{"vulnerability": "CVE-2022-2939", "sightings": [{"uuid": "7d64df16-da88-482e-b425-17d219b7cfe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2939", "type": "seen", "source": "https://t.me/cibsecurity/49364", "content": "\u203c CVE-2022-2939 \u203c\n\nThe WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:19:41.000000Z"}, {"uuid": "8b7e9cbd-2b81-4f25-8fdb-6a9b02c6ec14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29396", "type": "seen", "source": "https://t.me/cibsecurity/42322", "content": "\u203c CVE-2022-29396 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:46:14.000000Z"}, {"uuid": "6467acb6-5eaf-4ae5-b559-a68f679664ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29393", "type": "seen", "source": "https://t.me/cibsecurity/42320", "content": "\u203c CVE-2022-29393 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:46:10.000000Z"}, {"uuid": "91d3c7b9-2760-4920-b4cb-f989c81e4018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29399", "type": "seen", "source": "https://t.me/cibsecurity/42319", "content": "\u203c CVE-2022-29399 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:46:09.000000Z"}, {"uuid": "37b685ee-12eb-43d6-8df7-f4fb62b505ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29394", "type": "seen", "source": "https://t.me/cibsecurity/42317", "content": "\u203c CVE-2022-29394 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:46:05.000000Z"}, {"uuid": "82ac4a31-6d8e-4314-995e-76b0acbedadd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29395", "type": "seen", "source": "https://t.me/cibsecurity/42314", "content": "\u203c CVE-2022-29395 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:43:04.000000Z"}, {"uuid": "d333a2b3-cf6d-4375-b96d-14c7810c1e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29391", "type": "seen", "source": "https://t.me/cibsecurity/42309", "content": "\u203c CVE-2022-29391 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:39:26.000000Z"}, {"uuid": "3e146c95-f018-4c01-8310-de646ea24a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29398", "type": "seen", "source": "https://t.me/cibsecurity/42305", "content": "\u203c CVE-2022-29398 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:39:21.000000Z"}, {"uuid": "992e5d24-7faa-4a3e-8c24-8bb53c01df24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29397", "type": "seen", "source": "https://t.me/cibsecurity/42290", "content": "\u203c CVE-2022-29397 \u203c\n\nTOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T00:38:59.000000Z"}]}