{"vulnerability": "CVE-2024-2440", "sightings": [{"uuid": "12a1169e-cad3-4d7f-80f6-edaa31835454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24409", "type": "seen", "source": "https://t.me/cvedetector/10186", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-24409 - Zoho ManageEngine ADManager Plus Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-24409 \nPublished : Nov. 8, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to\u00a0Privilege Escalation in the\u00a0Modify Computers option. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-08T09:40:08.000000Z"}, {"uuid": "e413d4b1-9d33-4e65-a022-8e145f4c5927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/CRo72oop6ZwQnESqwzNS9o-UvXAtRRZBbTaMpkpQIbIEQGCv", "content": "", "creation_timestamp": "2025-01-19T09:05:11.000000Z"}, {"uuid": "c3841ad3-01c5-4cfc-be4a-6f19729050ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/kAUbr8-0TQ-fPSqj24CI2kVwB5fWjt3VmrC_U5KeVoPTPw", "content": "", "creation_timestamp": "2024-09-30T06:28:15.000000Z"}, {"uuid": "247a5656-89d7-427c-bca4-23ef86d01497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/56148", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:54.000000Z"}, {"uuid": "c51b0c2d-bb84-4ffd-bce7-c23e591278df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/119126", "content": "#exploit\nCVE-2024-20328:\nClamAV Command Injection Bug\nhttps://amitschendel.github.io/vulnerabilites/CVE-2024-20328\n\nCVE-2024-24816:\nCKEditor XSS vulnerability\nhttps://github.com/afine-com/CVE-2024-24816\n\nCVE-2023-35080:\nIvanti/Pulse VPN Client Exploit\nhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation\n\nCVE-2024-0811:\nChrome pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass\nhttps://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html\n\nCVE-2023-50387:\nKeyTrap in DNS/DNSSEC\nhttps://github.com/knqyf263/CVE-2023-50387\n\nCVE-2024-22369:\nApache Camel Unsafe Deserialization\nhttps://github.com/oscerd/CVE-2024-22369\n\nCVE-2024-1708/CVE-2024-1709:\nScreenConnect Authentication Bypass\nhttps://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass\n\nCCE-2024-21413:\nMicrosoft Outlook RCE\nhttps://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability\n\nCVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\nCVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\nCVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC\n\nCVE-2023-50386:\nApache Solr Backup/Restore APIs RCE\nhttps://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC\n\nCVE-2024-21762:\nFortiOS 6.0 - 7.4 - OoB/RCE\nhttps://github.com/c0d3b3af/CVE-2024-21762-POC\n\nCVE-2024-26521:\nCE Phoenix v1.0.x Html Injection\nhttps://github.com/hackervegas001/CVE-2024-26521\n\nCVE-2024-21672:\nConfluence Data Center/ Server RCE\nhttps://github.com/swagcrafted/CVE-2024-21672-POC\n\nCVE-2023-49109:\nRCE in Apache Dolphinscheduler\nhttps://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx\n\nCVE-2024-21410:\nMS Exchange Privilege Escalation\nhttps://github.com/FreakyM0ndy/CVE-2024-21410-poc", "creation_timestamp": "2024-10-04T00:51:53.000000Z"}, {"uuid": "4edec5c4-6385-49f4-95b9-1815bef90645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/LYNXBLACKHHATS/8323", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-30T06:28:15.000000Z"}, {"uuid": "17a68015-7bfd-4260-a181-4a47cd2911ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/1o3RyjbxkBAdqVV1IakPcUVDj3AIfLmG662gmZzR_AzpiWSm", "content": "", "creation_timestamp": "2025-01-20T11:03:21.000000Z"}, {"uuid": "03a4fe7e-6ded-4a63-af23-bc847eff33fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/sSOYy9sa0Jc9yTev23pVTCXx5ZwCCV54W3-F49CmFMjcWAGd", "content": "", "creation_timestamp": "2025-01-19T10:45:19.000000Z"}, {"uuid": "71d27402-4dd9-4a84-9e21-c53d4dce6bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