{"vulnerability": "cve-2022-2411", "sightings": [{"uuid": "8ed9b8a4-2739-46b3-84a1-6d3c57b0a724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "3f45e65d-7989-4534-9c6a-732e0758b737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971695", "content": "", "creation_timestamp": "2024-12-24T20:32:55.149334Z"}, {"uuid": "a8cec481-9503-4280-9b5d-a2c4a70a8694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "4884d582-0935-4b3c-a4e6-91e965c36d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "2ee78713-34e2-4282-93ee-f561bf848add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "6a36ab3d-4a88-4ceb-a7d8-125f55ec2efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "932e0e28-9274-4920-9a09-a47e56da8b50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:44.000000Z"}, {"uuid": "80561b5a-ad34-4813-b8ce-e60f06c32a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "fbbe2802-12ac-4176-915b-9b22aa38be6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "db7bdd94-74be-44de-828e-53e6da2ac399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "46e7eb07-a6f4-4d10-aca7-4b915a294aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-01)", "content": "", "creation_timestamp": "2025-04-01T00:00:00.000000Z"}, {"uuid": "6a9e86e3-0826-42aa-945d-6f31097a9c97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "165d8e27-0f3d-44fc-9dd7-91f6142cb8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "56e4f48f-f5a3-41a7-9407-6a6e422718a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "c8ab11fe-111e-4ee9-af03-b357bd87f39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "90126e8e-eecc-47d8-9147-d9258b63648a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-26)", "content": "", "creation_timestamp": "2025-05-26T00:00:00.000000Z"}, {"uuid": "1835c39c-8669-4f8c-87bc-9891f36e8db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "d6ebe6d9-39a9-4262-ac35-3998259a9ea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-24)", "content": "", "creation_timestamp": "2025-05-24T00:00:00.000000Z"}, {"uuid": "98a85475-0df9-48f7-a25b-ec7dcbe10f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-30)", "content": "", "creation_timestamp": "2025-06-30T00:00:00.000000Z"}, {"uuid": "906741c4-2b9f-41cf-9df3-1c02a5120745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "0b0d855b-6713-4902-b7ef-9d843705ed5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "a442d79d-1cd0-4dae-bcb7-650ae9bfd6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-06)", "content": "", "creation_timestamp": "2025-07-06T00:00:00.000000Z"}, {"uuid": "805c5057-8b0d-4041-ac81-164327459cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-20)", "content": "", "creation_timestamp": "2025-09-20T00:00:00.000000Z"}, {"uuid": "d1a56e33-63e3-4045-8c72-389e1d082716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-28)", "content": "", "creation_timestamp": "2025-11-28T00:00:00.000000Z"}, {"uuid": "92cb22ef-0d62-4a0e-851b-64f91901af98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-08)", "content": "", "creation_timestamp": "2025-11-08T00:00:00.000000Z"}, {"uuid": "441170fc-93ab-48a6-bf92-904e49d18264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_apisix_api_default_token_rce.rb", "content": "", "creation_timestamp": "2022-03-07T15:23:16.000000Z"}, {"uuid": "50b0e257-9bab-46af-a0ce-293ae9a59b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-02)", "content": "", "creation_timestamp": "2025-09-02T00:00:00.000000Z"}, {"uuid": "18e72eca-a4fb-47db-bbce-a13a323beb53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-05)", "content": "", "creation_timestamp": "2025-12-05T00:00:00.000000Z"}, {"uuid": "50d798af-62c4-4368-9128-f7953ba2038c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "fd8f3144-c0f3-46b7-8acc-c5aa921f01f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "7e106a97-2f98-46ba-9a31-047d97e6f4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "9941accc-9726-4c9d-8ddb-c8a10919a18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-22)", "content": "", "creation_timestamp": "2025-12-22T00:00:00.000000Z"}, {"uuid": "9b0f0043-b376-4549-b649-c5d7bf5d4c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "4a383cc9-fb0e-4326-8e56-d0746e2d6355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-04)", "content": "", "creation_timestamp": "2026-01-04T00:00:00.000000Z"}, {"uuid": "5ad296a8-6092-4631-ad61-d052cdf711