{"vulnerability": "cve-2022-3242", "sightings": [{"uuid": "6555bcab-5113-4e21-b50b-4b8d865e86b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32429", "type": "seen", "source": "https://t.me/cibsecurity/47918", "content": "\u203c CVE-2022-32429 \u203c\n\nAn authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:32:28.000000Z"}, {"uuid": "1bee553c-8b68-416d-b23e-6d6141ab94ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32425", "type": "seen", "source": "https://t.me/cibsecurity/46285", "content": "\u203c CVE-2022-32425 \u203c\n\nThe login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server's response time.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T02:33:07.000000Z"}, {"uuid": "9edbfd9b-c5e4-4019-8ba0-8683f989ee87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32420", "type": "seen", "source": "https://t.me/cibsecurity/45538", "content": "\u203c CVE-2022-32420 \u203c\n\nCollege Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-02T00:40:09.000000Z"}, {"uuid": "60612cd9-7d56-4073-a47e-ca535d794f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3242", "type": "seen", "source": "https://t.me/cibsecurity/50134", "content": "\u203c CVE-2022-3242 \u203c\n\nCode Injection in GitHub repository microweber/microweber prior to 1.3.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T14:39:01.000000Z"}, {"uuid": "d6e7d523-a230-4ef4-a33f-f4c250382a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32427", "type": "seen", "source": "https://t.me/cibsecurity/48695", "content": "\u203c CVE-2022-32427 \u203c\n\nPrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T07:23:14.000000Z"}]}