{"vulnerability": "CVE-2022-4674", "sightings": [{"uuid": "68bf0955-5f26-4e02-9a98-7bbffdf77ab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46742", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12996", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46742\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H)\n\ud83d\udd39 Description: Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.\n\n\ud83d\udccf Published: 2022-12-07T08:16:09.365Z\n\ud83d\udccf Modified: 2025-04-22T21:00:54.778Z\n\ud83d\udd17 References:\n1. https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-002.md", "creation_timestamp": "2025-04-22T22:04:04.000000Z"}, {"uuid": "e452e577-6e4e-4d4f-90f9-57755f551a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12974", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46741\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.\u00a0\n\ud83d\udccf Published: 2022-12-07T07:41:04.470Z\n\ud83d\udccf Modified: 2025-04-22T20:59:04.875Z\n\ud83d\udd17 References:\n1. https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-001.md", "creation_timestamp": "2025-04-22T21:04:12.000000Z"}, {"uuid": "85b814b3-a29a-49d3-881c-b63480343e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46740", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2706", "content": "STEP2: Pick the attack module you wish 1) Frames detected at the moment of connectivity disruption, one-by-one\n 2) Sequence of frames till the moment a disruption was detected (BETA)\n STEP3: The first mode of DoS802.11, tests all the frames that the fuzzer detected up to that moment. It is a second hand filtering to separate the true positive from the false positive frames. In case a frame is positive, i.e., causes a DoS to the associated STA, an exploit is being produced automatically.\n STEP4: DoS802.11 exits when the log files have been considered. **The rest to modules are currently in BETA mode. Vulnerabilities So far, the fuzzer managed to identify the following CVE IDs, by exploiting different Management frames: CVE IDs Vulnerable Devices/Chipsets WPA2/WPA3-SAE Status Score CVE-2022-32654 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32654) mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788 Both Published 6.7 (Medium) CVE-2022-32655 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32655) mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788 Both Published 6.7 (Medium) CVE-2022-32656 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32656) mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788 Both Published 6.7 (Medium) CVE-2022-32657 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32657) mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986 Both Published 6.7 (Medium) CVE-2022-32658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32658) mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986 Both Published 6.7 (Medium) CVE-2022-32659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32659) mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986/mt8518s/mt8532 Both Published 6.7 (Medium) CVE-2022-46740 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46740) WS7100-20 Both Published 6.5 (Medium) We would like also to thank the MediaTek and Huawei security teams, for acknowledging and fixing these security issues, as stated in the following two security advisories: MediaTek (https://corp.mediatek.com/product-security-acknowledgements) and Huawei (https://www.huawei.com/en/psirt/security-advisories/2022/huawei-sa-dosvihswr-8f632df1-en). Moreover, by following the methodology of the work titled \"How is your Wi-Fi connection today? DoS attacks on WPA3-SAE\" (https://www.sciencedirect.com/science/article/pii/S221421262100243X), the fuzzer can identify the same SAE vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) which are linked to the below CVE IDs: CVE IDs Vulnerable Devices/Chipsets WPA2/WPA3-SAE Status Score CVE-2021-37910 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37910) All ASUS RX-based models WPA3-SAE Published 5.3 (medium) CVE-2021-40288 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40288) AX10v1 WPA3-SAE Published 7.5 (high) CVE-2021-41753 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41753) DIR-x1560/DIR-X6060 WPA3-SAE Published 7.5 (high) CVE-2021-41788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41788) mt7603E/mt7612/mt7613\nmt7615/mt7622/mt7628", "creation_timestamp": "2023-07-10T13:19:09.000000Z"}, {"uuid": "04f91e2c-ddaf-44c9-be28-4ec9b773392e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46742", "type": "seen", "source": "https://t.me/cibsecurity/54118", "content": "\u203c CVE-2022-46742 \u203c\n\nCode injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-07T12:24:51.000000Z"}, {"uuid": "aad6683d-32c4-40c6-baab-b6641c420735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4674", "type": "seen", "source": "https://t.me/cibsecurity/57587", "content": "\u203c CVE-2022-4674 \u203c\n\nThe Ibtana WordPress plugin before 1.1.8.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-06T22:23:42.000000Z"}, {"uuid": "f95a6000-73fd-4bb5-9619-37876afda32f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46740", "type": "seen", "source": "https://t.me/cibsecurity/55505", "content": "\u203c CVE-2022-46740 \u203c\n\nThere is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T20:12:35.000000Z"}, {"uuid": "3d753e0c-7d15-4991-aee8-f231eb80d00c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46741", "type": "seen", "source": "https://t.me/cibsecurity/54114", "content": "\u203c CVE-2022-46741 \u203c\n\nOut-of-bounds read in gather_tree in PaddlePaddle before 2.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-07T12:22:20.000000Z"}]}