a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "6ae3e18b-79f7-42c6-bf4c-d13cbc2d28ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-28)", "content": "", "creation_timestamp": "2026-02-28T00:00:00.000000Z"}, {"uuid": "617e7ba1-078c-4de5-a6f7-8735920f309b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-12)", "content": "", "creation_timestamp": "2026-03-12T00:00:00.000000Z"}, {"uuid": "a4ada577-14e4-4a3f-ae7f-b040135cb70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "c6888efa-1a64-48a4-9bd0-dbc57a0cbe12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-21)", "content": "", "creation_timestamp": "2026-01-21T00:00:00.000000Z"}, {"uuid": "84f41be0-5cda-46f1-ae0f-69f686e99a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "1867fbaf-108f-420f-a1e0-4a8495fb04d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-24)", "content": "", "creation_timestamp": "2026-01-24T00:00:00.000000Z"}, {"uuid": "04ce46ea-a191-410e-8e43-2984b1a67f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b9b7247a-9ecf-45c0-bf89-cfeb3ea17477", "content": "", "creation_timestamp": "2026-02-02T12:27:15.045828Z"}, {"uuid": "624b9ed9-d83b-46ad-8ec9-70223d0c464a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "1d8b897a-790d-4532-9aa2-1e7c8ae99090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7508", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aNew exploit for Apache APISIX 2.12.1 - Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/btar1gan/exploit_CVE-2022-24112\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-06-03T17:38:36.000000Z"}, {"uuid": "1319a511-92ed-49d3-8bbd-8d8406e3814f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1670", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aApache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit \nURL\uff1ahttps://github.com/M4xSec/Apache-APISIX-CVE-2022-24112", "creation_timestamp": "2022-03-16T09:22:01.000000Z"}, {"uuid": "e3f31200-4f32-40f7-af5f-55d84470ed06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1522", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112\uff1aApache APISIX apisix/batch-requests RCE\nURL\uff1ahttps://github.com/Mr-xn/CVE-2022-24112", "creation_timestamp": "2022-02-22T14:13:33.000000Z"}, {"uuid": "22a80715-1611-459f-99dd-fe0989ec7b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112 check\nURL\uff1ahttps://github.com/coconut20/CVE-2022-21907-RCE-POC", "creation_timestamp": "2022-02-21T17:32:25.000000Z"}, {"uuid": "a5aa523c-7ad6-4f3c-80dd-654c43fc1e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/apache_apisix_cve_2022_24112", "content": "", "creation_timestamp": "2022-06-20T18:27:56.000000Z"}, {"uuid": "7908be57-d8e8-49e1-8d74-beea6b66dce6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1516", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112 check\nURL\uff1ahttps://github.com/shakeman8/CVE-2022-24112", "creation_timestamp": "2022-02-21T11:58:04.000000Z"}, {"uuid": "24e16e81-8d8b-44a5-96a1-9f35e923e46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1518", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112 check\nURL\uff1ahttps://github.com/coconut20/CVE-2022-21907", "creation_timestamp": "2022-02-21T16:34:10.000000Z"}, {"uuid": "f7b3bbec-55fc-4b98-8e4e-31532f83172d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1535", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aApache APISIX batch-requests RCE(CVE-2022-24112)\nURL\uff1ahttps://github.com/Axx8/CVE-2022-24112", "creation_timestamp": "2022-02-25T15:22:54.000000Z"}, {"uuid": "93054236-86bb-41d1-bcc6-2131ebf37a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3518", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112_POC\nURL\uff1ahttps://github.com/Acczdy/CVE-2022-24112_POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-04T03:12:09.000000Z"}, {"uuid": "55dcbb71-f54c-404f-a78f-e01e327ccf29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "Telegram/WN9NBuDiE6ufWr_wkMnrpCcXp-giw6BEDKj3qL7GVZYBJNCe", "content": "", "creation_timestamp": "2025-03-08T04:34:11.000000Z"}, {"uuid": "f7800a82-7aed-46fa-904b-d95040e261c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24117", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11530", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24117\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:58:41.486Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