Aug 5, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2022-25996 Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow

  • CVSS 9.8

New critical Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26009 Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow

  • CVSS 9.8

New critical Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26342 Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow

  • CVSS 9.8

New critical Tcl Linkhub Mesh Wifi Ac1200 Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-25996 CVSS 9.8

A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14.

CVE-2022-26009 CVSS 9.8

A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_0...

CVE-2022-26342 CVSS 9.8

A buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14.

CVE-2022-26346 CVSS 9.8

A denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14.

CVE-2022-26376 CVSS 9.8

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New...

CVE-2022-27178 CVSS 9.8

A denial of service vulnerability exists in the confctl_set_wan_cfg functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14.

CVE-2022-27631 CVSS 9.8

A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599.

CVE-2022-28664 CVSS 9.8

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.

CVE-2022-28665 CVSS 9.8

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.

CVE-2022-29465 CVSS 9.8

An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0.

View critical disclosures

cvelogic Threat Intelligence