{"vulnerability": "CVE-2024-57968", "sightings": [{"uuid": "b85c49c2-2f54-454b-b603-4d160409435c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/seifreed.bsky.social/post/3lhhhm4fdyy2y", "content": "", "creation_timestamp": "2025-02-05T20:58:46.814138Z"}, {"uuid": "904b66bf-fe40-40fe-99c1-2de3044c20f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lhjybyzjrb2x", "content": "", "creation_timestamp": "2025-02-06T21:02:42.020454Z"}, {"uuid": "ba70db13-cb12-4061-9530-02c48136b3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhhhxtgbhw22", "content": "", "creation_timestamp": "2025-02-05T21:05:19.471898Z"}, {"uuid": "b690cc47-8a5e-49d2-a2a9-ae2001f99716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941555703677096", "content": "", "creation_timestamp": "2025-02-03T19:16:04.401757Z"}, {"uuid": "d74a8da8-6edd-4996-a041-6a098ad5bc12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhced4xduj2e", "content": "", "creation_timestamp": "2025-02-03T20:16:45.234718Z"}, {"uuid": "12419acd-bed9-430f-b8f9-95c1219eebb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/nicolefishbein.bsky.social/post/3lhcfixgiu22q", "content": "", "creation_timestamp": "2025-02-03T20:37:54.522246Z"}, {"uuid": "e4cf26c5-fab8-4670-9d6a-480042798454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lhgzfzmfjc27", "content": "", "creation_timestamp": "2025-02-05T16:44:52.344080Z"}, {"uuid": "38859884-430f-4d8e-9c07-3d88978fef96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113941919628604703", "content": "", "creation_timestamp": "2025-02-03T20:48:37.693936Z"}, {"uuid": "d8d290a5-a41b-4beb-bf38-4204e039539d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhi5s7xhpk2e", "content": "", "creation_timestamp": "2025-02-06T03:35:56.743170Z"}, {"uuid": "feed66e0-6fc6-442c-b98a-faac9db01182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/anontroyano.bsky.social/post/3lhil3xuhls2a", "content": "", "creation_timestamp": "2025-02-06T07:35:26.292351Z"}, {"uuid": "332c43ee-3234-4401-8086-8f3e3ce48583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lhjqetiesk2n", "content": "", "creation_timestamp": "2025-02-06T18:41:05.894854Z"}, {"uuid": "847bb1d6-49a6-4622-a65c-6f33732cba2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ljx242rpn32l", "content": "", "creation_timestamp": "2025-03-09T12:30:08.321870Z"}, {"uuid": "47ab3708-2c9a-4d37-9c8e-679a15d09d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3533542", "content": "", "creation_timestamp": "2025-03-10T20:37:15.658487Z"}, {"uuid": "5625dc4b-6c27-4bc1-a344-86caa6a51782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/socprime.com/post/3lhw2usicv72v", "content": "", "creation_timestamp": "2025-02-11T16:20:56.054103Z"}, {"uuid": "4d882866-589d-4eef-a115-5d1532d6cadf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/anontroyano.bsky.social/post/3lhil3z7ofs2a", "content": "", "creation_timestamp": "2025-02-06T07:35:26.851417Z"}, {"uuid": "ad9c1c6f-6d62-4815-ad45-52f43276c274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhekj6egp22r", "content": "", "creation_timestamp": "2025-02-04T17:12:51.947805Z"}, {"uuid": "ee5381cf-50d1-4c0b-9d38-c852b2bf6a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhsgllfpta2z", "content": "", "creation_timestamp": "2025-02-10T05:39:52.180169Z"}, {"uuid": "27534c9e-cb36-48c0-b19d-ad7e9391ddba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lhshriip3v2e", "content": "", "creation_timestamp": "2025-02-10T06:01:03.745834Z"}, {"uuid": "0c0163bc-9beb-4060-b694-1bf0965b3ba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113979245899426202", "content": "", "creation_timestamp": "2025-02-10T11:01:13.036131Z"}, {"uuid": "f7394499-a10b-4775-97e3-c52093981ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-10T18:10:04.000000Z"}, {"uuid": "fc95fcc6-2427-4814-8739-9a474f366131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lk4xnhp2nq2c", "content": "", "creation_timestamp": "2025-03-11T21:02:10.819633Z"}, {"uuid": "7044dc06-533a-442f-afd4-73bd199eb7d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://thehackernews.com/2025/03/cisa-adds-five-actively-exploited.html", "content": "", "creation_timestamp": "2025-03-11T02:58:00.000000Z"}, {"uuid": "746da980-d38c-4977-ae23-dd33e212a7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-11T05:26:42.000000Z"}, {"uuid": "e33b14be-54ba-4230-9c34-ea430800e563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lk2ayuynhs2g", "content": "", "creation_timestamp": "2025-03-10T19:11:43.335727Z"}, {"uuid": "4df4ea06-2554-4564-a43c-a949ec9765f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7024", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57968\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-10T17:17:33.904Z\n\ud83d\udd17 