{"vulnerability": "cve-2024-4045", "sightings": [{"uuid": "9d6877cc-22f8-465f-ba61-d7a11e170b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40458", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17357", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40458\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.\n\ud83d\udccf Published: 2025-05-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-22T19:06:16.810Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link\n2. https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md", "creation_timestamp": "2025-05-22T19:46:17.000000Z"}, {"uuid": "944fe174-5194-4300-86e2-5e3a5dab601d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40459", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17358", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40459\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function\n\ud83d\udccf Published: 2025-05-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-22T19:05:52.612Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1J2PsjRc6u2q4Teo3eVnBVmTEFjOgaPzX/view?usp=drive_link\n2. https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md", "creation_timestamp": "2025-05-22T19:46:18.000000Z"}, {"uuid": "fceae00a-eae1-4aee-93ac-9c92cc36e5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40453", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43786", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-40453 - Squirrelly v9.0.0 RCE. Poc\nURL\uff1ahttps://github.com/BwithE/CVE-2024-40453\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-12T13:11:18.000000Z"}, {"uuid": "c5a08a5b-6c13-4c4a-a551-ae6f30dbd9b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40453", "type": "published-proof-of-concept", "source": "Telegram/K3hUGPupZNXNHC7PAa8Zg7tP0paYLzZhTuwIsCOfHpBua0Y", "content": "", "creation_timestamp": "2025-06-08T09:00:05.000000Z"}, {"uuid": "172d7b7f-cb04-4468-b932-37e0208e8cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40453", "type": "published-proof-of-concept", "source": "Telegram/ZO89xAG6r2OGCSMnMr59xyYialmz8x4RT9vG8HqW5hSL7Qg", "content": "", "creation_timestamp": "2025-06-08T15:00:06.000000Z"}, {"uuid": "4b943dae-c824-46d2-b042-a5928603d8b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40457", "type": "seen", "source": "https://t.me/cvedetector/5480", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40457 - No-IP Dynamic Update Client Cleartext Credential Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-40457 \nPublished : Sept. 12, 2024, 2:16 p.m. | 29\u00a0minutes ago \nDescription : No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T16:52:28.000000Z"}, {"uuid": "7984cc90-5c0f-45b0-8a5a-926212d328b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40453", "type": "seen", "source": "https://t.me/cvedetector/3802", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40453 - Squirrellyjs SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40453 \nPublished : Aug. 21, 2024, 5:15 p.m. | 30\u00a0minutes ago \nDescription : squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T19:55:40.000000Z"}, {"uuid": "4ef0bd57-95c7-495f-bdc0-7253d51ccc50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40456", "type": "seen", "source": "https://t.me/cvedetector/1001", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40456 - ThinkSAAS SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40456 \nPublished : July 16, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \\system\\action\\update.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T22:58:47.000000Z"}, {"uuid": "4e3e0091-a4bd-428a-86d6-ff00697048ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40455", "type": "seen", "source": "https://t.me/cvedetector/1003", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40455 - ThinkSAAS File Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40455 \nPublished : July 16, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : An arbitrary file deletion vulnerability in ThinkSAAS v3.7 allows attackers to delete arbitrary files via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T22:58:49.000000Z"}]}