Oct 6, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Zephyr-one Zephyr Project Manager: public exploit or PoC linked (SQL Injection)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2022-2840 Zephyr-one Zephyr Project Manager SQL Injection

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Critical exposure

CVE-2022-37888 Arubanetworks Arubaos RCE

  • CVSS 9.8
  • Remote code execution exposure

New critical Arubanetworks Arubaos RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-40494 Ehang-io Nps Auth Bypass

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical Ehang-io Nps Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2022-2840 Exploit

The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL stateme...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2022-3273 CVSS 9.8

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

CVE-2022-37888 CVSS 9.8

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sen...

CVE-2022-39222 CVSS 9.3

Dex is an identity service that uses OpenID Connect to drive authentication for other apps.

CVE-2022-39269 CVSS 9.1

PJSIP is a free and open source multimedia communication library written in C.

CVE-2022-40494 CVSS 9.8

NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key a...

CVE-2022-40895 CVSS 9.1

In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker t...

CVE-2022-41518 CVSS 9.8

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function a...

CVE-2022-41522 CVSS 9.8

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function.

CVE-2022-41525 CVSS 9.8

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bi...

CVE-2022-42457 CVSS 9.1

Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxse...

View critical disclosures

cvelogic Threat Intelligence