Reports of ProxyNotShell Vulnerabilities Being Actively Exploited (CVE-2022-41040 and CVE-2022-41082)
Tags
Common Information
| Type | Value |
|---|---|
| UUID | bedf1454-969c-4a47-8529-0c5d2ed5f046 |
| Fingerprint | b43919d3aa04f2c3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 21, 2022, 9:05 a.m. |
| Added to db | Dec. 21, 2022, 4:49 p.m. |
| Last updated | Nov. 15, 2024, 12:41 p.m. |
| Headline | Reports of ProxyNotShell Vulnerabilities Being Actively Exploited (CVE-2022-41040 and CVE-2022-41082) |
| Title | Reports of ProxyNotShell Vulnerabilities Being Actively Exploited (CVE-2022-41040 and CVE-2022-41082) |
| Detected Hints/Tags/Attributes | 45/2/17 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 238 | ✔ | SOCRadar® Cyber Intelligence Inc. | https://socradar.io/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 105 | cve-2022-41040 |
|
| Details | CVE | 127 | cve-2022-41082 |
|
| Details | CVE | 50 | cve-2022-41080 |
|
| Details | Domain | 61 | system.windows |
|
| Details | Domain | 2 | sync.service.auzreservices.com |
|
| Details | File | 6 | lockdown.dll |
|
| Details | File | 4 | win64.dll |
|
| Details | File | 8 | mfeann.exe |
|
| Details | File | 12 | svchosts.exe |
|
| Details | File | 28 | 0.dll |
|
| Details | File | 5 | vmwarexferlogs.exe |
|
| Details | md5 | 2 | F77E55FD56FDAD21766CAA9C896734E9 |
|
| Details | md5 | 2 | F9322EAD69300501356B13D751165DAA |
|
| Details | md5 | 2 | A2FAE32F116870E5A94B5FAB50A1CB71 |
|
| Details | md5 | 2 | 47A0814408210E6FCA502B3799B3952B |
|
| Details | md5 | 2 | 379F87DAA6A23400ADF19C1CDD6B0DC9 |
|
| Details | IPv4 | 2 | 193.149.185.52 |