{"vulnerability": "CVE-2024-2040", "sightings": [{"uuid": "0d281287-deb1-4d4f-894d-210c2965cea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6iagpsbe72a", "content": "", "creation_timestamp": "2025-11-25T21:02:38.752219Z"}, {"uuid": "25478a59-eabb-493c-882f-fed167280285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzfcys42i", "content": "", "creation_timestamp": "2026-02-05T21:02:51.436757Z"}, {"uuid": "7067c62b-7a2a-4d01-aa63-a4fa4754c920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-20404.yaml", "content": "", "creation_timestamp": "2025-11-24T05:17:43.000000Z"}, {"uuid": "096ad1aa-cdb7-4474-a05c-9bc8d6174726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-20401", "type": "seen", "source": "https://vulnerability.circl.lu/comment/a309d024-2714-4a81-a425-60f83f6d5740", "content": "", "creation_timestamp": "2024-07-19T07:16:54.446520Z"}, {"uuid": "dfe4e876-9273-47e1-87db-eda38f6d151b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-20401", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1335", "content": "", "creation_timestamp": "2024-07-18T04:00:00.000000Z"}, {"uuid": "894ca914-4fc7-4c44-a160-74e2ddb6af11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "9fd80019-1aaf-4897-a04f-e63244ec03f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "164e489d-390e-4f22-b24d-40d54f70eea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "304ea167-93d5-414e-8e04-8ee7c459669b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20407", "type": "seen", "source": "https://t.me/cvedetector/8762", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20407 - Cisco Firepower Threat Defense TCP Intercept Snort 3 Embryonic Connection Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20407 \nPublished : Oct. 23, 2024, 6:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability.   \n  \n This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T20:45:20.000000Z"}, {"uuid": "5562ce60-c3f4-4a5f-b33c-2c3e695ff501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20401", "type": "seen", "source": "https://t.me/kasperskyb2b/1343", "content": "\ud83d\udd25 10 CVE \u043e\u0442 Cisco, \u043e\u0434\u043d\u0430 \u0441 CVSS 10\n\nCisco Patch Wednesday \u043f\u0440\u043e\u0448\u0451\u043b \u0441 \u043e\u0433\u043e\u043d\u044c\u043a\u043e\u043c \u2014 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u0425\u0435\u0434\u043b\u0430\u0439\u043d\u0435\u0440\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u0435\u043c CVE-2024-20401 \u0441 CVSS 9.8, \u044d\u0442\u043e \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 Secure Email Gateway, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0449\u0438\u0439 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439, \u043f\u0440\u0438\u0441\u043b\u0430\u0432\u0448\u0438\u0439 \u043f\u0438\u0441\u044c\u043c\u043e \u0441\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f root-\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043c\u0435\u043d\u044f\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u0448\u043b\u044e\u0437\u0435 \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043a\u043e\u043d\u0442\u0435\u043d\u0442-\u0444\u0438\u043b\u044c\u0442\u0440 \u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440 \u0444\u0430\u0439\u043b\u043e\u0432, \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0439\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e Cisco Advanced Malware Protection. \ud83e\udd2a\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043d\u0435 \u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043e, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u043e \u2014 \u043f\u043e\u043a\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 10 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 Smart Software Manager On-Prem, \u043c\u043e\u0434\u0443\u043b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Cisco.  CVE-2024-20419 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0437\u0430\u0439\u0442\u0438 \u0432 web UI \u0438\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f API \u0441 \u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0438, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u0438\u0440\u043e\u0434\u0443 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442. \u0413\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438-\u0441\u0435\u0442\u0435\u0432\u0438\u043a\u0438 \u2014 \u044d\u0442\u043e DoS \u043f\u0443\u0442\u0451\u043c \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0439, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f BlastRADIUS (CVE-2024-3596), \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Secure Web Appliance (CVE-2024-20435) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 Identity Services Engine (CVE-2024-20296).