{"vulnerability": "cve-2022-4177", "sightings": [{"uuid": "f85219cd-d5e4-42f4-9ff4-ec5fc3556254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2972", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41771\n\ud83d\udd39 Description: Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.\n\ud83d\udccf Published: 2023-05-10T13:17:17.680Z\n\ud83d\udccf Modified: 2025-01-24T17:39:57.962Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00778.html", "creation_timestamp": "2025-01-24T18:05:22.000000Z"}, {"uuid": "295695de-75f7-4621-bc77-3f915e030bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41770", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15571", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41770\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory resource utilization, via undisclosed requests.\n\ud83d\udccf Published: 2022-10-19T21:21:48.456Z\n\ud83d\udccf Modified: 2025-05-08T18:08:48.308Z\n\ud83d\udd17 References:\n1. https://support.f5.com/csp/article/K22505850", "creation_timestamp": "2025-05-08T18:24:14.000000Z"}, {"uuid": "26e370ff-34b2-4940-be5b-499dd5746dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41771", "type": "seen", "source": "https://t.me/cibsecurity/63796", "content": "\u203c CVE-2022-41771 \u203c\n\nIncorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:28:55.000000Z"}, {"uuid": "05c7f781-7b39-481f-962d-320df48ea360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41775", "type": "seen", "source": "https://t.me/cibsecurity/53124", "content": "\u203c CVE-2022-41775 \u203c\n\nSQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T02:18:08.000000Z"}, {"uuid": "52ef905d-1f85-4d56-b09b-cf2d254f27c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41773", "type": "seen", "source": "https://t.me/cibsecurity/52173", "content": "\u203c CVE-2022-41773 \u203c\n\nThe affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T00:28:44.000000Z"}, {"uuid": "7bae5611-f93d-44ef-a7ac-bb6a1a92976a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41772", "type": "seen", "source": "https://t.me/cibsecurity/52315", "content": "\u203c CVE-2022-41772 \u203c\n\nDelta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-31T23:13:20.000000Z"}, {"uuid": "750d23fb-4933-43b2-93b8-a3af0ba1b65a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41770", "type": "seen", "source": "https://t.me/cibsecurity/51841", "content": "\u203c CVE-2022-41770 \u203c\n\nIn BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory resource utilization, via undisclosed requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T02:20:39.000000Z"}, {"uuid": "679c0acd-35b9-46a5-b0ae-ec653d9c6acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41778", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7133", "content": "#Threat_Research\n1. Apache Commons JXPath RCE (CVE-2022-41852)\nhttps://xz.aliyun.com/t/11813\n2. Vulnerability package analysis in InfraSuite Device Master\nhttps://tttang.com/archive/1806/#toc_cve-2022-41778\n3. Malicious Python Packages Replace Crypto Addresses in Developer Clipboards\nhttps://blog.phylum.io/pypi-malware-replaces-crypto-addresses-in-developers-clipboard", "creation_timestamp": "2022-11-09T11:03:03.000000Z"}]}