{"vulnerability": "cve-2022-2952", "sightings": [{"uuid": "cdd0a2f2-c4cc-4d18-b52f-f8df393af76c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-29526", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "cf43e3ba-5f74-43d2-b653-f38acebd43fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29520", "type": "seen", "source": "https://t.me/cibsecurity/52042", "content": "\u203c CVE-2022-29520 \u203c\n\nAn OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z. A specially-crafted XCMD can lead to arbitrary command execution. An attacker can send an XML payload to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:37.000000Z"}, {"uuid": "4efb66a1-1f39-4703-8703-21ce9803641b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29525", "type": "seen", "source": "https://t.me/cibsecurity/44260", "content": "\u203c CVE-2022-29525 \u203c\n\nRakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-13T12:18:00.000000Z"}, {"uuid": "a3ec9ed9-09b4-4d33-8326-c11622d47962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29528", "type": "seen", "source": "https://t.me/cibsecurity/41215", "content": "\u203c CVE-2022-29528 \u203c\n\nAn issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T02:26:14.000000Z"}, {"uuid": "6fa967f9-ddb3-414f-a8ce-b609feb986ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29529", "type": "seen", "source": "https://t.me/cibsecurity/41213", "content": "\u203c CVE-2022-29529 \u203c\n\nAn issue was discovered in MISP before 2.4.158. There is stored XSS via the LinOTP login field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T02:26:12.000000Z"}]}