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Cisco @\u041f2\u0422", "creation_timestamp": "2024-07-18T11:16:31.000000Z"}, {"uuid": "ca81da38-c4a9-40b8-a333-5d076be274d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20403", "type": "seen", "source": "https://t.me/cvedetector/8761", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20403 - \"Cisco Firepower Management Center (FMC) Software Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20403 \nPublished : Oct. 23, 2024, 6:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T20:45:20.000000Z"}, {"uuid": "28627847-7c60-4e40-a1e4-14f363f5301b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20405", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/4686", "content": "Cisco Finesse Remote File Inclusion (CVE-2024\u201320405): https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-03T15:44:54.000000Z"}, {"uuid": "d9435b32-69a2-4b7f-be70-fce8a2ec03ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/5270", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:10.000000Z"}, {"uuid": "bcafd529-00f4-4b76-be17-dbcbede2659a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20400", "type": "seen", "source": "https://t.me/cvedetector/1106", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20400 - Cisco Expressway Series HTTP Request Parameter Manipulation Remote Web Attack\", \n  \"Content\": \"CVE ID : CVE-2024-20400 \nPublished : July 17, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.  \n  \n This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.  \n  \n Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T19:53:50.000000Z"}, {"uuid": "2594ebae-6611-4d33-b9a4-f88c25e5176a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20406", "type": "seen", "source": "https://t.me/cvedetector/5395", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20406 - Cisco IS-IS Protocol Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20406 \nPublished : Sept. 11, 2024, 5:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.  \n  \nThis vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition.  \nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T19:32:40.000000Z"}, {"uuid": "c6e1bb1d-8ee1-4972-93f4-f8afc321a690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20401", "type": "seen", "source": "https://t.me/cvedetector/1104", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20401 - \"Cisco Secure Email Gateway File Overwrite Remote Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20401 \nPublished : July 17, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system.  \n  \n This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.  \n  \n Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T19:53:48.000000Z"}, {"uuid": "c799ae53-f26d-4cdf-9247-64284dfc5c34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1808", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-08T16:16:11.000000Z"}, {"uuid": "609a8e0f-cbcb-41c5-b233-961c21d1de8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "Telegram/0ojFoxVGwFFKBRpdch3yrZ16P2myEFbIRSeSkQlYR8l62w", "content": "", "creation_timestamp": "2024-10-10T18:01:24.000000Z"}, {"uuid": "7395f785-f76c-4add-9177-fd48d399746f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1773", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-19T08:29:59.000000Z"}, {"uuid": "d8181dad-b11f-4d90-9cfc-8c43f680dcdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2217", "content": "https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\ncve-2024-20404\n#github #exploit", "creation_timestamp": "2024-10-08T16:24:05.000000Z"}, {"uuid": "10945e68-d291-484f-9388-991c7cb769e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/19421", "content": "https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\ncve-2024-20404\n#github #exploit", "creation_timestamp": "2024-10-08T16:24:05.000000Z"}, {"uuid": "5ed68121-944c-4bfc-9df9-eb5801299369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1894", "content": "\u200aCVE-2024-20404/20405: Cisco Finesse Vulnerabilities Open Door to Attacks\n\nhttps://securityonline.info/cve-2024-20404-20405-cisco-finesse-vulnerabilities-open-door-to-attacks/", "creation_timestamp": "2024-06-07T13:52:10.000000Z"}, {"uuid": "4fe05d6a-046e-4521-9e45-0f4baf170d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1060", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:26.000000Z"}, {"uuid": "7553cdc1-8b2f-4e6c-9ae0-2a2324771c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/4685", "content": "Cisco Finesse Server Side Request Forgery (CVE-2024\u201320404): https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-03T15:44:53.000000Z"}, {"uuid": "f638fbc5-4a3e-465d-973a-cdf2cc2cd24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20401", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6501", "content": "\u200aCritical Security Flaw in Cisco Secure Email Gateway: CVE-2024-20401\n\nhttps://securityonline.info/critical-security-flaw-in-cisco-secure-email-gateway-cve-2024-20401/", "creation_timestamp": "2024-07-18T10:13:21.000000Z"}, {"uuid": "b96b3558-9483-46b4-a4ec-a8d54374a66e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8876", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "43e12361-b34b-4923-9090-4bd1f0a2804d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3790", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:32.000000Z"}, {"uuid": "43061fb0-6c80-4b1b-b96a-b574759a3dbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24064", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:52.000000Z"}, {"uuid": "903353ee-c67d-4d09-8451-434de9c3c2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3291", "content": "https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\ncve-2024-20404\n#github #exploit", "creation_timestamp": "2024-10-08T06:03:25.000000Z"}, {"uuid": "2a363e16-b3b7-40f1-a401-8d98aee0e775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "Telegram/RwY6Qx7q79BGFkuYNtskNo4YfaA4RR8J0sppT16Si3kAhAp8", "content": "", "creation_timestamp": "2024-10-19T08:21:04.000000Z"}, {"uuid": "7c5428fb-649a-4620-96dc-6bbe24e81739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7512", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:59.000000Z"}, {"uuid": "0fefa883-a150-4f57-a030-cf35b3346887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11248", "content": "#exploit\n1. CVE-2024-20404:\nCisco Finesse Web-Based Management Interface XSS/SSRF\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052:\nExploiting Visual Studio via dump files\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353:\nCisco IOS XE DoS\nhttps://github.com/codeb0ss/CVE-2024-20353-PoC", "creation_timestamp": "2024-10-07T18:09:24.000000Z"}, {"uuid": "ff367e2c-cd6b-4918-a4df-047423f51fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "https://t.me/InfoSecInsider/495", "content": "Tools - Hackers Factory \n\n#exploit\n\n1. CVE-2024-20404: Cisco Finesse Web-Based Management Interface XSS/SSRF\n\nhttps://github.com/AbdElRahmanEzzat1995/CVE-2024-20404\n\n2. CVE-2024-30052: Exploiting Visual Studio via dump files\n\nhttps://ynwarcs.github.io/exploiting-vs-dump-files\n\n3. CVE-2024-20353: Cisco IOS XE DoS\n\nhttps://github.com/codeb0ss/CVE-2\n\nThievingFox\n\nhttps://github.com/Slowerzs/ThievingFox/\n\n#Offensive_security\n\n1. RustiveDump - LSASS memory dumper using only NTAPIs\n\nhttps://github.com/safedv/RustiveDump\n\n2. cred1py - Python PoC for CRED1 over SOCKS5\n\nhttps://github.com/SpecterOps/cred1py\n\n3. Reverse SSH - SSH based reverse shell\n\nhttps://github.com/NHAS/reverse_ssh\n\nRepository for the NodeMedic-FINE tool (NDSS'24)\n\nhttps://github.com/NodeMedicAnalysis/NodeMedic-FINE\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-12T07:18:53.000000Z"}, {"uuid": "ea51feb3-fda3-43e9-b5b2-85e68bb8753d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "seen", "source": "https://t.me/kasraone_com/742", "content": "\ud83d\udea8 CVE-2024-20404\n\u26a0\ufe0f Cisco Finesse Web-Based Management Interface XSS/SSRF Vulnerability\n\n\ud83d\udcdd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0631\u0627\u0628\u0637 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0648\u0628 Cisco Finesse \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u06cc\u0646 \u0627\u06cc\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062d\u0645\u0644\u0627\u062a XSS \u0648 SSRF \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0627\u0645\u0646\u06cc\u062a \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0631\u0627 \u0628\u0647 \u062e\u0637\u0631 \u0627\u0646\u062f\u0627\u0632\u062f\n\n\ud83d\udd17 \u0628\u0631\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0648 \u062c\u0632\u0626\u06cc\u0627\u062a \n\n\u0644\u06cc\u0646\u06a9 \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f :                                      \n\n\n\u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\n\n\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c\u00a0 \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2025-03-09T18:34:02.000000Z"}, {"uuid": "c0d9edf4-599d-4281-aeb9-fb45dad0b21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20404", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-06)", "content": "", "creation_timestamp": "2026-05-06T00:00:00.000000Z"}]}