{"vulnerability": "CVE-2024-21388", "sightings": [{"uuid": "a1246241-5051-4d57-8f20-5b8ec9ce07aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12939", "content": "\ud83d\udfe5 Zero-Day: \u201cCVE-2024-21388\u201d - Microsoft Edge\u2019s Marketing API Exploited for Covert Extension Installation.\n\nhttps://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca", "creation_timestamp": "2024-05-19T01:36:25.000000Z"}, {"uuid": "603bf2bf-be85-4a76-91b3-248a385ee68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6866", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis Python script exploits a vulnerability (CVE-2024-21388) in Microsoft Edge, allowing silent installation of browser extensions with elevated privileges via a private API.\nURL\uff1ahttps://github.com/d0rb/CVE-2024-21388\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-28T21:46:55.000000Z"}, {"uuid": "e0e42418-d135-4106-8845-edb07c850bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14687", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21388\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-01-30T17:23:24.876Z\n\ud83d\udccf Modified: 2025-05-03T01:46:40.456Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21388", "creation_timestamp": "2025-05-03T02:17:00.000000Z"}, {"uuid": "9cb95782-38f3-4da3-9c39-37e4ff22c849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/758", "content": "#exploit\n1. CVE-2022-0944:\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388", "creation_timestamp": "2024-09-13T16:19:32.000000Z"}, {"uuid": "a4005066-1817-4cbd-b216-85718c8681d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/337", "content": "#exploit\n1. CVE-2022-0944:\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388", "creation_timestamp": "2024-09-11T16:13:00.000000Z"}, {"uuid": "91345d23-d484-430a-bbbc-fc6b7e885c55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3638", "content": "#exploit\n1. CVE-2022-0944:\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388", "creation_timestamp": "2024-09-13T16:19:31.000000Z"}, {"uuid": "d13817de-8acb-4cd5-8fdf-4f0a9da74a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "seen", "source": "Telegram/XHlf7Goy5r7bSibczSqSGt48tk8WhX0UeuA8dmncsxpQP2s", "content": "", "creation_timestamp": "2024-01-31T04:36:42.000000Z"}, {"uuid": "55252645-611a-4a58-b7b5-d01b7b4193e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/871", "content": "Tools - Hackers Factory \n\nLeading free and open-source face recognition system.\n\nhttps://github.com/exadel-inc/CompreFace\n\nOkta Verify and Okta FastPass Abuse Tool.\n\nhttps://github.com/CCob/okta-terrify\n\nA list of open-source aviation projects and data.\n\nhttps://github.com/lucianosrp/open-source-aviation\n\nDisconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.\n\nhttps://github.com/CCob/DGPOEdit\n\nDump cookies and credentials directly from Chrome/Edge process memory.\n\nhttps://github.com/Meckazin/ChromeKatz\n\n#Exploit\n\n1. CVE-2022-0944:\n\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\n\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388\n\nCVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account.\n\nhttps://github.com/JohnDoeAnonITA/CVE-2024-28000\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-13T05:19:51.000000Z"}, {"uuid": "d2bef544-b001-42f9-b80e-20d3d519e6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23768", "content": "Tools - Hackers Factory \n\nLeading free and open-source face recognition system.\n\nhttps://github.com/exadel-inc/CompreFace\n\nOkta Verify and Okta FastPass Abuse Tool.\n\nhttps://github.com/CCob/okta-terrify\n\nA list of open-source aviation projects and data.\n\nhttps://github.com/lucianosrp/open-source-aviation\n\nDisconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.\n\nhttps://github.com/CCob/DGPOEdit\n\nDump cookies and credentials directly from Chrome/Edge process memory.\n\nhttps://github.com/Meckazin/ChromeKatz\n\n#Exploit\n\n1. CVE-2022-0944:\n\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\n\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388\n\nCVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account.\n\nhttps://github.com/JohnDoeAnonITA/CVE-2024-28000\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-13T05:20:59.000000Z"}, {"uuid": "649c3944-5562-43d1-8fa9-cf53a5937e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3721", "content": "Tools - Hackers Factory \n\nLeading free and open-source face recognition system.\n\nhttps://github.com/exadel-inc/CompreFace\n\nOkta Verify and Okta FastPass Abuse Tool.