/m_uXFR_n3tw3cdqXp4eNTFp75GNkXoZP5JCdghj_BLdvWjAh", "content": "", "creation_timestamp": "2025-01-19T10:54:11.000000Z"}, {"uuid": "75f045ef-2094-47dc-bbc5-05c575af72c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/1Z5p7xYqKVRAHiS5stM6LcQjCrKKZtV6q5K3lriQD01vETjY", "content": "", "creation_timestamp": "2025-01-20T11:03:16.000000Z"}, {"uuid": "e5ac2e01-c800-456e-8ca6-82ebcb9fba27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/MI65lLGsaGTIv40PK1J154YyMiL63QZNJWuw9XlT_YRsFb40", "content": "", "creation_timestamp": "2025-01-19T09:05:12.000000Z"}, {"uuid": "9e418770-1901-4e12-864c-855e4d127dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/1yNdYtjM167PWJ8z4QCuhWfayRW6CDLYSnp7378ajV5EDt8", "content": "", "creation_timestamp": "2024-10-04T00:51:08.000000Z"}, {"uuid": "089dcae9-66ac-4971-815f-36268a56d647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/dc_main/6679", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-09T00:39:20.000000Z"}, {"uuid": "fc355447-b3b0-471c-b6c7-a1b79788815c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4771", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-30T18:53:58.000000Z"}, {"uuid": "39345c8e-98e5-471e-8998-a37003186795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2257", "content": "CVE-2024-24401 NAGIOS \n*\nAuthenticated SQL Injection\n*\nPOC exploit", "creation_timestamp": "2024-09-05T13:29:00.000000Z"}, {"uuid": "de7e0cf4-c733-4fbf-a81e-0017e943e676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "seen", "source": "https://t.me/ctinow/193620", "content": "https://ift.tt/zot1qGf\nCVE-2024-24401", "creation_timestamp": "2024-02-26T18:32:14.000000Z"}, {"uuid": "ba90b160-e21d-4536-81b3-81213b3ce496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://t.me/ctinow/193614", "content": "https://ift.tt/tZSkLpm\nCVE-2024-24402", "creation_timestamp": "2024-02-26T18:26:38.000000Z"}, {"uuid": "7ee27045-44fd-425f-8045-3072b534a4ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "seen", "source": "https://t.me/ctinow/193613", "content": "https://ift.tt/zot1qGf\nCVE-2024-24401", "creation_timestamp": "2024-02-26T18:26:36.000000Z"}, {"uuid": "958e0c2e-cfae-485c-936c-79a44584595c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://t.me/ctinow/193621", "content": "https://ift.tt/tZSkLpm\nCVE-2024-24402", "creation_timestamp": "2024-02-26T18:32:15.000000Z"}, {"uuid": "944b827e-670e-4258-8ed0-1db518e34d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4368", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-24T16:13:09.000000Z"}, {"uuid": "f213a94a-93db-45d4-8570-bb1fbf6316fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3ll5migxe532u", "content": "", "creation_timestamp": "2025-03-24T20:40:20.992101Z"}, {"uuid": "57a80858-676c-4b27-9c42-2f00e7792224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24409", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmifndwo3v2a", "content": "", "creation_timestamp": "2025-04-10T21:02:18.260591Z"}, {"uuid": "04e6e55b-d0af-4a65-b69c-31bb2d393ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/7Ml4_lMheQFWoLP8HS6G4y2kPw4O-CbsZ96PEHQtUpuC3WA", "content": "", "creation_timestamp": "2025-05-04T05:10:20.000000Z"}, {"uuid": "10d089f3-c795-4389-a48d-4868c82cff59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8530", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-24402\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.