{"vulnerability": "CVE-2022-4720", "sightings": [{"uuid": "8f647c44-ab09-41e6-8ad6-a021f18d5d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47208", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12302", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47208\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The \u201cpuhttpsniff\u201d service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication.\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T17:31:53.707Z\n\ud83d\udd17 References:\n1. https://www.tenable.com/security/research/tra-2022-37", "creation_timestamp": "2025-04-17T17:57:37.000000Z"}, {"uuid": "1926ee02-f77e-4f05-a5f0-50455dc5c5ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4720", "type": "seen", "source": "https://t.me/cibsecurity/55421", "content": "\u203c CVE-2022-4720 \u203c\n\nOpen Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T18:13:43.000000Z"}, {"uuid": "93cfc5c9-f312-4e1e-90cc-be65ad288f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47208", "type": "seen", "source": "https://t.me/cibsecurity/54780", "content": "\u203c CVE-2022-47208 \u203c\n\nThe \u00e2\u20ac\u0153puhttpsniff\u00e2\u20ac\ufffd service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T22:24:38.000000Z"}, {"uuid": "609af834-8f00-42d3-a23b-438930f7337b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47209", "type": "seen", "source": "https://t.me/cibsecurity/54777", "content": "\u203c CVE-2022-47209 \u203c\n\nA support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is \u00e2\u20ac\u0153support\u00e2\u20ac\ufffd and cannot be changed by a user via any normally accessible means.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T22:24:32.000000Z"}]}