Ctrl + K
/ news / CVE
CVEPublished 2022-03-03Modified 2026-06-031 article on news7 live referencesNVD data

CVE-2022-0492Netapp · H300s_firmware

Vulnerability data via NVD (ingested)

CVSS v3.1
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
93
Exploit Prediction Scoring System · top 7% of all CVEs
Weaknesses (CWE)
CWE-287Improper AuthenticationCWE-862Missing Authorization
Description

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Timeline
Published 2022-03-03
Modified 2026-06-03

External references

NVDMITREExploit-DBGitHub PoCSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag935 hosts
vuln:CVE-2022-0492
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · OS
os:"H300s Firmware"
Hosts Shodan identified as running H300s Firmware.
More intel sources (5)
Shodan report
vuln:CVE-2022-0492
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2022-0492
Censys host search filtered to this CVE id.
grep.app
CVE-2022-0492
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2022-0492
GitHub code search for direct mentions.
Google dork
"CVE-2022-0492" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (7)

CVE-2022-04927 repos
Threekiii/Awesome-POCJava
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
★ 5,043·updated 1mo ago
cdk-team/CDKGo
📦 Make security testing of K8s, Docker, and Containerd easier.
★ 4,688·updated 1mo ago
Metarget/metargetPython
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
★ 1,397·updated 1y ago
ARPSyndicate/cve-scoresunknown
EPSS & VEDAS Score Aggregator for CVEs
★ 259·updated 3mo ago
MY0723/FLUX-Webscanunknown
FLUX 是一款专业的Web安全扫描工具,JS敏感信息收集、API端点提取、API文档解析、页面爬取、子域名发现、漏洞测试、WAF检测与绕过、JS代码分析等功能。
★ 212·updated 1mo ago
kvesta/vestaGo
A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing
★ 207·updated 1y ago
ctrsploit/ctrsploitC
A penetration toolkit for container environment
★ 150·updated 3d ago
Articles on news mentioning CVE-2022-0492