\n\ud83d\udccf Published: 2024-02-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:56:51.043Z\n\ud83d\udd17 References:\n1. https://www.nagios.com/changelog/", "creation_timestamp": "2025-03-24T20:23:47.000000Z"}, {"uuid": "d9db0ecc-5589-463b-b2ca-9103b241224e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/6iE0nKJNWh7FFsElF-Vn8SgE64Y9mO70k9zXifBVBcDVphM", "content": "", "creation_timestamp": "2026-01-08T09:00:04.000000Z"}, {"uuid": "77d19ab4-fafb-4228-ace2-54ecf7cf37c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/YbirbaY412Y08oyMNUp6tjh709Mfa4BI-hIxRxXD7wWl9w", "content": "", "creation_timestamp": "2024-10-01T08:57:42.000000Z"}, {"uuid": "9ce53dd3-d3c6-435a-974b-144ed5ed6dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/268", "content": "CVE-2024-24401 NAGIOS \n*\nAuthenticated SQL Injection\n*\nPOC exploit", "creation_timestamp": "2024-09-05T14:00:25.000000Z"}, {"uuid": "f0b3bcbd-eff2-498e-b954-ced32eb5d142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/7b0KDMH2WfquipCst9Tv71iesbtnEU4bQJg16OEgDf9nbvsj", "content": "", "creation_timestamp": "2024-12-22T22:15:27.000000Z"}, {"uuid": "8072ba61-7d99-4fbf-8a23-e3baa395c995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/4749", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit\n\n\n\nNotice!!!\n\nFor those who can not Access \u267f our telegram channel through the formal \ud83d\udd87\ufe0f link \ud83e\udef0 A new \ud83d\udd17 link Have been created again \ud83e\ude90 so join through this link \ud83d\udd17\ud83d\udd87\ufe0f\n\n\u2764\ufe0f\u200d\ud83d\udd25Join Our Telegram Channel\u2764\ufe0f\u200d\ud83d\udd25\n     \ud83e\udec0 https://t.me/SuBoXo \ud83e\udec0", "creation_timestamp": "2024-10-01T08:57:09.000000Z"}, {"uuid": "4d002163-73c0-450b-ad4e-2130544b60fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/IkCHeV31-NZXhvInoZN4c4fS5IpImi0H6zp-kl6fmHlcxfM", "content": "", "creation_timestamp": "2024-09-08T10:29:47.000000Z"}, {"uuid": "325608ca-27e5-45ca-a56e-fd75a4cc7c65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/Wiwok_5CE9rCEVkXVMIW6sxe2fr40SmsNgXIGI2gJzgTQpM", "content": "", "creation_timestamp": "2024-09-30T18:57:49.000000Z"}, {"uuid": "4a98248d-6347-4c59-a2f5-fab70b308592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/260", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-08T10:29:27.000000Z"}, {"uuid": "6bcb52c7-06a0-4245-859f-5b6a73dd208b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1535", "content": "\ud83d\udc69\u200d\ud83d\udcbb Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\n\ud83d\udd17 Source:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-05T13:09:54.000000Z"}, {"uuid": "be67447e-b3f6-49d0-8e31-eef3961094b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://t.me/ctinow/194984", "content": "https://ift.tt/G6AWpyI\nCVE-2024-24402 | Nagios XI 2024R1.01 npcd cross site scripting", "creation_timestamp": "2024-02-28T00:21:55.000000Z"}, {"uuid": "60b12557-3bf0-4243-9cc8-77e0fdb79650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "seen", "source": "https://t.me/ctinow/194983", "content": "https://ift.tt/wQ6VX0p\nCVE-2024-24401 | Nagios XI 2024R1.01 monitoringwizard.php sql injection", "creation_timestamp": "2024-02-28T00:21:54.000000Z"}, {"uuid": "198417ab-689f-4ce9-bbc6-4a30e060ee8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10055", "content": "#exploit\n1. CVE-2024-24401:\nNagios Authenticated SQL Injection\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n2. CVE-2024-1071:\nWordPress Ultimate Member Unauthorized Database Access/SQLi\nhttps://github.com/gbrsh/CVE-2024-1071\n\n3. CVE-2024-1651:\nTorrentpier RCE Exploit\nhttps://github.com/sharpicx/CVE-2024-1651-PoC", "creation_timestamp": "2024-02-28T16:47:17.000000Z"}, {"uuid": "bd762145-4529-41a3-8392-187d5642b144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/P054ImMwjqD_rl7lBAm-hCz5MlTq06QbnDeiIVFMTFFsHy4", "content": "", "creation_timestamp": "2025-05-04T05:11:16.000000Z"}, {"uuid": "fa5f5cc4-a8f4-4683-afa6-04ecdb4911bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/xatori_sec/112", "content": "\ud83d\udc69\u200d\ud83d\udcbb Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\n\ud83d\udd17 