{"vulnerability": "CVE-2022-3882", "sightings": [{"uuid": "98f3bb80-0589-4366-be94-2f75bd934fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3882", "type": "seen", "source": "https://t.me/cibsecurity/54344", "content": "\u203c CVE-2022-3882 \u203c\n\nThe Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin WordPress plugin before 2.46 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:08.000000Z"}, {"uuid": "9a99796b-e350-435e-a884-6032d4c3e3f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38829", "type": "seen", "source": "https://t.me/cibsecurity/49920", "content": "\u203c CVE-2022-38829 \u203c\n\nTenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:29:02.000000Z"}, {"uuid": "615c8dcf-4369-47d0-96a1-7dd7d776d89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38827", "type": "seen", "source": "https://t.me/cibsecurity/49914", "content": "\u203c CVE-2022-38827 \u203c\n\nTOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:28:54.000000Z"}, {"uuid": "42c71297-550a-449c-9474-25175945513c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38823", "type": "seen", "source": "https://t.me/cibsecurity/49912", "content": "\u203c CVE-2022-38823 \u203c\n\nIn TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:28:52.000000Z"}, {"uuid": "fbbf3bb0-b4ae-415a-81c2-4a12e0f88d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38826", "type": "seen", "source": "https://t.me/cibsecurity/49921", "content": "\u203c CVE-2022-38826 \u203c\n\nIn TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:29:03.000000Z"}, {"uuid": "20e1f18e-a931-46d0-838f-dc88287ab045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38828", "type": "seen", "source": "https://t.me/cibsecurity/49907", "content": "\u203c CVE-2022-38828 \u203c\n\nTOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T18:28:47.000000Z"}]}