{"vulnerability": "CVE-2024-4525", "sightings": [{"uuid": "a394c43c-41ba-4118-a5ce-d78f6fdfeed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "https://t.me/cvedetector/4103", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45256 - BYOB File Write Arbitrary iOS\", \n  \"Content\": \"CVE ID : CVE-2024-45256 \nPublished : Aug. 26, 2024, 7:15 a.m. | 16\u00a0minutes ago \nDescription : An arbitrary file write issue in the exfiltration endpoint in BYOB (Build Your Own Botnet) 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in file_add in api/files/routes.py. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T09:31:40.000000Z"}, {"uuid": "71b4342c-57e6-4891-a5b2-a18f16029c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4525", "type": "seen", "source": "Telegram/IW2T_D75w_anZ8aa6o7Xutq2VYjAYPk7shyh-jDY1mTaNk-Y", "content": "", "creation_timestamp": "2025-02-19T19:13:57.000000Z"}, {"uuid": "dc2f6e85-b904-496a-a030-591501c8fc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e0c37d26-b33b-4f6c-a008-610ef982cbdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "92c17b71-2957-4e8c-b950-b062eb3de82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "2ca0a2e8-8763-46c7-8e3f-1c04f216eca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45254", "type": "seen", "source": "https://t.me/cvedetector/10919", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45254 - VaeMendis Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45254 \nPublished : Nov. 14, 2024, 10:15 a.m. | 17\u00a0minutes ago \nDescription : VaeMendis - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T11:38:07.000000Z"}, {"uuid": "d47703c2-47a0-4c1f-bab6-758212becec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45251", "type": "seen", "source": "https://t.me/cvedetector/7173", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45251 - Elsight OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45251 \nPublished : Oct. 6, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : Elsight \u2013 CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T15:43:19.000000Z"}, {"uuid": "d21df9c3-96fb-44a6-b8d1-2186a7fab3f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45250", "type": "seen", "source": "https://t.me/cvedetector/7172", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45250 - ZKteco Sensitive Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-45250 \nPublished : Oct. 6, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : ZKteco \u2013 CWE 200 Exposure of Sensitive Information to an Unauthorized Actor \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T15:43:18.000000Z"}, {"uuid": "ab0b0982-caf8-4b1e-870d-9499c159fd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45257", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "c9530d7a-7f47-48f3-bb7a-9a45997c1982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/byob_unauth_rce.rb", "content": "", "creation_timestamp": "2024-10-15T15:35:55.000000Z"}, {"uuid": "4dff6765-ceb4-41ad-92bd-0eb43b53aa6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45253", "type": "seen", "source": "https://t.me/cvedetector/10921", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45253 - Avigilon File Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45253 \nPublished : Nov. 14, 2024, 10:15 a.m. | 17\u00a0minutes ago \nDescription : Avigilon \u2013 CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T11:38:12.000000Z"}, {"uuid": "4af094ad-be8c-46ad-9384-03b9f66184a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45259", "type": "seen", "source": "https://t.me/cvedetector/8846", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45259 - GL-iNet HTTP Request Filenames Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45259 \nPublished : Oct. 24, 2024, 8:15 p.m. | 15\u00a0minutes ago \nDescription : An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. By intercepting an HTTP request and changing the filename property in the download interface, any file on the device can be deleted. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T22:41:04.000000Z"}, {"uuid": "0b31f5a5-4ecd-428d-acc8-a27f1ef54eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45252", "type": "seen", "source": "https://t.me/cvedetector/7166", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45252 - Elsight OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45252 \nPublished : Oct. 6, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : Elsight \u2013 CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-06T15:43:11.000000Z"}, {"uuid": "e677a1b0-5e1d-437e-bfee-03b899a33e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45258", "type": "seen", "source": "https://t.me/cvedetector/4090", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45258 - Apache Req HTTP Request Validation Bug\", \n  \"Content\": \"CVE ID : CVE-2024-45258 \nPublished : Aug. 25, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a \"garbage in, garbage out\" design. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T01:09:55.000000Z"}, {"uuid": "37e061a7-b3b9-440b-979a-67dfc44986b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45257", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:04.000000Z"}, {"uuid": "342823b1-80d2-4ce1-ad95-b17798eb299a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45257", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmshj2noxl2e", "content": "", "creation_timestamp": "2025-04-14T21:02:18.728881Z"}, {"uuid": "5283de16-0710-43e1-8487-3b034a838d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45256", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmshj2q7my2t", "content": "", "creation_timestamp": "2025-04-14T21:02:19.236611Z"}, {"uuid": "b65ababc-efb0-4da3-8cc9-0b1f1e0f0870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45257", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "aa074746-ed54-41e3-be8d-c329e915b468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45257", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/byob_unauth_rce.rb", "content": "", "creation_timestamp": "2024-10-15T15:35:55.000000Z"}]}