{"vulnerability": "cve-2024-4072", "sightings": [{"uuid": "a05a6964-820c-41bf-8e8a-82dcf33cf022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/3786", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-24T22:29:42.000000Z"}, {"uuid": "25a0e822-c495-448f-9fb3-aaf98b1d3ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40722", "type": "seen", "source": "https://t.me/cvedetector/2343", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40722 - CHANGING Information Technology TCBServiSign Windows Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40722 \nPublished : Aug. 2, 2024, 11:16 a.m. | 38\u00a0minutes ago \nDescription : The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T14:01:17.000000Z"}, {"uuid": "89511827-cbff-4bc5-a5ce-36a4a1ce665c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40720", "type": "seen", "source": "https://t.me/cvedetector/2350", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40720 - TCBServiSign Windows Vulnerability (Remote Command Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-40720 \nPublished : Aug. 2, 2024, 11:16 a.m. | 38\u00a0minutes ago \nDescription : The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T14:01:24.000000Z"}, {"uuid": "5f30b544-2696-48e3-b0ca-99878dd6a9b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40721", "type": "seen", "source": "https://t.me/cvedetector/2347", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40721 - TCBServiSign DLL Loading Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40721 \nPublished : Aug. 2, 2024, 11:16 a.m. | 38\u00a0minutes ago \nDescription : The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T14:01:21.000000Z"}, {"uuid": "57fa8a15-58b6-49bf-bc51-83f7fface71d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40723", "type": "seen", "source": "https://t.me/cvedetector/2346", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40723 - CHANGING HWATAIServiSign Stack-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-40723 \nPublished : Aug. 2, 2024, 11:16 a.m. | 38\u00a0minutes ago \nDescription : The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily disrupting its service. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T14:01:20.000000Z"}, {"uuid": "b1c49c87-fe76-4048-8944-3acac6c6f136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40726", "type": "seen", "source": "https://t.me/cvedetector/415", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40726 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40726 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:39:58.000000Z"}, {"uuid": "2ce6a187-3dff-452b-8906-b77c364fc2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40727", "type": "seen", "source": "https://t.me/cvedetector/421", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40727 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40727 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:40:04.000000Z"}, {"uuid": "19ce5444-8062-4a6c-a200-81ae7cd4f946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40729", "type": "seen", "source": "https://t.me/cvedetector/419", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40729 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40729 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:40:03.000000Z"}, {"uuid": "409a925a-955c-4b3b-b77c-6ca9ef554f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40728", "type": "seen", "source": "https://t.me/cvedetector/413", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40728 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40728 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:39:56.000000Z"}, {"uuid": "4e583bdc-edad-4a31-a5a6-b1d529945e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/cvedetector/1150", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40725 - Apache HTTP Server PHP Source Code Disclosure Handler Configuration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40725 \nPublished : July 18, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : A partial fix for\u00a0 CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.  \n  \nUsers are recommended to upgrade to version 2.4.62, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T13:27:13.000000Z"}, {"uuid": "0421725a-a781-4988-96e6-de3de5c12421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40724", "type": "seen", "source": "https://t.me/cvedetector/1202", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40724 - Assimp Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40724 \nPublished : July 19, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-19T11:11:30.000000Z"}, {"uuid": "1e880750-187f-4478-908f-8050d5454837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/556", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-30T01:02:10.000000Z"}, {"uuid": "ecf10999-8e4d-497d-a97f-35e668323056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6874", "content": "CVE-2024\u201340725 and CVE-2024\u201340898: Critical Vulnerabilities in Apache HTTP Server: https://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-22T04:06:24.000000Z"}, {"uuid": "b90eda56-488c-4bdf-bcb7-029d3efc2d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/HackingInsights/6516", "content": "\u200aCVE-2024-40725 & CVE-2024-40898: Apache HTTP Server Flaws Put Millions of Websites at Risk\n\nhttps://securityonline.info/cve-2024-40725-cve-2024-40898-apache-http-server-flaws-put-millions-of-websites-at-risk/", "creation_timestamp": "2024-07-18T10:13:30.000000Z"}, {"uuid": "da71f5c6-dc06-4e80-8d53-0aaa9bd381e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40722", "type": "seen", "source": "https://t.me/arvinclub1/1132", "content": "\ud83d\udccc  CVE-2024-40722\nThe specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service", "creation_timestamp": "2024-08-09T17:34:13.000000Z"}, {"uuid": "039cbf8d-219c-4f66-a66c-0c5cd3af51d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1332", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:21.000000Z"}, {"uuid": "01b1f3a4-bd8c-4b78-954a-bb3b372fe924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/458", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:45.000000Z"}, {"uuid": "4349fc13-04f5-4431-b952-20c50cafad5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8306", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "4070ea75-0b56-4627-906c-36015a5911f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9164", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:14:17.000000Z"}, {"uuid": "25a1b41b-9dad-4515-bfbc-1ef5c9cf056c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/26088", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:52.000000Z"}, {"uuid": "c9f6ed17-06f6-4cff-b6df-4361c82cac57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "Telegram/fmnrItX9ni0-os4NhDhn5S2FWV4dH62W8_H3cZbb_PP8-WM", "content": "", "creation_timestamp": "2024-11-11T16:17:23.000000Z"}, {"uuid": "779f0102-e096-4476-99b7-77db7d16b3f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3474", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T04:43:56.000000Z"}, {"uuid": "27967953-f2d9-4e1d-a4c4-a0b623fa3c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4004", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:13.000000Z"}, {"uuid": "7565c54d-e3dd-4029-80da-5e40bd4ebc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7750", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:14:17.000000Z"}, {"uuid": "c8c699a1-57b5-4491-be45-58892167bdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7003", "content": "Tools - Hackers Factory \n\nSimple tool for searching and collect information written in Python 3\n\nhttps://github.com/YouVBeenHacked/gideon/tree/09c3e17864a5d6ceead8558f119560c4861d7a6f\n\nlawndoc/Respotter: Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.\n\nhttps://github.com/lawndoc/Respotter\n\na13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nA chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs\n\nhttps://github.com/ElSicarius/chunkloader\n\nToutatis\n\nhttps://github.com/megadose/toutatis - a tool for collecting info about an Instagram user (that include part of phone number and email).\n\nCVE-2024-40725 and CVE-2024-40898\n\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\nMass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)\n\nhttps://github.com/codeb0ss/CVE-2024-29824-PoC\n\nFile-Tunnel : Tunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-07-23T06:18:24.000000Z"}, {"uuid": "b0bb4d60-79e9-4052-a84e-1e6c917e8cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/159058", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-24T22:29:42.000000Z"}, {"uuid": "3774a757-4ecc-44fd-b875-94f6da98db73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "0b3b5da4-6c84-4cc1-9e10-6d4a2b5538b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:03.000000Z"}, {"uuid": "277d2a3d-5380-4bbc-b2b4-bf9de46c6040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/899", "content": "#GitHub #Tools\n\nThis Python application is an OSINT (Open Source Intelligence) tool called \"Ominis OSINT - Web Hunter.\" It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.\n\nhttps://github.com/AnonCatalyst/Ominis-Osint\n\nExploit CVE-2024-40725 (Apache httpd) \n\nhttps://github.com/soltanali0/CVE-2024-40725\n\nHere is the full tool. This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.\n\nhttps://github.com/Octoberfest7/enumhandles_BOF\n\nProof-of-concept shellcode loaders that leverage AI/ML primitives in C/C++ and Rust to do some shenanigans prior to shellcode detonation.\n\nhttps://github.com/0xTriboulet/T-1\n\nPendingFileRenameOperations + Junctions EDR Disable\n\nhttps://github.com/rad9800/FileRenameJunctionsEDRDisable\n\n#HackersForum", "creation_timestamp": "2024-12-19T04:13:52.000000Z"}, {"uuid": "46d2b9b9-4147-4673-96e9-2f72d9405f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2817", "content": "https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\n\ud83d\udea8CVE-2024-40725 and CVE-2024-40898\ud83d\udea8\n#github #poc #exploit", "creation_timestamp": "2024-07-20T15:31:46.000000Z"}, {"uuid": "1eb48019-c7f8-4a99-953d-223fa751e9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10863", "content": "#exploit\n1. CVE-2024-34065:\nStrapi Open Redirect\nhttps://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html\n\n2. CVE-2024-40725,\nCVE-2024-40898:\nApache HTTP Server SSRF\nhttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898", "creation_timestamp": "2024-07-21T19:21:49.000000Z"}, {"uuid": "d9b15713-bcf5-44fa-ac1d-5d2a426b97db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/oxlogs/26", "content": "https://github.com/soltanali0/CVE-2024-40725", "creation_timestamp": "2024-12-18T20:17:22.000000Z"}, {"uuid": "b8ea75b7-2485-431e-8c2e-399f65a9220f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8023", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aWhy GNU IFUNC is the real culprit behind CVE-2024-3094\nURL\uff1ahttps://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-19T03:58:31.000000Z"}, {"uuid": "e9d747eb-1500-4190-9ced-0a39912b5250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9487", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aexploit CVE-2024-40725 (Apache httpd) with \nURL\uff1ahttps://github.com/soltanali0/CVE-2024-40725\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-18T15:13:31.000000Z"}, {"uuid": "1b7ce749-2efd-4576-b758-401af82c21c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7604", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40725\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A partial fix for\u00a0 CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.\n\n\n\ud83d\udccf Published: 2024-07-18T09:32:43.929Z\n\ud83d\udccf Modified: 2025-03-14T17:27:57.926Z\n\ud83d\udd17 References:\n1. https://httpd.apache.org/security/vulnerabilities_24.html", "creation_timestamp": "2025-03-14T17:48:46.000000Z"}]}