{"vulnerability": "cve-2024-2285", "sightings": [{"uuid": "102fda6d-48ff-4ce6-8e64-d13a1a84aa64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22855", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9086", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22855\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter.\n\ud83d\udccf Published: 2024-06-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-27T14:23:42.076Z\n\ud83d\udd17 References:\n1. https://www.exploit-db.com/exploits/52025", "creation_timestamp": "2025-03-27T14:27:17.000000Z"}, {"uuid": "3aabfa5a-0b12-4071-8324-83ab7d8134f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22851", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11945", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22851\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint.\n\ud83d\udccf Published: 2024-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T22:15:31.375Z\n\ud83d\udd17 References:\n1. https://www.drive-byte.de/en/blog/liveconfig-advisory-cve-2024-22851\n2. https://www.liveconfig.com/de/kb/cve/cve-2024-22851/\n3. https://raeph123.github.io/BlogPosts/LiveConfig/LiveConfig_Advisory_CVE-2024-22851_en.html", "creation_timestamp": "2025-04-15T22:55:46.000000Z"}, {"uuid": "b20cb6ea-b6f8-41e1-b6da-5b693a954786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22853", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19077", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22853\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.\n\ud83d\udccf Published: 2024-02-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T20:13:39.786Z\n\ud83d\udd17 References:\n1. https://www.dlink.com/en/security-bulletin/\n2. https://github.com/Beckaf/vunl/blob/main/D-Link/AC750/2/2.md", "creation_timestamp": "2025-06-20T20:44:20.000000Z"}, {"uuid": "0f147746-132a-4ad4-a778-e8ffb90b5d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2285", "type": "seen", "source": "https://t.me/ctinow/203078", "content": "https://ift.tt/k763wMI\nCVE-2024-2285 | boyiddha Automated-Mess-Management-System 1.0 /member/member_edit.php name cross site scripting", "creation_timestamp": "2024-03-08T06:51:55.000000Z"}, {"uuid": "14eb8bb4-44c6-4182-ba55-95218bb859f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2285", "type": "seen", "source": "https://t.me/ctinow/203028", "content": "https://ift.tt/HEj9De4\nCVE-2024-2285", "creation_timestamp": "2024-03-08T04:26:11.000000Z"}, {"uuid": "17c4a254-1523-4c61-8660-417031222af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-2285", "type": "seen", "source": "https://t.me/ctinow/203034", "content": "https://ift.tt/HEj9De4\nCVE-2024-2285", "creation_timestamp": "2024-03-08T04:26:17.000000Z"}, {"uuid": "a2ec9f01-1af3-41cf-8785-44f56980244b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22857", "type": "seen", "source": "https://t.me/ctinow/208329", "content": "https://ift.tt/YDSNjwL\nCVE-2024-22857 | Zlog heap-based overflow", "creation_timestamp": "2024-03-15T01:31:50.000000Z"}, {"uuid": "013bd013-4642-47e6-96e8-ce33322c5cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22857", "type": "seen", "source": "https://t.me/ctinow/202000", "content": "https://ift.tt/CQZMAmz\nCVE-2024-22857", "creation_timestamp": "2024-03-07T02:26:59.000000Z"}, {"uuid": "b009ac24-917a-446d-9124-3a280bc33b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22859", "type": "seen", "source": "https://t.me/ctinow/191221", "content": "https://ift.tt/3GLiB2l\nCVE-2024-22859 | livewire up to 3.0.3 getCsrfToken cross-site request forgery", "creation_timestamp": "2024-02-22T22:21:40.000000Z"}, {"uuid": "a7fc5ad9-e43a-4a6b-bfa4-5c93f20d495d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22853", "type": "seen", "source": "https://t.me/ctinow/196665", "content": "https://ift.tt/dEPpZnu\nCVE-2024-22853 | D-Link Go-RT-AC750 101b03 hard-coded password", "creation_timestamp": "2024-02-29T14:22:04.000000Z"}, {"uuid": "6ff69b3b-a6c7-4fc4-ba5f-40154fd63741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22852", "type": "seen", "source": "https://t.me/ctinow/196663", "content": "https://ift.tt/3NDoKzj\nCVE-2024-22852 | D-Link Go-RT-AC750 101b03 genacgi_main stack-based overflow", "creation_timestamp": "2024-02-29T14:22:02.000000Z"}, {"uuid": "8751fba7-f2fe-4ff4-9205-94ef5bc27956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22851", "type": "seen", "source": "https://t.me/ctinow/192780", "content": "https://ift.tt/FlAxajG\nCVE-2024-22851 | LiveConfig up to 2.5.1 Request /static/ path traversal", "creation_timestamp": "2024-02-25T09:11:23.000000Z"}, {"uuid": "c4fc2597-d5f0-4241-ab9e-192aa8033b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22854", "type": "seen", "source": "https://t.me/ctinow/186234", "content": "https://ift.tt/2hczYak\nCVE-2024-22854", "creation_timestamp": "2024-02-16T10:26:48.000000Z"}, {"uuid": "1f6dd47f-cf4e-42b5-8402-9f15f286f25a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22852", "type": "seen", "source": "https://t.me/ctinow/179700", "content": "https://ift.tt/DuFM9XB\nCVE-2024-22852", "creation_timestamp": "2024-02-06T03:26:40.000000Z"}, {"uuid": "a34221bf-382f-4e11-bc51-e95fe032335c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22853", "type": "seen", "source": "https://t.me/ctinow/179701", "content": "https://ift.tt/0IftNrb\nCVE-2024-22853", "creation_timestamp": "2024-02-06T03:26:41.000000Z"}, {"uuid": "ba5c0aba-7534-4201-ac2a-af5adea4cad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22852", "type": "seen", "source": "https://t.me/ctinow/184201", "content": "https://ift.tt/vK672jJ\nCVE-2024-22852 Exploit", "creation_timestamp": "2024-02-13T21:16:52.000000Z"}, {"uuid": "ba97e32f-cbe0-441c-bcf2-da2bae85f32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22853", "type": "seen", "source": "https://t.me/ctinow/183407", "content": "https://ift.tt/hMnXu0K\nCVE-2024-22853 Exploit", "creation_timestamp": "2024-02-12T21:16:44.000000Z"}, {"uuid": "6f831234-be06-4226-be50-cf97c886b2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22859", "type": "seen", "source": "https://t.me/ctinow/177378", "content": "https://ift.tt/wfUedVD\nCVE-2024-22859", "creation_timestamp": "2024-02-01T08:31:08.000000Z"}, {"uuid": "4fa543f4-d9ff-4ffe-bf03-8c14237a5ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22851", "type": "seen", "source": "https://t.me/ctinow/178017", "content": "https://ift.tt/96ZD1fd\nCVE-2024-22851", "creation_timestamp": "2024-02-02T10:31:49.000000Z"}, {"uuid": "dd8df5e9-25f5-4dd4-b283-0dc58b1a031e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-22857", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10140", "content": "#exploit\n1. CVE-2024-28120:\nAPI abuse in codeium-chrome\nhttps://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome\n\n2. CVE-2024-22857:\nArbitrary Code Execution in ZLOG\nhttps://www.ebryx.com/blogs/arbitrary-code-execution-in-zlog-cve-2024-22857", "creation_timestamp": "2024-03-13T15:53:39.000000Z"}]}