{"vulnerability": "cve-2024-1290", "sightings": [{"uuid": "3482f9a0-7547-4280-b07a-2742c57e9621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12905", "type": "seen", "source": "https://t.me/cvedetector/21321", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12905 - \"Tar-fs Path Traversal Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-12905 \nPublished : March 27, 2025, 5:15 p.m. | 27\u00a0minutes ago \nDescription : An Improper Link Resolution Before File Access (\"Link Following\") and Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package.  \n  \nThis issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T19:09:52.000000Z"}, {"uuid": "f3a5998e-19af-448b-8761-834ac29c00fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "seen", "source": "https://t.me/cvedetector/13687", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12908 - Delinea Secret Server Regular Expression Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12908 \nPublished : Dec. 26, 2024, 4:15 p.m. | 36\u00a0minutes ago \nDescription : Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version\u00a06.0.3.26)\u00a0where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u00a0remote attacker may be able to convince a user to visit a malicious web-page, or open a  \nmalicious document which could trigger the vulnerable handler, allowing them to execute  \narbitrary code on the user's machine.\u00a0Delinea added additional validation that the downloaded installer's batch file was in the expected format. \nSeverity: 6.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-26T18:14:44.000000Z"}, {"uuid": "fa32250b-d6a1-446b-a1d7-3565b4bf6016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12903", "type": "seen", "source": "https://t.me/cvedetector/13533", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12903 - Evoko Home Default Permissions Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12903 \nPublished : Dec. 23, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A non-admin user could exploit weak file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised machine. It has been identified that full control permissions exist on the \u2018Everyone\u2019 group (i.e. any user who has local access to the operating system regardless of their privileges). \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T14:59:30.000000Z"}, {"uuid": "55d30e14-c740-4aa9-ac8f-1362d4536d83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12902", "type": "seen", "source": "https://t.me/cvedetector/13532", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12902 - ANCHOR from Global Wisdom Software Default Privilege Escalation vulnerabiliy\", \n  \"Content\": \"CVE ID : CVE-2024-12902 \nPublished : Dec. 23, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine using the default credentials. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T13:19:09.000000Z"}, {"uuid": "91b84147-8470-4aaf-8842-a82a5ebf30db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12900", "type": "seen", "source": "https://t.me/cvedetector/13530", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12900 - FoxCMS Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12900 \nPublished : Dec. 23, 2024, 2:15 a.m. | 44\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T04:07:26.000000Z"}, {"uuid": "9e35a03d-9938-46cc-a679-c92c1e57cc9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12901", "type": "seen", "source": "https://t.me/cvedetector/13529", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12901 - FoxCMS API Endpoint Unauthorized Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12901 \nPublished : Dec. 23, 2024, 2:15 a.m. | 44\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T04:07:26.000000Z"}, {"uuid": "b55c938a-3241-48d6-9f4e-17aef2321861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12907", "type": "seen", "source": "https://t.me/cvedetector/14181", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12907 - Kentico CMS Reflected XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12907 \nPublished : Jan. 2, 2025, 4:15 p.m. | 17\u00a0minutes ago \nDescription : Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of  a specific GET request parameter sent to\u00a0/CMSMessages/AccessDenied.aspx endpoint.  \nNotably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T17:36:36.000000Z"}, {"uuid": "6a07a527-c17e-4952-a936-f70654752ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/313", "content": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/\n\nDelinea Protocol Handler - Remote Code Execution via Update Process (CVE-2024-12908)\n#\u5206\u6790", "creation_timestamp": "2025-01-13T09:16:53.000000Z"}, {"uuid": "4c618219-d39e-4299-84b5-13999f260fa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12900", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113699578003614107", "content": "", "creation_timestamp": "2024-12-23T01:37:57.691720Z"}, {"uuid": "8e72c03d-9f77-4861-9255-b8e1c7f60b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12901", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113699706288445746", "content": "", "creation_timestamp": "2024-12-23T02:10:35.186518Z"}, {"uuid": "2ce71c0c-7a6b-4048-bad2-fac990675612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12900", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwuczi57k25", "content": "", "creation_timestamp": "2024-12-23T02:15:29.643125Z"}, {"uuid": "1756705f-b6b1-4f78-9f0f-17a14f46c183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12901", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldwud3tos42m", "content": "", "creation_timestamp": "2024-12-23T02:15:32.044605Z"}, {"uuid": "6cfb1fd1-d995-4d4d-86ee-f749916595d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