-12T00:51:08.000000Z"}, {"uuid": "666e0378-237c-4abd-8980-5fe89d150892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24116", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11529", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24116\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-12T00:02:24.664Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-12T00:51:07.000000Z"}, {"uuid": "be625a8a-8802-48a4-97ec-da181ce5a77f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24119", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11508", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24119\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:41:26.428Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-11T23:51:15.000000Z"}, {"uuid": "d571c2b6-25c6-487a-b307-8d83544b6f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24118", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11531", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24118\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:53:21.786Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-12T00:51:09.000000Z"}, {"uuid": "f1127024-2840-4d36-ae02-328bb720e024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1420", "content": "CVE-2022-24112\uff1aApache APISIX apisix/batch-requests RCE\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d batch-requests \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043e\u0431\u0445\u043e\u0434 IP-\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f API Admin. \u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f Apache APISIX \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0441 \u043a\u043b\u044e\u0447\u043e\u043c API \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e) \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u0415\u0441\u043b\u0438 \u043a\u043b\u044e\u0447 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u044b\u043b \u0438\u0437\u043c\u0435\u043d\u0435\u043d \u0438\u043b\u0438 \u043f\u043e\u0440\u0442 Admin API \u0431\u044b\u043b \u0438\u0437\u043c\u0435\u043d\u0435\u043d \u043d\u0430 \u043f\u043e\u0440\u0442, \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u0442 \u043f\u043e\u0440\u0442\u0430 \u043f\u0430\u043d\u0435\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0441\u043d\u0438\u0436\u0430\u0435\u0442\u0441\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u0440\u0438\u0441\u043a \u043e\u0431\u043e\u0439\u0442\u0438 IP-\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u043d\u0435\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Apache APISIX \u0432\u0441\u0435 \u0435\u0449\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442. \u0412 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 batch-requests \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 IP \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043d\u0430 \u0435\u0433\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 IP. \u041d\u043e \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u0434\u0435 \u044d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u043e\u0439\u0434\u0435\u043d\u0430.\n\nhttps://github.com/Mr-xn/CVE-2022-24112\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-28T12:00:22.000000Z"}, {"uuid": "4b7c0875-99c6-4213-9872-f7b0c367b4c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1901", "content": "Apache APISIX Remote Code Execution (CVE-2022-24112) Exploit\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d batch-requests \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043e\u0431\u0445\u043e\u0434 IP-\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f API Admin. \u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f Apache APISIX \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0441 \u043a\u043b\u044e\u0447\u043e\u043c API \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e) \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u0415\u0441\u043b\u0438 \u043a\u043b\u044e\u0447 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0431\u044b\u043b \u0438\u0437\u043c\u0435\u043d\u0435\u043d \u0438\u043b\u0438 \u043f\u043e\u0440\u0442 Admin API \u0431\u044b\u043b \u0438\u0437\u043c\u0435\u043d\u0435\u043d \u043d\u0430 \u043f\u043e\u0440\u0442, \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u0442 \u043f\u043e\u0440\u0442\u0430 \u043f\u0430\u043d\u0435\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0441\u043d\u0438\u0436\u0430\u0435\u0442\u0441\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u0440\u0438\u0441\u043a \u043e\u0431\u043e\u0439\u0442\u0438 IP-\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u043d\u0435\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Apache APISIX \u0432\u0441\u0435 \u0435\u0449\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442. \u0412 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 batch-requests \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 IP \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043d\u0430 \u0435\u0433\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 IP. \u041d\u043e \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u0434\u0435 \u044d\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u043e\u0439\u0434\u0435\u043d\u0430.\nhttps://github.com/M4xSec/Apache-APISIX-CVE-2022-24112\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-04T05:01:41.000000Z"}, {"uuid": "452e1dbf-3157-4d93-b7e4-7d0ea2656675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "Telegram/RYN9CVuVOnNpNcDATSMhKWBF9wkA0d53mwEFWbZ6_pEU263n", "content": "", "creation_timestamp": "2025-01-30T02:17:49.000000Z"}, {"uuid": "c9c832b7-95c3-444c-b25a-d3e570a1f3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "https://t.me/arpsyndicate/1371", "content": "#ExploitObserverAlert\n\nCVE-2022-24112\n\nDESCRIPTION: Exploit Observer has 38 entries related to CVE-2022-24112. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.\n\nFIRST-EPSS: 0.971990000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T02:42:55.000000Z"}, {"uuid": "974f25b7-af8c-40d8-8fde-f1a1b8b64130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/28", "content": "CVE-2022-24112(Apache APISIX RCE)\n\n\u041e\u0431\u0449\u0438\u0439 \u0431\u0430\u043b\u043b CVSS: 9.8(Security-Database Scoring CVSS v3)\n\u0414\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u0442\u043e\u043c\u0443 API \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 LUA \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 script, \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.x.\n\u041f\u0435\u0440\u0432\u0430\u044f \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0432\u0435\u043d\u0434\u043e\u0440\u0430: 11.02.2022\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435: \u0441\u0441\u044b\u043b\u043a\u04301, \u0441\u0441\u044b\u043b\u043a\u04302\n\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 Ven3xy.\n\u0421\u043a\u0440\u0438\u043f\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u0435\u0440\u0430\u0445.\n\u0415\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0442\u0438\u0432 \u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u0443\u0433\u043e\u043b\u043e\u0432\u043d\u043e \u043d\u0430\u043a\u0430\u0437\u0443\u0435\u043c\u043e.\n\nTotal CVS Score: 9.8(Security-Database Scoring CSS v3)\nAccess to this API allows you to remotely execute LUA code using the script parameter added in version 2.x.\nFirst vendor publication: 2022.02.11\nFor more information: link 1, link 2\nI'm applying an exploit written by Ven3xy.\nThe script is provided in introductory measures.\nIts use against anyone is criminally punishable.\n\n#cve #poc #exploit", "creation_timestamp": "2022-05-19T13:57:03.000000Z"}, {"uuid": "714d809b-993f-4f71-ae64-3a1b20253e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "https://t.me/zero_day_uz/46", "content": "#CVE\n\n\nAbout  CVE-2022-24112 POC\n\n\n\nhttps://t.me/zero_day_uz", "creation_timestamp": "2022-06-25T14:45:39.000000Z"}, {"uuid": "93f29cb0-db0c-4d16-9ae7-c896480467b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24118", "type": "seen", "source": "https://t.me/cibsecurity/55324", "content": "\u203c CVE-2022-24118 \u203c\n\nCertain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:26.000000Z"}, {"uuid": "f2a89b16-8fd7-4156-941d-d038865ad7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24117", "type": "seen", "source": "https://t.me/cibsecurity/55342", "content": "\u203c CVE-2022-24117 \u203c\n\nCertain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:47.000000Z"}, {"uuid": "a9029b7e-cc61-4c09-8dde-559986b0e428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24116", "type": "seen", "source": "https://t.me/cibsecurity/55331", "content": "\u203c