{"vulnerability": "CVE-2024-55875", "sightings": [{"uuid": "6d74aed7-e7e0-451d-9a6a-42a64fc9ac8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11564", "content": "#exploit\n1. CVE-2024-53677:\nCritical Apache Struts RCE\nhttps://github.com/TAM-K592/CVE-2024-53677-S2-067\n\n2. CVE-2024-10793:\nWP Activity Log plugin XSS\nhttps://github.com/windz3r0day/CVE-2024-10793\n\n3. CVE-2024-55875:\nKotlin HTTP XXE/SSRF\nhttps://github.com/JAckLosingHeart/CVE-2024-55875", "creation_timestamp": "2024-12-17T04:11:25.000000Z"}, {"uuid": "c901539d-3491-4693-ae0c-c58ecd3adb7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/112", "content": "https://github.com/JAckLosingHeart/CVE-2024-55875\n\nCVE-2024-55875 | GHSA-7mj5-hjjj-8rgw | http4k first CVE\n#github #exploit", "creation_timestamp": "2024-12-16T15:16:20.000000Z"}, {"uuid": "e77de99d-7001-434c-a87d-d00ee6659da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/1542", "content": "#exploit\n1. CVE-2024-53677:\nCritical Apache Struts RCE\nhttps://github.com/TAM-K592/CVE-2024-53677-S2-067\n\n2. CVE-2024-10793:\nWP Activity Log plugin XSS\nhttps://github.com/windz3r0day/CVE-2024-10793\n\n3. CVE-2024-55875:\nKotlin HTTP XXE/SSRF\nhttps://github.com/JAckLosingHeart/CVE-2024-55875", "creation_timestamp": "2025-01-27T07:06:33.000000Z"}, {"uuid": "965c3e44-412c-47a0-852c-e1a966aa200d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "267625dd-b88c-483d-b3a8-2171daf62136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:03.000000Z"}, {"uuid": "7c4b5dbf-dd3b-486a-b83c-932c0ae33137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/750", "content": "https://github.com/JAckLosingHeart/CVE-2024-55875\n\nCVE-2024-55875 | GHSA-7mj5-hjjj-8rgw | http4k first CVE\n#github #exploit", "creation_timestamp": "2024-12-18T10:36:45.000000Z"}, {"uuid": "0a6e72d6-e3df-431a-aee5-2a7f7baca3a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/747", "content": "#exploit\n1. CVE-2024-53677:\nCritical Apache Struts RCE\nhttps://github.com/TAM-K592/CVE-2024-53677-S2-067\n\n2. CVE-2024-10793:\nWP Activity Log plugin XSS\nhttps://github.com/windz3r0day/CVE-2024-10793\n\n3. CVE-2024-55875:\nKotlin HTTP XXE/SSRF\nhttps://github.com/JAckLosingHeart/CVE-2024-55875", "creation_timestamp": "2024-12-16T17:31:59.000000Z"}, {"uuid": "843bd1f4-02f0-49e0-b5c0-35a0df4f0f1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113641404885985284", "content": "", "creation_timestamp": "2024-12-12T19:03:46.488997Z"}, {"uuid": "7ac653fe-3c93-415b-9fef-fb91229d66ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9404", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-55875 | GHSA-7mj5-hjjj-8rgw | http4k first CVE\nURL\uff1ahttps://github.com/JAckLosingHeart/CVE-2024-55875\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-13T06:30:07.000000Z"}, {"uuid": "0d2929a8-55ac-42bd-b274-952e5b6195e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "https://t.me/CyberBulletin/1771", "content": "\u26a1\ufe0fCVE-2024-55875 (CVSS 9.8): Critical XXE Vulnerability Found in http4k Toolkit.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T12:41:04.000000Z"}, {"uuid": "8a9b2781-9a58-46ad-8320-98f9853ecd2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "https://t.me/cvedetector/12804", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55875 - \"HTTP4K XML External Entity Injection (XXE) Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-55875 \nPublished : Dec. 12, 2024, 7:15 p.m. | 45\u00a0minutes ago \nDescription : http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 5.41.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive information on server, trigger Server-side Request Forgery and even execute code under some circumstances. Version 5.41.0.0 contains a patch for the issue. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T21:21:56.000000Z"}, {"uuid": "45df7c85-dbc8-4f0c-a927-8fbb279fea9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55875", "type": "seen", "source": "https://t.me/CyberBulletin/26840", "content": "\u26a1\ufe0fCVE-2024-55875 (CVSS 9.8): Critical XXE Vulnerability Found in http4k Toolkit.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T12:41:04.000000Z"}]}