{"vulnerability": "CVE-2022-45451", "sightings": [{"uuid": "0e15598c-37bc-4134-ab12-8660946ad7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/hackingshadow/2727", "content": "#TheShadowArmy\n\n#exploit\n1. CVE-2022-28672:\nFoxit PDF Reader - UaF RCE Exploit\nhttps://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n]-> https://github.com/hacksysteam/CVE-2022-28672\n\n2. CVE-2022-45451:\nAcronis Cyber Protect/Home Cyber Protect - Arbitrary File Read\nhttps://github.com/alfarom256/CVE-2022-45451\n\n_-_-_-_-_-_- \u269cJOIN NOW \u269c -_-_-_-_-_-_\n \u274d\u274d\u274d \u2756 @HackingShadow \u2756 \u274d\u274d\u274d", "creation_timestamp": "2022-12-17T17:05:47.000000Z"}, {"uuid": "8c0bc242-c7c1-4bc0-8dba-0145a493a3a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3609", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for Acronis Arbitrary File Read - CVE-2022-45451\nURL\uff1ahttps://github.com/alfarom256/CVE-2022-45451\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-20T17:33:34.000000Z"}, {"uuid": "b2fb594c-0421-412c-9e7f-69e8bdc7f315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"}, {"uuid": "c9e847dc-b305-4cfe-8226-88c119a28ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "Telegram/RnGhglVRW4yp6rKZ5VF0h74j76POU3yEFXylMpUA1uGgjeE", "content": "", "creation_timestamp": "2023-01-10T09:15:28.000000Z"}, {"uuid": "001abeed-d79e-46aa-90b2-9b283f887b48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1223", "content": "CVE-2022-45451 \nAcronis POC\ndownload", "creation_timestamp": "2022-12-16T07:32:44.000000Z"}, {"uuid": "80a7b5db-9046-467f-879d-683b05c8d2e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "Telegram/uToLDoGAomQ5xcLgjyZXXI848Eupq3uDGlvvYJXBrkcwU5c", "content": "", "creation_timestamp": "2023-01-03T15:17:05.000000Z"}, {"uuid": "bee9dfd2-5ed0-4749-8cbf-b7f45158a520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1830", "content": "#exploit\n1. CVE-2022-28672:\nFoxit PDF Reader - UaF RCE Exploit\nhttps://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n]-> https://github.com/hacksysteam/CVE-2022-28672\n\n2. CVE-2022-45451:\nAcronis Cyber Protect/Home Cyber Protect - Arbitrary File Read\nhttps://github.com/alfarom256/CVE-2022-45451", "creation_timestamp": "2022-12-17T06:17:07.000000Z"}, {"uuid": "9e61861b-8ec6-412d-96fb-890e88a2312f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "seen", "source": "https://t.me/cibsecurity/69548", "content": "\u203c CVE-2022-45451 \u203c\n\nLocal privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T18:13:05.000000Z"}, {"uuid": "e94ec7b4-1f84-4f3b-80e1-1ef3e9befbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "seen", "source": "https://t.me/BlueRedTeam/2556", "content": "#CVE-2022\n7-Zip CVE-2022-29072 Mitigation - CHM file - This script detects if the .chm file exists and removes it.\n\nhttps://github.com/Phantomiman/7-Zip.chm-mitigiation\n\n#CVE-2022\nPoC for Acronis Arbitrary File Read - CVE-2022-45451\nhttps://github.com/alfarom256/CVE-2022-45451\n\n#webshell\nwebshell alfa php\n\nhttps://github.com/xstro04002/alfa-shell\n\nCVE-2022-25765 pdfkit <0.8.6 command injection.\n\nhttps://github.com/shamo0/PDFkit-CMD-Injection\n\nGet root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.\n\nhttps://github.com/Conradoduart3/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft\n\n@BlueRedTeam", "creation_timestamp": "2023-01-10T19:38:54.000000Z"}, {"uuid": "b7cac814-8418-458e-b070-34f54112148d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45451", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7371", "content": "#exploit\n1. CVE-2022-28672:\nFoxit PDF Reader - UaF RCE Exploit\nhttps://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n]-> https://github.com/hacksysteam/CVE-2022-28672\n\n2. CVE-2022-45451:\nAcronis Cyber Protect/Home Cyber Protect - Arbitrary File Read\nhttps://github.com/alfarom256/CVE-2022-45451", "creation_timestamp": "2022-12-17T13:00:23.000000Z"}]}