{"vulnerability": "CVE-2022-44666", "sightings": [{"uuid": "5bd29e89-4cab-4deb-8a47-af671ea206fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "Telegram/o6VIxFViken-jIki1ifgnMk3WNZsts-fpP2eoiNSp3CUgXE", "content": "", "creation_timestamp": "2023-02-21T20:25:05.000000Z"}, {"uuid": "62058f89-6843-47d3-b5c3-0167846f409d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "Telegram/-thkUnJHeilGPtGjZjn7BBYpnMjXExHUk-LthgNx4uzTGA", "content": "", "creation_timestamp": "2023-06-19T21:48:35.000000Z"}, {"uuid": "bf6ba684-1a03-4a5d-b455-1d88c36f18c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "Telegram/e4b8xasECNPaTnr4JYTMaXGSrfygZGtChMYE0rnSQ6-ZfqI", "content": "", "creation_timestamp": "2023-02-19T21:50:11.000000Z"}, {"uuid": "376ceb59-5a5c-4fcb-ad54-ae1c578201a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3700", "content": "\ud83d\udda5Exploits:\n\n\ud83d\udd31CVE-2023-29343 Arbitrary file write in Sysmon version 14.14 Exploit : https://system32.ink/d/cve-2023-29343-arbitrary-file-write-in-sysmon-version-14-14-exploit/\n\n\ud83d\udd31CVE-2022-44666 jar-poc : https://system32.ink/d/cve-2022-44666-jar-poc/\n\n\ud83d\udda5Dataleaks:\n\n\ud83d\udd31Leak Safiran Airport Services Company : https://system32.ink/d/leak-safiran-airport-services-company/\n\n\ud83d\udd31Leak dashboard.bkkbn_go_id : https://system32.ink/d/leak-dashboard-bkkbn-go-id/\n\n\ud83d\udd31Leak islamicreminder_net : https://system32.ink/d/leak-islamicreminder-net/\n\n\ud83d\udd31Leak newmtcap_com_br : https://system32.ink/d/leak-newmtcap-com-br/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31Payloads All The PDFs - A list of crafted malicious PDF files : https://system32.ink/d/payloads-all-the-pdfs-a-list-of-crafted-malicious-pdf-files/", "creation_timestamp": "2023-06-19T07:58:11.000000Z"}, {"uuid": "110902e1-760a-49f1-907e-04bd9ab3d233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1388", "content": "CVE-2022-44666\nWriteUp \u043f\u043e \u043e\u0434\u043d\u043e\u0439 \u0437\u0430\u0431\u044b\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows (0day): \u0432\u044b\u0445\u043e\u0434 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u0430 href \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u043e\u0439 Microsoft Windows Contacts (VCF/Contact/LDAP), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u043a\u0430\u043a CVE-2022-44666 \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430. \u0410 \u0437\u043d\u0430\u0447\u0438\u0442, \u0436\u0438\u0440 \u0435\u0449\u0435 \u0432\u043f\u0435\u0440\u0435\u0434\u0438.\nPOC \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438\nGo\n\n#win #poc #vuln", "creation_timestamp": "2023-02-16T20:45:26.000000Z"}, {"uuid": "f1f73f56-a643-4b65-be4a-3ad07660c28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/809", "content": "CVE-2022-44666 : Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability\nPOC Updated :\n1. https://github.com/j00sean/CVE-2022-44666#jar-files-as-payload\n2. https://github.com/j00sean/CVE-2022-44666/blob/main/bypass/jar-poc\n3. https://github.com/arntsonl/calc_security_poc/tree/master/jar", "creation_timestamp": "2023-08-10T22:29:01.000000Z"}, {"uuid": "aea301f8-fd54-441f-a239-4269d856430b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "Telegram/OwYLZ7hPtqKwmeLZdBmBMiYuZ6vREopinSHl75QYskVxJmM", "content": "", "creation_timestamp": "2023-04-13T18:33:05.000000Z"}, {"uuid": "6fcb1233-9cfb-4f28-9150-31029b644e3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "Telegram/6JP1hKUF3NNqRRDGFKzkF_h5qPv9Zu883RAy_yACU3CmiJQ", "content": "", "creation_timestamp": "2023-08-24T16:41:40.000000Z"}, {"uuid": "41839c85-54c9-41b4-b82e-ffc0bd92a151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "seen", "source": "https://t.me/crackcodes/1791", "content": "\ud83d\udd25Windows Contacts(\u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Windows Contact API ) RCE vuln(CVE-2022-44666)\n\n\u26a0\ufe0f\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430(\u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443) \u043d\u0435 \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u0442\u0430\u043a \u0447\u0442\u043e \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u0432\u0438\u0434\u0435 \u0440\u0435\u0446\u0435\u043d\u0437\u0438\u0438 \u043e\u0442 \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445 \u043e\u0442\u043b\u043e\u0436\u0435\u043d\u0430 \u043d\u0430 \u043d\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u0440\u043e\u043a!", "creation_timestamp": "2022-12-15T17:06:54.000000Z"}, {"uuid": "b530a3fa-f55c-461b-b36d-a0271ed27f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/2153", "content": "CVE-2022-44666 : Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability\nPOC Updated :\n1. https://github.com/j00sean/CVE-2022-44666#jar-files-as-payload\n2. https://github.com/j00sean/CVE-2022-44666/blob/main/bypass/jar-poc\n3. https://github.com/arntsonl/calc_security_poc/tree/master/jar\n\n@Professional_c_h\n@card_crack_hack", "creation_timestamp": "2023-08-16T08:58:25.000000Z"}, {"uuid": "2dd0ef74-3980-46b1-9652-a3f0660eb3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7772", "content": "#exploit\n1. CVE-2022-45701:\nArris Router Firmware 9.1.103 - RCE\nhttps://packetstormsecurity.com/files/171001\n\n2. CVE-2022-44666:\nMS Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability\nhttps://github.com/j00sean/CVE-2022-44666", "creation_timestamp": "2023-04-29T12:52:57.000000Z"}, {"uuid": "b68a7582-0af3-44de-8190-a8b9f0a715d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44666", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8751", "content": "#exploit\n1. CVE-2022-44666:\nA sample of PoC scripts that run Calc.exe with full source code\nhttps://github.com/arntsonl/calc_security_poc\n]-&gt; https://github.com/j00sean/CVE-2022-44666/tree/main/bypass/jar-poc\n\n2. CVE-2023-24489:\nA Critical Citrix ShareFile RCE Vulnerability\nhttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce", "creation_timestamp": "2023-07-28T22:07:01.000000Z"}]}