{"vulnerability": "cve-2024-4239", "sightings": [{"uuid": "43e3026f-7dd8-4f1b-b685-fb4effed1b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42391", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503378216709159", "content": "", "creation_timestamp": "2024-11-18T10:01:46.649752Z"}, {"uuid": "a23555fb-f227-433d-a272-5df4677c644c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42390", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503378202344460", "content": "", "creation_timestamp": "2024-11-18T10:01:46.457311Z"}, {"uuid": "1406c9e1-a9fe-44f7-af4f-c934bef9a1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42392", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503378230739644", "content": "", "creation_timestamp": "2024-11-18T10:01:46.800837Z"}, {"uuid": "68c34c19-d566-4992-ba36-934eccc51e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42398", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8547", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42398\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.\n\ud83d\udccf Published: 2024-08-06T19:37:12.816Z\n\ud83d\udccf Modified: 2025-03-24T21:04:59.030Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&amp;docLocale=en_US", "creation_timestamp": "2025-03-24T21:23:28.000000Z"}, {"uuid": "3e9b21a5-8b16-4456-a1eb-03557def67b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42390", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:29.000000Z"}, {"uuid": "afc57e22-6335-4067-84aa-337bb3820114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42390", "type": "seen", "source": "https://t.me/cvedetector/11309", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42390 - Cesanta Mongoose Web Server SSL/TLS Out-of-range Pointer Offset Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42390 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:21:56.000000Z"}, {"uuid": "09ec8719-fc21-41f7-90c4-86a30b577d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42397", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8078", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42397\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.\n\ud83d\udccf Published: 2024-08-06T18:51:57.643Z\n\ud83d\udccf Modified: 2025-03-19T16:03:44.141Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&amp;docLocale=en_US", "creation_timestamp": "2025-03-19T16:17:54.000000Z"}, {"uuid": "a4684ed6-3257-449d-876c-eec7ae23bd19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42399", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7414", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42399\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.\n\ud83d\udccf Published: 2024-08-06T19:48:07.255Z\n\ud83d\udccf Modified: 2025-03-13T13:37:13.997Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&amp;docLocale=en_US", "creation_timestamp": "2025-03-13T13:44:58.000000Z"}, {"uuid": "5c2315c4-d953-4016-9ae7-adea4f46845e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42392", "type": "seen", "source": "https://t.me/cvedetector/11310", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42392 - Cesanta Mongoose Web Server Input Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42392 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:21:57.000000Z"}, {"uuid": "ae6c050a-2bbf-4e07-b447-4dd6af01d321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42391", "type": "seen", "source": "https://t.me/cvedetector/11308", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42391 - Cesanta Mongoose Web Server TLS Pointer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42391 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:21:55.000000Z"}, {"uuid": "7039e767-1300-4fed-8a4f-4bd0c8c9a7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42399", "type": "seen", "source": "https://t.me/cvedetector/2635", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42399 - Cisco Soft AP Denial-of-Service Vulnerabilities\", \n  \"Content\": \"CVE ID : CVE-2024-42399 \nPublished : Aug. 6, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T23:23:30.000000Z"}, {"uuid": "4a13be4b-3097-4cc5-bb5f-4c67bd1b60d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42398", "type": "seen", "source": "https://t.me/cvedetector/2633", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42398 - Soft AP Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42398 \nPublished : Aug. 6, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T23:23:28.000000Z"}, {"uuid": "76f61d96-099c-4af2-ac20-ea06b783a67a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42394", "type": "seen", "source": "https://t.me/cvedetector/2631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42394 - Soft AP Daemon Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42394 \nPublished : Aug. 6, 2024, 7:15 p.m. | 17\u00a0minutes ago \nDescription : There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T21:43:07.000000Z"}, {"uuid": "d9f5846a-12f9-4e2c-a441-38ee855bf7b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42393", "type": "seen", "source": "https://t.me/cvedetector/2630", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42393 - Netgear Unauthenticated Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42393 \nPublished : Aug. 6, 2024, 7:15 p.m. | 17\u00a0minutes ago \nDescription : There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T21:43:06.000000Z"}, {"uuid": "31cc1e3b-6639-4129-8f12-f03a046b9645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42397", "type": "seen", "source": "https://t.me/cvedetector/2628", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42397 - HP Wi-Fi AP PAPI Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42397 \nPublished : Aug. 6, 2024, 7:15 p.m. | 17\u00a0minutes ago \nDescription : Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T21:43:03.000000Z"}, {"uuid": "40e875b5-2733-4d90-84b5-4c28d76c1788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42395", "type": "seen", "source": "https://t.me/cvedetector/2627", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42395 - Apache Certificate Management Service Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42395 \nPublished : Aug. 6, 2024, 7:15 p.m. | 17\u00a0minutes ago \nDescription : There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T21:43:02.000000Z"}, {"uuid": "c4f490bb-d0f3-4dc9-9431-a6c4a963dc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42396", "type": "seen", "source": "https://t.me/cvedetector/2626", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42396 - Aruba AP Certificate Management Daemon PAPI Protocol Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42396 \nPublished : Aug. 6, 2024, 7:15 p.m. | 17\u00a0minutes ago \nDescription : Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T21:42:56.000000Z"}]}