{"vulnerability": "CVE-2024-5557", "sightings": [{"uuid": "51030306-86dd-4235-8fa3-19ea38aee010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55579", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113621931987677784", "content": "", "creation_timestamp": "2024-12-09T08:31:33.512588Z"}, {"uuid": "d3fe7f13-87e1-429a-ba04-b0f78fff600b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55578", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620672079786191", "content": "", "creation_timestamp": "2024-12-09T03:11:08.948822Z"}, {"uuid": "9b5a07fe-6722-4800-9a41-84b5d0352a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55579", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113620672094461301", "content": "", "creation_timestamp": "2024-12-09T03:11:09.240327Z"}, {"uuid": "d3205a30-2beb-4968-a42c-4c0bd7bb8fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55577", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113830703436231851", "content": "", "creation_timestamp": "2025-01-15T05:24:53.150056Z"}, {"uuid": "b419986c-e1af-4f54-af04-4866c30654f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55577", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfr4huuikv2p", "content": "", "creation_timestamp": "2025-01-15T06:15:47.043771Z"}, {"uuid": "458dc30f-54c5-4f3c-a56a-e07986e17c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55577", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfr5z5n34m2w", "content": "", "creation_timestamp": "2025-01-15T06:43:20.054911Z"}, {"uuid": "bb7e9f68-b4e9-4ed9-b7c5-01e02fcbddb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lggz73dxp72x", "content": "", "creation_timestamp": "2025-01-23T23:15:44.540745Z"}, {"uuid": "564d1551-0599-49d1-9c58-b5b7eafac62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113880340336486723", "content": "", "creation_timestamp": "2025-01-23T23:48:12.885171Z"}, {"uuid": "fb3b3393-bd2b-45ff-9619-24c32ede8913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lguul2ho762j", "content": "", "creation_timestamp": "2025-01-29T11:30:14.807358Z"}, {"uuid": "edab301d-2aae-4798-9b48-6d99b544500a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgroevpkmk2s", "content": "", "creation_timestamp": "2025-01-28T05:01:31.943455Z"}, {"uuid": "f2a82c45-3206-40be-8bde-9e1aa3ea88a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgh3g36ixu2h", "content": "", "creation_timestamp": "2025-01-23T23:55:31.222588Z"}, {"uuid": "810c3b9a-51c9-4f02-9c1a-06c5bb9fe2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgh3g3p6oz2k", "content": "", "creation_timestamp": "2025-01-23T23:55:34.262100Z"}, {"uuid": "346fcb2e-70ed-4028-a280-c6a954f179ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lgsulbxvnq2j", "content": "", "creation_timestamp": "2025-01-28T16:25:03.089525Z"}, {"uuid": "12725b1c-55df-4c95-afac-91791c8ed886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljim7hxg652a", "content": "", "creation_timestamp": "2025-03-03T18:44:15.723754Z"}, {"uuid": "c1de91fa-a948-44a2-af67-5390b2cc973a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-55571", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114393106631815821", "content": "", "creation_timestamp": "2025-04-24T13:11:24.836473Z"}, {"uuid": "02468e94-f81c-4ded-8806-368b0a58d5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"}, {"uuid": "b69761a2-eb86-4750-aa68-4d3cfa2b6ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16091", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4648\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.\nA user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.\nThis issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.\n\ud83d\udccf Published: 2025-05-13T09:45:41.519Z\n\ud83d\udccf Modified: 2025-05-13T09:45:41.519Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55575-centreon-web-high-severity-4434\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T10:30:14.000000Z"}, {"uuid": "17643306-2abe-4e0a-8831-3d67e6c03dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2852", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55573\n\ud83d\udd39 Description: An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL into the form used to create virtual metrics.\n\ud83d\udccf Published: 2025-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T22:15:29.037Z\n\ud83d\udd17 References:\n1. https://github.com/centreon/centreon/releases\n2. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264", "creation_timestamp": "2025-01-23T23:03:51.000000Z"}, {"uuid": "1e7151bd-233d-4481-8cf9-0dfd954466b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55577", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1706", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55577\n\ud83d\udd39 Description: Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or cause the user environment to become unusable.\n\ud83d\udccf Published: 2025-01-15T05:17:04.115Z\n\ud83d\udccf Modified: 2025-01-15T05:17:04.115Z\n\ud83d\udd17 References:\n1. http://www.dgate.org/ratfor/\n2. https://jvn.jp/en/vu/JVNVU92217718/", "creation_timestamp": "2025-01-15T06:11:12.000000Z"}, {"uuid": "085778e8-1dcc-480f-9acf-7269849e042c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55570", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6227", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55570\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: /api/user/users in the web GUI for the Cubro EXA48200 network packet broker (build 20231025055018) fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access control.