Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-02T22:50:45.998469+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/1b4f5875-5600-42a0-a296-8fafc2492bb9/export 1b4f5875-5600-42a0-a296-8fafc2492bb9 2026-06-02T22:50:46.295601+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "1b4f5875-5600-42a0-a296-8fafc2492bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "seen", "source": "https://t.me/cibsecurity/54647", "content": "\u203c CVE-2022-46634 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:43.000000Z"} 2022-12-16T00:23:43+00:00 https://vulnerability.circl.lu/sighting/e38a87fa-679a-40c4-8136-94231597b098/export e38a87fa-679a-40c4-8136-94231597b098 2026-06-02T22:50:46.295512+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e38a87fa-679a-40c4-8136-94231597b098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "seen", "source": "https://t.me/cibsecurity/54651", "content": "\u203c CVE-2022-46631 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:50.000000Z"} 2022-12-16T00:23:50+00:00 https://vulnerability.circl.lu/sighting/2759733f-c450-4de2-998b-2af9e7b36155/export 2759733f-c450-4de2-998b-2af9e7b36155 2026-06-02T22:50:46.295426+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "2759733f-c450-4de2-998b-2af9e7b36155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4663", "type": "seen", "source": "https://t.me/cibsecurity/55801", "content": "\u203c CVE-2022-4663 \u203c\n\nThe Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a site's administrator into uploading a CSV file with the malicious payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T16:17:09.000000Z"} 2023-01-03T16:17:09+00:00 https://vulnerability.circl.lu/sighting/7c230542-3aec-4c63-83a8-351728e17a6f/export 7c230542-3aec-4c63-83a8-351728e17a6f 2026-06-02T22:50:46.295344+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7c230542-3aec-4c63-83a8-351728e17a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7516", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-09T11:01:39.000000Z"} 2023-01-09T11:01:39+00:00 https://vulnerability.circl.lu/sighting/1dccb0aa-cd78-4d85-9c12-faa54beb36b9/export 1dccb0aa-cd78-4d85-9c12-faa54beb36b9 2026-06-02T22:50:46.295262+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "1dccb0aa-cd78-4d85-9c12-faa54beb36b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2180", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-10T14:19:10.000000Z"} 2023-01-10T14:19:10+00:00 https://vulnerability.circl.lu/sighting/08bb3586-efbd-4f40-8d5d-1428776036eb/export 08bb3586-efbd-4f40-8d5d-1428776036eb 2026-06-02T22:50:46.295173+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "08bb3586-efbd-4f40-8d5d-1428776036eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/cibsecurity/56874", "content": "\u203c CVE-2022-46639 \u203c\n\nA vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T05:39:58.000000Z"} 2023-01-24T05:39:58+00:00 https://vulnerability.circl.lu/sighting/b43febfe-e870-4420-b95b-b8009065e0c5/export b43febfe-e870-4420-b95b-b8009065e0c5 2026-06-02T22:50:46.295087+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b43febfe-e870-4420-b95b-b8009065e0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46637", "type": "seen", "source": "https://t.me/cibsecurity/58643", "content": "\u203c CVE-2022-46637 \u203c\n\nProlink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T00:47:00.000000Z"} 2023-02-22T00:47:00+00:00 https://vulnerability.circl.lu/sighting/ebcc2827-8b64-42e3-b2ef-6a792a13a363/export ebcc2827-8b64-42e3-b2ef-6a792a13a363 2026-06-02T22:50:46.294992+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ebcc2827-8b64-42e3-b2ef-6a792a13a363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46639\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\ud83d\udccf Published: 2023-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T14:23:55.169Z\n\ud83d\udd17 References:\n1. https://ia-informatica.com/it/CVE-2022-46639", "creation_timestamp": "2025-04-03T14:35:02.000000Z"} 2025-04-03T14:35:02+00:00 https://vulnerability.circl.lu/sighting/696c289c-5305-42b2-b3ae-375c471319ce/export 696c289c-5305-42b2-b3ae-375c471319ce 2026-06-02T22:50:46.294879+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "696c289c-5305-42b2-b3ae-375c471319ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:29:12.590Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6", "creation_timestamp": "2025-04-21T16:03:02.000000Z"} 2025-04-21T16:03:02+00:00 https://vulnerability.circl.lu/sighting/a33292b1-fb6e-422a-843c-312b2be9a75d/export a33292b1-fb6e-422a-843c-312b2be9a75d 2026-06-02T22:50:46.292336+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a33292b1-fb6e-422a-843c-312b2be9a75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12695", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46634\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:27:51.101Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7", "creation_timestamp": "2025-04-21T16:03:03.000000Z"} 2025-04-21T16:03:03+00:00