{"vulnerability": "cve-2022-45313", "sightings": [{"uuid": "829b7176-10ec-4cb4-a566-5583affce313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13235", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45313\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.\n\ud83d\udccf Published: 2022-12-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T13:50:10.585Z\n\ud83d\udd17 References:\n1. https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-45313/README.md", "creation_timestamp": "2025-04-24T14:05:56.000000Z"}, {"uuid": "8136e514-baf1-4546-90c2-da828b317410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "published-proof-of-concept", "source": "Telegram/Yjgsq7NwPFgAUxp0Ly-WqYDm0tEe-ZcQeqpKxZ581HienpI", "content": "", "creation_timestamp": "2023-01-20T16:32:02.000000Z"}, {"uuid": "a4c80eec-b0a0-4584-a9d2-b9aab7b4e483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "seen", "source": "https://t.me/ics_cert/672", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0637\u0631\u0646\u0627\u06a9 \u062f\u0631 RouterOS \u0634\u0631\u06a9\u062a \u0645\u06cc\u06a9\u0631\u0648\u062a\u06cc\u06a9\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2022-45313 \u0648 \u062f\u0631\u062c\u0647 \u0627\u0647\u0645\u06cc\u062a \u062d\u06cc\u0627\u062a\u06cc\u060c \u0627\u0632 \u0637\u0631\u06cc\u0642 Nova Message \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0647\u06a9\u0631 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u0646\u0645\u0627\u06cc\u062f.\n\n\u0628\u0647 \u062f\u0644\u06cc\u0644 \u06a9\u062b\u0631\u062a \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u060c \u0644\u0637\u0641\u0627\u064b \u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644 RouterOS \u0622\u0646 \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0628\u0647 \u0646\u0633\u062e\u0647 \u067e\u0627\u06cc\u062f\u0627\u0631 7.5 \u06cc\u0627 \u0628\u0627\u0644\u0627\u062a\u0631 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0646\u0645\u0627\u06cc\u06cc\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2022-12-16T17:05:23.000000Z"}, {"uuid": "1611193e-abe9-4860-813c-69c2513ce53c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/626", "content": "\ud83d\udca3 \u0647\u0634\u062f\u0627\u0631!\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062e\u0637\u0631\u0646\u0627\u06a9\u06cc \u062f\u0631 RouterOS \u0634\u0631\u06a9\u062a \u0645\u06cc\u06a9\u0631\u0648\u062a\u06cc\u06a9 \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0647\u06a9\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 Nova Message \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u0646\u0645\u0627\u06cc\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2022-45313 \u0648 \u062f\u0631\u062c\u0647 \u0627\u0647\u0645\u06cc\u062a \u062d\u06cc\u0627\u062a\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u06cc\u06a9 \u0645\u062d\u0642\u0642 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u062f\u0631\u06a9 \u0628\u0647\u062a\u0631 \u0622\u0646 PoC \u0646\u06cc\u0632 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0627\u062f\u0627\u0645\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u062c\u0632\u0626\u06cc\u0627\u062a \u0641\u0646\u06cc \u0622\u0646 \u0628\u06cc\u0634\u062a\u0631 \u0622\u0634\u0646\u0627 \u0634\u0648\u06cc\u062f.\n\n\u0646\u06a9\u062a\u0647 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u06a9\u062b\u0631\u062a \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0627\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644 \u0644\u0637\u0641\u0627 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 RouterOS \u0622\u0646 \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0628\u0647 \u0646\u0633\u062e\u0647 \u067e\u0627\u06cc\u062f\u0627\u0631 7.5 \u06cc\u0627 \u0628\u0627\u0644\u0627\u062a\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0645\u0627\u06cc\u06cc\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a PoC \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0622\u0646: https://github.com/cq674350529/pocs_slides/tree/master/advisory/MikroTik/CVE-2022-45313", "creation_timestamp": "2022-12-17T09:30:50.000000Z"}, {"uuid": "44dfab79-5149-4be2-bf4b-132ac2fa9aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1666", "content": "#exploit\n1. CVE-2022-46169:\nCritical vulnerability affects Cacti network graphing solution\nhttps://securityonline.info/cve-2022-46169-critical-vulnerability-affects-cacti-network-graphing-solution\n\n2. Linux PrivEsc(2) - Scheduled Tasks (cron)\nhttps://medium.com/@tinopreter/linux-privesc-2-scheduled-tasks-cron-b23c4c4df152\n\n3. CVE-2022-45313/45315:\nMikrotik RouterOs &lt;7.5/7.6 was discovered to contain an OOB R/ in the hotspot vuln/snmp process\nhttps://github.com/cq674350529/pocs_slides/tree/master/advisory/MikroTik/CVE-2022-45313\nhttps://github.com/cq674350529/pocs_slides/tree/master/advisory/MikroTik/CVE-2022-45315", "creation_timestamp": "2022-12-07T14:51:25.000000Z"}, {"uuid": "791f5fc4-1cc2-4831-8f09-97c46abaa7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "seen", "source": "https://t.me/cibsecurity/53989", "content": "\u203c CVE-2022-45313 \u203c\n\nMikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T18:40:13.000000Z"}, {"uuid": "23533ab9-b13d-494b-bd98-a4bfec427c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45313", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7314", "content": "#exploit\n1. CVE-2022-46169:\nCritical vulnerability affects Cacti network graphing solution\nhttps://securityonline.info/cve-2022-46169-critical-vulnerability-affects-cacti-network-graphing-solution\n\n2. Linux PrivEsc(2) - Scheduled Tasks (cron)\nhttps://medium.com/@tinopreter/linux-privesc-2-scheduled-tasks-cron-b23c4c4df152\n\n3. CVE-2022-45313/45315:\nMikrotik RouterOs &lt;7.5/7.6 was discovered to contain an OOB R/ in the hotspot vuln/snmp process\nhttps://github.com/cq674350529/pocs_slides/tree/master/advisory/MikroTik/CVE-2022-45313\nhttps://github.com/cq674350529/pocs_slides/tree/master/advisory/MikroTik/CVE-2022-45315\n\n@pocfather_bot", "creation_timestamp": "2022-12-07T11:01:06.000000Z"}]}