{"vulnerability": "CVE-2024-5035", "sightings": [{"uuid": "874d49b2-07d9-4c18-b315-b02a6db13d50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50350", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487892490978139", "content": "", "creation_timestamp": "2024-11-15T16:23:34.018647Z"}, {"uuid": "58e75472-18db-4e21-a21b-196531a7bb24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50351", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487892506879852", "content": "", "creation_timestamp": "2024-11-15T16:23:34.218404Z"}, {"uuid": "86d221be-6a46-4cf6-a368-75ce62a357ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-50359", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113548882978955681", "content": "", "creation_timestamp": "2024-11-26T10:54:14.494530Z"}, {"uuid": "b21150d5-c9b9-4871-9efa-ad44cabc9eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50357", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113565483784508078", "content": "", "creation_timestamp": "2024-11-29T09:16:02.323343Z"}, {"uuid": "009e7737-dc1d-4430-98a7-1ca4030a3351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-50358", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113548882962910854", "content": "", "creation_timestamp": "2024-11-26T10:54:14.848969Z"}, {"uuid": "1d188216-312b-4721-8030-6b8bce9f8e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50353", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3m4yqc6bmyz2j", "content": "", "creation_timestamp": "2025-11-06T23:38:36.101239Z"}, {"uuid": "40a9a5c2-f3ff-4cc9-b843-3f582aa4c621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50353", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:28.000000Z"}, {"uuid": "e7e4f2cd-70dd-4123-a35c-09e1f0f4bbf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "seen", "source": "https://bsky.app/profile/insightsintothings.com/post/3ly45twwe4c2o", "content": "", "creation_timestamp": "2025-09-05T17:13:13.308034Z"}, {"uuid": "1a60096c-6148-4b45-9230-f6579fbb395d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50353", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"}, {"uuid": "9008608a-cc3a-44b9-8058-b5fc5d595e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "published-proof-of-concept", "source": "Telegram/UVHMifNZAdaoC_PDPpgVMFGyVxaemy-c-e78QjGB-LMdrfo", "content": "", "creation_timestamp": "2024-05-28T09:01:26.000000Z"}, {"uuid": "c797154d-d7ad-4ae6-91a4-4c349cdb64dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "seen", "source": "Telegram/nBNadi4eOXOERderysdJSzyShMDRQ9hJWhDaNqKfJovZfQ", "content": "", "creation_timestamp": "2024-05-28T11:53:21.000000Z"}, {"uuid": "33b4c9d7-b0d8-414e-97b8-bb6d220e9045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50356", "type": "seen", "source": "https://t.me/cvedetector/9518", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50356 - \"Frappe Press Two-Factor Authentication Bypass Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-50356 \nPublished : Oct. 31, 2024, 6:15 p.m. | 46\u00a0minutes ago \nDescription : Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Only users who have enabled 2FA are affected. Commit ba0007c28ac814260f836849bc07d29beea7deb6 patches this bug. \nSeverity: 0.0 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T20:17:04.000000Z"}, {"uuid": "d783054f-7796-47a4-bfca-3bd9c9ad25bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50355", "type": "seen", "source": "https://t.me/cvedetector/11105", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50355 - LibreNMS Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-50355 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can be trigger from different sources. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:25.000000Z"}, {"uuid": "da372ad4-1e40-4f3a-8e54-1e595b311ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50350", "type": "seen", "source": "https://t.me/cvedetector/11109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50350 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability in Port Settings page\", \n  \"Content\": \"CVE ID : CVE-2024-50350 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"name\" parameter when creating a new Port Group. This vulnerability results in the execution of malicious code when the \"Port Settings\" page is visited after the affected Port Group is added to a device, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:28.000000Z"}, {"uuid": "22c490ef-abaf-41e8-b038-5a6cb4548912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50353", "type": "seen", "source": "https://t.me/cvedetector/9427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50353 - Azure Cloud Storage SAS Uri Duration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50353 \nPublished : Oct. 30, 2024, 2:15 p.m. | 27\u00a0minutes ago \nDescription : ICG.AspNetCore.Utilities.CloudStorage is a collection of cloud storage utilities to assist with the management of files for cloud upload. Users of this library that set a duration for a SAS Uri with a value other than 1 hour may have generated a URL with a duration that is longer, or shorter than desired. Users not implemented SAS Uri's are unaffected. This issue was resolved in version 8.0.0 of the library. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-30T15:51:58.000000Z"}, {"uuid": "4fc57423-238c-4b10-96d9-6d7cc780dac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "seen", "source": "Telegram/Bt775oOb9iF9U63QgJqlWsaGieN4xj5kCHoA0MvD4vZbB4Ma", "content": "", "creation_timestamp": "2024-06-06T19:09:29.000000Z"}, {"uuid": "678e00d2-0a70-4b0a-afa8-3d115c168abf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50354", "type": "seen", "source": "https://t.me/cvedetector/9512", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50354 - Gnark Memory Allocation Error\", \n  \"Content\": \"CVE ID : CVE-2024-50354 \nPublished : Oct. 31, 2024, 4:15 p.m. | 24\u00a0minutes ago \nDescription : gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T17:46:47.000000Z"}, {"uuid": "245862a9-b24b-4b9c-ab20-dcfd75f0040b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1020", "content": "\u200aCVE-2024-5035 (CVSS 10) in TP-Link Archer C5400X Routers Exposes Users to Remote Hacking\n\nhttps://securityonline.info/cve-2024-5035-cvss-10-in-tp-link-archer-c5400x-routers-exposes-users-to-remote-hacking/", "creation_timestamp": "2024-05-28T19:00:25.000000Z"}, {"uuid": "52fb4e63-1a63-402a-a6fa-0f3efa349789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1019", "content": "\u200aCVE-2024-5035 (CVSS 10) in TP-Link Archer C5400X Routers Exposes Users to Remote Hacking\n\nhttps://securityonline.info/cve-2024-5035-cvss-10-in-tp-link-archer-c5400x-routers-exposes-users-to-remote-hacking/", "creation_timestamp": "2024-05-28T18:50:02.000000Z"}, {"uuid": "c2b23f88-5fb0-41ab-9d18-7595b8571448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/8798", "content": "The Hacker News\nTP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks\n\nA maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests.