{"vulnerability": "cve-2024-4807", "sightings": [{"uuid": "b93cd84a-b04b-4346-92a5-b2d6cb55a9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48074", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lx3ulrhv2n2b", "content": "", "creation_timestamp": "2025-08-23T21:02:30.031492Z"}, {"uuid": "65149d85-9026-4da6-8893-544ec8ef2a07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48075", "type": "seen", "source": "https://t.me/cvedetector/10751", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48075 - Real Time Logic SharkSSL Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48075 \nPublished : Nov. 12, 2024, 10:15 p.m. | 37\u00a0minutes ago \nDescription : A Heap buffer overflow in the server-site handshake implementation in Real Time Logic SharkSSL 09.09.24 and earlier allows a remote attacker to trigger a Denial-of-Service via a malformed TLS Client Key Exchange message. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T23:56:21.000000Z"}, {"uuid": "a7eff025-380d-41df-a6c1-241a7fa3e3a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48073", "type": "seen", "source": "https://t.me/cvedetector/10226", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48073 - Sunniwell HT3300 Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48073 \nPublished : Nov. 8, 2024, 10:15 p.m. | 29\u00a0minutes ago \nDescription : sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, which could allow an attacker to pass commands to this program via command line arguments to gain elevated root privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-08T23:53:53.000000Z"}, {"uuid": "9662d788-87e4-4b1d-90c4-fa4ebc1e4a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48074", "type": "seen", "source": "https://t.me/cvedetector/9100", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48074 - \"DrayTek Vigor2960 Command Injection RCE\"\", \n  \"Content\": \"CVE ID : CVE-2024-48074 \nPublished : Oct. 28, 2024, 12:15 p.m. | 19\u00a0minutes ago \nDescription : An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T13:39:02.000000Z"}]}