{"vulnerability": "cve-2022-4302", "sightings": [{"uuid": "b0c92df4-c51c-4555-9a4d-69a453fd69b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43025", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15726", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43025\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T13:59:14.559Z\n\ud83d\udd17 References:\n1. https://github.com/tianhui999/myCVE/blob/main/TX3/TX3-1.md", "creation_timestamp": "2025-05-09T14:26:10.000000Z"}, {"uuid": "9b70348b-ce3a-46c0-9a52-251bd8a96a0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43023", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15723", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43023\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:06:08.503Z\n\ud83d\udd17 References:\n1. https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_imports_errors.md", "creation_timestamp": "2025-05-09T14:26:07.000000Z"}, {"uuid": "98b136ad-10bd-4f8c-9892-b4ec986a27db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43022", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15722", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43022\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:07:21.023Z\n\ud83d\udd17 References:\n1. https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_tag_deletion.md", "creation_timestamp": "2025-05-09T14:26:06.000000Z"}, {"uuid": "bfaadc8d-8d11-4a63-a8dc-44231a9fce06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43024", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15725", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43024\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:04:46.774Z\n\ud83d\udd17 References:\n1. https://github.com/tianhui999/myCVE/blob/main/TX3/TX3-6.md", "creation_timestamp": "2025-05-09T14:26:09.000000Z"}, {"uuid": "02495dd5-2513-4dca-862a-9817418e8aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43021", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15721", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43021\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:08:48.822Z\n\ud83d\udd17 References:\n1. https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_JobOrders.md", "creation_timestamp": "2025-05-09T14:26:05.000000Z"}, {"uuid": "1ca51dea-9850-40a7-b900-fc842741593a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43020", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15720", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43020\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:09:41.940Z\n\ud83d\udd17 References:\n1. https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_in_Tag_Updates.md", "creation_timestamp": "2025-05-09T14:26:04.000000Z"}, {"uuid": "739d928b-b501-4406-b3e9-39fcc5b95ad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43026", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15728", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43026\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg.\n\ud83d\udccf Published: 2022-10-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T13:54:31.165Z\n\ud83d\udd17 References:\n1. https://github.com/tianhui999/myCVE/blob/main/TX3/TX3-2.md", "creation_timestamp": "2025-05-09T14:26:12.000000Z"}, {"uuid": "d43e87dd-5c33-44b0-9f36-98e78b737b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4302", "type": "seen", "source": "https://t.me/cibsecurity/55775", "content": "\u203c CVE-2022-4302 \u203c\n\nThe White Label CMS WordPress plugin before 2.5 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T00:29:50.000000Z"}, {"uuid": "21d5d199-4276-4188-9d6d-d5df5995f6d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43024", "type": "seen", "source": "https://t.me/cibsecurity/51834", "content": "\u203c CVE-2022-43024 \u203c\n\nTenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:47.000000Z"}, {"uuid": "b3d27b19-6573-44b7-b43f-529481b64d4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43021", "type": "seen", "source": "https://t.me/cibsecurity/51833", "content": "\u203c CVE-2022-43021 \u203c\n\nOpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:46.000000Z"}, {"uuid": "2fe3e180-917a-4560-a0d4-c71a795eb9cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43028", "type": "seen", "source": "https://t.me/cibsecurity/51825", "content": "\u203c CVE-2022-43028 \u203c\n\nTenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:37.000000Z"}, {"uuid": "e6fd7f8f-89e0-4285-a6f8-9722c875d536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43026", "type": "seen", "source": "https://t.me/cibsecurity/51823", "content": "\u203c CVE-2022-43026 \u203c\n\nTenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:35.000000Z"}, {"uuid": "3e1a8bbe-9441-4c85-9da3-50010cb6bd2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43020", "type": "seen", "source": "https://t.me/cibsecurity/51821", "content": "\u203c CVE-2022-43020 \u203c\n\nOpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:31.000000Z"}, {"uuid": "5cbae9a2-3442-44d6-a217-c86ba9321328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43029", "type": "seen", "source": "https://t.me/cibsecurity/51818", "content": "\u203c CVE-2022-43029 \u203c\n\nTenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-19T22:15:28.000000Z"}]}