{"vulnerability": "CVE-2024-5691", "sightings": [{"uuid": "42823fce-97b9-4dc5-abc8-4f4a004cac5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56914", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lge6oq65ih2n", "content": "", "creation_timestamp": "2025-01-22T20:15:59.525680Z"}, {"uuid": "30621d3c-b401-4028-a47f-c2db4623ecd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56914", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge7qqht762e", "content": "", "creation_timestamp": "2025-01-22T20:35:00.922344Z"}, {"uuid": "389e1b10-af2f-4d97-afa3-027893bc6d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56918", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsevx3rgqo2m", "content": "", "creation_timestamp": "2025-06-24T20:14:35.482668Z"}, {"uuid": "1e2797e7-1310-47a1-80b9-414a03dcf13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56915", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjr4ulj4t2i", "content": "", "creation_timestamp": "2025-06-26T18:31:39.315240Z"}, {"uuid": "fd1c75a0-01c4-4c67-804d-3f0f14681044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56917", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsfi4rcjgd2i", "content": "", "creation_timestamp": "2025-06-25T01:39:53.137906Z"}, {"uuid": "177fbe39-d858-489d-a71b-1f41c90ffdb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56914", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2625", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56914\n\ud83d\udd39 Description: D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp.\n\ud83d\udccf Published: 2025-01-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-22T19:54:13.518Z\n\ud83d\udd17 References:\n1. https://github.com/2664521593/mycve/blob/main/BOF_in_D-Link_DSL-3782_1.pdf", "creation_timestamp": "2025-01-22T20:01:46.000000Z"}, {"uuid": "c0cd68f6-defa-4f15-99a3-8a7699462a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56915", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56915\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting (XSS) via the RSS feed widget.\n\ud83d\udccf Published: 2025-06-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-26T14:40:57.156Z\n\ud83d\udd17 References:\n1. https://github.com/netbox-community/netbox/releases/tag/v4.1.7\n2. https://youtu.be/n_5w0WVP8zE\n3. https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56915", "creation_timestamp": "2025-06-26T14:51:57.000000Z"}, {"uuid": "38703c2b-5d3c-4de9-a5f0-aca1d34c1dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56917", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19389", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56917\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netbox Community 4.1.7 is vulnerable to Cross Site Scripting (XSS) via the maintenance banner` in maintenance mode.\n\ud83d\udccf Published: 2025-06-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-24T19:40:58.461Z\n\ud83d\udd17 References:\n1. https://github.com/netbox-community/netbox/releases/tag/v4.1.7\n2. https://youtu.be/GC8-PUlu2i8?si=eoScOk8IUJdwPDc_&amp;t=172\n3. https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56917", "creation_timestamp": "2025-06-24T19:47:18.000000Z"}, {"uuid": "4e34a777-1fa9-40e8-8a4b-d3764fd545a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56914", "type": "seen", "source": "https://t.me/cvedetector/16140", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56914 - D-Link DSL-3782 Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56914 \nPublished : Jan. 22, 2025, 8:15 p.m. | 41\u00a0minutes ago \nDescription : D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T22:15:26.000000Z"}, {"uuid": "818c60b0-b271-4de2-a31c-e5cce8ef9e6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56916", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19384", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56916\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Netbox Community 4.1.7, once authenticated, Configuration History &gt; Add`is vulnerable to cross-site scripting (XSS) due to the `current value` field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a Configuration History version or attempts to Add a new version, the XSS payload will trigger.\n\ud83d\udccf Published: 2025-06-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-24T17:23:36.328Z\n\ud83d\udd17 References:\n1. https://github.com/netbox-community/netbox/releases/tag/v4.1.7\n2. https://www.youtube.com/watch?v=GC8-PUlu2i8\n3. https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56916", "creation_timestamp": "2025-06-24T17:49:00.000000Z"}, {"uuid": "8afa9d34-1f36-4f35-b891-0a9b8a302693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56918", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56918\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting (XSS), which allows a privileged, authenticated attacker to exfiltrate user input from the login form.\n\ud83d\udccf Published: 2025-06-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-24T16:29:50.660Z\n\ud83d\udd17 References:\n1. https://github.com/netbox-community/netbox/releases/tag/v4.1.7\n2. https://youtu.be/GC8-PUlu2i8?si=cd_dSVno93pCisr-&amp;t=103\n3. https://youtu.be/zBbjNNK79pg\n4. https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56918", "creation_timestamp": "2025-06-24T16:47:32.000000Z"}]}