{"vulnerability": "CVE-2022-4658", "sightings": [{"uuid": "89bba1bf-535c-44ce-b055-b0c8bbe55461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4658", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10574", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4658\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The RSSImport WordPress plugin through 4.6.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.\n\ud83d\udccf Published: 2023-01-16T15:37:52.771Z\n\ud83d\udccf Modified: 2025-04-04T20:38:52.466Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c7a17eb9-2811-45ba-bab3-f53b2fa7d051", "creation_timestamp": "2025-04-04T21:36:31.000000Z"}, {"uuid": "fc373b8c-e60b-4340-8b9c-5302c75e12a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46581", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46581\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function.\n\ud83d\udccf Published: 2022-12-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T22:38:22.274Z\n\ud83d\udd17 References:\n1. https://brief-nymphea-813.notion.site/Vul5-TEW755-bof-tools_nslookup-c83bac14fe0f4f729535053459479fd1", "creation_timestamp": "2025-04-11T22:51:26.000000Z"}, {"uuid": "1a247c33-36fe-4f88-a25d-9fa2684f92a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46580", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11496", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46580\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page parameter in the wifi_captive_portal function.\n\ud83d\udccf Published: 2022-12-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T22:40:50.228Z\n\ud83d\udd17 References:\n1. https://brief-nymphea-813.notion.site/Vul6-TEW755-bof-wifi_captive_portal-d2b3d37344564ed4b3948a471d1eeb11", "creation_timestamp": "2025-04-11T22:51:22.000000Z"}, {"uuid": "63f0b11a-a2b0-406c-8446-1a2daa81c6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46585", "type": "seen", "source": "https://t.me/cibsecurity/55647", "content": "\u203c CVE-2022-46585 \u203c\n\nTRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter in the get_access (sub_45AC2C) function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-31T00:27:35.000000Z"}, {"uuid": "49e8699f-6512-4504-890a-db4731b17f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46583", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11458", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46583\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reboot_type parameter in the wizard_ipv6 (sub_41C380) function.\n\ud83d\udccf Published: 2022-12-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T16:36:14.113Z\n\ud83d\udd17 References:\n1. https://brief-nymphea-813.notion.site/Vul2-TEW755-bof-wizard_ipv6-7ed96443609f4640b5f0f3bd6ce23b83", "creation_timestamp": "2025-04-11T16:51:08.000000Z"}, {"uuid": "00b7a8db-3b21-4aac-83f0-fb1e835037db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46582", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46582\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function.\n\ud83d\udccf Published: 2022-12-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T22:36:51.865Z\n\ud83d\udd17 References:\n1. https://brief-nymphea-813.notion.site/Vul1-TEW755-bof-do_graph_auth-06984af9eb224f7fbcd27dbb6d7d2a2d", "creation_timestamp": "2025-04-11T22:51:27.000000Z"}, {"uuid": "f0e4ad9e-d30f-46ca-ad86-3ad348e39530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46588", "type": "seen", "source": "https://t.me/cibsecurity/55646", "content": "\u203c CVE-2022-46588 \u203c\n\nTRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sys_service parameter in the setup_wizard_mydlink (sub_4104B8) function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-31T00:27:34.000000Z"}, {"uuid": "77f05ba8-44c8-40bc-a60c-eb1711e887d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4658", "type": "seen", "source": "https://t.me/cibsecurity/56556", "content": "\u203c CVE-2022-4658 \u203c\n\nThe RSSImport WordPress plugin through 4.6.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:30:11.000000Z"}, {"uuid": "58c0e43b-bfc8-4e51-8ef9-260bcfa0a3d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46586", "type": "seen", "source": "https://t.me/cibsecurity/55612", "content": "\u203c CVE-2022-46586 \u203c\n\nTRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.maclist parameter in the kick_ban_wifi_mac_allow (sub_415B00) function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-31T00:20:46.000000Z"}, {"uuid": "e808757b-2303-456e-afbb-f15674cbd973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46583", "type": "seen", "source": "https://t.me/cibsecurity/55609", "content": "\u203c CVE-2022-46583 \u203c\n\nTRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reboot_type parameter in the wizard_ipv6 (sub_41C380) function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-31T00:20:43.000000Z"}]}