{"vulnerability": "CVE-2025-24801", "sightings": [{"uuid": "bd73f853-a9b4-49f3-973e-973f4738e668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/114154763751292664", "content": "", "creation_timestamp": "2025-03-13T10:57:43.431265Z"}, {"uuid": "3a0b1780-95a2-41c3-ac3d-f690f5d39654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114185140719428080", "content": "", "creation_timestamp": "2025-03-18T19:42:57.057564Z"}, {"uuid": "35a2bece-104b-42de-a674-24ed7779111a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114185162962943617", "content": "", "creation_timestamp": "2025-03-18T19:48:36.705593Z"}, {"uuid": "d0118b81-9f86-4bc8-8cc9-317d988d6c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkt4jwpsi22b", "content": "", "creation_timestamp": "2025-03-20T16:28:14.440343Z"}, {"uuid": "e374b5cb-4bd4-4685-ad04-0a501349d03c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkoii25z2w2k", "content": "", "creation_timestamp": "2025-03-18T20:18:42.938058Z"}, {"uuid": "656d140c-2d66-47cb-a7b8-632620d45c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/bearstech.com/post/3lknbcpxkch2n", "content": "", "creation_timestamp": "2025-03-18T08:37:42.716011Z"}, {"uuid": "045accb5-26e6-4713-8971-60c01beb16b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3lkn3vvzuf32u", "content": "", "creation_timestamp": "2025-03-18T07:01:04.699138Z"}, {"uuid": "8606e8bc-f787-4f86-8b38-4c0ee736357b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lk6i6evc3a2c", "content": "", "creation_timestamp": "2025-03-12T11:30:36.209339Z"}, {"uuid": "68b769a5-8d92-49f7-94e1-563a1e0ae5bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lk6geieskt2j", "content": "", "creation_timestamp": "2025-03-12T10:58:14.248324Z"}, {"uuid": "debbc8cf-04cf-4e6c-adb4-451dfabb5d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/35931", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24801 Exploit \nURL\uff1ahttps://github.com/fatkz/CVE-2025-24801\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-07T18:19:52.000000Z"}, {"uuid": "5dc4f149-b89d-4e51-844a-83e7ece9681a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7968", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24801\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of *.php files located on the GLPI server. This vulnerability is fixed in 10.0.18.\n\ud83d\udccf Published: 2025-03-18T18:32:06.401Z\n\ud83d\udccf Modified: 2025-03-18T18:32:06.401Z\n\ud83d\udd17 References:\n1. https://github.com/glpi-project/glpi/security/advisories/GHSA-g2p3-33ff-r555", "creation_timestamp": "2025-03-18T19:03:05.000000Z"}, {"uuid": "e4de77ba-4ee1-4bc5-964e-b13c69b002c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lk6kdzgvaa2a", "content": "", "creation_timestamp": "2025-03-12T12:09:32.796763Z"}, {"uuid": "3eb13eec-5d7d-49c2-9282-4ef6c248aa32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lk6nzfq5z227", "content": "", "creation_timestamp": "2025-03-12T13:15:11.893836Z"}, {"uuid": "8b5ba3aa-428e-498c-9698-92dd4b132e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/2002296b-dd57-45e0-b127-feeaa53cc204", "content": "", "creation_timestamp": "2025-03-13T09:40:21.398312Z"}, {"uuid": "6be37d25-f7c4-4c25-8c4c-8b05d4644269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/432", "content": "Top Security News for Today\n\nImpossible XXE in PHP  \nhttps://www.reddit.com/r/netsec/comments/1j9f0i7/impossible_xxe_in_php/\n\nAnalysis of CVE-2025-24813 Apache Tomcat Path Equivalence RCE  \nhttps://www.reddit.com/r/netsec/comments/1j9f0ur/analysis_of_cve202524813_apache_tomcat_path/\n\nCybersecurity Can\u2019t Wait: Modern Enterprises Must Adapt  \nhttps://www.tripwire.com/state-of-security/cybersecurity-cant-wait-modern-enterprises-must-adapt\n\nPre-authentication SQL injection to RCE in GLPI (CVE-2025-24799/CVE-2025-24801)  \nhttps://www.reddit.com/r/netsec/comments/1j9hcdw/preauthentication_sql_injection_to_rce_in_glpi/\n\nChina, Russia, Iran, and North Korea Intelligence Sharing  \nhttps://www.schneier.com/blog/archives/2025/03/china-russia-iran-and-north-korea-intelligence-sharing.html\n\nBehind the Scenes of Burp AI: How we built it, and what's next  \nhttps://portswigger.net/blog/behind-the-scenes-of-burp-ai-how-we-built-it-and-whats-next\n\nNew Lumma Stealer campaign abuses Reddit threads to drop malware via fake WeTransfer links  \nhttps://www.reddit.com/r/netsec/comments/1j9xq07/new_lumma_stealer_campaign_abuses_reddit_threads/\n\nRuthless Mantis - Modus Operandi  \nhttps://www.reddit.com/r/netsec/comments/1j9v0dh/ruthless_mantis_modus_operandi/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-13T09:30:43.000000Z"}, {"uuid": "fbdb079d-3669-483e-8f91-b87f19659655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://t.me/cvedetector/20604", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24801 - \"GLPI PHP File Upload Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-24801 \nPublished : March 18, 2025, 7:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of *.php files located on the GLPI server. This vulnerability is fixed in 10.0.18. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T21:55:37.000000Z"}, {"uuid": "9274d966-7b4e-4029-b1c9-20c83ef3804f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9727", "content": "Pre-authentication SQL injection to RCE in GLPI (CVE-2025-24799/CVE-2025-24801)\n\nhttps://blog.lexfo.fr/glpi-sql-to-rce.html", "creation_timestamp": "2025-03-13T17:55:31.000000Z"}, {"uuid": "d1046a14-ce96-461f-93ae-4f48ded945df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/oYmpRnsP0n5l9UoNVnmi0Tqagk8hdqptE5SM8rliaeN2ddE", "content": "", "creation_timestamp": "2025-04-19T13:00:06.000000Z"}, {"uuid": "9662ebd2-c2cc-4e27-8b84-b5136d610606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://t.me/CyberBulletin/2597", "content": "\u26a1Pre-authentication SQL injection to RCE in GLPI (CVE-2025-24799/CVE-2025-24801).\n\n#CyberBulletin", "creation_timestamp": "2025-03-12T14:25:22.000000Z"}, {"uuid": "cae2ca9f-d206-424c-8de4-d3d52a53c62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/aFwfStP8wFlVkLpHBloIlhn7vOW90LKUAH04hsmOYUZn0T4", "content": "", "creation_timestamp": "2025-05-06T09:00:07.000000Z"}, {"uuid": "61fedd65-bbb7-421a-9bbd-a04818fc1e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11966", "content": "#exploit\n1. CVE-2025-1974, CVE-2025-24514:\nIngress(Nightmare) NGINX RCE\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n\n2. CVE-2025-24799, CVE-2025-24801:\nPre-auth SQLi to RCE in GLPI\nhttps://blog.lexfo.fr/glpi-sql-to-rce.html\n\n3. CVE-2025-29927:\nAuthorization Bypass in Next.js Middleware\nhttps://github.com/arvion-agent/next-CVE-2025-29927\n]-> Bypass Checker:\nhttps://github.com/RoyCampos/CVE-2025-29927", "creation_timestamp": "2025-03-26T00:36:58.000000Z"}]}