\n\nhttps://github.com/CCob/okta-terrify\n\nA list of open-source aviation projects and data.\n\nhttps://github.com/lucianosrp/open-source-aviation\n\nDisconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.\n\nhttps://github.com/CCob/DGPOEdit\n\nDump cookies and credentials directly from Chrome/Edge process memory.\n\nhttps://github.com/Meckazin/ChromeKatz\n\n#Exploit\n\n1. CVE-2022-0944:\n\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\n\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388\n\nCVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account.\n\nhttps://github.com/JohnDoeAnonITA/CVE-2024-28000\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-13T05:20:05.000000Z"}, {"uuid": "1b54c262-2469-4700-bcb6-84722f11adc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7409", "content": "Tools - Hackers Factory \n\nLeading free and open-source face recognition system.\n\nhttps://github.com/exadel-inc/CompreFace\n\nOkta Verify and Okta FastPass Abuse Tool.\n\nhttps://github.com/CCob/okta-terrify\n\nA list of open-source aviation projects and data.\n\nhttps://github.com/lucianosrp/open-source-aviation\n\nDisconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.\n\nhttps://github.com/CCob/DGPOEdit\n\nDump cookies and credentials directly from Chrome/Edge process memory.\n\nhttps://github.com/Meckazin/ChromeKatz\n\n#Exploit\n\n1. CVE-2022-0944:\n\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\n\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388\n\nCVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account.\n\nhttps://github.com/JohnDoeAnonITA/CVE-2024-28000\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-13T05:19:56.000000Z"}, {"uuid": "c494946c-9946-49f4-96f8-3db0561bbc40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "seen", "source": "https://t.me/ctinow/176192", "content": "https://ift.tt/5tRJxaB\nCVE-2024-21388", "creation_timestamp": "2024-01-30T19:26:16.000000Z"}, {"uuid": "3ae5b315-3c0c-4b04-98f5-aeb0c2c67fcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "seen", "source": "https://t.me/thehackernews/4740", "content": "\ud83d\udee1\ufe0f A now-patched vulnerability (CVE-2024-21388) in Microsoft Edge could have allowed attackers to covertly install browser extensions without user consent. \n \nFind details here: https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html \n \nIf you use Edge, make sure you've updated to the latest version.", "creation_timestamp": "2024-03-27T13:56:14.000000Z"}, {"uuid": "1adaa9e2-719c-40d0-91cd-fb1701004353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8516", "content": "\u201cCVE-2024-21388\u201d- Microsoft Edge\u2019s Marketing API Exploited for Covert Extension Installation\n\nhttps://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca", "creation_timestamp": "2024-03-27T22:35:22.000000Z"}, {"uuid": "b337aa8f-9186-4a79-8a29-101f46680c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11112", "content": "#exploit\n1. CVE-2022-0944:\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388", "creation_timestamp": "2024-09-11T11:01:09.000000Z"}, {"uuid": "76f7fb80-ef50-4d41-94a9-33b9530b6913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/280", "content": "Tools - Hackers Factory \n\nLeading free and open-source face recognition system.\n\nhttps://github.com/exadel-inc/CompreFace\n\nOkta Verify and Okta FastPass Abuse Tool.\n\nhttps://github.com/CCob/okta-terrify\n\nA list of open-source aviation projects and data.\n\nhttps://github.com/lucianosrp/open-source-aviation\n\nDisconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.\n\nhttps://github.com/CCob/DGPOEdit\n\nDump cookies and credentials directly from Chrome/Edge process memory.\n\nhttps://github.com/Meckazin/ChromeKatz\n\n#Exploit\n\n1. CVE-2022-0944:\n\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\n\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388\n\nCVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account.\n\nhttps://github.com/JohnDoeAnonITA/CVE-2024-28000\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-13T05:21:00.000000Z"}, {"uuid": "680a2090-189e-4583-a23c-00f0e3c982e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21388", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4399", "content": "#exploit\n1. CVE-2022-0944:\nGitHub sqlpad/sqlpad Template Injection/RCE\nhttps://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation\n\n2. CVE-2024-21388:\nMicrosoft Edge EoP\nhttps://github.com/d0rb/CVE-2024-21388", "creation_timestamp": "2024-09-11T06:40:55.000000Z"}]}