{"vulnerability": "CVE-2024-4264", "sightings": [{"uuid": "498bebda-277d-4c02-b3a6-d85ff7c5a4c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llxt3jfvi72d", "content": "", "creation_timestamp": "2025-04-04T06:47:37.186875Z"}, {"uuid": "d585d1a7-f129-4eb7-9c8a-d5a6a050e215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-16)", "content": "", "creation_timestamp": "2025-03-16T00:00:00.000000Z"}, {"uuid": "c820942d-d254-49d3-9938-596f0680a8da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "59744875-8524-4909-a6b7-f8c6b0132d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "7ce38bd4-969a-4775-a938-a6612b772209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "0a8f4d5d-79cd-410e-981a-225ba693a9d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-27)", "content": "", "creation_timestamp": "2026-02-27T00:00:00.000000Z"}, {"uuid": "8bc814ce-16df-4321-8236-f49b678a0f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "c4c4e575-0ec9-4164-988d-3231fbaf18b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-01)", "content": "", "creation_timestamp": "2026-02-01T00:00:00.000000Z"}, {"uuid": "677bc7c0-4db6-4a9a-8059-f82921620dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-14)", "content": "", "creation_timestamp": "2026-02-14T00:00:00.000000Z"}, {"uuid": "4b652f64-0d1c-4dba-b2a7-b5310a545ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/5616", "content": "\ud83d\udea8CVE-2024-42640: Unauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://darkwebinformer.com/cve-2024-42640-unauthenticated-remote-code-execution-via-angular-base64-upload-library/", "creation_timestamp": "2024-10-18T20:38:56.000000Z"}, {"uuid": "1463e62c-ebfb-4089-9a4a-a5cc1828f2b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/four_rays/6", "content": "\u041a\u0430\u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2024-42640\n\n\u041d\u0435 \u0442\u0430\u043a \u0434\u0430\u0432\u043d\u043e \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 angular-base64-upload, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u043e\u0441\u0438\u0442 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 CVE-2024-42640. \n\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 0.1.21. \n\u0422\u0430\u043a \u0447\u0442\u043e, \u0435\u0441\u043b\u0438 \u0432\u0430\u0448\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Angular, \u0442\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0412 \u0445\u043e\u0434\u0435 \u044d\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 Solar 4RAYS \u0441\u0442\u0430\u043b\u043e \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 (\u043d\u0430 demo/server.php), \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f (\u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c!) \u0447\u0435\u0440\u0435\u0437 /uploads.\n\u0414\u0430\u043d\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u041f\u043e\u0434\u0435\u043b\u0438\u043c\u0441\u044f \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u043b\u043e\u0433\u0438\u043a\u043e\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n1. \u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 POST \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 URI \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 demo/server.php \u0438 body \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0449\u0435\u043c \u0444\u0430\u0439\u043b \u0441 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440\nphp|sh|exe|pl|py|jsp|asp|bash|php[0-9]+|pht|phpt|phtml|aspx\n2. \u0422\u0430\u043a \u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 GET \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0435\u0441\u044f \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 /uploads", "creation_timestamp": "2024-11-01T09:36:56.000000Z"}, {"uuid": "8b0144ec-010d-443e-a0a7-ef5fb3208676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42643", "type": "seen", "source": "https://t.me/cvedetector/8668", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42643 - SmartDNS ICMP Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-42643 \nPublished : Oct. 22, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T00:40:06.000000Z"}, {"uuid": "ba256f4d-45c7-41d9-a56d-e57ce90b3455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8770", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-42640-Mass-Checker\nURL\uff1ahttps://github.com/im-hanzou/CVE-2024-42640-Mass-Checker\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-18T07:28:07.000000Z"}, {"uuid": "6cf64e2c-97a5-4334-b47c-4864ae434237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/5301", "content": "\ud83d\udea8CVE-2024-42640 PoC: Unauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://darkwebinformer.com/cve-2024-42640-poc-unauthenticated-remote-code-execution-via-angular-base64-upload-library/", "creation_timestamp": "2024-10-11T21:43:20.000000Z"}, {"uuid": "5f612de5-ab57-4f1e-bc43-e880caf68c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1086", "content": "Tools - Hackers Factory \n\nCVE-2024-9570: A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. \n\nPoC\nhttps://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof\n\nWindows Hacking tips \ud83d\udccd\n\nCredit (Source): https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md\n\nFacebook shipped buggy stack overflow detection in the Hermes JavaScript engine used by React Native:\n\nhttps://github.com/facebook/hermes/issues/1535\n\nIt breaks when the default stack guard is 64k instead of 4k. The standard 64-bit ARM Linux ABI requires 64k. So far only 1 person noticed a broken app.