{"vulnerability": "CVE-2024-4643", "sightings": [{"uuid": "806523f4-2359-4e80-b08a-48b128f06c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46433", "type": "seen", "source": "https://t.me/cvedetector/17589", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46433 - Tenda W18E Default Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46433 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A default credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to access the web management portal using the default rzadmin account with administrative privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:34.000000Z"}, {"uuid": "5da64e67-f6a5-415b-95f0-1acef0013c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46432", "type": "seen", "source": "https://t.me/cvedetector/17588", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46432 - Tenda W18E Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46432 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. An attacker can send a specially crafted HTTP POST request to the setQuickCfgWifiAndLogin function, which allows unauthorized changes to WiFi configuration settings and administrative credentials. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:34.000000Z"}, {"uuid": "96fd2401-872e-470c-b030-d7d4038231ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46431", "type": "seen", "source": "https://t.me/cvedetector/17587", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46431 - Tenda W18E Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46431 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:33.000000Z"}, {"uuid": "e915bfab-7193-4e9f-9a1a-6e5b3a41ab21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46430", "type": "seen", "source": "https://t.me/cvedetector/17586", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46430 - Tenda W18E Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46430 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. Unauthorized password change via the web management portal allows an unauthenticated remote attacker to change the administrator password by sending a specially crafted HTTP POST request to the setLoginPassword function, bypassing the authentication mechanism. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:32.000000Z"}, {"uuid": "7b421ed4-c5e8-4706-a91e-52585cd07a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46437", "type": "seen", "source": "https://t.me/cvedetector/17583", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46437 - Tenda W18E Authentication Bypass Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-46437 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A sensitive information disclosure vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an unauthenticated remote attacker to retrieve sensitive configuration information, including WiFi SSID, WiFi password, and base64-encoded administrator credentials, by sending a specially crafted HTTP POST request to the getQuickCfgWifiAndLogin function, bypassing authentication checks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:27.000000Z"}, {"uuid": "87781abf-f956-4a4f-bcc0-0b59823db23f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46436", "type": "seen", "source": "https://t.me/cvedetector/17582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46436 - Tenda W18E Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46436 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:26.000000Z"}, {"uuid": "70a53ee2-518e-4973-afe4-259687237b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4643", "type": "seen", "source": "https://t.me/cvedetector/2339", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4643 - Elementor WordPress Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-4643 \nPublished : Aug. 2, 2024, 10:16 a.m. | 36\u00a0minutes ago \nDescription : The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid &amp; Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018end_redirect_link\u2019 parameter in versions up to, and including, 5.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T13:11:06.000000Z"}, {"uuid": "31547ab4-cfd3-412d-95a9-a5724b20e194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46435", "type": "seen", "source": "https://t.me/cvedetector/17591", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46435 - Tenda W18E Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46435 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This vulnerability occurs due to improper input validation when handling user-supplied data in the delFacebookPic function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:39.000000Z"}, {"uuid": "1aef5c1d-9a57-4876-88f0-4511ad2b8c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46434", "type": "seen", "source": "https://t.me/cvedetector/17590", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46434 - Tenda W18E Auth Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46434 \nPublished : Feb. 10, 2025, 7:15 p.m. | 27\u00a0minutes ago \nDescription : Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal allowing an unauthorized remote attacker to gain administrative access by sending a specially crafted HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T21:16:38.000000Z"}, {"uuid": "3be5889c-ebea-4981-a62a-d8ea9371d4cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46430", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7df6p22h", "content": "", "creation_timestamp": "2025-02-10T19:16:13.756688Z"}, {"uuid": "67eb8e4d-6b7a-4363-865f-f71342ceebe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46431", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7fqbqu2n", "content": "", "creation_timestamp": "2025-02-10T19:16:16.574483Z"}, {"uuid": "34a703c1-3af2-4704-bea7-1f9e8e5bd6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46432", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7hy44y2q", "content": "", "creation_timestamp": "2025-02-10T19:16:18.864096Z"}, {"uuid": "9a3b6ccd-cc46-41ff-b092-bd93da1286b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46433", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7k5dt72x", "content": "", "creation_timestamp": "2025-02-10T19:16:20.744038Z"}, {"uuid": "6d08ec1e-4cf4-4560-be59-ff869256e8a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46434", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7myckm2n", "content": "", "creation_timestamp": "2025-02-10T19:16:24.228533Z"}, {"uuid": "42507b70-3672-4764-8696-12e635a6f573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46435", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7p6nkp2x", "content": "", "creation_timestamp": "2025-02-10T19:16:26.842455Z"}, {"uuid": "40e7b6af-2403-492e-af97-1096de27a229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46436", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7rpitx2x", "content": "", "creation_timestamp": "2025-02-10T19:16:29.728413Z"}, {"uuid": "dccfca30-cf55-4fc2-ae3a-a708745dac9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46437", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu7uecdy2z", "content": "", "creation_timestamp": "2025-02-10T19:16:32.379097Z"}, {"uuid": "f4961a0c-5d7f-4072-9608-fff986682522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46431", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhu5whn7ej2e", "content": "", "creation_timestamp": "2025-02-10T22:10:14.223778Z"}, {"uuid": "99bf5f74-47e7-4d1f-899b-57894fde5207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46433", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhu5whuyuk2c", "content": "", "creation_timestamp": "2025-02-10T22:10:15.498839Z"}, {"uuid": "c8dc5a54-e0fc-4780-ac49-a99f22da174a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46431", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028694725489", "content": "", "creation_timestamp": "2025-02-10T22:48:53.718362Z"}, {"uuid": "e250102e-5e1e-4971-a3a5-69ef8cec6b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46432", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028734700522", "content": "", "creation_timestamp": "2025-02-10T22:48:54.115324Z"}, {"uuid": "e4190417-b1c3-48fb-835b-123648f43bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46433", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028777580726", "content": "", "creation_timestamp": "2025-02-10T22:48:55.096176Z"}, {"uuid": "0a3ed532-9219-4245-b27e-3ff42db0dd38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46434", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028833250750", "content": "", "creation_timestamp": "2025-02-10T22:48:55.751569Z"}, {"uuid": "9e905355-5c02-4a54-a36e-2fddbcb17e09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46435", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028870829735", "content": "", "creation_timestamp": "2025-02-10T22:48:56.277989Z"}, {"uuid": "a567beb4-f181-4a4f-9b99-d3dfdc0c16a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46436", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113982028914041799", "content": "", "creation_timestamp": "2025-02-10T22:48:57.477670Z"}]}