\nThe vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has&nbsp", "creation_timestamp": "2024-05-28T11:53:22.000000Z"}, {"uuid": "f5c68a2b-7acb-49f5-b1c7-8d39187124ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/1633", "content": "The Hacker News\nTP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks\n\nA maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests.\nThe vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has&nbsp", "creation_timestamp": "2024-05-28T11:53:22.000000Z"}, {"uuid": "d405524a-9454-47ad-a0d5-736de15e9402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "published-proof-of-concept", "source": "Telegram/CrtkvWmm9Q7zVSud1FLKU-PDNNuRSTl6FkdwQ8YTfCoc6A", "content": "", "creation_timestamp": "2024-05-28T08:57:30.000000Z"}, {"uuid": "a30f327f-1002-455f-ae8c-c5ebf89372f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50359", "type": "seen", "source": "https://t.me/true_secator/6491", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u0441\u043a\u043e\u0432 \u043c\u0430\u044f\u043a\u0438 \u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044f\u0445 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u044d\u0444\u0444\u0435\u043a\u0442 EpileptiCar, \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0441\u043b\u0435\u043f\u043b\u044f\u044f \u043a\u0430\u043a \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435, \u0442\u0430\u043a \u0438 \u043d\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Advanced Driver-Assistance Systems (ADAS) \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u0441\u0442\u0432\u0443\u044f \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044e \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u044b\u0445 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0439.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0444\u0444\u0435\u043a\u0442 EpileptiCar \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u043e\u0447\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0441\u0443\u0442\u043e\u043a \u0438\u0437-\u0437\u0430 \u0440\u0430\u0441\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0434\u043e \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u0435\u0439 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0435\u0439 \u043a\u0430\u043c\u0435\u0440\u044b \u0431\u0435\u0441\u043f\u0438\u043b\u043e\u0442\u043d\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044f.\n\n2. SSD Disclosure \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0430 TyphoonPWN 2024 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e Microsoft \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u043b\u0430 \u0435\u0435 \u0434\u0443\u0431\u043b\u0438\u043a\u0430\u0442\u043e\u043c, \u0437\u0430\u044f\u0432\u043b\u044f\u044f, \u0447\u0442\u043e \u043e\u043d\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430. \u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows 11.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Source Incite \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0442\u0430\u0442\u044c\u044e, \u043e\u0441\u0432\u0435\u0449\u0430\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring Java, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f RCE.\n\n4. ERNW \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 command injection, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e\u043c\u043e\u0433\u0430\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432 Kemp LoadMaster \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-7591 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438\u00a010/10.\n\n5. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043c\u043e\u0433 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0440\u0442\u0430\u043b\u0435 Microsoft Partner. Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435. \u041a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0430\u0442\u0430\u043a\u0435 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Nozomi Networks \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043e\u043a\u043e\u043b\u043e \u0434\u0432\u0443\u0445 \u0434\u0435\u0441\u044f\u0442\u043a\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u0442\u043e\u0447\u043a\u0430\u0445 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Advantech EKI, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n6 \u0438\u0437 20 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043e\u0442 CVE-2024-50370 \u0434\u043e CVE-2024-50375 \u0441 CVSS: 9,8) \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430, \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438 \u0434\u0430\u0436\u0435 \u043f\u0435\u0440\u0435\u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438 \u0432 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u0441\u0442\u0430\u043d\u0446\u0438\u0438 Linux \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 CVE-2024-50376 (CVSS: 7,3) \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 CVE-2024-50359 (CVSS: 7,2) \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u043e \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n7. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Jenkins \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438 \u0434\u0432\u0443\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432.", "creation_timestamp": "2024-11-29T17:20:05.000000Z"}, {"uuid": "1e114806-6211-446f-a87f-a9231fb3c3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5035", "type": "published-proof-of-concept", "source": "https://t.me/KomunitiSiber/2009", "content": "TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks\nhttps://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html\n\nA maximum-severity security flaw has been disclosed in the\u00a0TP-Link Archer C5400X gaming router\u00a0that could lead to remote code execution on susceptible devices by sending specially crafted requests.\nThe vulnerability, tracked as\u00a0CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware\u00a0including\u00a0and\u00a0prior to\u00a01_1.1.6. It has&nbsp", "creation_timestamp": "2024-05-28T09:11:39.000000Z"}]}