{"vulnerability": "CVE-2022-4011", "sightings": [{"uuid": "c31e0e8f-b1d8-4f47-b8d1-21a9112e3077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40111", "type": "seen", "source": "https://t.me/cibsecurity/49311", "content": "\u203c CVE-2022-40111 \u203c\n\nIn TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T20:13:18.000000Z"}, {"uuid": "e0a08069-66c9-43e9-be31-acfeda944dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4011", "type": "seen", "source": "https://t.me/cibsecurity/53037", "content": "\u203c CVE-2022-4011 \u203c\n\nA vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213785 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-17T15:52:53.000000Z"}, {"uuid": "538b4fdb-1a81-41cb-9834-9e9ae1ea32d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40112", "type": "seen", "source": "https://t.me/cibsecurity/49320", "content": "\u203c CVE-2022-40112 \u203c\n\nTOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T20:13:31.000000Z"}, {"uuid": "8b66fe8a-cf68-4f72-85f8-515231638451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40110", "type": "seen", "source": "https://t.me/cibsecurity/49315", "content": "\u203c CVE-2022-40110 \u203c\n\nTOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T20:13:25.000000Z"}]}