{"vulnerability": "CVE-2024-1003", "sightings": [{"uuid": "7d8d25dd-2fbc-4807-bb29-24c9716a2421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10038", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113473200280449478", "content": "", "creation_timestamp": "2024-11-13T02:07:07.798905Z"}, {"uuid": "87d0f769-f293-4dfe-9b24-1745b8c3b7e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10034", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113525011734958172", "content": "", "creation_timestamp": "2024-11-22T05:43:27.854042Z"}, {"uuid": "851afd19-a0cd-467d-bc23-f0e53619e158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10037", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-01", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "65bd90ae-7be6-4818-bb4b-82faf65cb169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10032", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e25d1f2b-32702de2beb9d6c0", "content": "", "creation_timestamp": "2025-07-21T07:07:46.042512Z"}, {"uuid": "7416326a-5eab-4495-bf38-523bf588b406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10031", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e25d1f2b-32702de2beb9d6c0", "content": "", "creation_timestamp": "2025-07-21T07:07:46.254150Z"}, {"uuid": "94a4bb4f-41b9-4d73-8450-f8beb69a1440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-10039", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/6dcc559a-77e3-4a18-986f-df02f894221c", "content": "", "creation_timestamp": "2024-11-22T09:53:24.398477Z"}, {"uuid": "b192d712-b7cf-440b-bf49-c212de5bd7dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10033", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/271", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10033\n\ud83d\udd39 Description: A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the \"?next=\" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.\n\ud83d\udccf Published: 2024-10-16T16:59:43.968Z\n\ud83d\udccf Modified: 2025-01-06T22:01:25.224Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:8534\n2. https://access.redhat.com/security/cve/CVE-2024-10033\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2319162", "creation_timestamp": "2025-01-06T22:38:18.000000Z"}, {"uuid": "7ffc3970-c0f3-4939-a39d-66517b5f7bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10033", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8798", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10033\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the \"?next=\" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.\n\ud83d\udccf Published: 2024-10-16T16:59:43.968Z\n\ud83d\udccf Modified: 2025-03-26T04:19:11.949Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:8534\n2. https://access.redhat.com/security/cve/CVE-2024-10033\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2319162", "creation_timestamp": "2025-03-26T04:25:35.000000Z"}, {"uuid": "03da7161-2362-4748-b42e-119135648cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10035", "type": "seen", "source": "https://t.me/cvedetector/9724", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10035 - BG-TEK Informatics Security Technologies CoslatV3 Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-10035 \nPublished : Nov. 4, 2024, 12:16 p.m. | 15\u00a0minutes ago \nDescription : Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069.   \n  \n  \n  \nNOTE: The vendor was contacted and it was learned that the product is not supported. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T13:36:00.000000Z"}, {"uuid": "521b32de-8dba-4f7f-96a0-bf2806e3c6f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1003", "type": "seen", "source": "https://t.me/ctinow/175379", "content": "https://ift.tt/cQXnmVW\nCVE-2024-1003", "creation_timestamp": "2024-01-29T16:26:34.000000Z"}, {"uuid": "456bb05e-4b4a-403f-9d87-2cfab9e47cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10037", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10037\n\ud83d\udd25 CVSS Score: 5.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:A)\n\ud83d\udd39 Description: A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection.\nAn attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerability.\n\nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability.\n\ud83d\udccf Published: 2025-03-25T12:22:07.815Z\n\ud83d\udccf Modified: 2025-03-31T16:17:05.591Z\n\ud83d\udd17 References:\n1. https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true", "creation_timestamp": "2025-03-31T16:33:18.000000Z"}, {"uuid": "41bea3f3-d43c-4d2c-9447-d19abdd1a6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10037", "type": "seen", "source": "https://t.me/cvedetector/21096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10037 - \"RTU500 WebSocket Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10037 \nPublished : March 25, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection.  \nAn attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerability.  \n  \nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T15:18:53.000000Z"}, {"uuid": "12d6995c-253d-499b-bcd8-cf30e328e5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1003", "type": "seen", "source": "https://t.me/ctinow/189425", "content": "https://ift.tt/7pnysTB\nCVE-2024-1003 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow", "creation_timestamp": "2024-02-21T10:11:36.000000Z"}]}