https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 10 Jun 2026 21:44:08 +0000 https://vulnerability.circl.lu/sighting/6382ae0c-4018-4bc2-9b9e-1c77eba117f8/export {"uuid": "6382ae0c-4018-4bc2-9b9e-1c77eba117f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "published-proof-of-concept", "source": "Telegram/x8wnlbzbPHJ-c6n7zbVaQmPlH0M96VrWoveYB3MDtQoQces", "content": "", "creation_timestamp": "2026-04-03T19:00:11.000000Z"} {"uuid": "6382ae0c-4018-4bc2-9b9e-1c77eba117f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "published-proof-of-concept", "source": "Telegram/x8wnlbzbPHJ-c6n7zbVaQmPlH0M96VrWoveYB3MDtQoQces", "content": "", "creation_timestamp": "2026-04-03T19:00:11.000000Z"} https://vulnerability.circl.lu/sighting/6382ae0c-4018-4bc2-9b9e-1c77eba117f8/export Fri, 03 Apr 2026 19:00:11 +0000 https://vulnerability.circl.lu/sighting/db6ca753-d708-46e6-a9fb-5e2032742cef/export {"uuid": "db6ca753-d708-46e6-a9fb-5e2032742cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "published-proof-of-concept", "source": "Telegram/TImB4WLg9m4sLGXOfrFfePfJsw5eV9JDphaGTzdqtpQzKI4", "content": "", "creation_timestamp": "2026-04-03T21:00:05.000000Z"} {"uuid": "db6ca753-d708-46e6-a9fb-5e2032742cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "published-proof-of-concept", "source": "Telegram/TImB4WLg9m4sLGXOfrFfePfJsw5eV9JDphaGTzdqtpQzKI4", "content": "", "creation_timestamp": "2026-04-03T21:00:05.000000Z"} https://vulnerability.circl.lu/sighting/db6ca753-d708-46e6-a9fb-5e2032742cef/export Fri, 03 Apr 2026 21:00:05 +0000 https://vulnerability.circl.lu/sighting/c8dfe564-3b3e-42cd-af53-3e7bad775df7/export {"uuid": "c8dfe564-3b3e-42cd-af53-3e7bad775df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/28dee677-39f5-4f32-a29a-fc819d1f4e70", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2303CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:00:13.754389Z"} {"uuid": "c8dfe564-3b3e-42cd-af53-3e7bad775df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/28dee677-39f5-4f32-a29a-fc819d1f4e70", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2303CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:00:13.754389Z"} https://vulnerability.circl.lu/sighting/c8dfe564-3b3e-42cd-af53-3e7bad775df7/export Thu, 07 May 2026 14:00:13 +0000 https://vulnerability.circl.lu/sighting/e432c3ef-ed59-4ee4-8bd8-2fc3f63edfd2/export {"uuid": "e432c3ef-ed59-4ee4-8bd8-2fc3f63edfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/7874175f-aefb-4114-8cfb-e9c289bbee70", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2304CVE-2026-30816,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:07.622960Z"} {"uuid": "e432c3ef-ed59-4ee4-8bd8-2fc3f63edfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/7874175f-aefb-4114-8cfb-e9c289bbee70", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2304CVE-2026-30816,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:07.622960Z"} https://vulnerability.circl.lu/sighting/e432c3ef-ed59-4ee4-8bd8-2fc3f63edfd2/export Thu, 07 May 2026 14:30:07 +0000 https://vulnerability.circl.lu/sighting/3e99f785-2b45-41de-9d19-70ecf606e896/export {"uuid": "3e99f785-2b45-41de-9d19-70ecf606e896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/72976457-95a7-4160-b13f-f4b172a9b40d", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2305CVE-2026-30817,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:11.659363Z"} {"uuid": "3e99f785-2b45-41de-9d19-70ecf606e896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/72976457-95a7-4160-b13f-f4b172a9b40d", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2305CVE-2026-30817,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:11.659363Z"} https://vulnerability.circl.lu/sighting/3e99f785-2b45-41de-9d19-70ecf606e896/export Thu, 07 May 2026 14:30:11 +0000 https://vulnerability.circl.lu/sighting/2b0825f0-0fea-4b62-9452-8f2e98acbbbd/export {"uuid": "2b0825f0-0fea-4b62-9452-8f2e98acbbbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/279666e9-0e06-4ac3-b229-b42930140915", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2306CVE-2026-30818,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:17.312932Z"} {"uuid": "2b0825f0-0fea-4b62-9452-8f2e98acbbbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/279666e9-0e06-4ac3-b229-b42930140915", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2306CVE-2026-30818,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:17.312932Z"} https://vulnerability.circl.lu/sighting/2b0825f0-0fea-4b62-9452-8f2e98acbbbd/export