{"vulnerability": "CVE-2024-8956", "sightings": [{"uuid": "fff442f5-c1a2-4bce-ad83-075ddd9bfbad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:29.000000Z"}, {"uuid": "db54e099-4a31-440b-b2b8-b4d997174842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d5f6dcfc-46d4-41c0-8713-47182e61cb29", "content": "", "creation_timestamp": "2026-02-02T12:26:24.912910Z"}, {"uuid": "3743557b-82b8-4c3d-ad98-c530bea5c1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3890", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-8956\n\ud83c\udfe2 Vendor: PTZOptics\n\ud83d\udda5\ufe0f Product: PT30X-SDI/NDI Cameras\n\ud83d\udd39 Description: PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.\n\ud83d\udccf Published: 2024-09-17T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://blog.xlab.qianxin.com/gayfemboy-en/\n3. https://www.cve.org/CVERecord?id=CVE-2024-8956\n4. https://www.fortiguard.com/outbreak-alert/ptzoptics-cameras-attack", "creation_timestamp": "2025-02-08T23:20:36.000000Z"}, {"uuid": "2fd1e8ee-34f5-4124-9bb1-771b0aafef2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "published-proof-of-concept", "source": "Telegram/dEfLxTSeEKs542vftZX8um71YAbN8i8wtHXH6sDPQ4uPZwY", "content": "", "creation_timestamp": "2024-11-01T05:52:46.000000Z"}, {"uuid": "3b304e2c-433c-4e04-b0d7-dfe01c0711c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/cvedetector/5858", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8957 - PTZOptics PT30X-SDI/NDI Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-8957 \nPublished : Sept. 17, 2024, 9:15 p.m. | 33\u00a0minutes ago \nDescription : PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T23:58:54.000000Z"}, {"uuid": "d5bfd57a-b33a-4db1-96a8-f97710a78c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14178", "content": "\u200aCVE-2024-8956 (CVSS 9.1): PTZOptics Cameras Vulnerable to Remote Attacks\n\nhttps://securityonline.info/cve-2024-8956-cvss-9-1-ptzoptics-cameras-vulnerable-to-remote-attacks/", "creation_timestamp": "2024-09-24T10:52:17.000000Z"}, {"uuid": "8bd1840f-c9f4-436f-b75a-6237cc899cf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "published-proof-of-concept", "source": "Telegram/mdRJdsx8N3wQa_2dDU7NeIQqZwfNNL0qkhcZrr_mSlvXkw", "content": "", "creation_timestamp": "2024-10-31T20:08:37.000000Z"}, {"uuid": "a30cff4d-2fe7-4a39-8b60-caa32321ff87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/true_secator/6385", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 GreyNoise \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0437 \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 0-day \u0432 \u043a\u0430\u043c\u0435\u0440\u0430\u0445 PTZ-\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0438, \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u043a\u0442\u043e\u0440\u0435, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0438 \u0441\u0443\u0434\u0435\u0431\u043d\u044b\u0445 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445.\n\nCVE-2024-8956 \u0438 CVE-2024-8957 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c GreyNoise \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0438 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432.  \n\n\u0417\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u043c\u044b\u0445 GreyNoise \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 \u043d\u0430 \u0431\u0430\u0437\u0435 \u0418\u0418 Sift \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 API \u043a\u0430\u043c\u0435\u0440\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 CGI \u0438 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u00abntp_client\u00bb \u0441 \u0446\u0435\u043b\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\n\nCVE-2024-8956 - \u044d\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043a\u0430\u043c\u0435\u0440\u044b lighthttpd, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a CGI API \u0431\u0435\u0437 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0445\u044d\u0448\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 MD5 \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2024-8957 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043e\u0447\u0438\u0441\u0442\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u043e\u043b\u0435 ntp. addr, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c\u043e\u043c \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c ntp_client, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u043b\u044f \u0432\u0441\u0442\u0430\u0432\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 RCE.\n\nGreynoise \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u043a\u0430\u043c\u0435\u0440\u044b, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u043a \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438, \u0438\u043b\u0438 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0432\u0438\u0434\u0435\u043e\u043f\u043e\u0442\u043e\u043a\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 GreyNoise \u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 VulnCheck \u0434\u043b\u044f \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c.