{"vulnerability": "CVE-2022-2179", "sightings": [{"uuid": "d2d245ac-e08e-4ed6-a039-72de38f3ad20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21796", "type": "seen", "source": "https://t.me/kasraone_com/458", "content": "\ud83d\udd34 CVE \n\n      CVE-2022-21796\n\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0631\u0627\u0628\u06cc \u062d\u0627\u0641\u0638\u0647 \u062f\u0631 \u0639\u0645\u0644\u06a9\u0631\u062f parse_command_list \u0633\u0631\u0648\u06cc\u0633 netserver \u062f\u0631 \u0646\u0633\u062e\u0647 3.0.0.136_20121102 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0645\u062f\u0627\u0631\u0628\u0633\u062a\u0647 \u0631\u0626\u0648\u0644\u06cc\u0646\u06a9 RLC-410W \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0628\u0627 \u0633\u0627\u062e\u062a\u0627\u0631 \u0648\u06cc\u0698\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0646\u0648\u0634\u062a\u0646 \u062e\u0627\u0631\u062c \u0627\u0632 \u0645\u062d\u062f\u0648\u062f\u0647 \u0634\u0648\u062f. \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f \u062a\u0627 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u062f.", "creation_timestamp": "2023-08-13T09:47:45.000000Z"}, {"uuid": "7eaf7602-4020-4615-b8d2-cde20d62aac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2179", "type": "seen", "source": "https://t.me/cibsecurity/46685", "content": "\u203c CVE-2022-2179 \u203c\n\nThe X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T20:12:09.000000Z"}, {"uuid": "38bc2b30-9860-4b6a-8820-837f991938c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21794", "type": "seen", "source": "https://t.me/cibsecurity/52928", "content": "\u203c CVE-2022-21794 \u203c\n\nImproper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:52:25.000000Z"}, {"uuid": "d0155cc0-9e70-4fa4-bcbf-084d3385ee8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21790", "type": "seen", "source": "https://t.me/cibsecurity/47350", "content": "\u203c CVE-2022-21790 \u203c\n\nIn camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T18:17:17.000000Z"}, {"uuid": "bec865b5-2d72-4106-a0c0-b5ec440095b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21791", "type": "seen", "source": "https://t.me/cibsecurity/47338", "content": "\u203c CVE-2022-21791 \u203c\n\nIn camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T18:17:03.000000Z"}, {"uuid": "64699620-e78d-4197-a52c-be684dab795f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21792", "type": "seen", "source": "https://t.me/cibsecurity/47337", "content": "\u203c CVE-2022-21792 \u203c\n\nIn camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T18:17:01.000000Z"}, {"uuid": "f5e8a6f1-6f90-4b88-8d9b-f81614806ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21796", "type": "seen", "source": "https://t.me/cibsecurity/36495", "content": "\u203c CVE-2022-21796 \u203c\n\nA memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:22:22.000000Z"}, {"uuid": "5ccf1a43-c883-46e7-9d6e-411f122e85ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21799", "type": "seen", "source": "https://t.me/cibsecurity/36994", "content": "\u203c CVE-2022-21799 \u203c\n\nCross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-08T14:37:06.000000Z"}, {"uuid": "3d9b513b-3a98-48c8-8034-4b5249d75f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21793", "type": "seen", "source": "https://t.me/cibsecurity/48388", "content": "\u203c CVE-2022-21793 \u203c\n\nInsufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:47.000000Z"}]}