CVE-2022-46411
https://notcve.org/view.php?id=CVE-2022-46411
A default password is persisted after installation and may be discovered and used to escalate privileges. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue3 • CWE-287: Improper Authentication •
CVE-2022-46410
https://notcve.org/view.php?id=CVE-2022-46410
An attacker with non-root privileges may escalate privileges to root by using specific commands. • https://www.veritas.com/content/support/en_US/security/VTS22-019#issue5 •
CVE-2022-44929
https://notcve.org/view.php?id=CVE-2022-44929
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. • https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44929 •
CVE-2022-45797
https://notcve.org/view.php?id=CVE-2022-45797
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. • https://success.trendmicro.com/solution/000291830 •
CVE-2022-44096
https://notcve.org/view.php?id=CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel. • https://github.com/upasvi/CVE-/issues/1 • CWE-798: Use of Hard-coded Credentials •