https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 02 Jun 2026 22:50:44 +0000 https://vulnerability.circl.lu/sighting/1b4f5875-5600-42a0-a296-8fafc2492bb9/export {"uuid": "1b4f5875-5600-42a0-a296-8fafc2492bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "seen", "source": "https://t.me/cibsecurity/54647", "content": "\u203c CVE-2022-46634 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:43.000000Z"} {"uuid": "1b4f5875-5600-42a0-a296-8fafc2492bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "seen", "source": "https://t.me/cibsecurity/54647", "content": "\u203c CVE-2022-46634 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:43.000000Z"} https://vulnerability.circl.lu/sighting/1b4f5875-5600-42a0-a296-8fafc2492bb9/export Fri, 16 Dec 2022 00:23:43 +0000 https://vulnerability.circl.lu/sighting/e38a87fa-679a-40c4-8136-94231597b098/export {"uuid": "e38a87fa-679a-40c4-8136-94231597b098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "seen", "source": "https://t.me/cibsecurity/54651", "content": "\u203c CVE-2022-46631 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:50.000000Z"} {"uuid": "e38a87fa-679a-40c4-8136-94231597b098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "seen", "source": "https://t.me/cibsecurity/54651", "content": "\u203c CVE-2022-46631 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T00:23:50.000000Z"} https://vulnerability.circl.lu/sighting/e38a87fa-679a-40c4-8136-94231597b098/export Fri, 16 Dec 2022 00:23:50 +0000 https://vulnerability.circl.lu/sighting/2759733f-c450-4de2-998b-2af9e7b36155/export {"uuid": "2759733f-c450-4de2-998b-2af9e7b36155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4663", "type": "seen", "source": "https://t.me/cibsecurity/55801", "content": "\u203c CVE-2022-4663 \u203c\n\nThe Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a site's administrator into uploading a CSV file with the malicious payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T16:17:09.000000Z"} {"uuid": "2759733f-c450-4de2-998b-2af9e7b36155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4663", "type": "seen", "source": "https://t.me/cibsecurity/55801", "content": "\u203c CVE-2022-4663 \u203c\n\nThe Members Import plugin for WordPress is vulnerable to Self Cross-Site Scripting via the user_login parameter in an imported CSV file in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a site's administrator into uploading a CSV file with the malicious payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T16:17:09.000000Z"} https://vulnerability.circl.lu/sighting/2759733f-c450-4de2-998b-2af9e7b36155/export Tue, 03 Jan 2023 16:17:09 +0000 https://vulnerability.circl.lu/sighting/7c230542-3aec-4c63-83a8-351728e17a6f/export {"uuid": "7c230542-3aec-4c63-83a8-351728e17a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7516", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-09T11:01:39.000000Z"} {"uuid": "7c230542-3aec-4c63-83a8-351728e17a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7516", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-09T11:01:39.000000Z"} https://vulnerability.circl.lu/sighting/7c230542-3aec-4c63-83a8-351728e17a6f/export Mon, 09 Jan 2023 11:01:39 +0000 https://vulnerability.circl.lu/sighting/1dccb0aa-cd78-4d85-9c12-faa54beb36b9/export {"uuid": "1dccb0aa-cd78-4d85-9c12-faa54beb36b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2180", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-10T14:19:10.000000Z"} {"uuid": "1dccb0aa-cd78-4d85-9c12-faa54beb36b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46630", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2180", "content": "#Threat_Research\n1. Exploit Party: Bring Your Own Vulnerable Driver Attacks\nhttps://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack\n2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)\nhttps://archcloudlabs.com/projects/cve-2022-46330", "creation_timestamp": "2023-01-10T14:19:10.000000Z"} https://vulnerability.circl.lu/sighting/1dccb0aa-cd78-4d85-9c12-faa54beb36b9/export Tue, 10 Jan 2023 14:19:10 +0000 https://vulnerability.circl.lu/sighting/08bb3586-efbd-4f40-8d5d-1428776036eb/export {"uuid": "08bb3586-efbd-4f40-8d5d-1428776036eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/cibsecurity/56874", "content": "\u203c CVE-2022-46639 \u203c\n\nA vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T05:39:58.000000Z"} {"uuid": "08bb3586-efbd-4f40-8d5d-1428776036eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/cibsecurity/56874", "content": "\u203c CVE-2022-46639 \u203c\n\nA vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T05:39:58.000000Z"} https://vulnerability.circl.lu/sighting/08bb3586-efbd-4f40-8d5d-1428776036eb/export Tue, 24 Jan 2023 05:39:58 +0000 https://vulnerability.circl.lu/sighting/b43febfe-e870-4420-b95b-b8009065e0c5/export {"uuid": "b43febfe-e870-4420-b95b-b8009065e0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46637", "type": "seen", "source": "https://t.me/cibsecurity/58643", "content": "\u203c CVE-2022-46637 \u203c\n\nProlink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T00:47:00.000000Z"} {"uuid": "b43febfe-e870-4420-b95b-b8009065e0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46637", "type": "seen", "source": "https://t.me/cibsecurity/58643", "content": "\u203c CVE-2022-46637 \u203c\n\nProlink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T00:47:00.000000Z"} https://vulnerability.circl.lu/sighting/b43febfe-e870-4420-b95b-b8009065e0c5/export Wed, 22 Feb 2023 00:47:00 +0000 https://vulnerability.circl.lu/sighting/ebcc2827-8b64-42e3-b2ef-6a792a13a363/export {"uuid": "ebcc2827-8b64-42e3-b2ef-6a792a13a363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46639\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\ud83d\udccf Published: 2023-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T14:23:55.169Z\n\ud83d\udd17 References:\n1. https://ia-informatica.com/it/CVE-2022-46639", "creation_timestamp": "2025-04-03T14:35:02.000000Z"} {"uuid": "ebcc2827-8b64-42e3-b2ef-6a792a13a363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46639", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46639\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.\n\ud83d\udccf Published: 2023-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T14:23:55.169Z\n\ud83d\udd17 References:\n1. https://ia-informatica.com/it/CVE-2022-46639", "creation_timestamp": "2025-04-03T14:35:02.000000Z"} https://vulnerability.circl.lu/sighting/ebcc2827-8b64-42e3-b2ef-6a792a13a363/export Thu, 03 Apr 2025 14:35:02 +0000 https://vulnerability.circl.lu/sighting/696c289c-5305-42b2-b3ae-375c471319ce/export {"uuid": "696c289c-5305-42b2-b3ae-375c471319ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:29:12.590Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6", "creation_timestamp": "2025-04-21T16:03:02.000000Z"} {"uuid": "696c289c-5305-42b2-b3ae-375c471319ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46631", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:29:12.590Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6", "creation_timestamp": "2025-04-21T16:03:02.000000Z"} https://vulnerability.circl.lu/sighting/696c289c-5305-42b2-b3ae-375c471319ce/export Mon, 21 Apr 2025 16:03:02 +0000 https://vulnerability.circl.lu/sighting/a33292b1-fb6e-422a-843c-312b2be9a75d/export {"uuid": "a33292b1-fb6e-422a-843c-312b2be9a75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12695", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46634\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:27:51.101Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7", "creation_timestamp": "2025-04-21T16:03:03.000000Z"} {"uuid": "a33292b1-fb6e-422a-843c-312b2be9a75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46634", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12695", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46634\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T15:27:51.101Z\n\ud83d\udd17 References:\n1. https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7", "creation_timestamp": "2025-04-21T16:03:03.000000Z"} https://vulnerability.circl.lu/sighting/a33292b1-fb6e-422a-843c-312b2be9a75d/export Mon, 21 Apr 2025 16:03:03 +0000