{"vulnerability": "CVE-2022-4577", "sightings": [{"uuid": "47b3d0a9-a158-4817-90e9-fed8fcae30cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45770", "type": "seen", "source": "MISP/4f4863c2-1cc3-4079-8e03-8291ad13faef", "content": "", "creation_timestamp": "2023-02-09T16:15:16.000000Z"}, {"uuid": "89a5229f-6973-4553-bdc8-ff2daa26add9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45770", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9756", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45770\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation.\n\ud83d\udccf Published: 2023-01-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T18:37:59.637Z\n\ud83d\udd17 References:\n1. https://adguard.com/en/versions/windows/release.html#version-71140780\n2. https://github.com/Marsel-marsel/CVE-2022-45770\n3. https://xakep.ru/2023/01/27/aguard-cve/\n4. https://hackmag.com/security/aguard-cve/", "creation_timestamp": "2025-03-31T19:31:23.000000Z"}, {"uuid": "cc076b60-94c0-4dc0-809b-8645f2706598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45771", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"}, {"uuid": "f4f00258-7908-4b24-bf89-9640c815721d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45770", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/194635", "content": "{\n  \"Source\": \"arvin_club\",\n  \"Content\": \"#AdGuard CVE-2022-45770 https://github.com/Marsel-marsel/CVE-2022-45770 https://xakep.ru/2023/01/27/aguard-cve/ GitHubMarsel-marsel/CVE-2022-45770 LPE exploit via windows driver. Contribute to Marsel-marsel/CVE-2022-45770 development by creating an account on GitHub.\", \n  \"author\": \"ARVIN\",\n  \"Detection Date\": \"03 Feb 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-03T20:27:51.000000Z"}, {"uuid": "39ca334c-90df-422d-996b-ee5453c479f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45771", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/175046", "content": "{\n  \"Source\": \"documentors\",\n  \"Content\": \"\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE Pwndoc local file inclusion to remote code execution of Node.js code on the server. https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE #cve\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"04 Jan 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-01-04T21:11:33.000000Z"}, {"uuid": "dec90c20-33af-4c9d-b676-9dbb72bc3702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45771", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1795", "content": "#exploit\n1. CVE-2022-45771:\nPwndoc LFI to RCE\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n2. Discord Image Token Password Grabber Exploit\nhttps://github.com/bluewolf2778/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022", "creation_timestamp": "2022-12-16T06:26:07.000000Z"}, {"uuid": "7ced46f3-6c5b-40d4-beb1-a12232fb2d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45778", "type": "seen", "source": "https://t.me/cibsecurity/55451", "content": "\u203c CVE-2022-45778 \u203c\n\nhttps://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a configuration error in report.m.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T00:12:03.000000Z"}, {"uuid": "d4117c67-990b-4c65-b512-8de15c14b1c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45771", "type": "seen", "source": "https://t.me/cibsecurity/54021", "content": "\u203c CVE-2022-45771 \u203c\n\nAn issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T22:40:08.000000Z"}, {"uuid": "be857270-871b-4644-960c-ce997cb8102a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45770", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/13536", "content": "Sad guard. \u0418\u0449\u0435\u043c \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 AdGuard \u0434\u043b\u044f Windows #\u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u0430\u043c\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u044f \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443, \u043a\u0430\u043a \u043d\u0430\u0448\u0435\u043b \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0439 \u0431\u0430\u0433 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 AdGuard. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u043e\u043c\u0435\u0440 CVE-2022-45770. \u042f \u043f\u043e\u043a\u0430\u0436\u0443, \u043a\u0430\u043a \u0438\u0437\u0443\u0447\u0430\u043b \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043b\u0430\u043c\u044b \u0438 \u0440\u0430\u0441\u043a\u0440\u0443\u0442\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u041f\u043e \u0434\u043e\u0440\u043e\u0433\u0435 \u043f\u043e\u0438\u0437\u0443\u0447\u0430\u0435\u043c \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e Windows.\n\nhttps://xakep.ru/2023/01/27/aguard-cve/", "creation_timestamp": "2023-01-27T14:46:31.000000Z"}, {"uuid": "0b39ceb7-8ada-4174-a3c8-10489fb6836c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45770", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/6418", "content": "#AdGuard CVE-2022-45770\nhttps://github.com/Marsel-marsel/CVE-2022-45770\nhttps://xakep.ru/2023/01/27/aguard-cve/", "creation_timestamp": "2023-02-03T19:42:06.000000Z"}, {"uuid": "68262ba1-465f-4ca7-b157-0c4052ae13b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45771", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7359", "content": "#exploit\n1. CVE-2022-45771:\nPwndoc LFI to RCE\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n2. Discord Image Token Password Grabber Exploit\nhttps://github.com/bluewolf2778/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022", "creation_timestamp": "2022-12-15T11:05:08.000000Z"}]}