{"uuid": "1818a5d5-fb4d-4cd8-b604-fd55b438150d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34102", "type": "seen", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-09T03:00:13.340091Z"}