{"vulnerability": "CVE-2022-3541", "sightings": [{"uuid": "22f50ea3-067c-4c4d-8705-5b152849d15a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "ec468fbd-2ef1-42f2-a01c-8d9129185e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-01)", "content": "", "creation_timestamp": "2025-01-01T00:00:00.000000Z"}, {"uuid": "57571b30-9a36-48e7-bac7-dd2c9af0073a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-03)", "content": "", "creation_timestamp": "2025-01-03T00:00:00.000000Z"}, {"uuid": "38c3fdb4-efbc-418e-b94a-36618a9cd88b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-06)", "content": "", "creation_timestamp": "2025-01-06T00:00:00.000000Z"}, {"uuid": "78f2f6da-6448-4dd5-b10e-c182319afc9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "da23f7d0-d91a-464a-aacf-7b5e17610553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "a4f92962-4b11-4c73-a537-ea75a063167c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "c4958406-bdcb-41e1-9e43-ccc0703e49ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "2b6003ee-b415-471b-9de8-7ed90f918aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-01)", "content": "", "creation_timestamp": "2025-03-01T00:00:00.000000Z"}, {"uuid": "1a03e8a2-4b0c-4a28-8085-010e00f26e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "df22e6f9-aac5-4e2a-adda-5bf24fa63691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "93bb62b3-508e-43b4-a8e4-6724409aa559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-11)", "content": "", "creation_timestamp": "2025-03-11T00:00:00.000000Z"}, {"uuid": "dad9d09b-672d-4780-a55f-b82969cd9095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-28)", "content": "", "creation_timestamp": "2025-03-28T00:00:00.000000Z"}, {"uuid": "32f18756-59dd-4330-bbdc-1a826d7914ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-05)", "content": "", "creation_timestamp": "2025-06-05T00:00:00.000000Z"}, {"uuid": "3cf6c983-4638-4158-9938-58250871d8af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "5c06b5bd-9729-4e85-9f7a-a672863499a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-02)", "content": "", "creation_timestamp": "2025-12-02T00:00:00.000000Z"}, {"uuid": "94cf341a-e15f-4601-8f06-0332a754dfa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-03)", "content": "", "creation_timestamp": "2025-12-03T00:00:00.000000Z"}, {"uuid": "68053b18-886b-47cd-8634-a703c5bbd5f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-17)", "content": "", "creation_timestamp": "2026-02-17T00:00:00.000000Z"}, {"uuid": "caacd828-f9f2-4f07-b060-931fafb60a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "adbf5c32-4fc4-42f8-b083-f310c20c0c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35416", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2684", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aH3C_SSL_VPN_XSS(Reflected XSS) CVE-2022-35416\nURL\uff1ahttps://github.com/safe3s/CVE-2022-35416\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-12T04:40:43.000000Z"}, {"uuid": "6081b26f-1248-4d9b-9b86-60c1ffbcc724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35411", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7168", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1arpc.py 0.6.0 - Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/fuzzlove/CVE-2022-35411\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-04-25T11:10:21.000000Z"}, {"uuid": "23353d9f-0322-4309-a27b-bfa633b3493e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35411", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/45668", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aExploit for CVE-2022-35411 \u2014 Unauthenticated RCE in rpc.py (<= 0.6.0)\nURL\uff1ahttps://github.com/CSpanias/rpc-rce.py\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-28T09:31:39.000000Z"}, {"uuid": "5b8c41f6-321a-406a-b26a-0da9d12908fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35411", "type": "published-proof-of-concept", "source": "Telegram/Fl_ltFZIbiQsMNPTYivk2KXEOFXqbKjLz4yAp3sglbIHJYU", "content": "", "creation_timestamp": "2025-07-28T15:00:06.000000Z"}, {"uuid": "84fccadf-fd0c-4254-8b15-955fdb064e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35416", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2179", "content": "CVE-2022-35416\nH3C SSL VPN XSS(Reflected XSS) CVE-2022-35416\nhttps://github.com/safe3s/CVE-2022-35416\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-08-13T21:02:14.000000Z"}, {"uuid": "c911799a-51e6-4f67-a5c6-7280b36e8b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "seen", "source": "https://t.me/arpsyndicate/2777", "content": "#ExploitObserverAlert\n\nCVE-2022-35413\n\nDESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2022-35413. WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.\n\nFIRST-EPSS: 0.622570000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-15T10:01:13.000000Z"}, {"uuid": "5aa48981-3a1d-4fca-b799-c54f7fb200e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35413", "type": "seen", "source": "https://t.me/cibsecurity/49750", "content": "\u203c CVE-2022-35413 \u203c\n\nWAPPLES through 6.0 has a hardcoded systemi account accessible via db/wp.no1 (as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file). A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T02:25:57.000000Z"}, {"uuid": "f7216121-ecbf-4481-96e6-774ce1e07e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35414", "type": "seen", "source": "https://t.me/cibsecurity/45882", "content": "\u203c CVE-2022-35414 \u203c\n\nsoftmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-11T07:20:15.000000Z"}, {"uuid": "afaef02b-d327-4cb7-a196-053501a1f54f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35411", "type": "seen", "source": "https://t.me/cibsecurity/45834", "content": "\u203c CVE-2022-35411 \u203c\n\nrpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the \"serializer: pickle\" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T22:18:36.000000Z"}, {"uuid": "6651c344-03cd-45d5-b404-d00dd8bc053c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35416", "type": "seen", "source": "https://t.me/cibsecurity/45880", "content": "\u203c CVE-2022-35416 \u203c\n\nH3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-11T07:20:13.000000Z"}, {"uuid": "e3f2c190-dfa6-4119-a48a-9331cf0efa37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35412", "type": "seen", "source": "https://t.me/cibsecurity/45848", "content": "\u203c CVE-2022-35412 \u203c\n\nDigital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-09T00:16:38.000000Z"}]}