{"vulnerability": "CVE-2024-4877", "sightings": [{"uuid": "19e7c347-c94a-421c-a856-47160a77b62b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-10", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "a53eb791-1062-4bfe-829f-2088a99d4db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114274817905547423", "content": "", "creation_timestamp": "2025-04-03T15:49:02.361089Z"}, {"uuid": "592a186a-5efe-41ad-b8b5-516bb4c04471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114274817905547423", "content": "", "creation_timestamp": "2025-04-03T15:49:02.365936Z"}, {"uuid": "3adbebbb-dad5-410b-9a28-2bbd3f6683f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llwlvmqx6g2h", "content": "", "creation_timestamp": "2025-04-03T19:06:24.750294Z"}, {"uuid": "7cc2549d-3b39-4978-895d-cf261eee9cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48775", "type": "seen", "source": "https://t.me/cvedetector/7740", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48775 - EzSet Delaney Plug n Play Camera Firmware Update Info Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48775 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:49.000000Z"}, {"uuid": "bcc8968a-a637-4329-8924-e1a2e18e09ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48774", "type": "seen", "source": "https://t.me/cvedetector/7739", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48774 - Fermax Asia Pacific Pte Ltd Vida Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48774 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:48.000000Z"}, {"uuid": "cf40c324-7926-4e8d-8d88-9249fe420dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48773", "type": "seen", "source": "https://t.me/cvedetector/7738", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48773 - WoFit Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48773 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:44.000000Z"}, {"uuid": "b7cec672-fcc9-47da-80e5-0156002d6092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48777", "type": "seen", "source": "https://t.me/cvedetector/7742", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48777 - LEDVANCE Smartplus eu Firmware Exfiltration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48777 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:54.000000Z"}, {"uuid": "f7d6b918-14bc-4ebb-8b81-b97cf08f2c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48776", "type": "seen", "source": "https://t.me/cvedetector/7741", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48776 - Shelly Com_home_shelly Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48776 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update process \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:51.000000Z"}, {"uuid": "3513699a-fd22-4794-9ba9-41314434e9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48778", "type": "seen", "source": "https://t.me/cvedetector/7731", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48778 - Giant RideLink Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48778 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:26.000000Z"}, {"uuid": "6c37509b-b4ce-491a-9786-f070136ace01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280477174677345", "content": "", "creation_timestamp": "2025-04-04T15:48:16.256690Z"}, {"uuid": "d5937e29-4028-4e17-9c7a-b58136d68236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280477174677345", "content": "", "creation_timestamp": "2025-04-04T15:48:16.258304Z"}, {"uuid": "14e2712b-9ff2-4280-94db-94e400fa3aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://t.me/cvedetector/21996", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4877 - OpenVPN Windows Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-4877 \nPublished : April 3, 2025, 4:15 p.m. | 47\u00a0minutes ago \nDescription : OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T19:25:06.000000Z"}, {"uuid": "779f9f08-403e-4dcb-a52d-c392b79136a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48772", "type": "seen", "source": "https://t.me/cvedetector/7747", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48772 - C-CHIP Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48772 \nPublished : Oct. 11, 2024, 9:15 p.m. | 23\u00a0minutes ago \nDescription : An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T23:45:07.000000Z"}, {"uuid": "eba57c76-9b86-4ea7-85b4-87ec9542a967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48771", "type": "seen", "source": "https://t.me/cvedetector/7737", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48771 - Almando GmbH Almando Play APP Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48771 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in almando GmbH Almando Play APP (com.almando.play) 1.8.2 allows a remote attacker to obtain sensitive information via the firmware update process \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:42.000000Z"}, {"uuid": "6b293be3-3e15-47ed-b07d-f5c9d2dc2c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48770", "type": "seen", "source": "https://t.me/cvedetector/7736", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48770 - WisdomCity Plug n Play Camera Zwave Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48770 \nPublished : Oct. 11, 2024, 8:15 p.m. | 32\u00a0minutes ago \nDescription : An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T22:54:41.000000Z"}, {"uuid": "2a247edb-62e9-4b48-a13b-422706e0b21f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48779", "type": "seen", "source": "https://t.me/cvedetector/7979", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48779 - Wanxing Technology Yitu Project Management Software Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48779 \nPublished : Oct. 15, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the directory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T00:28:39.000000Z"}, {"uuid": "b82620dd-d023-47d5-8a48-8e539de24375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lm47yrfih22i", "content": "", "creation_timestamp": "2025-04-06T00:49:22.790922Z"}, {"uuid": "056ddfb8-9201-468a-9854-018d4cc45293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4877", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10438", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4877\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges\n\ud83d\udccf Published: 2025-04-03T15:11:51.057Z\n\ud83d\udccf Modified: 2025-04-04T13:25:17.430Z\n\ud83d\udd17 References:\n1. https://community.openvpn.net/openvpn/wiki/CVE-2024-4877\n2. https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html", "creation_timestamp": "2025-04-04T13:35:44.000000Z"}]}