{"vulnerability": "cve-2025-4489", "sightings": [{"uuid": "36e64d76-b5d1-4239-bc5f-b3edd2ed7732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44899", "type": "seen", "source": "https://t.me/cvedetector/24652", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-44899 - Tenda RX3 Stack Overflow Vulnerability in WifiGuestSet\", \n  \"Content\": \"CVE ID : CVE-2025-44899 \nPublished : May 6, 2025, 9:16 p.m. | 59\u00a0minutes ago \nDescription : There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:29.000000Z"}, {"uuid": "4856e75c-b81c-4ca7-9f09-08f8e6f82f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44893", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mp56px2w", "content": "", "creation_timestamp": "2025-05-20T23:13:27.317665Z"}, {"uuid": "ffa925fd-23d6-4012-9de2-f84f636cff5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44890", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mpjl7h2w", "content": "", "creation_timestamp": "2025-05-20T23:13:28.709428Z"}, {"uuid": "d363e7b3-899c-4d44-b709-40631fbb587a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44896", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mqsfbi2h", "content": "", "creation_timestamp": "2025-05-20T23:13:35.453750Z"}, {"uuid": "e68051fc-e462-4b9a-9406-72b45c9664a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4489", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorckv66c6d2", "content": "", "creation_timestamp": "2025-05-09T22:09:29.390901Z"}, {"uuid": "94f8e6d9-9ebc-42cc-8b3e-0204929b4519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44899", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwimxaun2h", "content": "", "creation_timestamp": "2025-05-06T22:26:56.248093Z"}, {"uuid": "2d245975-4318-4dd1-8fcc-ca0e2af6a4b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44891", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mq23jp2w", "content": "", "creation_timestamp": "2025-05-20T23:13:31.627277Z"}, {"uuid": "c90def95-136d-40aa-b085-9f5b99502d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44894", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mqamdg2t", "content": "", "creation_timestamp": "2025-05-20T23:13:32.690652Z"}, {"uuid": "e29126c1-1d08-4be0-9865-15b5c96a3263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44897", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mqdwm62c", "content": "", "creation_timestamp": "2025-05-20T23:13:33.205562Z"}, {"uuid": "961c60eb-910e-47aa-a9a6-9bd204547668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44898", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mqoau62t", "content": "", "creation_timestamp": "2025-05-20T23:13:34.871717Z"}, {"uuid": "ec632fd1-49c5-4b32-b35c-43cd4666fe00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44895", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpp4anayhm2o", "content": "", "creation_timestamp": "2025-05-21T17:18:22.737700Z"}, {"uuid": "8727c1a6-ec87-44ff-9f27-8ae09f4b57d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17081", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:25:09.679Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/04/18/web-acl-bindEdit-post-bindEditMACName-StackOverflow/", "creation_timestamp": "2025-05-20T20:41:14.000000Z"}, {"uuid": "f1851d8c-58aa-4903-896f-be03d40ba171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4489", "type": "published-proof-of-concept", "source": "Telegram/HfdZK7IaNw2IgiSWMbJAgdBOWQpganIA_skYVFqg6YQ3yyg", "content": "", "creation_timestamp": "2025-05-09T23:31:22.000000Z"}, {"uuid": "08a2783f-bf4c-4e43-8631-da033362955d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44899", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lomcyiiszr2o", "content": "", "creation_timestamp": "2025-05-07T21:15:52.943231Z"}, {"uuid": "e9ef5209-55c4-453b-a49a-83ff5e19d78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44892", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpp4anoq4i2h", "content": "", "creation_timestamp": "2025-05-21T17:18:25.181474Z"}, {"uuid": "7af9bb0f-ac39-419b-be17-9aee3f338580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4489", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15862", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4489\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/user-router.php. The manipulation of the argument t1_verified leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-09T20:31:05.491Z\n\ud83d\udccf Modified: 2025-05-10T01:48:12.401Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308204\n2. https://vuldb.com/?ctiid.308204\n3. https://vuldb.com/?submit.566784\n4. https://github.com/wyl091256/CVE/issues/9\n5. https://www.campcodes.com/", "creation_timestamp": "2025-05-10T02:26:32.000000Z"}, {"uuid": "37f21e9b-4a89-4fdb-ad3c-61349594e82b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44897", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17080", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44897\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:27:02.681Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/04/20/web-tool-upgradeManager-post-tftp-srvip/", "creation_timestamp": "2025-05-20T20:41:13.000000Z"}, {"uuid": "6d7025a5-b864-438d-96fe-549562e306a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44894", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17074", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44894\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:31:07.096Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/04/20/web-radiusSrv-dftParam-post-radDftParamKey/", "creation_timestamp": "2025-05-20T20:41:04.000000Z"}, {"uuid": "3972ef46-0cd5-4113-b1a3-9b826a64cd9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44891", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17072", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44891\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:32:05.993Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/04/20/web-snmp-v3host-add-post-host-ip/", "creation_timestamp": "2025-05-20T20:41:02.000000Z"}, {"uuid": "7203dd8a-0151-4879-ba51-774197f058a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44898", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17077", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-44898\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.\n\ud83d\udccf Published: 2025-05-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-20T20:29:16.755Z\n\ud83d\udd17 References:\n1. https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/", "creation_timestamp": "2025-05-20T20:41:10.000000Z"}, {"uuid": "e38e4b24-713d-43f1-b6ce-c8bb9e9222a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4489", "type": "seen", "source": "https://t.me/cvedetector/24980", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4489 - Campcodes Online Food Ordering System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-4489 \nPublished : May 9, 2025, 9:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/user-router.php. The manipulation of the argument t1_verified leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-10T00:34:21.000000Z"}]}