Thu, 07 May 2026 14:30:17 +0000 https://vulnerability.circl.lu/sighting/cc515f1f-af75-47f6-a0a0-ab32ab75aee9/export {"uuid": "cc515f1f-af75-47f6-a0a0-ab32ab75aee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/6fef4c97-059d-4933-9851-dbcb1afbc36b", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2307CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:23.455050Z"} {"uuid": "cc515f1f-af75-47f6-a0a0-ab32ab75aee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/6fef4c97-059d-4933-9851-dbcb1afbc36b", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2307CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:23.455050Z"} https://vulnerability.circl.lu/sighting/cc515f1f-af75-47f6-a0a0-ab32ab75aee9/export Thu, 07 May 2026 14:30:23 +0000 https://vulnerability.circl.lu/sighting/5a70601d-1dd8-4187-bb48-ceba81096805/export {"uuid": "5a70601d-1dd8-4187-bb48-ceba81096805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/bf34bf28-dc92-4b36-8e34-fc5f385e0b36", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2308CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:28.615070Z"} {"uuid": "5a70601d-1dd8-4187-bb48-ceba81096805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/bf34bf28-dc92-4b36-8e34-fc5f385e0b36", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2308CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:28.615070Z"} https://vulnerability.circl.lu/sighting/5a70601d-1dd8-4187-bb48-ceba81096805/export Thu, 07 May 2026 14:30:28 +0000 https://vulnerability.circl.lu/sighting/2661ace4-a142-4ff8-bb0c-bc1ce27a0bfa/export {"uuid": "2661ace4-a142-4ff8-bb0c-bc1ce27a0bfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/e1892e08-357a-49e1-8e08-443c78efc0c1", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2309CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:34.296740Z"} {"uuid": "2661ace4-a142-4ff8-bb0c-bc1ce27a0bfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://infosec.place/objects/e1892e08-357a-49e1-8e08-443c78efc0c1", "content": "New vulnerability report from Talos:Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerabilityhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2309CVE-2026-30815,CVE-2022-30075,CVE-2022-30075", "creation_timestamp": "2026-05-07T14:30:34.296740Z"} https://vulnerability.circl.lu/sighting/2661ace4-a142-4ff8-bb0c-bc1ce27a0bfa/export Thu, 07 May 2026 14:30:34 +0000 https://vulnerability.circl.lu/sighting/c3ebbb33-d4e9-493b-b228-62d600a25d64/export {"uuid": "c3ebbb33-d4e9-493b-b228-62d600a25d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://gist.github.com/nstevens1040/c388531cac701706d3f8b58f7447649f", "content": "# This is the portion of CVE-2022-30075 that decrypts and deflates the TP-Link backup file, written in PowerShell and C# instead of Python.\nAdd-Type -TypeDefinition @\"\nnamespace Hex\n{\n using System;\n using System.Text;\n using System.Text.RegularExpressions;\n using System.Collections;\n using System.Collections.Generic;\n using System.Linq;\n using System.Security.Cryptography;\n public static class To\n {\n public static byte[] Bytes(string hex_string)\n {\n MatchCollection matches = new Regex(@\"([A-F0-9]{2})\").Matches(hex_string);\n byte[] out_bytes = new byte[matches.Count];\n for(int i = 0; i < matches.Count; i++)\n {\n out_bytes[i] = Convert.ToByte(matches[i].Value,16);\n }\n return out_bytes;\n }\n }\n}\n\"@\nAdd-Type -TypeDefinition @\"\nnamespace Advanced\n{\n using System;\n using System.Collections;\n using System.Collections.Generic;\n using System.Linq;\n using System.Security.Cryptography;\n public static class Encryption\n {\n public static byte[] Decrypt(AesCryptoServiceProvider aes, byte[] cipher_text)\n {\n using(ICryptoTransform dec = aes.CreateDecryptor())\n {\n return dec.TransformFinalBlock(cipher_text,0,cipher_text.Length);\n }\n }\n }\n}\n\"@\nAdd-Type -TypeDefinition @\"\nnamespace Z\n{\n using System;\n using System.IO;\n using System.IO.Compression;\n public static class Lib\n {\n public static void Deflate(MemoryStream deflate_stream, int aes_blocksize, string outfile)\n {\n using(DeflateStream deflate = new DeflateStream(deflate_stream, CompressionMode.Decompress))\n {\n using(MemoryStream pad = new MemoryStream())\n {\n using(FileStream file = File.Open(outfile, FileMode.OpenOrCreate))\n {\n deflate.CopyTo(pad);\n pad.Position = aes_blocksize / 8;\n pad.CopyTo(file);\n }\n }\n }\n }\n }\n}\n\"@\n\n$encrypted_file = \"C:\\Users\\nstevens\\Downloads\\ArcherAX1450v1202508281312n.bin\"\n$deflated_tarfile = \"C:\\Users\\nstevens\\Desktop\\data.tar\"\n$cipherText = [io.file]::ReadAllBytes($encrypted_file)\n$aes = [System.Security.Cryptography.Aes]::Create()\n$aes.Key = [Hex.To]::Bytes('2EB38F7EC41D4B8E1422805BCD5F740BC3B95BE163E39D67579EB344427F7836')\n$aes.IV = [Hex.To]::Bytes('360028C9064242F81074F4C127D299F6')\n$decrypted = [Advanced.Encryption]::Decrypt($aes,$cipherText)\n$inf_ms = [System.IO.MemoryStream]::new($decrypted,2,($decrypted.Length - 2))\n# Skipping the first two bytes removes the zlib header, leaving only the deflate stream and the 4 byte adler32 checksum at the end.\n# Doing this allows you to use the native System.IO.Compression.DeflateStream library instead of a third party library.\nRemove-Item $deflated_tarfile -ea 0\n[Z.Lib]::Deflate($inf_ms,$aes.BlockSize,$deflated_tarfile)\n$aes.Dispose()\n", "creation_timestamp": "2026-05-20T02:08:01.000000Z"} {"uuid": "c3ebbb33-d4e9-493b-b228-62d600a25d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30075", "type": "seen", "source": "https://gist.github.com/nstevens1040/c388531cac701706d3f8b58f7447649f", "content": "# This is the portion of CVE-2022-30075 that decrypts and deflates the TP-Link backup file, written in PowerShell and C# instead of Python.\nAdd-Type -TypeDefinition @\"\nnamespace Hex\n{\n using System;\n using System.Text;\n using System.Text.RegularExpressions;\n using System.Collections;\n using System.Collections.Generic;\n using System.Linq;\n using System.Security.Cryptography;\n public static class To\n {\n public static byte[] Bytes(string hex_string)\n {\n MatchCollection matches = new Regex(@\"([A-F0-9]{2})\").Matches(hex_string);\n byte[] out_bytes = new byte[matches.Count];\n for(int i = 0; i < matches.Count; i++)\n {\n out_bytes[i] = Convert.ToByte(matches[i].Value,16);\n }\n return out_bytes;\n }\n }\n}\n\"@\nAdd-Type -TypeDefinition @\"\nnamespace Advanced\n{\n using System;\n using System.Collections;\n using System.Collections.Generic;\n using System.Linq;\n using System.Security.Cryptography;\n public static class Encryption\n {\n public static byte[] Decrypt(AesCryptoServiceProvider aes, byte[] cipher_text)\n {\n using(ICryptoTransform dec = aes.CreateDecryptor())\n {\n return dec.TransformFinalBlock(cipher_text,0,cipher_text.Length);\n }\n }\n }\n}\n\"@\nAdd-Type -TypeDefinition @\"\nnamespace Z\n{\n using System;\n using System.IO;\n using System.IO.Compression;\n public static class Lib\n {\n public static void Deflate(MemoryStream deflate_stream, int aes_blocksize, string outfile)\n {\n using(DeflateStream deflate = new DeflateStream(deflate_stream, CompressionMode.Decompress))\n {\n using(MemoryStream pad = new MemoryStream())\n {\n using(FileStream file = File.Open(outfile, FileMode.OpenOrCreate))\n {\n deflate.CopyTo(pad);\n pad.Position = aes_blocksize / 8;\n pad.CopyTo(file);\n }\n }\n }\n }\n }\n}\n\"@\n\n$encrypted_file = \"C:\\Users\\nstevens\\Downloads\\ArcherAX1450v1202508281312n.bin\"\n$deflated_tarfile = \"C:\\Users\\nstevens\\Desktop\\data.tar\"\n$cipherText = [io.file]::ReadAllBytes($encrypted_file)\n$aes = [System.Security.Cryptography.Aes]::Create()\n$aes.Key = [Hex.To]::Bytes('2EB38F7EC41D4B8E1422805BCD5F740BC3B95BE163E39D67579EB344427F7836')\n$aes.IV = [Hex.To]::Bytes('360028C9064242F81074F4C127D299F6')\n$decrypted = [Advanced.Encryption]::Decrypt($aes,$cipherText)\n$inf_ms = [System.IO.MemoryStream]::new($decrypted,2,($decrypted.Length - 2))\n# Skipping the first two bytes removes the zlib header, leaving only the deflate stream and the 4 byte adler32 checksum at the end.\n# Doing this allows you to use the native System.IO.Compression.DeflateStream library instead of a third party library.\nRemove-Item $deflated_tarfile -ea 0\n[Z.Lib]::Deflate($inf_ms,$aes.BlockSize,$deflated_tarfile)\n$aes.Dispose()\n", "creation_timestamp": "2026-05-20T02:08:01.000000Z"} https://vulnerability.circl.lu/sighting/c3ebbb33-d4e9-493b-b228-62d600a25d64/export Wed, 20 May 2026 02:08:01 +0000