{"vulnerability": "CVE-2025-34037", "sightings": [{"uuid": "6a98be2e-3c78-48a7-946f-184a8c38c158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lshj3d7xhh2i", "content": "", "creation_timestamp": "2025-06-25T21:02:23.724601Z"}, {"uuid": "d28993ff-6d0c-4a5b-877e-667744de4e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "172e4d72-d468-466b-94d9-ed2084fd229a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "MISP/a41d8549-5384-5e1a-8c33-bf88e35b5a0a", "content": "", "creation_timestamp": "2025-10-14T10:32:00.000000Z"}, {"uuid": "236ab0f7-6d3f-42e7-a010-9088452c05f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/linksys_themoon_exec.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "fad7cb4a-40d8-43ac-84d4-215edea64fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-09)", "content": "", "creation_timestamp": "2026-01-09T00:00:00.000000Z"}, {"uuid": "b2a54106-e21c-4eb3-8932-296a57e718bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-12)", "content": "", "creation_timestamp": "2026-03-12T00:00:00.000000Z"}, {"uuid": "ee4ffad7-d13a-4eee-8255-0683d064b3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "d4b6889d-c409-4826-b6e3-5ac7475abf78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "d7d03a7c-a8ab-45ed-8777-54c48323a2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "published-proof-of-concept", "source": "Telegram/0XiQVvLI9OtTexbSWP04ktWorEJ1qgGSsz80l9L0cFlDChA", "content": "", "creation_timestamp": "2026-03-26T23:00:14.000000Z"}, {"uuid": "445aaf38-0240-4df4-8da5-0017cd97f469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "published-proof-of-concept", "source": "Telegram/rhvNMhDEQsDmbO42lBM1UZ6liv8Ut69COJccPHJCHHT9EeA", "content": "", "creation_timestamp": "2026-03-27T03:00:09.000000Z"}, {"uuid": "8477b1e8-82bd-4caf-9aba-fab7ce0c0a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/19304", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34037\n\ud83d\udd25 CVSS Score: 10 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: An OS command injection vulnerability exists in various models of E-Series Linksys\u00a0routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability is exploited in the wild by the \"TheMoon\" worm to deploy a MIPS ELF payload, enabling arbitrary code execution on the router. This vulnerability may affect other Linksys products to include, but not limited to, WAG/WAP/WES/WET/WRT-series router models and Wireless-N access points and routers.\n\ud83d\udccf Published: 2025-06-24T01:03:27.693Z\n\ud83d\udccf Modified: 2025-06-24T02:28:49.636Z\n\ud83d\udd17 References:\n1. https://isc.sans.edu/diary/17633\n2. https://www.exploit-db.com/exploits/31683\n3. https://vulncheck.com/advisories/linksys-routers-command-injection", "creation_timestamp": "2025-06-24T03:48:22.000000Z"}, {"uuid": "9969c28f-0105-476a-9528-1fc0e8af0004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lsdq3iv2xc2a", "content": "", "creation_timestamp": "2025-06-24T08:57:04.613785Z"}, {"uuid": "9bf1d911-ce08-4b9a-82ae-be3ce9e2cf38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-7d94594b-ae20c1dc5483d2a2", "content": "", "creation_timestamp": "2025-10-11T06:19:01.142145Z"}, {"uuid": "da9a899d-7c68-4fed-81fd-b64c0acffb81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "05ddd115-193e-47c7-a8d0-bcd2adce33e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "708a435a-39dd-4acf-9699-840377a6b0bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114774193882630947", "content": "", "creation_timestamp": "2025-06-30T20:26:56.131507Z"}, {"uuid": "c64e3168-eea5-4aa4-b8be-931337c7a0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lsd6f5tzha22", "content": "", "creation_timestamp": "2025-06-24T03:40:17.918587Z"}, {"uuid": "e45fe214-6373-4d54-b174-b9885ffce533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsdce2kifl2a", "content": "", "creation_timestamp": "2025-06-24T04:51:15.964772Z"}, {"uuid": "fb0b11cc-c627-488f-b702-795e60b05c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-34037", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/114737296027444548", "content": "", "creation_timestamp": "2025-06-24T08:03:18.607015Z"}, {"uuid": "720110fb-3872-498a-b89e-c850eee25877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lsec5usz3p2m", "content": "", "creation_timestamp": "2025-06-24T14:20:28.648233Z"}, {"uuid": "00f56c17-0632-4ba5-ac71-a77d0ed9d533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-05)", "content": "", "creation_timestamp": "2026-02-05T00:00:00.000000Z"}, {"uuid": "792dc112-d90e-4d13-909c-d2510cde5982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-df887e70-aaa85e643f2fa245", "content": "", "creation_timestamp": "2026-03-13T15:12:35.033582Z"}, {"uuid": "a0f3e7b3-03b2-43b0-adcf-32e3f55f0e16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "b6415984-3366-44b8-9700-257952b4adfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "92d61e30-08d1-4888-b5a0-ed7971e89046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "0bf73eab-dd6a-42ff-a9db-e22006469117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34037", "type": "published-proof-of-concept", "source": "Telegram/NM29ZOqpm_G-Y64LGkIifGuVrc_qzQc0JYrAesLRC81UHf4", "content": "", "creation_timestamp": "2025-06-24T01:35:28.000000Z"}]}