{"vulnerability": "CVE-2024-27980", "sightings": [{"uuid": "608ad8c2-cf97-4c87-b3d5-a40a91c49954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "28414134-1fa4-4b0b-bd40-23b69d2ba5c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113795734483752976", "content": "", "creation_timestamp": "2025-01-09T01:11:49.829762Z"}, {"uuid": "f8785e08-59f0-45a0-853a-a8992de4e5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfbiw6zurf2f", "content": "", "creation_timestamp": "2025-01-09T01:15:56.235909Z"}, {"uuid": "318536b1-45c9-437b-b1d0-d7a3474f3485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfbk6pxyqh2g", "content": "", "creation_timestamp": "2025-01-09T01:38:39.653161Z"}, {"uuid": "c58fcc3d-94c9-41d1-a769-a823244fbb91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfbk6q6y742e", "content": "", "creation_timestamp": "2025-01-09T01:38:40.855987Z"}, {"uuid": "f74c6ab9-ab9d-4627-8ec2-750e4548e3ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113795880011713163", "content": "", "creation_timestamp": "2025-01-09T01:48:49.798251Z"}, {"uuid": "c48b27ab-7408-49f4-9e8b-dac1528ba417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36138\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.\n\ud83d\udccf Published: 2024-09-07T16:00:36.011Z\n\ud83d\udccf Modified: 2025-04-30T22:25:18.920Z\n\ud83d\udd17 References:\n1. https://nodejs.org/en/blog/vulnerability/july-2024-security-releases", "creation_timestamp": "2025-04-30T23:14:43.000000Z"}, {"uuid": "2360b5b5-d2b3-42b5-a9f2-6778570864f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14192", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27980\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.\n\ud83d\udccf Published: 2025-01-09T00:33:47.722Z\n\ud83d\udccf Modified: 2025-04-30T22:25:25.133Z\n\ud83d\udd17 References:\n1. http://www.openwall.com/lists/oss-security/2024/04/10/15\n2. http://www.openwall.com/lists/oss-security/2024/07/11/6\n3. http://www.openwall.com/lists/oss-security/2024/07/19/3\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/", "creation_timestamp": "2025-04-30T23:14:31.000000Z"}, {"uuid": "1fa13db7-93d8-4086-8b84-f76a0cf79fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/868", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27980\n\ud83d\udd39 Description: Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.\n\ud83d\udccf Published: 2025-01-09T00:33:47.722Z\n\ud83d\udccf Modified: 2025-01-09T00:33:47.722Z\n\ud83d\udd17 References:\n1. http://www.openwall.com/lists/oss-security/2024/04/10/15\n2. http://www.openwall.com/lists/oss-security/2024/07/11/6\n3. http://www.openwall.com/lists/oss-security/2024/07/19/3\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MZN6PFXHTCCUENAKZXTGWPKUAHI6E2W/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUWBYDVCUSCX7YWTBX75LADMCVYFBGKU/", "creation_timestamp": "2025-01-09T01:15:01.000000Z"}, {"uuid": "323c4ecb-1816-4664-a821-7eb079da4580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://gist.github.com/aehrt55/1498ba92410e551ac7835ab585984906", "content": "", "creation_timestamp": "2026-04-28T05:39:56.000000Z"}, {"uuid": "7dd03d1d-786d-4fba-84e2-f00611c3b299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://t.me/cvedetector/14754", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-27980 - Node.js Child Process Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-27980 \nPublished : Jan. 9, 2025, 1:15 a.m. | 21\u00a0minutes ago \nDescription : Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T02:41:56.000000Z"}, {"uuid": "1771d9d4-4a46-4029-bb8c-ac2b06724339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27980", "type": "seen", "source": "https://t.me/cvedetector/5029", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36138 - Microsoft Windows Child Process Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36138 \nPublished : Sept. 7, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T19:20:31.000000Z"}]}