{"vulnerability": "CVE-2024-4281", "sightings": [{"uuid": "d88eaddd-be21-49bb-ae5f-55f923fcfa9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42815", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12330", "content": "\u200aCVE-2024-42815 (CVSS 9.8): Buffer Overflow Flaw in TP-Link Routers Opens Door to RCE\n\nhttps://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce/", "creation_timestamp": "2024-09-08T17:47:03.000000Z"}, {"uuid": "a0acfff6-cef8-4586-b25c-4f37e24cfe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42815", "type": "seen", "source": "https://t.me/cvedetector/3563", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42815 - TP-Link Web Server HTTP Header Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42815 \nPublished : Aug. 19, 2024, 8:15 p.m. | 22\u00a0minutes ago \nDescription : In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T22:43:33.000000Z"}, {"uuid": "c0c50e28-1ace-4881-a6aa-e08f789964f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42813", "type": "seen", "source": "https://t.me/cvedetector/3560", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42813 - TRENDnet TEW-752DRU Remote Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42813 \nPublished : Aug. 19, 2024, 8:15 p.m. | 22\u00a0minutes ago \nDescription : In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T22:43:30.000000Z"}, {"uuid": "7d2fda12-3a7d-4724-b51b-e4cfce9b374c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42812", "type": "seen", "source": "https://t.me/cvedetector/3565", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42812 - D-Link DIR-860L Firmware Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42812 \nPublished : Aug. 19, 2024, 8:15 p.m. | 22\u00a0minutes ago \nDescription : In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T22:43:36.000000Z"}, {"uuid": "91ed7bcc-c432-4405-b6d9-170c578d59b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42818", "type": "seen", "source": "https://t.me/cvedetector/4181", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42818 - Fastapi-Admin Pro- Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42818 \nPublished : Aug. 26, 2024, 4:15 p.m. | 27\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T18:49:47.000000Z"}, {"uuid": "915df526-e089-4a9b-9115-afb9f4b4895f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42816", "type": "seen", "source": "https://t.me/cvedetector/4179", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42816 - Fastapi-Admin Pro XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42816 \nPublished : Aug. 26, 2024, 4:15 p.m. | 27\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T18:49:42.000000Z"}, {"uuid": "5fb890e2-72dc-4de4-bfa4-4eec577b43e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42815", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/253", "content": "#exploit\n1. CVE-2024-43044:\nFrom file read to RCE in Jenkins through agents\nhttps://blog.convisoappsec.com/en/analysis-of-cve-2024-43044\n\n2. CVE-2024-42815:\nBuffer Overflow in TP-Link Routers\nhttps://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce", "creation_timestamp": "2024-09-03T15:37:31.000000Z"}, {"uuid": "4d7d16a0-3cf9-4517-bc0f-533deb7a209e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4281", "type": "seen", "source": "Telegram/2O4JKcq3tefin7_nmhAHn82OdmQv7CJlKuF9AGMBBxteMfvW", "content": "", "creation_timestamp": "2025-02-06T02:40:18.000000Z"}, {"uuid": "3ec57732-8ce0-4cc8-97b0-076d08082f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42815", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11077", "content": "#exploit\n1. CVE-2024-43044:\nFrom file read to RCE in Jenkins through agents\nhttps://blog.convisoappsec.com/en/analysis-of-cve-2024-43044\n\n2. CVE-2024-42815:\nBuffer Overflow in TP-Link Routers\nhttps://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce\n\n3. CVE-2024-37084:\nSpring Cloud RCE\nhttps://blog.securelayer7.net/spring-cloud-skipper-vulnerability", "creation_timestamp": "2024-09-04T04:21:25.000000Z"}]}