\n\ud83d\udccf Published: 2025-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T16:11:14.843Z\n\ud83d\udd17 References:\n1. https://herolab.usd.de/security-advisories/\n2. https://herolab.usd.de/security-advisories/usd-2024-0014/", "creation_timestamp": "2025-03-03T16:30:31.000000Z"}, {"uuid": "8d73ba54-4ca6-437b-97ca-849cfc1117ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55571", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13214", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3872\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon centreon-web (User configuration form modules) allows SQL Injection.\n\n\nA user with high privileges is able to become administrator by intercepting the contact form request and altering its payload.\n\n\n\nThis issue affects Centreon: from 22.10.0 before 22.10.28, from 23.04.0 before 23.04.25, from 23.10.0 before 23.10.20, from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-04-24T09:19:33.900Z\n\ud83d\udccf Modified: 2025-04-24T09:19:33.900Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55571-centreon-web-high-severity-4496\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-04-24T10:08:03.000000Z"}, {"uuid": "97eefdae-62bb-4a6e-817c-c637a79d05e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16087", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4646\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Privilege Management vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.\n\ud83d\udccf Published: 2025-05-13T09:17:35.146Z\n\ud83d\udccf Modified: 2025-05-13T09:19:49.835Z\n\ud83d\udd17 References:\n1. https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55572-centreon-web-high-severity-4460\n2. https://github.com/centreon/centreon/releases", "creation_timestamp": "2025-05-13T09:30:35.000000Z"}, {"uuid": "6307d3e4-c0ee-4be1-991c-ac4b2791db78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/cvedetector/16245", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55573 - Centreon centreon-web SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-55573 \nPublished : Jan. 23, 2025, 11:15 p.m. | 35\u00a0minutes ago \nDescription : An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL into the form used to create virtual metrics. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T01:00:32.000000Z"}, {"uuid": "7a70d9e2-c6e7-46db-b6a7-2b8652e27599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55578", "type": "seen", "source": "https://t.me/cvedetector/12352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55578 - Zammad Microsoft Office 365 Authentication Credentials Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-55578 \nPublished : Dec. 9, 2024, 3:15 a.m. | 17\u00a0minutes ago \nDescription : Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T04:39:31.000000Z"}, {"uuid": "7db5132c-1801-4d28-9305-3d8002d5ca04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55577", "type": "seen", "source": "https://t.me/cvedetector/15407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55577 - Linux Ratfor Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55577 \nPublished : Jan. 15, 2025, 6:15 a.m. | 43\u00a0minutes ago \nDescription : Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or cause the user environment to become unusable. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T08:25:03.000000Z"}, {"uuid": "8437bd4b-c3c1-4ee3-897f-403a1edce269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55579", "type": "seen", "source": "https://t.me/CyberBulletin/1717", "content": "\u26a1\ufe0fCVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:14:06.000000Z"}, {"uuid": "78090b34-9b4d-4551-9f26-9f43645ea07e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/CyberBulletin/2188", "content": "\u26a1CVE-2024-55573 & CVE-2024-53923: Centreon Hit by Critical SQL Injection Flaws.\n\n#CyberBulletin", "creation_timestamp": "2025-01-28T11:36:00.000000Z"}, {"uuid": "01943a9e-c82b-4686-a027-1bd0783d8200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55579", "type": "seen", "source": "https://t.me/cvedetector/12349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55579 - Qlik Sense Enterprise Windows Escalation of Privilege\", \n  \"Content\": \"CVE ID : CVE-2024-55579 \nPublished : Dec. 9, 2024, 3:15 a.m. | 17\u00a0minutes ago \nDescription : An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. This is fixed in November 2024 IR, May 2024 Patch 10, February 2024 Patch 14, November 2023 Patch 16, August 2023 Patch 16, May 2023 Patch 18, and February 2023 Patch 15. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T04:39:29.000000Z"}, {"uuid": "c083de73-8657-4b30-be82-3fbe630ddf50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55579", "type": "seen", "source": "https://t.me/CyberBulletin/26742", "content": "\u26a1\ufe0fCVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:14:06.000000Z"}, {"uuid": "12de66df-230f-4c4c-8cdb-fbbb34ce440e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55573", "type": "seen", "source": "https://t.me/suboxone_chatroom/4346", "content": "CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating \ud83d\udd25\n\nThe vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/NETLB\n\ud83d\udc49 Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e\n\nVendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264", "creation_timestamp": "2025-02-28T08:23:05.000000Z"}]}