{"vulnerability": "CVE-2024-40725", "sightings": [{"uuid": "b8ea75b7-2485-431e-8c2e-399f65a9220f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8023", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aWhy GNU IFUNC is the real culprit behind CVE-2024-3094\nURL\uff1ahttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-19T03:58:31.000000Z"}, {"uuid": "e9d747eb-1500-4190-9ced-0a39912b5250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9487", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aexploit CVE-2024-40725 (Apache httpd) with \nURL\uff1ahttps://github.com/soltanali0/CVE-2024-40725\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-18T15:13:31.000000Z"}, {"uuid": "a05a6964-820c-41bf-8e8a-82dcf33cf022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/3786", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-24T22:29:42.000000Z"}, {"uuid": "ecf10999-8e4d-497d-a97f-35e668323056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6874", "content": "CVE-2024\u201340725 and CVE-2024\u201340898: Critical Vulnerabilities in Apache HTTP Server: https://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-22T04:06:24.000000Z"}, {"uuid": "b90eda56-488c-4bdf-bcb7-029d3efc2d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/HackingInsights/6516", "content": "\u200aCVE-2024-40725 & CVE-2024-40898: Apache HTTP Server Flaws Put Millions of Websites at Risk\n\nhttps://securityonline.info/cve-2024-40725-cve-2024-40898-apache-http-server-flaws-put-millions-of-websites-at-risk/", "creation_timestamp": "2024-07-18T10:13:30.000000Z"}, {"uuid": "4349fc13-04f5-4431-b952-20c50cafad5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8306", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "4070ea75-0b56-4627-906c-36015a5911f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9164", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:14:17.000000Z"}, {"uuid": "25a1b41b-9dad-4515-bfbc-1ef5c9cf056c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/26088", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:52.000000Z"}, {"uuid": "779f0102-e096-4476-99b7-77db7d16b3f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3474", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:56.000000Z"}, {"uuid": "d9b15713-bcf5-44fa-ac1d-5d2a426b97db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/oxlogs/26", "content": "https://github.com/soltanali0/CVE-2024-40725", "creation_timestamp": "2024-12-18T20:17:22.000000Z"}, {"uuid": "0b3b5da4-6c84-4cc1-9e10-6d4a2b5538b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:03.000000Z"}, {"uuid": "1b7ce749-2efd-4576-b758-401af82c21c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7604", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40725\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A partial fix for\u00a0 CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.\n\n\n\ud83d\udccf Published: 2024-07-18T09:32:43.929Z\n\ud83d\udccf Modified: 2025-03-14T17:27:57.926Z\n\ud83d\udd17 References:\n1. https://httpd.apache.org/security/vulnerabilities_24.html", "creation_timestamp": "2025-03-14T17:48:46.000000Z"}, {"uuid": "4e583bdc-edad-4a31-a5a6-b1d529945e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/cvedetector/1150", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40725 - Apache HTTP Server PHP Source Code Disclosure Handler Configuration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40725 \nPublished : July 18, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : A partial fix for\u00a0 CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.  \n  \nUsers are recommended to upgrade to version 2.4.62, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T13:27:13.000000Z"}, {"uuid": "1e880750-187f-4478-908f-8050d5454837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/556", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-30T01:02:10.000000Z"}, {"uuid": "c9f6ed17-06f6-4cff-b6df-4361c82cac57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "Telegram/fmnrItX9ni0-os4NhDhn5S2FWV4dH62W8_H3cZbb_PP8-WM", "content": "", "creation_timestamp": "2024-11-11T16:17:23.000000Z"}, {"uuid": "27967953-f2d9-4e1d-a4c4-a0b623fa3c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4004", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:13.000000Z"}, {"uuid": "7565c54d-e3dd-4029-80da-5e40bd4ebc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7750", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:14:17.000000Z"}, {"uuid": "c8c699a1-57b5-4491-be45-58892167bdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7003", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "039cbf8d-219c-4f66-a66c-0c5cd3af51d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1332", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:21.000000Z"}, {"uuid": "01b1f3a4-bd8c-4b78-954a-bb3b372fe924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/458", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:45.000000Z"}, {"uuid": "b0bb4d60-79e9-4052-a84e-1e6c917e8cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/159058", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-24T22:29:42.000000Z"}, {"uuid": "46d2b9b9-4147-4673-96e9-2f72d9405f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2817", "content": "https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\n\ud83d\udea8CVE-2024-40725 and CVE-2024-40898\ud83d\udea8\n#github #poc #exploit", "creation_timestamp": "2024-07-20T15:31:46.000000Z"}, {"uuid": "1eb48019-c7f8-4a99-953d-223fa751e9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10863", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-21T19:21:49.000000Z"}, {"uuid": "277d2a3d-5380-4bbc-b2b4-bf9de46c6040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/899", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:52.000000Z"}, {"uuid": "3774a757-4ecc-44fd-b875-94f6da98db73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}]}