https://t.me/cibsecurity/53659", "content": "\u203c CVE-2022-44356 \u203c\n\nWAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T20:28:54.000000Z"}]}