https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 16:14:50 +0000 https://vulnerability.circl.lu/sighting/346fcb2e-70ed-4028-a280-c6a954f179ee/export {"uuid": "346fcb2e-70ed-4028-a280-c6a954f179ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lgsulbxvnq2j", "content": "", "creation_timestamp": "2025-01-28T16:25:03.089525Z"} {"uuid": "346fcb2e-70ed-4028-a280-c6a954f179ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lgsulbxvnq2j", "content": "", "creation_timestamp": "2025-01-28T16:25:03.089525Z"} https://vulnerability.circl.lu/sighting/346fcb2e-70ed-4028-a280-c6a954f179ee/export Tue, 28 Jan 2025 16:25:03 +0000 https://vulnerability.circl.lu/sighting/fb3b3393-bd2b-45ff-9619-24c32ede8913/export {"uuid": "fb3b3393-bd2b-45ff-9619-24c32ede8913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lguul2ho762j", "content": "", "creation_timestamp": "2025-01-29T11:30:14.807358Z"} {"uuid": "fb3b3393-bd2b-45ff-9619-24c32ede8913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lguul2ho762j", "content": "", "creation_timestamp": "2025-01-29T11:30:14.807358Z"} https://vulnerability.circl.lu/sighting/fb3b3393-bd2b-45ff-9619-24c32ede8913/export Wed, 29 Jan 2025 11:30:14 +0000 https://vulnerability.circl.lu/sighting/12de66df-230f-4c4c-8cdb-fbbb34ce440e/export {"uuid": "12de66df-230f-4c4c-8cdb-fbbb34ce440e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/suboxone_chatroom/4346", "content": "CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating \ud83d\udd25\n\nThe vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/NETLB\n\ud83d\udc49 Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e\n\nVendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264", "creation_timestamp": "2025-02-28T08:23:05.000000Z"} {"uuid": "12de66df-230f-4c4c-8cdb-fbbb34ce440e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/suboxone_chatroom/4346", "content": "CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating \ud83d\udd25\n\nThe vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/NETLB\n\ud83d\udc49 Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e\n\nVendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264", "creation_timestamp": "2025-02-28T08:23:05.000000Z"} https://vulnerability.circl.lu/sighting/12de66df-230f-4c4c-8cdb-fbbb34ce440e/export Fri, 28 Feb 2025 08:23:05 +0000 https://vulnerability.circl.lu/sighting/085778e8-1dcc-480f-9acf-7269849e042c/export {"uuid": "085778e8-1dcc-480f-9acf-7269849e042c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6227", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55570\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: /api/user/users in the web GUI for the Cubro EXA48200 network packet broker (build 20231025055018) fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access control.\n\ud83d\udccf Published: 2025-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T16:11:14.843Z\n\ud83d\udd17 References:\n1. https://herolab.usd.de/security-advisories/\n2. https://herolab.usd.de/security-advisories/usd-2024-0014/", "creation_timestamp": "2025-03-03T16:30:31.000000Z"} {"uuid": "085778e8-1dcc-480f-9acf-7269849e042c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6227", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55570\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: /api/user/users in the web GUI for the Cubro EXA48200 network packet broker (build 20231025055018) fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access control.\n\ud83d\udccf Published: 2025-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T16:11:14.843Z\n\ud83d\udd17 References:\n1. https://herolab.usd.de/security-advisories/\n2. https://herolab.usd.de/security-advisories/usd-2024-0014/", "creation_timestamp": "2025-03-03T16:30:31.000000Z"} https://vulnerability.circl.lu/sighting/085778e8-1dcc-480f-9acf-7269849e042c/export Mon, 03 Mar 2025 16:30:31 +0000 https://vulnerability.circl.lu/sighting/12725b1c-55df-4c95-afac-91791c8ed886/export {"uuid": "12725b1c-55df-4c95-afac-91791c8ed886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljim7hxg652a", "content": "", "creation_timestamp": "2025-03-03T18:44:15.723754Z"} {"uuid": "12725b1c-55df-4c95-afac-91791c8ed886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljim7hxg652a", "content": "", "creation_timestamp": "2025-03-03T18:44:15.723754Z"} https://vulnerability.circl.lu/sighting/12725b1c-55df-4c95-afac-91791c8ed886/export Mon, 03 Mar 2025 18:44:15 +0000 https://vulnerability.circl.lu/sighting/8d73ba54-4ca6-437b-97ca-849cfc1117ba/export {"uuid": "8d73ba54-4ca6-437b-97ca-849cfc1117ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55571", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13214", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3872\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon centreon-web (User configuration form modules) allows SQL Injection.\n\n\nA user with high privileges is able to become administrator by intercepting the contact form request and altering its payload.