{"vulnerability": "cve-2022-32548", "sightings": [{"uuid": "d7f0e9b4-43de-43ac-85aa-5343692075ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/poxek/2371", "content": "#CVE\n\nUnauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers\nCVE-2022-32548\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Trellix Threat Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c CVE-2022-32548, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 DrayTek. \u0410\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0431\u0435\u0437 \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0435\u0441\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c. \u0410\u0442\u0430\u043a\u0430 \u043e\u0434\u043d\u0438\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c \u043c\u044b\u0448\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430 \u0438\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u0410\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c. \u0412\u0441\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u0438\u043c\u0435\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f.", "creation_timestamp": "2022-08-26T15:00:04.000000Z"}, {"uuid": "7406ecfc-f4c4-4ff0-9f6f-31ebb8d278a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3109", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\nURL\uff1ahttps://github.com/uisvit/CVE-2022-32548-RCE-MASS\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-24T14:31:25.000000Z"}, {"uuid": "5ae27647-fa48-441c-9c11-9812a84382c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3182", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\nURL\uff1ahttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-06T17:24:54.000000Z"}, {"uuid": "1a91b079-44b6-47f0-85c4-98d6c67e3f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1164", "content": "#CVE-2022-32548\n\nhttps://github.com/rftg1000/CVE-2022-32548-RCE-POC", "creation_timestamp": "2023-07-28T18:26:40.000000Z"}, {"uuid": "d2f0a3cd-c681-403f-8624-cfb75af2446b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/cibsecurity/47513", "content": "\ud83d\udd74 Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks \ud83d\udd74\n\nSMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2022-08-05T00:12:11.000000Z"}, {"uuid": "d569db2f-1bd9-49fd-b92a-7455413464a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2437", "content": "#CVE-2022\nDrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field\n\nhttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC\n\n@BlueRedTeam", "creation_timestamp": "2022-11-09T02:49:30.000000Z"}, {"uuid": "b6914b02-3cb6-42f2-b404-99117199a86d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6788", "content": "#exploit\n1. CVE-2022-36804:\nA critical vulnerability in Atlassian Bitbucket Server/Data Center\nhttps://github.com/CEOrbey/CVE-2022-36804-MASS-RCE\n\n2. CVE-2022-32548:\nDrayTek unauthenticated RCE vulnerability in /cgi-bin/wlogin.cgi via username field\nhttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC", "creation_timestamp": "2022-11-08T05:19:47.000000Z"}, {"uuid": "0f403656-25e6-4b19-b9b8-4e204b613759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9277", "content": "#exploit\n1. CVE-2023-5521:\nRoot takeover via signature spoofing in tiann/kernelsu\nhttps://huntr.com/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1\n\n2. CVE-2023-4632:\nLPE in Lenovo System\u00a0Updater\nhttps://enigma0x3.net/2023/10/26/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater\n\n3. CVE-2022-32548:\nDrayTek unauthenticated RCE in /cgi-bin/wlogin.cgi\nhttps://github.com/MosaedH/CVE-2022-32548-RCE-POC", "creation_timestamp": "2023-10-28T12:33:01.000000Z"}, {"uuid": "6dc910e8-ae03-424b-ba72-8add71131782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1566", "content": "#exploit\n1. CVE-2023-5521:\nRoot takeover via signature spoofing in tiann/kernelsu\nhttps://huntr.com/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1\n\n2. CVE-2023-4632:\nLPE in Lenovo System\u00a0Updater\nhttps://enigma0x3.net/2023/10/26/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater\n\n3. CVE-2022-32548:\nDrayTek unauthenticated RCE in /cgi-bin/wlogin.cgi\nhttps://github.com/MosaedH/CVE-2022-32548-RCE-POC", "creation_timestamp": "2024-08-16T08:40:14.000000Z"}, {"uuid": "ea0d0ca3-9cb1-46b3-a131-17c99875dd57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "Telegram/xxRaxVI1gR5FP04Wc_U4-0Y2xWdwmht_siqYhLchpXSnPME", "content": "", "creation_timestamp": "2023-10-11T20:09:29.000000Z"}, {"uuid": "6e562d84-1dad-4d1a-9e4b-2ee34fc091ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "published-proof-of-concept", "source": "Telegram/3KGSVBcUEI8daJAV77erOipGt_ffS4VChajyk7mqZZk-Lkw", "content": "", "creation_timestamp": "2022-10-07T14:26:04.000000Z"}, {"uuid": "e03164ff-db96-4b40-8fea-bb452c825ebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32548", "type": "seen", "source": "https://t.me/thehackernews/2443", "content": "Researchers discovered a critical unauthenticated RCE vulnerability (CVE-2022-32548) affecting 29 different router models from DrayTek that can be exploited to gain full access over targeted networks.\n\nRead details: https://thehackernews.com/2022/08/critical-rce-bug-could-let-hackers.html", "creation_timestamp": "2022-08-04T15:13:26.000000Z"}]}