References:\n1. https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1\n2. https://intezer.com/blog/research/xe-group-exploiting-zero-days/\n3. https://www.solissecurity.com/en-us/insights/xe-group-from-credit-card-skimming-to-exploiting-zero-days/", "creation_timestamp": "2025-03-10T17:38:20.000000Z"}, {"uuid": "3353aaad-848c-4372-9272-15db62cd04fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lk2ayuz6322g", "content": "", "creation_timestamp": "2025-03-10T19:11:44.570423Z"}, {"uuid": "8535cfbc-c8a1-4312-ab6b-ff8eb0bd7588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lk2e6kjbxk24", "content": "", "creation_timestamp": "2025-03-10T20:08:29.995567Z"}, {"uuid": "117c22a4-0e7f-4940-8f03-1ac36fd41f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f9696218-e6b9-452d-865b-9f7ccc6f25bd", "content": "", "creation_timestamp": "2026-02-02T12:26:08.621212Z"}, {"uuid": "29401852-680b-4631-b3bc-aa2854ef8df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "https://t.me/cvedetector/17103", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57968 - Advantive VeraCore Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57968 \nPublished : Feb. 3, 2025, 8:15 p.m. | 22\u00a0minutes ago \nDescription : Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T21:59:58.000000Z"}, {"uuid": "3d15b839-9583-4471-aff3-aa7453cdf4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "https://t.me/claytechsolution/206", "content": "The Hacker News\nCISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.\nThe list of vulnerabilities is as follows -\n\nCVE-2024-57968 - An unrestricted file upload vulnerability in Advantive VeraCore", "creation_timestamp": "2025-03-11T08:28:09.000000Z"}, {"uuid": "0810bf86-f88d-4dbe-89c0-29e4180c9e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "https://t.me/ton618cyber/2369", "content": "XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells\n\nXE Group exploits a VeraCore zero-day (CVE-2024-57968) to deploy web shells, enabling persistent access and targeting supply chains in manufacturing a\n\nThe Hacker News | thehackernews.com \u2022 Feb 10, 2025", "creation_timestamp": "2025-02-10T12:34:49.000000Z"}, {"uuid": "6d408108-a3f6-4039-bc55-bf5ef7a239ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "https://t.me/ton618cyber/6572", "content": "XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells\n\nXE Group exploits a VeraCore zero-day (CVE-2024-57968) to deploy web shells, enabling persistent access and targeting supply chains in manufacturing a\n\nThe Hacker News | thehackernews.com \u2022 Feb 10, 2025", "creation_timestamp": "2025-02-10T12:34:49.000000Z"}, {"uuid": "a831ddaf-2d00-4e00-85cb-4de4e92af698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "seen", "source": "Telegram/WnupHCh-e4T9si1DyA7cv99LA8IkSO8ohj3z0UlOHNi7N3yS", "content": "", "creation_timestamp": "2025-03-11T04:41:14.000000Z"}, {"uuid": "cfb077e2-8bd9-4cee-8099-91df2a6d454a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "Telegram/xv7zg-fyPkiMFIP27IgCOFS2T4cyEgEmLzZ-i1W_dI9tnw", "content": "", "creation_timestamp": "2025-03-11T12:17:52.000000Z"}, {"uuid": "6aef5074-d2de-4f42-ae59-f312a1aa2844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57968", "type": "exploited", "source": "https://t.me/thehackernews/6310", "content": "\ud83d\uded1 XE Group has evolved. They\u2019re no longer just stealing credit card data\u2014they\u2019re exploiting zero-day vulnerabilities (like CVE-2024-57968 in VeraCore) to target supply chains\n\nOnce in, they can drop reverse shells, exfiltrate files, and even modify data\n\nhttps://thehackernews.com/2025/02/xe-hacker-group-exploits-veracore-zero.html", "creation_timestamp": "2025-02-10T06:19:30.000000Z"}]}