CVE-2022-24116 \u203c\n\nCertain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:36.000000Z"}, {"uuid": "5b9ee14e-b9ed-4e46-b846-4ccab143810f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24119", "type": "seen", "source": "https://t.me/cibsecurity/55323", "content": "\u203c CVE-2022-24119 \u203c\n\nCertain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:25.000000Z"}, {"uuid": "4d12c1df-f4d3-41d5-92c6-e897442e0e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "seen", "source": "https://t.me/cibsecurity/37298", "content": "\u203c CVE-2022-24112 \u203c\n\nAn attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-11T16:29:40.000000Z"}, {"uuid": "aebf700c-677d-45de-8e5a-a95e3c6263be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24111", "type": "seen", "source": "https://t.me/cibsecurity/37225", "content": "\u203c CVE-2022-24111 \u203c\n\nIn Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have not been shared with non-group members and portfolios created on the site and institution levels can be viewed without requiring a login if the URL to these portfolios is known.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T18:15:32.000000Z"}, {"uuid": "79a2949f-d5ee-4b6a-a00b-05f64946ed01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24110", "type": "seen", "source": "https://t.me/cibsecurity/37418", "content": "\u203c CVE-2022-24110 \u203c\n\nKiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-14T14:38:50.000000Z"}, {"uuid": "00051a06-6b60-46ac-9952-9366355c5a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24114", "type": "seen", "source": "https://t.me/cibsecurity/36894", "content": "\u203c CVE-2022-24114 \u203c\n\nLocal privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-05T02:42:27.000000Z"}, {"uuid": "b8cbfcbd-e456-4e55-bcb2-898d2fd3e965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1750", "content": "#exploit\n1. CVE-2022-25375:\nDemo exploit of RNDIS USB Gadget\nhttps://github.com/szymonh/rndis-co\n\n2. CVE-2022-24112:\nApache APISIX apisix/batch-requests RCE\nhttps://github.com/Mr-xn/CVE-2022-24112\n]-> https://github.com/shakeman8/CVE-2022-24112\n\n@BlueRedTeam", "creation_timestamp": "2022-02-23T05:20:26.000000Z"}, {"uuid": "438cfde7-dcc4-493d-abec-c418cc87704b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1807", "content": "#CVE-2022\nApache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit \n\nhttps://github.com/M4xSec/Apache-APISIX-CVE-2022-24112\n\n@BlueRedTeam", "creation_timestamp": "2022-03-16T12:07:41.000000Z"}, {"uuid": "b807493f-2101-4c7d-ad04-623fc45f4990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2528", "content": "#CVE-2022\nwriteup and PoC for (CVE-2022-41082/CVE-2022-41040) aka ProxyNotShell\nhttps://github.com/Adynervi/CVE-2022-41082-RCE-PoC\n\n\nPython Exploit for CVE-2022-0739\nhttps://github.com/BKreisel/CVE-2022-0739\n\n\nAll details about CVE-2022-43097\n\nhttps://github.com/nibin-m/CVE-2022-43097\n\nCVE-2022-24112_POC\nhttps://github.com/Acczdy/CVE-2022-24112_POC\n\n@BlueRedTeam", "creation_timestamp": "2022-12-18T11:13:39.000000Z"}, {"uuid": "a30f3697-40ee-4715-904b-9a8789001420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/5284", "content": "https://github.com/cckuailong/reapoc/tree/main/2022/CVE-2022-24112/vultarget", "creation_timestamp": "2022-03-17T13:01:21.000000Z"}, {"uuid": "b4f4fd91-4650-4274-adf9-b09cf8c89ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5645", "content": "#exploit\n1. CVE-2022-24112:\nApache APISIX < 2.12.1 RCE and Docker Lab\nhttps://github.com/twseptian/cve-2022-24112\nhttps://github.com/Mr-xn/CVE-2022-24112\n]-> Check:\nhttps://github.com/shakeman8/CVE-2022-24112\n\n2. CVE-2022-0337:\nSystem environment variables leak on Google Chrome, Microsoft Edge and Opera\nhttps://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera", "creation_timestamp": "2022-03-21T11:00:33.000000Z"}, {"uuid": "eb4f259b-e856-4b33-8271-065e5e3af7e9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a94ef2be-52bf-4e37-98a6-be6494bbc227", "content": "", "creation_timestamp": "2026-06-19T12:47:05.781622Z"}, {"uuid": "092b62db-6528-4991-b78a-ccfce01a131f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24112", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/85c098e1-3dbd-4386-ad15-0b4dc0f2f6c6", "content": "", "creation_timestamp": "2026-06-23T14:05:32.036992Z"}]}