{"vulnerability": "CVE-2024-2506", "sightings": [{"uuid": "dd871a67-8a70-415f-9962-7936b9fe84ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114021242331517930", "content": "", "creation_timestamp": "2025-02-17T21:01:25.955195Z"}, {"uuid": "0242063b-2965-4722-8dfe-723042790e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114021258817650610", "content": "", "creation_timestamp": "2025-02-17T21:05:37.752642Z"}, {"uuid": "b7c4bdd3-23b6-49b2-8bd2-90aa5dde6631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lifo4xhbta2o", "content": "", "creation_timestamp": "2025-02-17T21:15:26.195701Z"}, {"uuid": "b1b36bd3-e56a-4a9c-953e-024cd05b1970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lig3tvayua2v", "content": "", "creation_timestamp": "2025-02-18T01:20:54.071418Z"}, {"uuid": "53ebd8bc-87ef-4a21-8f60-00207258014b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816361290443115", "content": "", "creation_timestamp": "2025-07-08T07:10:39.737179Z"}, {"uuid": "78f0efc0-f211-4d2b-91c1-3ebb0e6fc0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqoa3tmza2", "content": "", "creation_timestamp": "2025-07-08T07:10:49.786358Z"}, {"uuid": "21b117c2-c8c1-4c58-ad3f-1e5ad372b789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuxkcgj2c", "content": "", "creation_timestamp": "2025-09-30T01:31:30.968741Z"}, {"uuid": "a1c7e780-e41f-432f-bed1-26ba06fbf4bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "https://t.me/cvedetector/18264", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25066 - RSA Authentication Manager XXE File Storage\", \n  \"Content\": \"CVE ID : CVE-2024-25066 \nPublished : Feb. 17, 2025, 9:15 p.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license file, resulting in attacker-controlled files being stored on the product's server. Data exfiltration cannot occur. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T00:54:58.000000Z"}, {"uuid": "01fbcffb-fe25-4bfb-aef7-eda46544c27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3me7xig7is22q", "content": "", "creation_timestamp": "2026-02-06T22:32:24.319952Z"}, {"uuid": "6a797cea-feef-4ce7-8299-551dc4211860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25066", "type": "seen", "source": "Telegram/dad8IarlV60e6UrTsn0jCYVtIlgg6CdWsH_OYAKew6G0rolO", "content": "", "creation_timestamp": "2025-02-17T23:39:44.000000Z"}, {"uuid": "9a6a336e-b0d5-4469-bf1a-e942c7cd67fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25064", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8089", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25064\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.\n\ud83d\udccf Published: 2024-03-02T02:56:19.821Z\n\ud83d\udccf Modified: 2025-03-19T15:53:16.696Z\n\ud83d\udd17 References:\n1. https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/", "creation_timestamp": "2025-03-19T16:18:14.000000Z"}, {"uuid": "4fccb172-d1a5-41bb-af45-7c2ecc7a8e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25063", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9115", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25063\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.\n\ud83d\udccf Published: 2024-03-02T02:54:27.778Z\n\ud83d\udccf Modified: 2025-03-27T15:19:11.168Z\n\ud83d\udd17 References:\n1. https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/", "creation_timestamp": "2025-03-27T15:26:47.000000Z"}, {"uuid": "58fff3b8-e412-4877-acc0-8b8e5939ad03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25065", "type": "published-proof-of-concept", "source": "https://t.me/Blackhat_Officials/1113", "content": "#exploit\n1. Analysis of CVE-2024-25065:\nApache OFBiz Security bypass\nhttps://blog.securelayer7.net/security-bypass-in-apache-ofbiz\n\n2. CVE-2024-29973:\nCommand