{"vulnerability": "CVE-2024-4291", "sightings": [{"uuid": "fdbcc775-cc17-4839-adc5-4ca3a8fbfa37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfti5ag5lc23", "content": "", "creation_timestamp": "2025-01-16T04:49:54.529479Z"}, {"uuid": "f7614f71-a82f-423c-ae39-76e432edb351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lftird7fr225", "content": "", "creation_timestamp": "2025-01-16T05:01:11.149196Z"}, {"uuid": "2ffc7c33-7969-431c-8709-b182771a3fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42911", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lftvqwnxec2q", "content": "", "creation_timestamp": "2025-01-16T08:53:34.186914Z"}, {"uuid": "46f9a25c-c167-4bb6-8bbb-08229c121a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3lfx63wvbnp27", "content": "", "creation_timestamp": "2025-01-17T16:00:52.856566Z"}, {"uuid": "cd9d1ec0-e3ca-4000-8ef2-47a9c32b661b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1635", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42911\n\ud83d\udd39 Description: ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability.\n\ud83d\udccf Published: 2025-01-14T00:00:00\n\ud83d\udccf Modified: 2025-01-14T22:40:34.587620\n\ud83d\udd17 References:\n1. http://ecovacs.com\n2. https://www.ecovacs.com/global/userhelp/dsa20250113001", "creation_timestamp": "2025-01-14T23:09:25.000000Z"}, {"uuid": "d29fe569-0fb7-40e8-8c98-3150316e4fd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lgdenqqtnx2q", "content": "", "creation_timestamp": "2025-01-22T12:30:10.450432Z"}, {"uuid": "30db6b68-ae6f-4a55-aba5-b35ef9f7c6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42912", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:45.000000Z"}, {"uuid": "3bf1c4de-4586-4c04-8d48-3577ec1ccfd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42911", "type": "seen", "source": "https://t.me/cvedetector/15389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42911 - ECOVACS Robotics Deebot T20 OMNI and T20e OMNI WiFi Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42911 \nPublished : Jan. 14, 2025, 11:15 p.m. | 37\u00a0minutes ago \nDescription : ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T00:53:42.000000Z"}, {"uuid": "f8a211d0-ce9f-4ff3-af8c-066db4068eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42914", "type": "seen", "source": "https://t.me/cvedetector/4038", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42914 - ArrowCMS Host Header Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42914 \nPublished : Aug. 23, 2024, 7:15 p.m. | 41\u00a0minutes ago \nDescription : A host header injection vulnerability exists in the forgot password functionality of ArrowCMS version 1.0.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T22:09:14.000000Z"}, {"uuid": "1f810a9f-e5c0-46dd-9f5f-d66bee69a846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42913", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8975", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42913\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: RuoYi CMS v4.7.9 was discovered to contain a SQL injection vulnerability via the job_id parameter at /sasfs1.\n\ud83d\udccf Published: 2024-08-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T21:19:29.325Z\n\ud83d\udd17 References:\n1. https://github.com/kkll5875", "creation_timestamp": "2025-03-26T21:25:37.000000Z"}, {"uuid": "52b5d55a-0703-4a4a-9e4a-065a1b697549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42918", "type": "seen", "source": "https://t.me/cvedetector/4020", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42918 - itsourcecode Online Accreditation Management System Cross Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42918 \nPublished : Aug. 23, 2024, 5:15 p.m. | 19\u00a0minutes ago \nDescription : itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T19:38:43.000000Z"}, {"uuid": "4d0303b1-9d4d-4242-b940-18907345c66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42919", "type": "seen", "source": "https://t.me/cvedetector/3673", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42919 - eScan Management Console Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-42919 \nPublished : Aug. 20, 2024, 5:15 p.m. | 23\u00a0minutes ago \nDescription : eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T19:39:01.000000Z"}, {"uuid": "6daea8c3-af72-4b79-8d4e-06c642809267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42915", "type": "seen", "source": "https://t.me/cvedetector/4000", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42915 - Apache Staff Appraisal System Host Header Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42915 \nPublished : Aug. 23, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' passwords and compromise their accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:58:12.000000Z"}, {"uuid": "84d6a1fa-d3eb-4db2-bf0a-643ad5bea9fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42913", "type": "seen", "source": "https://t.me/cvedetector/4192", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42913 - RuoYi CMS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42913 \nPublished : Aug. 26, 2024, 6:15 p.m. | 38\u00a0minutes ago \nDescription : RuoYi CMS v4.7.9 was discovered to contain a SQL injection vulnerability via the job_id parameter at /sasfs1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T21:20:19.000000Z"}]}