{"vulnerability": "CVE-2024-1298", "sightings": [{"uuid": "17f99c59-df00-4484-9e81-1d677f7d8741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12980", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113723054626319681", "content": "", "creation_timestamp": "2024-12-27T05:08:22.569947Z"}, {"uuid": "af671b32-f30a-4cfa-8fff-b06e74ec8e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12980", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lebaasvvpp2i", "content": "", "creation_timestamp": "2024-12-27T05:15:38.346999Z"}, {"uuid": "0bc01e8b-381c-4faf-b952-24bb737094cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12981", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113723163471148400", "content": "", "creation_timestamp": "2024-12-27T05:36:03.618844Z"}, {"uuid": "11ec35a6-5b84-485e-8905-051fc41fca25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12981", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lebdmiaw7g25", "content": "", "creation_timestamp": "2024-12-27T06:15:50.049801Z"}, {"uuid": "0e5f8799-4191-4e25-bf5e-9def07d8af07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12982", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lebdmkcv3n22", "content": "", "creation_timestamp": "2024-12-27T06:15:52.416628Z"}, {"uuid": "9c144463-8ea6-4b2b-89b8-52dccf131406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12982", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113723363096023472", "content": "", "creation_timestamp": "2024-12-27T06:26:51.845960Z"}, {"uuid": "5ca867b3-41e4-49b4-ad57-1fb02d984bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12983", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113723398348853240", "content": "", "creation_timestamp": "2024-12-27T06:35:47.437297Z"}, {"uuid": "e0b8c5c2-2348-43c3-9981-22fa7c255a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12983", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lebgx6rkf522", "content": "", "creation_timestamp": "2024-12-27T07:15:30.704806Z"}, {"uuid": "4d6de915-6f21-4ac5-a7b1-74077ed8a3f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12988", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113723885007461469", "content": "", "creation_timestamp": "2024-12-27T08:39:33.116802Z"}, {"uuid": "e35aced1-52b6-4290-8894-ce7bd4a14563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12984", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecbrin3ev2f", "content": "", "creation_timestamp": "2024-12-27T15:15:30.755611Z"}, {"uuid": "73bf8878-9946-4dbf-82c6-f7244ca1c17f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12985", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecbrkyrjv2i", "content": "", "creation_timestamp": "2024-12-27T15:15:34.059130Z"}, {"uuid": "dbc32409-3ff7-4477-af0b-0034820b175a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12986", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecf5gjbs52f", "content": "", "creation_timestamp": "2024-12-27T16:15:52.953013Z"}, {"uuid": "3f1ca783-717e-4094-858c-316c98ef2c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecf5im54q2e", "content": "", "creation_timestamp": "2024-12-27T16:15:55.697250Z"}, {"uuid": "53c5a6b5-664b-4646-a0f3-3501798a62c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12988", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecihxhwr62k", "content": "", "creation_timestamp": "2024-12-27T17:15:26.969315Z"}, {"uuid": "173262f8-21f1-4815-9592-3fb5ef40bf31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12989", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecltkq3zk22", "content": "", "creation_timestamp": "2024-12-27T18:15:38.411387Z"}, {"uuid": "ffd9467d-a860-484e-9ee3-93c41d207f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "e9757fc0-bb0f-4429-87b7-fdbef99fe3e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "d3bd9010-4e91-42be-a1a1-b34ee901c7e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-12)", "content": "", "creation_timestamp": "2025-02-12T00:00:00.000000Z"}, {"uuid": "2d7a391d-3e67-4594-8528-871945194573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/113990205373134629", "content": "", "creation_timestamp": "2025-02-12T09:28:20.078949Z"}, {"uuid": "b29ae6b7-1422-41c7-bf11-b815bd024937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lhxudxq2lk2x", "content": "", "creation_timestamp": "2025-02-12T09:29:27.868579Z"}, {"uuid": "3e90ed85-b76b-4ed7-8a3e-936f4cc98986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lhxudxqah22x", "content": "", "creation_timestamp": "2025-02-12T09:29:28.762448Z"}, {"uuid": "bc07c306-575b-4c6f-b574-b098713d867c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lhxudxqcfk2x", "content": "", "creation_timestamp": "2025-02-12T09:29:29.617641Z"}, {"uuid": "424ea907-125c-49a4-a76e-7338175213bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-17)", "content": "", "creation_timestamp": "2025-02-17T00:00:00.000000Z"}, {"uuid": "99238862-c09f-4c5e-a39e-10cf675b8b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3li63y6cent2a", "content": "", "creation_timestamp": "2025-02-14T21:02:00.379838Z"}, {"uuid": "5c9ce54b-9af1-459d-b7d3-dbfffa51bb5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lpcasmrubt2x", "content": "", "creation_timestamp": "2025-05