\n\nCheckout these two projects on github project that aims to help secure AD CS.  \n\nhttps://github.com/Sleepw4lker/TameMyCerts\n\nAuto enum now includes a Binary Ninja plugin!\n\nhttps://github.com/junron/auto-enum/\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nHyperDbg v0.10.2 is released!\n\nhttps://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.2\n\nFrida's setHardwareWatchpoint tutorial\n\nhttps://github.com/hackcatml/frida-watchpoint-tutorial\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-10-24T04:34:04.000000Z"}, {"uuid": "38334b52-581f-44c4-9188-955689ace7e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/543", "content": "https://github.com/rvizx/CVE-2024-42640\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n#github #exploit", "creation_timestamp": "2024-10-13T14:10:12.000000Z"}, {"uuid": "ab90655e-678d-4de9-a17c-65d2763ceb1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1085", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:32:04.000000Z"}, {"uuid": "7ea5e782-5059-4c10-b2af-c4a4c0a1025c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1084", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:29:04.000000Z"}, {"uuid": "912f2ee3-0f86-4338-9048-91dd417026be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24165", "content": "Tools - Hackers Factory \n\nCVE-2024-9570: A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. \n\nPoC\nhttps://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof\n\nWindows Hacking tips \ud83d\udccd\n\nCredit (Source): https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md\n\nFacebook shipped buggy stack overflow detection in the Hermes JavaScript engine used by React Native:\n\nhttps://github.com/facebook/hermes/issues/1535\n\nIt breaks when the default stack guard is 64k instead of 4k. The standard 64-bit ARM Linux ABI requires 64k. So far only 1 person noticed a broken app.\n\nCheckout these two projects on github project that aims to help secure AD CS.  \n\nhttps://github.com/Sleepw4lker/TameMyCerts\n\nAuto enum now includes a Binary Ninja plugin!\n\nhttps://github.com/junron/auto-enum/\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nHyperDbg v0.10.2 is released!\n\nhttps://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.2\n\nFrida's setHardwareWatchpoint tutorial\n\nhttps://github.com/hackcatml/frida-watchpoint-tutorial\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-10-24T05:38:11.000000Z"}, {"uuid": "4ee8b9e0-24e6-4932-9e47-16455a4de1f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24153", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:18.000000Z"}, {"uuid": "a51de1c7-4873-4094-aa33-cfee0ec6ca33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3806", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:32:04.000000Z"}, {"uuid": "b1cc1f54-8083-438c-8753-23806ccf14cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8900", "content": "Tools - Hackers Factory \n\nCVE-2024-9570: A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. \n\nPoC\nhttps://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof\n\nWindows Hacking tips \ud83d\udccd\n\nCredit (Source): https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md\n\nFacebook shipped buggy stack overflow detection in the Hermes JavaScript engine used by React Native:\n\nhttps://github.com/facebook/hermes/issues/1535\n\nIt breaks when the default stack guard is 64k instead of 4k. The standard 64-bit ARM Linux ABI requires 64k. So far only 1 person noticed a broken app.\n\nCheckout these two projects on github project that aims to help secure AD CS.  \n\nhttps://github.com/Sleepw4lker/TameMyCerts\n\nAuto enum now includes a Binary Ninja plugin!\n\nhttps://github.com/junron/auto-enum/\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nHyperDbg v0.10.2 is released!\n\nhttps://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.2\n\nFrida's setHardwareWatchpoint tutorial\n\nhttps://github.com/hackcatml/frida-watchpoint-tutorial\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-10-24T05:38:06.000000Z"}, {"uuid": "c983d172-e162-44af-b5dd-cddaf716608e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8899", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:12.000000Z"}, {"uuid": "48dbe4af-dc62-4da1-a52a-fdaac05cf640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11280", "content": "#exploit\n1. CVE-2024-42640:\nUnauthenticated RCE via Angular-Base64-Upload Library\nhttps://github.com/rvizx/CVE-2024-42640\n\n2. CVE-2024-37404:\nIvanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection\nhttps://blog.amberwolf.com/blog/2024/october/cve-2024-37404-ivanti-connect-secure-authenticated-rce-via-openssl-crlf-injection\n\n3. CVE-2023-52447:\nLinux Kernel BPF memory