12902", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113701665986684770", "content": "", "creation_timestamp": "2024-12-23T10:28:57.880101Z"}, {"uuid": "f8dfe3bc-0822-4cc0-bf35-11f7341e8a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12902", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldxsiluiq425", "content": "", "creation_timestamp": "2024-12-23T11:15:29.249791Z"}, {"uuid": "906e25e1-5573-42fb-934d-fe55a3eb8796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12903", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113702238404448794", "content": "", "creation_timestamp": "2024-12-23T12:54:32.249557Z"}, {"uuid": "27c16c0e-78ee-408a-8ccc-43006e10f089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12903", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldxz72amfl22", "content": "", "creation_timestamp": "2024-12-23T13:15:24.254731Z"}, {"uuid": "411d3318-9414-4069-99ab-867cd422caf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12909", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhhpay72m", "content": "", "creation_timestamp": "2025-03-20T11:40:31.436223Z"}, {"uuid": "4a92f2cd-7c0f-4306-b2dc-906c6b359fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12905", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnj3pgywua2c", "content": "", "creation_timestamp": "2025-04-23T21:02:24.223548Z"}, {"uuid": "e8c90c98-e051-4cd8-8b70-a18c1e08831f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12905", "type": "published-proof-of-concept", "source": "https://www.exploit-db.com/exploits/52268", "content": "", "creation_timestamp": "2026-01-30T10:30:07.024024Z"}, {"uuid": "b3134bb7-bb1e-4e5c-985f-20661ee2e068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "seen", "source": "https://t.me/ZeroDay_ru/370", "content": "#exploit\n1. CVE-2024-3393:\nPalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability (DoS)\n\n2. CVE-2024-12908:\nDelinea Protocol Handler - RCE via Update Process\n\n3. CVE-2024-53677:\nUnrestricted Upload of File with Dangerous Type and RCE in Apache Struts\n\n4. CVE-2021-44967:\nLimeSurvey <=5.2 - RCE\n\n5. CVE-2024-47575:\nFortinet FortiManager Missing Authentication", "creation_timestamp": "2025-01-06T13:23:51.000000Z"}, {"uuid": "42593b67-e806-4f4f-beab-8de60bcbec4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11647", "content": "#exploit\n1. CVE-2024-3393:\nPalo Alto Networks PAN-OS Malicious DNS Packet Vulnerability (DoS)\n\n2. CVE-2024-12908:\nDelinea Protocol Handler - RCE via Update Process\n\n3. CVE-2024-53677:\nUnrestricted Upload of File with Dangerous Type and RCE in Apache Struts\n\n4. CVE-2021-44967:\nLimeSurvey <=5.2 - RCE\n\n5. CVE-2024-47575:\nFortinet FortiManager Missing Authentication", "creation_timestamp": "2025-01-06T15:36:02.000000Z"}, {"uuid": "0e0d95b9-b231-4df8-a78e-24f115121074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "seen", "source": "https://bsky.app/profile/amberwolfsec.bsky.social/post/3lefcrn2uec2k", "content": "", "creation_timestamp": "2024-12-28T20:11:32.704489Z"}, {"uuid": "ca6e0304-b092-4724-8e97-7f8d57b715f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12907", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerhwdjptz25", "content": "", "creation_timestamp": "2025-01-02T16:15:33.772176Z"}, {"uuid": "4ead7b90-9f7d-4ba7-a7f4-e96cc573fbc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lerjxlkufg2g", "content": "", "creation_timestamp": "2025-01-02T16:52:03.759624Z"}, {"uuid": "07fda8aa-e68b-4140-b9b5-042719560519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12905", "type": "published-proof-of-concept", "source": "Telegram/hru7NN7EYI-xT4JmOnsEkxtF0d6B0YZMLzams5CbWl1Ym4s", "content": "", "creation_timestamp": "2025-04-24T23:00:06.000000Z"}, {"uuid": "78907883-071a-456a-a178-06423f095552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1290", "type": "seen", "source": "https://t.me/ctinow/204974", "content": "https://ift.tt/U0iNsdD\nCVE-2024-1290", "creation_timestamp": "2024-03-11T19:27:19.000000Z"}, {"uuid": "9223f4c1-e191-4de7-aae3-d646ed4f02a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12908", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/269", "content": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/\n\nDelinea Protocol Handler - Remote Code Execution via Update Process (CVE-2024-12908)\n#\u5206\u6790", "creation_timestamp": "2024-12-27T18:51:16.000000Z"}, {"uuid": "8ce8f15e-16af-4834-a3ea-a7894290d09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-12908", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113719903362852151", "content": "", "creation_timestamp": "2024-12-26T15:46:58.198290Z"}, {"uuid": "882363bf-9893-4906-b339-ffb127685a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12904", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulrq7qw42c", "content": "", "creation_timestamp": "2025-02-11T02:18:06.097698Z"}, {"uuid": "22f10a61-ce1a-4807-8aee-d1121f01d495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12905", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12614", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12905\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: An Improper Link Resolution Before File Access (\"Link Following\") and Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package.\n\nThis issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8.\n\ud83d\udccf Published: 2025-03-27T16:25:34.410Z\n\ud83d\udccf Modified: 2025-04-20T15:42:44.814Z\n\ud83d\udd17 References:\n1. https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed\n2. https://www.seal.security/blog/a-link-to-the-past-uncovering-a-new-vulnerability-in-tar-fs", "creation_timestamp": "2025-04-20T16:01:34.000000Z"}]}