{"vulnerability": "CVE-2025-2904", "sightings": [{"uuid": "88482af8-9279-4963-8520-e3a99cb0d288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2904", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltb4le3k3j2m", "content": "", "creation_timestamp": "2025-07-06T01:27:50.400022Z"}, {"uuid": "b2850034-6a73-41c9-b997-28b0ee06fe94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29044", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114354092377921097", "content": "", "creation_timestamp": "2025-04-17T15:49:34.428225Z"}, {"uuid": "e97791d9-df8f-409e-8f84-ba3a812729f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29049", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10007", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29049\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability in arnog MathLive Versions v0.103.0 and before (fixed in 0.104.0) allows an attacker to execute arbitrary code via the MathLive function.\n\ud83d\udccf Published: 2025-04-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T20:13:35.205Z\n\ud83d\udd17 References:\n1. https://github.com/advisories/GHSA-qwj6-q94f-8425\n2. https://github.com/arnog/mathlive/commit/abc26056fd5e29a99edfa96a0bbe855ea2a8b678", "creation_timestamp": "2025-04-01T20:33:28.000000Z"}, {"uuid": "4677ce59-e37b-45e0-a1fc-7e91c1470efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29045", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12238", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29045\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T14:37:45.585Z\n\ud83d\udd17 References:\n1. https://github.com/xyqer1/ALFA-WiFi-CampPro-APSecurity-newap_text_0\n2. https://gist.github.com/xyqer1/16f6b44ef062374bc32c12952c7b81f8", "creation_timestamp": "2025-04-17T14:58:22.000000Z"}, {"uuid": "b1226906-0f88-494b-8d5c-b6c6cbbaecf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29041", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14346", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29041\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T18:08:19.391Z\n\ud83d\udd17 References:\n1. https://www.dlink.com/en/security-bulletin/\n2. https://github.com/xyqer1/Dlink-dir-823x-diag_nslookup-target_addr-CommandInjection\n3. https://gist.github.com/xyqer1/101b7308bdf8618d8be30bd1d09ddd38", "creation_timestamp": "2025-05-01T18:15:40.000000Z"}, {"uuid": "1cb0edad-506e-4a37-96e8-335f30f383ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29040", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29040\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T18:06:40.014Z\n\ud83d\udd17 References:\n1. https://www.dlink.com/en/security-bulletin/\n2. https://github.com/xyqer1/Dlink-dir-823x-diag_ping-target_addr-CommandInjection\n3. https://gist.github.com/xyqer1/b3bebe4967a3093951273738f0be45ce", "creation_timestamp": "2025-05-01T18:15:42.000000Z"}, {"uuid": "77d2304e-daab-40bd-bd93-7182c58da469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29046", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12235", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29046\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T14:40:48.905Z\n\ud83d\udd17 References:\n1. https://github.com/xyqer1/ALFA-WiFi-CampPro-GreenAP-GAPSMinute3\n2. https://gist.github.com/xyqer1/7f9970240aec0af412caee79271a5be5", "creation_timestamp": "2025-04-17T14:58:18.000000Z"}, {"uuid": "d4108423-33a7-4469-aaef-0c52423d7e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29047", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29047\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T14:42:43.518Z\n\ud83d\udd17 References:\n1. https://github.com/xyqer1/ALFA-WiFi-CampPro-StorageEditUser-hiddenIndex\n2. https://gist.github.com/xyqer1/74adbc0249eeacf762fb4d33cf93a0f5", "creation_timestamp": "2025-04-17T14:58:16.000000Z"}, {"uuid": "3393e102-9fbb-47fb-b1b8-4f0b152a0e84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29044", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12420", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29044\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T12:42:17.549Z\n\ud83d\udd17 References:\n1. https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file\n2. https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a", "creation_timestamp": "2025-04-18T12:58:23.000000Z"}, {"uuid": "ea6650ea-a82e-4f17-9abe-c30386207595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29044", "type": "seen", "source": "https://t.me/cvedetector/23240", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29044 - Netgear R61 Router Buffer Overflow Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-29044 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:55.000000Z"}, {"uuid": "dfea3124-927e-43b3-82e3-eb3d12588eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29041", "type": "seen", "source": "https://t.me/cvedetector/23239", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29041 - D-Link DIR 832 Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29041 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:54.000000Z"}, {"uuid": "cff7c534-440e-440c-a244-29b8150b8d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29040", "type": "seen", "source": "https://t.me/cvedetector/23238", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29040 - Dlink DIR 832 Memory Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29040 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:50.000000Z"}, {"uuid": "592a9344-2f9c-416f-bc71-f2879308892e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29046", "type": "seen", "source": "https://t.me/cvedetector/23236", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29046 - ALFA CAMPRO Router Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29046 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:49.000000Z"}, {"uuid": "7df84224-236a-481e-b295-3428b8cdf7ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29047", "type": "seen", "source": "https://t.me/cvedetector/23235", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29047 - ALFA WiFi CampPro Router Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29047 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:48.000000Z"}, {"uuid": "12ae2320-ca18-483e-8cce-af01a4c7298e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29045", "type": "seen", "source": "https://t.me/cvedetector/23241", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29045 - ALFA_CAMPRO-co Buffer Overflow Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-29045 \nPublished : April 17, 2025, 3:15 p.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:56.000000Z"}, {"uuid": "e86fbdb8-9635-4d68-9c0c-74bacb12c325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-29049", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-qwj6-q94f-8425", "content": "", "creation_timestamp": "2025-01-21T21:17:52.000000Z"}]}