corruption\nhttps://github.com/google/security-research/tree/master/pocs/linux/kernelctf/CVE-2023-52447_cos", "creation_timestamp": "2024-10-14T17:10:12.000000Z"}, {"uuid": "d24425c0-e32b-4c25-80fe-15e35b4da082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7527", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:12.000000Z"}, {"uuid": "839bfe9b-6105-437b-9445-961edf98d3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7528", "content": "Tools - Hackers Factory \n\nCVE-2024-9570: A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. \n\nPoC\nhttps://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof\n\nWindows Hacking tips \ud83d\udccd\n\nCredit (Source): https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md\n\nFacebook shipped buggy stack overflow detection in the Hermes JavaScript engine used by React Native:\n\nhttps://github.com/facebook/hermes/issues/1535\n\nIt breaks when the default stack guard is 64k instead of 4k. The standard 64-bit ARM Linux ABI requires 64k. So far only 1 person noticed a broken app.\n\nCheckout these two projects on github project that aims to help secure AD CS.  \n\nhttps://github.com/Sleepw4lker/TameMyCerts\n\nAuto enum now includes a Binary Ninja plugin!\n\nhttps://github.com/junron/auto-enum/\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nHyperDbg v0.10.2 is released!\n\nhttps://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.2\n\nFrida's setHardwareWatchpoint tutorial\n\nhttps://github.com/hackcatml/frida-watchpoint-tutorial\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-10-24T05:38:06.000000Z"}, {"uuid": "39301a34-72e5-425d-b95b-3f180e08410d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2301", "content": "CVE-2024-42640\n*\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library \n*\nexploit", "creation_timestamp": "2024-10-13T15:13:24.000000Z"}, {"uuid": "cffee65e-50e2-4f95-a3f2-191981f8ed81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "seen", "source": "https://t.me/ctinow/225069", "content": "Angular-base64-update Demo Script Exploited (CVE-2024-42640), (Tue, Oct 15th)\nhttps://ift.tt/otUmwTO", "creation_timestamp": "2024-10-15T17:35:17.000000Z"}, {"uuid": "57cf689e-235b-4bb9-8327-34fade8f316d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3310", "content": "https://github.com/rvizx/CVE-2024-42640\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n#github #exploit", "creation_timestamp": "2024-10-13T19:04:47.000000Z"}, {"uuid": "b8bc31f9-a845-4357-8ea3-5a1db49459cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/551", "content": "Tools - Hackers Factory \n\nCVE-2024-9570: A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. \n\nPoC\nhttps://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof\n\nWindows Hacking tips \ud83d\udccd\n\nCredit (Source): https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md\n\nFacebook shipped buggy stack overflow detection in the Hermes JavaScript engine used by React Native:\n\nhttps://github.com/facebook/hermes/issues/1535\n\nIt breaks when the default stack guard is 64k instead of 4k. The standard 64-bit ARM Linux ABI requires 64k. So far only 1 person noticed a broken app.\n\nCheckout these two projects on github project that aims to help secure AD CS.  \n\nhttps://github.com/Sleepw4lker/TameMyCerts\n\nAuto enum now includes a Binary Ninja plugin!\n\nhttps://github.com/junron/auto-enum/\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nHyperDbg v0.10.2 is released!\n\nhttps://github.com/HyperDbg/HyperDbg/releases/tag/v0.10.2\n\nFrida's setHardwareWatchpoint tutorial\n\nhttps://github.com/hackcatml/frida-watchpoint-tutorial\n\nhttps://t.me/CyberDilara\n#CyberDilara", "creation_timestamp": "2024-10-24T05:38:11.000000Z"}, {"uuid": "7dae43d4-d705-4a08-9530-aa6777bb8460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/god_of_server/4", "content": "#Exploit\n1. CVE-2024-42640:\nUnauthenticated RCE via Angular-Base64-Upload Library\nhttps://github.com/rvizx/CVE-2024-42640\n\n2. CVE-2024-37404:\nIvanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection\nhttps://blog.amberwolf.com/blog/2024/october/cve-2024-37404-ivanti-connect-secure-authenticated-rce-via-openssl-crlf-injection\n\n3. CVE-2023-52447:\nLinux Kernel BPF memory corruption\nhttps://github.com/google/security-research/tree/master/pocs/linux8 /kernelctf/CVE-2023-52447_cos\n\nHonestly, I've used that number 1 angular method is almost like node.js with rce. \ud83d\ude07", "creation_timestamp": "2024-10-24T06:17:45.000000Z"}, {"uuid": "12271e1b-f4ad-4236-ad1b-2d2163bda890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/540", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:18.000000Z"}, {"uuid": "7cf2f216-787a-45a6-b5eb-9ce80422c78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42640", "type": "published-proof-of-concept", "source": "https://t.me/god_of_server/9", "content": "#exploit\n1. CVE-2024-42640:\nUnauthenticated RCE via Angular-Base64-Upload Library\nhttps://github.com/rvizx/CVE-2024-42640\n\n2. CVE-2024-37404:\nIvanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection\nhttps://blog.amberwolf.com/blog/2024/october/cve-2024-37404-ivanti-connect-secure-authenticated-rce-via-openssl-crlf-injection\n\n3. CVE-2023-52447:\nLinux Kernel BPF memory corruption\nhttps://github.com/google/security-research/tree/master/pocs/linux/kernelctf/CVE-2023-52447_cos\n\n\nGood luck bro ...", "creation_timestamp": "2024-10-26T13:59:22.000000Z"}]}