Sep 23, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Sophos Firewall added to CISA KEV — confirmed in-the-wild exploitation.
  • Wp-useronline Project Wp-useronline: public exploit or PoC linked (XSS)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-3236 Sophos Firewall Code Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Confirmed in-the-wild exploitation per CISA KEV — active threat momentum, not theoretical risk.

Active exploit activity

CVE-2021-4045 Tp-link Tapo C200 Firmware RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Tp-link Tapo C200 Firmware RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2022-40114 Online Banking System Project Online Banking System SQL Injection

  • CVSS 9.8

New critical Online Banking System Project Online Banking System SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

CVE-2022-2941 Exploit

The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0.

CVE-2022-36633 Exploit

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution.

CVE-2022-34140 Exploit

A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary...

CVE-2021-4045 Exploit

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in th...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-40114 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_custome...

CVE-2022-40115 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_benef...

CVE-2022-40116 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/beneficiary.php.

CVE-2022-40117 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_custo...

CVE-2022-40118 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds_a...

CVE-2022-40119 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/transact...

CVE-2022-40120 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/customer...

CVE-2022-40121 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/manage_custom...

CVE-2022-40122 CVSS 9.8

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_custome...

View critical disclosures

cvelogic Threat Intelligence