{"vulnerability": "CVE-2024-3611", "sightings": [{"uuid": "5c1c6b66-f301-453e-8759-45011ab11210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36115", "type": "seen", "source": "https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/", "content": "", "creation_timestamp": "2025-01-22T17:00:51.000000Z"}, {"uuid": "7f0d6296-465b-4e3a-93bd-39b7a9a6d6b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36117", "type": "seen", "source": "https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/", "content": "", "creation_timestamp": "2025-01-22T17:00:51.000000Z"}, {"uuid": "b2e1c4d7-fc97-4dd8-acc3-29c643f7ae42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36116", "type": "seen", "source": "https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/", "content": "", "creation_timestamp": "2025-01-22T17:00:51.000000Z"}, {"uuid": "48651b1f-94c9-4ec4-80a8-aeb17f1b7c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "87ea0716-b078-4591-8d60-5b6c4568ff1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "2105885b-6447-4507-9314-e4a2671020f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-07)", "content": "", "creation_timestamp": "2025-07-07T00:00:00.000000Z"}, {"uuid": "99128b8a-f463-470f-a308-db5976316464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36117", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"}, {"uuid": "7cbc8313-380e-4e0b-b8ad-b9852014ecd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36115", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"}, {"uuid": "ac9e26ec-a398-428c-ab00-3cd204196fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36116", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"}, {"uuid": "1c9cd322-fcbc-4ce7-9bb5-9450e1a4c632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36117", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:00.000000Z"}, {"uuid": "beb1c94e-535a-43cc-ac35-6e390d79757e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36115", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:00.000000Z"}, {"uuid": "cbe459e4-818b-44c6-afea-5784fb43d74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36116", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:00.000000Z"}, {"uuid": "a2c24210-cf16-4d33-9d1f-8495995fdd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "a3bed7d3-1538-407c-88f0-8d881ef1e22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36117", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3iophc44e2a", "content": "", "creation_timestamp": "2025-10-18T21:02:29.867173Z"}, {"uuid": "64ac554f-4848-489f-b3b4-0e737b991ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "1cb86550-759d-4d11-aeee-9a8f0c77ffce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "seen", "source": "https://t.me/cvedetector/1632", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36111 - KubePi JWT Key Empty Verification Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36111 \nPublished : July 25, 2024, 2:15 p.m. | 2\u00a0hours, 53\u00a0minutes ago \nDescription : KubePi is a K8s panel. Starting in version 1.6.3 and prior to version 1.8.0, there is a defect in the KubePi JWT token verification. The JWT key in the default configuration file is empty. Although a random 32-bit string will be generated to overwrite the key in the configuration file when the key is detected to be empty in the configuration file reading logic, the key is empty during actual verification. Using an empty key to generate a JWT token can bypass the login verification and directly take over the back end. Version 1.8.0 contains a patch for this issue. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T19:25:33.000000Z"}, {"uuid": "102cb279-42c9-4124-be83-ef62753a65bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-36115", "type": "published-proof-of-concept", "source": "https://github.com/dzikoysk/reposilite/security/advisories/GHSA-9w8w-34vr-65j2", "content": "", "creation_timestamp": "2024-06-16T12:49:56.000000Z"}, {"uuid": "6f676ace-85c4-4a8b-b22f-5879a28a757d", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b1f504d1-f831-43d2-9c3a-2f9c22d2f19b", "content": "", "creation_timestamp": "2026-06-19T12:46:01.275395Z"}, {"uuid": "377b1d91-43fe-4e11-81f4-8295543b01b3", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e50169f6-98d4-41bb-9bf7-8b230f42d2dd", "content": "", "creation_timestamp": "2026-06-23T14:03:26.310687Z"}, {"uuid": "651fa391-d682-496f-bab4-d45214779a80", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-36111", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ef8b6157-c769-4b89-ad5c-cc64a479a403", "content": "", "creation_timestamp": "2026-06-30T09:23:43.253740Z"}]}