{"vulnerability": "cve-2022-38374", "sightings": [{"uuid": "8bcf716b-f789-436f-a677-76fd0848cb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/23", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.", "creation_timestamp": "2022-12-21T07:09:35.000000Z"}, {"uuid": "f7e632c5-bf50-4ed3-b1f7-48179c34f8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1284", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2025-04-29T05:54:25.000000Z"}, {"uuid": "549df1a4-b788-4f36-9076-35a85d7e0887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/200332", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-38374 Exploit hediye\", \n  \"author\": \" (MuhammedTr768)\",\n  \"Detection Date\": \"12 Feb 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-12T20:42:57.000000Z"}, {"uuid": "22df3ee2-474e-4157-8c5b-c909b9cd12c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/400417", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-38374 Exploit hediye\", \n  \"author\": \" (MuhammedTr768)\",\n  \"Detection Date\": \"16 Dec 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-16T11:55:42.000000Z"}, {"uuid": "bd878863-1685-418a-8c80-a85014cf014a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1511", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection vulnerability using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T15:13:52.000000Z"}, {"uuid": "cac140cd-0389-432d-8680-0275d5328adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/600", "content": "CVE-2022-38374 : Fortinet FortiADC 7.0.0 &gt; 7.0.2 &amp; 6.2.0 &gt; 6.2.4 -\u00a0Unauthorized Code / Command Execution \nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T21:29:01.000000Z"}, {"uuid": "20bd9973-a5cc-4e5e-8dee-9540ceb5efd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1490", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2022-11-25T12:20:39.000000Z"}, {"uuid": "feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7247", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2024-10-12T06:42:59.000000Z"}]}