injection in Zyxel NAS326 firmware\nhttps://github.com/bigb0x/CVE-2024-29973", "creation_timestamp": "2024-06-23T04:33:06.000000Z"}, {"uuid": "49043f46-5743-4078-bb9f-2dcf56c4171f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://t.me/ctinow/179517", "content": "https://ift.tt/WP3wUg1\n[GHSA-xc9x-jj77-9p9j] Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062", "creation_timestamp": "2024-02-05T21:36:44.000000Z"}, {"uuid": "246b86a3-c7c7-46b8-988c-da5b727852cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25064", "type": "seen", "source": "https://t.me/ctinow/198223", "content": "https://ift.tt/r3yB1qm\nCVE-2024-25064", "creation_timestamp": "2024-03-02T04:26:25.000000Z"}, {"uuid": "4a92acef-6eff-4dc1-8e94-b51ca4ffca09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://t.me/ctinow/192941", "content": "https://ift.tt/5LRZPKV\nCVE-2024-25062 | libxml2 up to 2.11.6/2.12.4 XML Reader Interface xmlValidatePopElement use after free (Issue 604)", "creation_timestamp": "2024-02-25T17:17:08.000000Z"}, {"uuid": "f1430f1e-87ef-437b-86ac-991966085600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25063", "type": "seen", "source": "https://t.me/ctinow/198222", "content": "https://ift.tt/E7L4bmW\nCVE-2024-25063", "creation_timestamp": "2024-03-02T04:26:24.000000Z"}, {"uuid": "ace5b192-a934-4ca6-9e86-d4dde8a9b163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25064", "type": "seen", "source": "https://t.me/ctinow/198221", "content": "https://ift.tt/r3yB1qm\nCVE-2024-25064", "creation_timestamp": "2024-03-02T04:21:35.000000Z"}, {"uuid": "bcfc0df1-f462-4e95-b7ee-2babb4145c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25063", "type": "seen", "source": "https://t.me/ctinow/198220", "content": "https://ift.tt/E7L4bmW\nCVE-2024-25063", "creation_timestamp": "2024-03-02T04:21:34.000000Z"}, {"uuid": "fabda309-e306-4252-ad2a-b0c625ddd196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://t.me/ctinow/183578", "content": "https://ift.tt/LuoXmO7\nCVE-2024-25062 Exploit", "creation_timestamp": "2024-02-13T03:16:24.000000Z"}, {"uuid": "f3e67c3f-9b80-400e-a482-fb24aea1fb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://t.me/ctinow/178972", "content": "https://ift.tt/vLF9t0Q\nCVE-2024-25062", "creation_timestamp": "2024-02-05T06:02:10.000000Z"}, {"uuid": "bf189e6f-c6de-487b-8030-03c2620a9fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25065", "type": "seen", "source": "https://t.me/CNArsenal/2695", "content": "https://blog.securelayer7.net/security-bypass-in-apache-ofbiz/\n\nAnalysis of CVE-2024-25065: Apache OFBiz Security bypass\n#\u5206\u6790", "creation_timestamp": "2024-06-22T06:38:25.000000Z"}, {"uuid": "90514798-b6bf-4437-ad4f-3e4ff7f41a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25062", "type": "seen", "source": "https://t.me/ctinow/178893", "content": "https://ift.tt/es2luAJ\nCVE-2024-25062", "creation_timestamp": "2024-02-04T17:27:53.000000Z"}, {"uuid": "e01802db-7360-4aba-8680-34697e7a685c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25065", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8852", "content": "Analysis of CVE-2024-25065: Apache OFBiz Security bypass\n\nhttps://blog.securelayer7.net/security-bypass-in-apache-ofbiz/", "creation_timestamp": "2024-06-21T20:38:45.000000Z"}, {"uuid": "ce63bb3d-632b-4db9-8d4b-3a304fd0cca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25065", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/10718", "content": "#exploit\n1. Analysis of CVE-2024-25065:\nApache OFBiz Security bypass\nhttps://blog.securelayer7.net/security-bypass-in-apache-ofbiz\n\n2. CVE-2024-29973:\nCommand injection in Zyxel NAS326 firmware\nhttps://github.com/bigb0x/CVE-2024-29973", "creation_timestamp": "2024-06-22T17:33:05.000000Z"}]}