\n\n\n\nThis issue affects Centreon: from 22.10.0 before 22.10.28, from 23.04.0 before 23.04.25, from 23.10.0 before 23.10.20, from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-04-24T09:19:33.900Z\n\ud83d\udccf Modified: 2025-04-24T09:19:33.900Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55571-centreon-web-high-severity-4496\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-04-24T10:08:03.000000Z"} {"uuid": "8d73ba54-4ca6-437b-97ca-849cfc1117ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55571", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13214", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3872\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon centreon-web (User configuration form modules) allows SQL Injection.\n\n\nA user with high privileges is able to become administrator by intercepting the contact form request and altering its payload.\n\n\n\nThis issue affects Centreon: from 22.10.0 before 22.10.28, from 23.04.0 before 23.04.25, from 23.10.0 before 23.10.20, from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-04-24T09:19:33.900Z\n\ud83d\udccf Modified: 2025-04-24T09:19:33.900Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55571-centreon-web-high-severity-4496\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-04-24T10:08:03.000000Z"} https://vulnerability.circl.lu/sighting/8d73ba54-4ca6-437b-97ca-849cfc1117ba/export Thu, 24 Apr 2025 10:08:03 +0000 https://vulnerability.circl.lu/sighting/c1de91fa-a948-44a2-af67-5390b2cc973a/export {"uuid": "c1de91fa-a948-44a2-af67-5390b2cc973a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-55571", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114393106631815821", "content": "", "creation_timestamp": "2025-04-24T13:11:24.836473Z"} {"uuid": "c1de91fa-a948-44a2-af67-5390b2cc973a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-55571", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114393106631815821", "content": "", "creation_timestamp": "2025-04-24T13:11:24.836473Z"} https://vulnerability.circl.lu/sighting/c1de91fa-a948-44a2-af67-5390b2cc973a/export Thu, 24 Apr 2025 13:11:24 +0000 https://vulnerability.circl.lu/sighting/97eefdae-62bb-4a6e-817c-c637a79d05e8/export {"uuid": "97eefdae-62bb-4a6e-817c-c637a79d05e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16087", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4646\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Privilege Management vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-05-13T09:17:35.146Z\n\ud83d\udccf Modified: 2025-05-13T09:19:49.835Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55572-centreon-web-high-severity-4460\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T09:30:35.000000Z"} {"uuid": "97eefdae-62bb-4a6e-817c-c637a79d05e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16087", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4646\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Privilege Management vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-05-13T09:17:35.146Z\n\ud83d\udccf Modified: 2025-05-13T09:19:49.835Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55572-centreon-web-high-severity-4460\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T09:30:35.000000Z"} https://vulnerability.circl.lu/sighting/97eefdae-62bb-4a6e-817c-c637a79d05e8/export Tue, 13 May 2025 09:30:35 +0000 https://vulnerability.circl.lu/sighting/b69761a2-eb86-4750-aa68-4d3cfa2b6ac6/export {"uuid": "b69761a2-eb86-4750-aa68-4d3cfa2b6ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16091", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4648\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.\nA user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.\nThis issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.\n\ud83d\udccf Published: 2025-05-13T09:45:41.519Z\n\ud83d\udccf Modified: 2025-05-13T09:45:41.519Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55575-centreon-web-high-severity-4434\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T10:30:14.000000Z"} {"uuid": "b69761a2-eb86-4750-aa68-4d3cfa2b6ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16091", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4648\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.\nA user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.\nThis issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.\n\ud83d\udccf Published: 2025-05-13T09:45:41.519Z\n\ud83d\udccf Modified: 2025-05-13T09:45:41.519Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55575-centreon-web-high-severity-4434\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T10:30:14.000000Z"} https://vulnerability.circl.lu/sighting/b69761a2-eb86-4750-aa68-4d3cfa2b6ac6/export Tue, 13 May 2025 10:30:14 +0000 https://vulnerability.circl.lu/sighting/02468e94-f81c-4ded-8806-368b0a58d5a7/export {"uuid": "02468e94-f81c-4ded-8806-368b0a58d5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"} {"uuid": "02468e94-f81c-4ded-8806-368b0a58d5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"} https://vulnerability.circl.lu/sighting/02468e94-f81c-4ded-8806-368b0a58d5a7/export Mon, 01 Sep 2025 19:03:03 +0000