{"vulnerability": "CVE-2024-42845", "sightings": [{"uuid": "ee2cba43-5343-48c9-bb87-367d61cd0bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9943", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aExploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1\nURL\uff1ahttps://github.com/theexploiters/CVE-2024-42845-Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-10T20:05:15.000000Z"}, {"uuid": "a3693341-6e97-4da6-9305-f402bd77d9bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8346", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aInVesalius discovered CVE. CVE-2024-42845\nURL\uff1ahttps://github.com/partywavesec/invesalius3_vulnerabilities\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-23T21:19:02.000000Z"}, {"uuid": "8a322faf-680a-4042-bfca-d1cf1db31ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/suboxone_chatroom/1592", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2025-01-27T07:08:02.000000Z"}, {"uuid": "42ab9a0e-4e32-44ce-bfb3-067ac1db202e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/cvedetector/4039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42845 - InVesalius DICOM eval Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42845 \nPublished : Aug. 23, 2024, 7:15 p.m. | 41\u00a0minutes ago \nDescription : An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T22:09:15.000000Z"}, {"uuid": "a3b38a28-d507-48ee-b240-4dc6a8dcf5b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "Telegram/cGezkY-sNGeXP7suZ-_mxlbHZXJUtespjJiYiVVk1k7JN70", "content": "", "creation_timestamp": "2025-01-11T04:00:06.000000Z"}, {"uuid": "7b9a750d-0efc-41d8-81ab-1a417a72840d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/336", "content": "https://github.com/theexploiters/CVE-2024-42845-Exploit\n\nExploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1\n#github #exploit", "creation_timestamp": "2025-01-12T16:52:08.000000Z"}, {"uuid": "1e803043-a403-4e6c-97fb-061c27fa0c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11617", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2024-12-28T11:38:47.000000Z"}]}