\n\n\u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0435 \u0434\u0432\u0443\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u0430\u043c\u0435\u0440\u044b \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 NDI \u043d\u0430 \u0431\u0430\u0437\u0435 Hisilicon Hi3516A V600 SoC V60, V61 \u0438 V63, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a \u043a\u0430\u043c\u0435\u0440 VHD PTZ \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0447\u0435\u043c 6.3.40.\n\n\u0421\u044e\u0434\u0430 \u0432\u0445\u043e\u0434\u044f\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043e\u0442 PTZOptics, \u043a\u0430\u043c\u0435\u0440\u044b Multicam Systems SAS \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 SMTAV Corporation.\n\nPTZOptics \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 17 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u043d\u043e \u0442\u0430\u043a\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438, \u043a\u0430\u043a PT20X-NDI-G2 \u0438 PT12X-NDI-G2, \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0432 \u0432\u0438\u0434\u0443 EoL.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c GreyNoise \u043d\u0430\u0448\u043b\u0430 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0434\u0432\u0435 \u043d\u043e\u0432\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438, PT20X-SE-NDI-G3 \u0438 PT30X-SE-NDI-G3, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u043e \u0431\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438.\n\nPTZOptics \u0431\u044b\u043b\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0430 \u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0447\u0435\u0440\u0435\u0437 VulnCheck 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u043d\u043e \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b.\n\n\u0412 GreyNoise \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043a\u0430\u043c\u0435\u0440, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 SDK, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c (ValueHD / VHD Corporation).\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u0443\u0442\u043e\u0447\u043d\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2024-8956 \u0438 CVE-2024-8957 \u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0438\u0445 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.", "creation_timestamp": "2024-11-01T14:05:05.000000Z"}, {"uuid": "9e715029-7ae3-46d6-9606-ea5034292c6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/CyberBulletin/25754", "content": "\u26a1\ufe0fCVE-2024-8956 (CVSS 9.1): PTZOptics Cameras Vulnerable to Remote Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T11:01:58.000000Z"}, {"uuid": "e589c3b4-64c8-44fe-a26b-05e938343ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/c3fa25b9-12a2-4ae2-b451-e14e23b22240", "content": "", "creation_timestamp": "2024-11-06T08:07:48.000000Z"}, {"uuid": "7c65adb2-a085-4736-9428-10dd34977b48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-04T18:10:02.000000Z"}, {"uuid": "5d44a85e-ac95-4d48-a66f-56b3e8a051f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://bsky.app/profile/kooteksec.bsky.social/post/3lhj4jt2mos26", "content": "", "creation_timestamp": "2025-02-06T12:46:00.809513Z"}, {"uuid": "dd78bb3a-94ec-43dc-abd1-ebd4fce57bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lhj622at5s2p", "content": "", "creation_timestamp": "2025-02-06T13:12:58.212034Z"}, {"uuid": "770d43f8-7fb6-47c0-a794-3face4820166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/28347c8a-8fa9-4d49-bd73-98a955d83c02", "content": "", "creation_timestamp": "2025-03-03T10:15:48.000000Z"}, {"uuid": "52612ed9-0c3a-434e-9dc2-036de958bc81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:01.000000Z"}, {"uuid": "2eb3afa9-f09b-4b8f-a37e-41fed408cb12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "MISP/28347c8a-8fa9-4d49-bd73-98a955d83c02", "content": "", "creation_timestamp": "2025-03-04T04:19:36.000000Z"}, {"uuid": "fc68b5a1-f8d8-4c57-8c18-d525ed48d90c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "9b872e56-6a5c-4faf-9aa2-7765329b913d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d5f6dcfc-46d4-41c0-8713-47182e61cb29", "content": "", "creation_timestamp": "2026-02-02T12:26:24.912910Z"}, {"uuid": "945fc096-53c3-422e-9bf7-163ebf3f38ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/cvedetector/5846", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8956 - PTZOptics PT30X-SDI/NDI Unauthenticated Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-8956 \nPublished : Sept. 17, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. Additionally, the attacker can update individual configuration values or overwrite the whole file. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T23:08:32.000000Z"}, {"uuid": "faf57232-42eb-4938-b3cf-4d25c5a59454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8956", "type": "seen", "source": "https://t.me/CyberBulletin/876", "content": "\u26a1\ufe0fCVE-2024-8956 (CVSS 9.1): PTZOptics Cameras Vulnerable to Remote Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T09:29:12.000000Z"}]}