{"vulnerability": "CVE-2024-3934", "sightings": [{"uuid": "f99369ba-0d58-4c14-a0ad-b1e31bb94eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39345", "type": "seen", "source": "https://t.me/cvedetector/1565", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39345 - AdTran SmartOS SSH Backdoor Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39345 \nPublished : July 24, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final octet. This allows network-adjacent attackers to derive the support user's SSH password by decrementing the final octet of the connected gateway address or via the BSSID. An attacker can then execute arbitrary OS commands with root-level privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T18:19:11.000000Z"}, {"uuid": "f2ce960d-e112-40d2-a749-bd325bd81c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39343", "type": "seen", "source": "https://t.me/cvedetector/11817", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39343 - An issue was discovered in Samsung Mobile Processo\", \n  \"Content\": \"CVE ID : CVE-2024-39343 \nPublished : Dec. 2, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T22:06:17.000000Z"}, {"uuid": "4dde2735-9a6b-474e-a1ef-b692720c9d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39341", "type": "seen", "source": "https://t.me/cvedetector/6200", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39342 - Entrust Instant Financial Issuance AES Encryption Key Reuse Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39342 \nPublished : Sept. 23, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library (i.e. DCG.Security.dll) with a custom AES encryption process that relies on static hard-coded key values. These keys are not uniquely generated per installation of the software. Combined with the encrypted password that can be obtained from \"WebAPI.cfg.xml\" in CVE-2024-39341, the decryption is trivial and can lead to privilege escalation on the Windows host. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T21:20:13.000000Z"}, {"uuid": "a832685a-b27b-4274-b7ea-ad20046fc692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39342", "type": "seen", "source": "https://t.me/cvedetector/6200", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39342 - Entrust Instant Financial Issuance AES Encryption Key Reuse Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39342 \nPublished : Sept. 23, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library (i.e. DCG.Security.dll) with a custom AES encryption process that relies on static hard-coded key values. These keys are not uniquely generated per installation of the software. Combined with the encrypted password that can be obtained from \"WebAPI.cfg.xml\" in CVE-2024-39341, the decryption is trivial and can lead to privilege escalation on the Windows host. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T21:20:13.000000Z"}, {"uuid": "77aa9ff6-8bed-4771-890f-2f9c697417d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39344", "type": "seen", "source": "https://t.me/cvedetector/3788", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39344 - Docusign Auth Session Compromise Vulnerability in Salesforce\", \n  \"Content\": \"CVE ID : CVE-2024-39344 \nPublished : Aug. 21, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some configuration information in a manner that could be compromised. With the default settings when installed for all users, the object can be accessible and (via its fields) could disclose some keys. These disclosed components can be combined to create a valid session via the Docusign API. This will generally lead to a complete compromise of the Docusign account because the session is for an administrator service account and may have permission to re-authenticate as specific users with the same authorization flow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T19:05:15.000000Z"}, {"uuid": "5e347d64-a4c9-4e77-8a2c-a2f642af7542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39341", "type": "seen", "source": "https://t.me/cvedetector/6199", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39341 - Entrust Cardwizard Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39341 \nPublished : Sept. 23, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier leaves behind a configuration file (i.e. WebAPI.cfg.xml) after the installation process. This file can be accessed without authentication on HTTP port 80 by guessing the correct IIS webroot path. It includes system configuration parameter names and values with sensitive configuration values encrypted. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T21:20:12.000000Z"}, {"uuid": "37e781a9-72a2-40b1-8c63-f75a4420ba5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39349", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5202", "content": "\u200aCVE-2024-39349 (CVSS 9.8): Critical Vulnerability in Synology Surveillance Cameras\n\nhttps://securityonline.info/cve-2024-39349-cvss-9-8-critical-vulnerability-in-synology-surveillance-cameras/", "creation_timestamp": "2024-07-08T09:52:00.000000Z"}, {"uuid": "72d90eb7-a51c-4129-a6d5-f002b2d661e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3934", "type": "seen", "source": "https://t.me/cvedetector/1244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3934 - Mercado Pago WooCommerce for WooCommerce Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-3934 \nPublished : July 20, 2024, 4:15 a.m. | 36\u00a0minutes ago \nDescription : The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. The arbitrary file download was patched in 7.5.1, while the missing authorization was corrected in version 7.6.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T07:15:34.000000Z"}]}