{"vulnerability": "CVE-2024-4133", "sightings": [{"uuid": "da7c8491-5899-45f9-8e6b-e4e03ae1a117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114082772256261769", "content": "", "creation_timestamp": "2025-02-28T17:49:18.437729Z"}, {"uuid": "1161b7b9-b5a7-406e-b930-aabdf377c574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114082772322222712", "content": "", "creation_timestamp": "2025-02-28T17:49:19.641708Z"}, {"uuid": "99b9c1c8-1025-448a-a150-2f5db0f5ded7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41335", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6v7yyfcq2w", "content": "", "creation_timestamp": "2025-02-27T21:58:59.385333Z"}, {"uuid": "247fc6ed-1da4-491b-a815-0a2e02ca0fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41338", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114078000233980303", "content": "", "creation_timestamp": "2025-02-27T21:35:43.376188Z"}, {"uuid": "679b0974-e80c-4722-bb24-600f2dd47063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41336", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114078000233980303", "content": "", "creation_timestamp": "2025-02-27T21:35:43.418563Z"}, {"uuid": "0740ee09-8d66-47d6-9aba-4a00697908b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41335", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114078000233980303", "content": "", "creation_timestamp": "2025-02-27T21:35:43.474703Z"}, {"uuid": "5c94a128-cc23-4405-b559-638ee0ab4985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6v7zuxbm27", "content": "", "creation_timestamp": "2025-02-27T21:59:04.115467Z"}, {"uuid": "08358233-1c17-42a2-89b1-a63f24f85659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114078000233980303", "content": "", "creation_timestamp": "2025-02-27T21:35:43.522837Z"}, {"uuid": "0d61c9cb-b543-4f80-84f7-b5acc8d8b7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114078000233980303", "content": "", "creation_timestamp": "2025-02-27T21:35:43.326171Z"}, {"uuid": "a51d41f4-f168-4b27-aa94-78d7a149de6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41336", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6v7zydjl2y", "content": "", "creation_timestamp": "2025-02-27T21:59:04.624445Z"}, {"uuid": "f3667310-2d33-48de-b604-e7be261224ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41338", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6va23yjo2t", "content": "", "creation_timestamp": "2025-02-27T21:59:05.286583Z"}, {"uuid": "1dfbb790-57d9-4b2a-8c51-cf6a98e32b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6va27iby2w", "content": "", "creation_timestamp": "2025-02-27T21:59:05.839069Z"}, {"uuid": "470f3a11-ecd1-4a98-b841-6127da00eb10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41336", "type": "seen", "source": "Telegram/qgbjuL1hScuEiy9TBfqgcBqIJmlHhzYR6X683QQLzj-KollS", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}, {"uuid": "1d347233-c864-4af2-98ad-efe27170c98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "seen", "source": "https://t.me/cvedetector/19080", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41334 - Draytek Vigor Series Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41334 \nPublished : Feb. 27, 2025, 9:15 p.m. | 21\u00a0minutes ago \nDescription : Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:26:54.000000Z"}, {"uuid": "91a4e165-88e7-4a5a-a143-cf85784ca68e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41338", "type": "seen", "source": "https://t.me/cvedetector/19077", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41338 - Draytek Devices NULL Pointer Dereference Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41338 \nPublished : Feb. 27, 2025, 9:15 p.m. | 21\u00a0minutes ago \nDescription : A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to cause a Denial of Service (DoS) via a crafted DHCP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:26:52.000000Z"}, {"uuid": "5259a623-3075-44c8-a4b0-d3cfa5704d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "seen", "source": "https://t.me/cvedetector/19078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41339 - Draytek CGI Upload Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41339 \nPublished : Feb. 27, 2025, 9:15 p.m. | 21\u00a0minutes ago \nDescription : An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:26:52.000000Z"}, {"uuid": "67603d34-4d4f-485c-a628-6e4a0823652d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41336", "type": "seen", "source": "https://t.me/cvedetector/19076", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41336 - Draytek Devices Password Storage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41336 \nPublished : Feb. 27, 2025, 9:15 p.m. | 21\u00a0minutes ago \nDescription : Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:26:48.000000Z"}, {"uuid": "80c93286-5839-4af2-8150-09429381952a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41335", "type": "seen", "source": "https://t.me/cvedetector/19075", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41335 - Draytek Devices Insecure String Comparison Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41335 \nPublished : Feb. 27, 2025, 9:15 p.m. | 21\u00a0minutes ago \nDescription : Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to utilize insecure versions of the functions strcmp and memcmp, allowing attackers to possibly obtain sensitive information via timing attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T23:26:47.000000Z"}, {"uuid": "b9f4003e-c028-4b50-9a1b-e5041f77eb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41335", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6011", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41335\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to utilize insecure versions of the functions strcmp and memcmp, allowing attackers to possibly obtain sensitive information via timing attacks.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T21:56:56.765Z\n\ud83d\udd17 References:\n1. http://draytek.com\n2. https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946", "creation_timestamp": "2025-02-28T22:27:32.000000Z"}, {"uuid": "db8ebb7b-e12e-4727-9edb-5998ed2b0797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5914", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41339\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T16:01:04.884Z\n\ud83d\udd17 References:\n1. http://draytek.com\n2. https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946", "creation_timestamp": "2025-02-28T16:26:59.000000Z"}, {"uuid": "20aad8ca-0177-4bd5-a1aa-fa2777129ded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5915", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41334\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T15:57:48.078Z\n\ud83d\udd17 References:\n1. http://draytek.com\n2. https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946", "creation_timestamp": "2025-02-28T16:27:00.000000Z"}, {"uuid": "a39c2fb0-8ffa-4247-92fe-180daeb4055c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41333", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7466", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41333\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.\n\ud83d\udccf Published: 2024-08-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-13T18:34:11.733Z\n\ud83d\udd17 References:\n1. https://www.linkedin.com/in/sampath-kumar-kadajari-4b18891a7\n2. https://packetstormsecurity.com/files/179891/Tourism-Management-System-2.0-Cross-Site-Scripting.html", "creation_timestamp": "2025-03-13T18:42:26.000000Z"}, {"uuid": "7a35cd19-99f2-4e40-93fa-cdfd3d9d439b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15165", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41339\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 allows attackers to upload a crafted kernel module, allowing for arbitrary code execution.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:07:42.843Z\n\ud83d\udd17 References:\n1. http://draytek.com\n2. https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946", "creation_timestamp": "2025-05-06T18:21:19.000000Z"}, {"uuid": "c0957bf7-652d-4ef7-a970-63386e6ab56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41334\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to not utilize certificate verification, allowing attackers to upload crafted APPE modules from non-official servers, leading to arbitrary code execution.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:05:50.033Z\n\ud83d\udd17 References:\n1. http://draytek.com\n2. https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946", "creation_timestamp": "2025-05-06T18:21:21.000000Z"}, {"uuid": "ca2a33c0-c8d0-40b7-a780-5cbd6db9724d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41338", "type": "seen", "source": "Telegram/LwM1fF1lB10XVSsV4W_iE8w62fwoV23C8-uLGHBe4IiEMO_x", "content": "", "creation_timestamp": "2025-03-02T11:45:36.000000Z"}, {"uuid": "6e0c587e-8e7c-4771-81e3-a8a573298024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41339", "type": "seen", "source": "Telegram/C1Yv9tMThw4P0HFwH7lz_oOwa4ilvKuOyBxB6zwQYCt-14y4", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "7f10c017-d0a9-4368-bfb8-7d5e780d9cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41334", "type": "seen", "source": "Telegram/wUG9P4r3TfY1L-1vC6Ev_hl9U6OLyV0BU6Ibmn6XYCWrDmGo", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "1092511c-3c0f-42e6-8d25-39c86f74eb2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41333", "type": "seen", "source": "https://t.me/cvedetector/2613", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41333 - \"Phpgurukul Tourism Management System Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-41333 \nPublished : Aug. 6, 2024, 4:15 p.m. | 36\u00a0minutes ago \nDescription : A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T19:12:22.000000Z"}]}