-16T14:35:23.134376Z"}, {"uuid": "079c80d6-649b-433a-a8b9-9858c851e776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12986", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw55iklk2x", "content": "", "creation_timestamp": "2025-07-23T21:02:26.145078Z"}, {"uuid": "da177711-7a91-4570-a3e5-b8078ab95251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpkhhfvp6k2g", "content": "", "creation_timestamp": "2025-05-19T20:55:41.948110Z"}, {"uuid": "81236b66-7fe8-4460-a141-cfadf7837149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "79ba33ff-7d22-495a-a2d5-2edf8159d405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "c444723c-1822-45fe-a01a-02735b9ad6c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "229cc163-6592-4f8d-91ba-2fd200492989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lpa2xf52vt2x", "content": "", "creation_timestamp": "2025-05-15T17:45:20.587863Z"}, {"uuid": "ddb61797-85f2-49a1-a56d-f6f73d865680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4016556", "content": "", "creation_timestamp": "2025-05-15T18:36:31.971483Z"}, {"uuid": "ab0520fb-e444-4ba0-9b6c-24f614e7013f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpad65fwr222", "content": "", "creation_timestamp": "2025-05-15T20:12:19.029989Z"}, {"uuid": "022f761c-8910-494c-bbde-f7e218103282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lpagkmi5ci2b", "content": "", "creation_timestamp": "2025-05-15T21:12:57.431673Z"}, {"uuid": "5b5ada00-7473-4310-8cb6-05789910c409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpcwgityxf2c", "content": "", "creation_timestamp": "2025-05-16T21:02:19.778538Z"}, {"uuid": "7ffcfa6f-af37-4d89-b187-f57eae7a9ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "MISP/053ca026-a56e-47a6-9d17-dd5021a065a4", "content": "", "creation_timestamp": "2025-04-23T09:42:59.000000Z"}, {"uuid": "469c1dd9-c121-4b0e-af4f-8ebe4bef3c65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3lpevytnwg22y", "content": "", "creation_timestamp": "2025-05-17T16:00:05.520054Z"}, {"uuid": "4226e82b-fc13-4835-bb38-f90048a50b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpujox2lqx24", "content": "", "creation_timestamp": "2025-05-23T21:02:25.629589Z"}, {"uuid": "a57b9131-1ccc-43b5-a952-f79732914d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:14.000000Z"}, {"uuid": "b77e8293-60ce-473b-bc49-839881bc63f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "622d496d-eeba-4afb-8e8f-0476b2da6573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "MISP/053ca026-a56e-47a6-9d17-dd5021a065a4", "content": "", "creation_timestamp": "2025-08-16T14:30:35.000000Z"}, {"uuid": "45f32e94-2b9b-4f74-9417-5b18405caf2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12988", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-a857457d-5caacd1223a0e069", "content": "", "creation_timestamp": "2026-03-27T14:18:10.216463Z"}, {"uuid": "7b54fb52-30ec-4fc8-ae22-40ec116dcbae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-12987", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4307b145-b847-4e6e-95e2-73fbac1d3256", "content": "", "creation_timestamp": "2026-02-02T12:26:01.216196Z"}, {"uuid": "dc3fa7da-79f8-431f-a4e9-0066913749b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fa564b90-570e-4019-98ec-06e92280bea5", "content": "", "creation_timestamp": "2025-02-12T13:38:55.560603Z"}, {"uuid": "acf68be8-715f-4eea-996c-d60da4b6ce76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12988", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1477", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12988\n\ud83d\udd39 Description: A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.\n\ud83d\udccf Published: 2024-12-27T17:00:14.876Z\n\ud83d\udccf Modified: 2025-01-14T13:59:51.349Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.289381\n2. https://vuldb.com/?ctiid.289381\n3. https://vuldb.com/?submit.462781\n4. https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154\n5. https://www.netgear.com/about/eos/\n6. https://www.netgear.com/", "creation_timestamp": "2025-01-14T14:10:25.000000Z"}, {"uuid": "486a6d50-2c94-40f8-a987-9af978bb37d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12980", "type": "seen", "source": "https://t.me/cvedetector/13711", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12980 - Code-Projects Job Recruitment Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12980 \nPublished : Dec. 27, 2024, 5:15 a.m. | 26\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Job Recruitment 1.0. It has been classified as problematic. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T06:47:19.000000Z"}, {"uuid": "05989c08-69bb-4fcb-b5ef-f3bed60393a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16339", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12987\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.