{"vulnerability": "cve-2022-2465", "sightings": [{"uuid": "9ee2a4b5-7181-49ac-8d04-efeadc13b3f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24654", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2918", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2022-24654\nURL\uff1ahttps://github.com/leonardobg/CVE-2022-24654\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-11T15:10:46.000000Z"}, {"uuid": "5fa42f6e-25f4-48e1-be82-545b80a7cefe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2465", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12114", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2465\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.\n\ud83d\udccf Published: 2022-08-25T17:25:07.000Z\n\ud83d\udccf Modified: 2025-04-16T17:49:53.570Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03", "creation_timestamp": "2025-04-16T17:56:44.000000Z"}, {"uuid": "38f2f8f4-bce4-4688-b0f5-2b24fd8e5264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2465", "type": "seen", "source": "https://t.me/cibsecurity/48807", "content": "\u203c CVE-2022-2465 \u203c\n\nRockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:31.000000Z"}, {"uuid": "d3a3b394-0ec1-4a5a-a1bb-021bf6daa31e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24654", "type": "seen", "source": "https://t.me/cibsecurity/48172", "content": "\u203c CVE-2022-24654 \u203c\n\nAuthenticated stored cross-site scripting (XSS) vulnerability in \"Field Server Address\" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T22:38:05.000000Z"}, {"uuid": "42cbbe27-eefb-465e-852e-ff1efccafe94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24657", "type": "seen", "source": "https://t.me/cibsecurity/46648", "content": "\u203c CVE-2022-24657 \u203c\n\nGoldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol (port 22).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T16:20:09.000000Z"}, {"uuid": "66a01c00-885e-471e-80eb-ae9de69942ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24659", "type": "seen", "source": "https://t.me/cibsecurity/46645", "content": "\u203c CVE-2022-24659 \u203c\n\nGoldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T16:20:05.000000Z"}, {"uuid": "a2d3e89b-9464-4ffd-a023-bc92b74fc73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24655", "type": "seen", "source": "https://t.me/cibsecurity/39196", "content": "\u203c CVE-2022-24655 \u203c\n\nA stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T18:04:05.000000Z"}]}