Source:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-05T13:29:15.000000Z"}, {"uuid": "73240649-b3ba-40fb-9ca6-0d1c8f692f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/V1VUnV7rs7gBAtSdtSG9YU8DOLHIzu1kUZjtLh94w5_yW5C9", "content": "", "creation_timestamp": "2024-12-22T22:15:30.000000Z"}, {"uuid": "ceb0786d-ccda-4c3a-ab44-b3bba10146b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/UrNq84zyBC1oMAufBesPTpXAbedIsqXaSNJFq3mfmDUScAM", "content": "", "creation_timestamp": "2024-10-04T00:51:11.000000Z"}, {"uuid": "a74c2656-e43a-42b8-aaa6-b4e74b3b849f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/22363", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit\n\n\n\nNotice!!!\n\nFor those who can not Access \u267f our telegram channel through the formal \ud83d\udd87\ufe0f link \ud83e\udef0 A new \ud83d\udd17 link Have been created again \ud83e\ude90 so join through this link \ud83d\udd17\ud83d\udd87\ufe0f\n\n\u2764\ufe0f\u200d\ud83d\udd25Join Our Telegram Channel\u2764\ufe0f\u200d\ud83d\udd25\n     \ud83e\udec0 https://t.me/SuBoXo \ud83e\udec0", "creation_timestamp": "2024-10-01T08:57:09.000000Z"}, {"uuid": "42569645-bbdb-47e7-b9b5-a6115cc2e327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/PfifvZz7tMW-Pq-u9dIIWpX49EGHHaNBJSKvwqdUIESB65tP", "content": "", "creation_timestamp": "2025-01-19T10:54:13.000000Z"}, {"uuid": "90d07f6e-827c-4d94-a8e2-f04ff8f919ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "Telegram/OIy-vi5ELr4cctl8ownkSK8SkQmdcofc4nGKbyP-zK6wBJzg", "content": "", "creation_timestamp": "2025-01-19T10:45:24.000000Z"}, {"uuid": "56a6e3b9-d699-466a-9954-21f1d5923779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "seen", "source": "https://t.me/ctinow/194405", "content": "https://ift.tt/ZQYOMbm\nCVE-2024-24401 Exploit", "creation_timestamp": "2024-02-27T14:17:06.000000Z"}, {"uuid": "7798e19c-d73b-4f19-9b3d-0b4bc48e8733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2805", "content": "https://github.com/MAWK0235/CVE-2024-24401\n\nAuto exploitation tool for CVE-2024-24401.\n#github #exploit", "creation_timestamp": "2024-07-18T16:34:32.000000Z"}, {"uuid": "fdb33cbd-c66c-4ad2-a149-8cb37e4eed2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/SuBoXo/80", "content": "CVE-2024-24401 NAGIOS \n*\nAuthenticated SQL Injection\n*\nPOC exploit", "creation_timestamp": "2024-11-07T12:35:18.000000Z"}, {"uuid": "bd6a5369-1151-4acc-a639-4da522f28d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3435", "content": "#exploit\n1. CVE-2024-24401:\nSQLi in Nagios XI 2024R1.01\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n2. CVE-2024-32136:\nWP BWL Advanced FAQ Manager plugin &lt;=2.0.3 - Auth. SQLi\nhttps://github.com/xbz0n/CVE-2024-32136\n\n3. CVE-2024-22641:\nTCPDF ReDoS if parsing an untrusted SVG file\nhttps://github.com/zunak/CVE-2024-22641", "creation_timestamp": "2024-08-16T11:16:31.000000Z"}, {"uuid": "f3a81c68-6ffd-4e0d-b228-ae89e213a988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-24409", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113446294917032883", "content": "", "creation_timestamp": "2024-11-08T08:04:44.479560Z"}, {"uuid": "64ac73a3-f8f3-4932-80b1-54f7d26532fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6679", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAuto exploitation tool for CVE-2024-24401. \nURL\uff1ahttps://github.com/MAWK0235/CVE-2024-24401\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-26T21:55:40.000000Z"}, {"uuid": "387e717c-7f3f-472f-a328-a3724826d8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24402", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-24402\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-02-26T17:15:10.443\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.nagios.com/changelog/\n2. https://www.nagios.com/changelog/", "creation_timestamp": "2025-02-12T19:08:03.000000Z"}]}