https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 21:17:04 +0000 https://vulnerability.circl.lu/sighting/cac140cd-0389-432d-8680-0275d5328adc/export {"uuid": "cac140cd-0389-432d-8680-0275d5328adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/600", "content": "CVE-2022-38374 : Fortinet FortiADC 7.0.0 > 7.0.2 & 6.2.0 > 6.2.4 -\u00a0Unauthorized Code / Command Execution \nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T21:29:01.000000Z"} {"uuid": "cac140cd-0389-432d-8680-0275d5328adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/600", "content": "CVE-2022-38374 : Fortinet FortiADC 7.0.0 > 7.0.2 & 6.2.0 > 6.2.4 -\u00a0Unauthorized Code / Command Execution \nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T21:29:01.000000Z"} https://vulnerability.circl.lu/sighting/cac140cd-0389-432d-8680-0275d5328adc/export Sat, 26 Nov 2022 21:29:01 +0000 https://vulnerability.circl.lu/sighting/45784218-e404-4c52-bd4e-91968e107b2f/export {"uuid": "45784218-e404-4c52-bd4e-91968e107b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3837", "type": "seen", "source": "https://t.me/cibsecurity/53996", "content": "\u203c CVE-2022-3837 \u203c\n\nThe Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:57.000000Z"} {"uuid": "45784218-e404-4c52-bd4e-91968e107b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3837", "type": "seen", "source": "https://t.me/cibsecurity/53996", "content": "\u203c CVE-2022-3837 \u203c\n\nThe Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:57.000000Z"} https://vulnerability.circl.lu/sighting/45784218-e404-4c52-bd4e-91968e107b2f/export Mon, 05 Dec 2022 20:39:57 +0000 https://vulnerability.circl.lu/sighting/6a8bd71f-ee73-4f3e-9cca-f6260a119c94/export {"uuid": "6a8bd71f-ee73-4f3e-9cca-f6260a119c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38379", "type": "seen", "source": "https://t.me/cibsecurity/54077", "content": "\u203c CVE-2022-38379 \u203c\n\nImproper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:40:56.000000Z"} {"uuid": "6a8bd71f-ee73-4f3e-9cca-f6260a119c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38379", "type": "seen", "source": "https://t.me/cibsecurity/54077", "content": "\u203c CVE-2022-38379 \u203c\n\nImproper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:40:56.000000Z"} https://vulnerability.circl.lu/sighting/6a8bd71f-ee73-4f3e-9cca-f6260a119c94/export Tue, 06 Dec 2022 20:40:56 +0000 https://vulnerability.circl.lu/sighting/8bcf716b-f789-436f-a677-76fd0848cb9f/export {"uuid": "8bcf716b-f789-436f-a677-76fd0848cb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/23", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.", "creation_timestamp": "2022-12-21T07:09:35.000000Z"} {"uuid": "8bcf716b-f789-436f-a677-76fd0848cb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/23", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.", "creation_timestamp": "2022-12-21T07:09:35.000000Z"} https://vulnerability.circl.lu/sighting/8bcf716b-f789-436f-a677-76fd0848cb9f/export Wed, 21 Dec 2022 07:09:35 +0000 https://vulnerability.circl.lu/sighting/549df1a4-b788-4f36-9076-35a85d7e0887/export {"uuid": "549df1a4-b788-4f36-9076-35a85d7e0887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/200332", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"12 Feb 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-12T20:42:57.000000Z"} {"uuid": "549df1a4-b788-4f36-9076-35a85d7e0887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/200332", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"12 Feb 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-12T20:42:57.000000Z"} https://vulnerability.circl.lu/sighting/549df1a4-b788-4f36-9076-35a85d7e0887/export Sun, 12 Feb 2023 20:42:57 +0000 https://vulnerability.circl.lu/sighting/54ca2b51-3767-4115-9adf-71db8b9f9417/export {"uuid": "54ca2b51-3767-4115-9adf-71db8b9f9417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38378", "type": "seen", "source": "https://t.me/cibsecurity/58345", "content": "\u203c CVE-2022-38378 \u203c\n\nAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:33.000000Z"} {"uuid": "54ca2b51-3767-4115-9adf-71db8b9f9417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38378", "type": "seen", "source": "https://t.me/cibsecurity/58345", "content": "\u203c CVE-2022-38378 \u203c\n\nAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:33.000000Z"} https://vulnerability.circl.lu/sighting/54ca2b51-3767-4115-9adf-71db8b9f9417/export Thu, 16 Feb 2023 22:17:33 +0000 https://vulnerability.circl.lu/sighting/22df3ee2-474e-4157-8c5b-c909b9cd12c3/export {"uuid": "22df3ee2-474e-4157-8c5b-c909b9cd12c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/400417", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"16 Dec 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-16T11:55:42.000000Z"} {"uuid": "22df3ee2-474e-4157-8c5b-c909b9cd12c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/400417", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"16 Dec 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-16T11:55:42.000000Z"} https://vulnerability.circl.lu/sighting/22df3ee2-474e-4157-8c5b-c909b9cd12c3/export Sat, 16 Dec 2023 11:55:42 +0000 https://vulnerability.circl.lu/sighting/85a68135-50ec-4121-b7a6-70a5e0fc9862/export {"uuid": "85a68135-50ec-4121-b7a6-70a5e0fc9862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38375", "type": "seen", "source": "https://t.me/ics_cert/712", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0635\u0646\u0639\u062a\u06cc\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0634\u0628\u06a9\u0647 Fortinet FortiNAC \u0628\u0647 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0631\u0648\u0646\u062f \u0645\u062c\u0648\u0632 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP POST\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 00937-2023\nCVE-2022-38375\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631 (VPN \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0647 \u0645\u062d\u0635\u0648\u0644 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://www.fortiguard.com/psirt/FG-IR-22-329\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2024-07-06T04:18:19.000000Z"} {"uuid": "85a68135-50ec-4121-b7a6-70a5e0fc9862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38375", "type": "seen", "source": "https://t.me/ics_cert/712", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0635\u0646\u0639\u062a\u06cc\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0634\u0628\u06a9\u0647 Fortinet FortiNAC \u0628\u0647 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0631\u0648\u0646\u062f \u0645\u062c\u0648\u0632 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP POST\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 00937-2023\nCVE-2022-38375\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631 (VPN \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0647 \u0645\u062d\u0635\u0648\u0644 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://www.fortiguard.com/psirt/FG-IR-22-329\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2024-07-06T04:18:19.000000Z"} https://vulnerability.circl.lu/sighting/85a68135-50ec-4121-b7a6-70a5e0fc9862/export Sat, 06 Jul 2024 04:18:19 +0000 https://vulnerability.circl.lu/sighting/feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af/export {"uuid": "feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7247", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2024-10-12T06:42:59.000000Z"} {"uuid": "feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7247", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2024-10-12T06:42:59.000000Z"} https://vulnerability.circl.lu/sighting/feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af/export Sat, 12 Oct 2024 06:42:59 +0000 https://vulnerability.circl.lu/sighting/f7e632c5-bf50-4ed3-b1f7-48179c34f8e8/export {"uuid": "f7e632c5-bf50-4ed3-b1f7-48179c34f8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1284", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2025-04-29T05:54:25.000000Z"} {"uuid": "f7e632c5-bf50-4ed3-b1f7-48179c34f8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1284", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2025-04-29T05:54:25.000000Z"} https://vulnerability.circl.lu/sighting/f7e632c5-bf50-4ed3-b1f7-48179c34f8e8/export Tue, 29 Apr 2025 05:54:25 +0000