\n\ud83d\udccf Published: 2024-12-27T16:00:13.600Z\n\ud83d\udccf Modified: 2025-05-14T17:03:33.399Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.289380\n2. https://vuldb.com/?ctiid.289380\n3. https://vuldb.com/?submit.468795\n4. https://netsecfish.notion.site/Command-Injection-in-apmcfgupload-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c8040b7f1f0ffe29ce18f?pvs=4", "creation_timestamp": "2025-05-14T17:32:10.000000Z"}, {"uuid": "687de3ac-2a16-4b96-88f2-10428eb282fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12988", "type": "seen", "source": "https://t.me/cvedetector/13789", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12988 - Netgear R6900P and R7000P HTTP Header Handler Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-12988 \nPublished : Dec. 27, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T19:22:13.000000Z"}, {"uuid": "481e95d3-d695-4131-bb06-0ef52c5111fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12986", "type": "seen", "source": "https://t.me/cvedetector/13788", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12986 - DrayTek Vigor2960/Vigor300B OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12986 \nPublished : Dec. 27, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T17:42:02.000000Z"}, {"uuid": "96d5dc6e-7b0a-411c-b60c-470874a88139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12986", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16740", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12986\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component.\n\ud83d\udccf Published: 2024-12-27T15:31:05.003Z\n\ud83d\udccf Modified: 2025-05-16T18:37:19.459Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.289379\n2. https://vuldb.com/?ctiid.289379\n3. https://vuldb.com/?submit.468794\n4. https://netsecfish.notion.site/Command-Injection-in-apmcfgupptim-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c80b9ad8cc37b93273bf6?pvs=4", "creation_timestamp": "2025-05-16T19:34:38.000000Z"}, {"uuid": "194fd0eb-5971-471e-9841-b5f4f4c0ffed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12982", "type": "seen", "source": "https://t.me/cvedetector/13716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12982 - PHPGurukul Blood Bank &amp; Donor Management System Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-12982 \nPublished : Dec. 27, 2024, 6:15 a.m. | 15\u00a0minutes ago \nDescription : A vulnerability was found in PHPGurukul Blood Bank &amp; Donor Management System 2.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bbdms/admin/update-contactinfo.php. The manipulation of the argument Address leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 2.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T07:37:34.000000Z"}, {"uuid": "cfa3dd68-0090-441e-bddb-c76374c066dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12983", "type": "seen", "source": "https://t.me/cvedetector/13723", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12983 - Apacheumping Cross-Site Scripting in Hospital Management System\", \n  \"Content\": \"CVE ID : CVE-2024-12983 \nPublished : Dec. 27, 2024, 7:15 a.m. | 37\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in code-projects Hospital Management System 1.0. This affects an unknown part of the file /hospital/hms/admin/manage-doctors.php of the component Edit Doctor Details Page. The manipulation of the argument Doctor Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. \nSeverity: 2.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T09:18:00.000000Z"}, {"uuid": "b720969f-be0f-46da-bf49-ca3879eec454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12989", "type": "seen", "source": "https://t.me/cvedetector/13791", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12989 - WISI Tangram GT31 SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12989 \nPublished : Dec. 27, 2024, 6:15 p.m. | 45\u00a0minutes ago \nDescription : A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T20:12:24.000000Z"}, {"uuid": "a2d51af1-8b65-4fb6-b603-30f5c0fcf722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12981", "type": "seen", "source": "https://t.me/cvedetector/13720", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12981 - CodeAstro Car Rental System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12981 \nPublished : Dec. 27, 2024, 6:15 a.m. | 15\u00a0minutes ago \nDescription : A vulnerability was found in CodeAstro Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bookingconfirm.php. The manipulation of the argument driver_id_from_dropdown leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T07:37:40.000000Z"}, {"uuid": "f421c5fb-9e9a-40bb-8d21-f7e61f21b908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "seen", "source": "https://t.me/cvedetector/13786", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12987 - DrayTek Vigor2960/Vigor300B Web Management Interface Os Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12987 \nPublished : Dec. 27, 2024, 4:15 p.m. | 23\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T17:41:58.000000Z"}, {"uuid": "212cc3c3-40f3-4cee-9509-45e5ef6bd715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2469", "content": "CVE-2024-12987 \n*\nDrayTek Gateways Vulnerable to Remote Command Injection\nPOC", "creation_timestamp": "2025-01-01T05:22:07.000000Z"}, {"uuid": "54336fb6-d008-4ede-9e61-ab7c1488eefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12987", "type": "published-proof-of-concept", "source": "https://t.me/zero_day_uz/465", "content": "CVE-2024-12987 \n*\nDrayTek Gateways Vulnerable to Remote Command Injection\nPOC", "creation_timestamp": "2025-01-10T08:17:28.000000Z"}]}