{"vulnerability": "CVE-2024-4871", "sightings": [{"uuid": "ac9aad08-bfc7-49af-86c4-5a13fe4b966f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4871", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11174", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4871\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses \"-o StrictHostKeyChecking=no\". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it.\n\ud83d\udccf Published: 2024-05-14T14:27:41.323Z\n\ud83d\udccf Modified: 2025-04-09T20:33:14.839Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHBA-2024:4589\n2. https://access.redhat.com/security/cve/CVE-2024-4871\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2278627", "creation_timestamp": "2025-04-09T20:48:46.000000Z"}, {"uuid": "bab2c442-41d4-4026-bb47-685bf251927a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48714", "type": "seen", "source": "https://t.me/cvedetector/7980", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-48714 - TP-Link TL-WDR7660 Stack Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-48714 \nPublished : Oct. 15, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T00:28:40.000000Z"}, {"uuid": "39fce289-4a98-4ea9-b3b7-2aad24ed4e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48712", "type": "seen", "source": "https://t.me/cvedetector/7978", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-48712 - \"TP-Link TL-WDR7660 Stack Overflow Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-48712 \nPublished : Oct. 15, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T00:28:38.000000Z"}, {"uuid": "33b53281-67c9-4625-8f80-9d04c00aa0e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48713", "type": "seen", "source": "https://t.me/cvedetector/7977", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-48713 - TP-Link TL-WDR7660 Stack Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-48713 \nPublished : Oct. 15, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T00:28:38.000000Z"}, {"uuid": "c36e2cc4-2972-4533-abb9-bcbb99768f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48710", "type": "seen", "source": "https://t.me/cvedetector/7975", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-48710 - TP-Link TL-WDR7660 Stack Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-48710 \nPublished : Oct. 15, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T00:28:33.000000Z"}, {"uuid": "69e6d94d-6fef-4939-8957-c28f4be41002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48712", "type": "seen", "source": "https://gist.github.com/elbakouchisamira61-bit/5d6b526ef00d36ec0158cd86cca2f16e", "content": "import random\nimport threading\nimport time\nimport queue\nimport os\nfrom datetime import datetime\nfrom rich.live import Live\nfrom rich.table import Table\nfrom rich.layout import Layout\nfrom rich.panel import Panel\nfrom rich.text import Text\nfrom rich.console import Group\nfrom rich.align import Align\n\n# =====================================================\n# DIG AI CYBERSECURITY AUTOMATION SOC SIMULATOR\n# =====================================================\n\nevent_queue = queue.Queue()\n\nstats = {\n \"alerts\": 0,\n \"blocked_ips\": 0,\n \"isolated_processes\": 0,\n \"cves_detected\": 0,\n \"events_processed\": 0\n}\n\nrecent_events = []\nrecent_alerts = []\n\nlock = threading.Lock()\n\n# =====================================================\n# DATA SOURCES\n# =====================================================\n\nCVES = [\n \"CVE-2025-11234\",\n \"CVE-2026-22517\",\n \"CVE-2024-48712\",\n \"CVE-2025-90081\",\n \"CVE-2023-38146\",\n \"CVE-2026-77111\",\n]\n\nPORTS = [22, 80, 443, 445, 3389, 8080, 8443, 3306, 5432]\n\nPROCESSES = [\n \"powershell.exe\",\n \"cmd.exe\",\n \"svchost.exe\",\n \"lsass.exe\",\n \"python.exe\",\n \"java.exe\",\n \"chrome.exe\",\n \"explorer.exe\",\n]\n\nCOUNTERMEASURES = [\n \"IP AUTO-BLOCKED\",\n \"PROCESS ISOLATED\",\n \"RULE DEPLOYED\",\n \"SESSION TERMINATED\",\n \"HOST QUARANTINED\",\n]\n\nTHREATS = [\n \"Credential Dumping\",\n \"Lateral Movement\",\n \"Suspicious PowerShell\",\n \"Privilege Escalation\",\n \"Beacon Activity\",\n \"C2 Communication\",\n \"Ransomware Indicator\",\n \"Brute Force Attempt\",\n]\n\n# =====================================================\n# HELPERS\n# =====================================================\n\ndef random_ip():\n return \".\".join(str(random.randint(1, 254)) for _ in range(4))\n\n\ndef memory_block():\n return hex(random.randint(0x10000000, 0xFFFFFFFF))\n\n\ndef add_event(msg):\n global recent_events\n\n with lock:\n timestamp = datetime.now().strftime(\"%H:%M:%S\")\n recent_events.insert(0, f\"[{timestamp}] {msg}\")\n recent_events = recent_events[:20]\n stats[\"events_processed\"] += 1\n\n\ndef add_alert(msg):\n global recent_alerts\n\n with lock:\n timestamp = datetime.now().strftime(\"%H:%M:%S\")\n recent_alerts.insert(0, f\"[{timestamp}] {msg}\")\n recent_alerts = recent_alerts[:12]\n stats[\"alerts\"] += 1\n\n\n# =====================================================\n# THREADS\n# =====================================================\n\ndef packet_scanner():\n while True:\n ip = random_ip()\n port = random.choice(PORTS)\n\n add_event(\n f\"Packet inspection -> SRC:{ip} PORT:{port}\"\n )\n\n time.sleep(random.uniform(0.3, 1.5))\n\n\ndef threat_hunter():\n while True:\n threat = random.choice(THREATS)\n ip = random_ip()\n\n if random.random() > 0.6:\n add_alert(\n f\"THREAT DETECTED :: {threat} :: {ip}\"\n )\n\n time.sleep(random.uniform(1, 3))\n\n\ndef cve_monitor():\n while True:\n cve = random.choice(CVES)\n host = random_ip()\n\n add_event(\n f\"Threat Intel Match -> {cve} on host {host}\"\n )\n\n with lock:\n stats[\"cves_detected\"] += 1\n\n time.sleep(random.uniform(2, 4))\n\n\ndef memory_analyzer():\n while True:\n addr = memory_block()\n\n add_event(\n f\"Memory Scan -> suspicious region {addr}\"\n )\n\n time.sleep(random.uniform(0.8, 2))\n\n\ndef incident_response():\n while True:\n\n if random.random() > 0.55:\n\n ip = random_ip()\n action = random.choice(COUNTERMEASURES)\n\n add_alert(\n f\"{action} -> {ip}\"\n )\n\n with lock:\n if \"BLOCK\" in action:\n stats[\"blocked_ips\"] += 1\n\n if \"ISOLATED\" in action:\n stats[\"isolated_processes\"] += 1\n\n time.sleep(random.uniform(2, 5))\n\n\n# =====================================================\n# UI\n# =====================================================\n\ndef build_dashboard():\n\n layout = Layout()\n\n layout.split_column(\n Layout(name=\"header\", size=5),\n Layout(name=\"body\"),\n Layout(name=\"footer\", size=10)\n )\n\n layout[\"body\"].split_row(\n Layout(name=\"left\"),\n Layout(name=\"center\"),\n Layout(name=\"right\")\n )\n\n # -----------------------\n # HEADER\n # -----------------------\n\n header_text = Text(\n \"DIG AI | CYBERSECURITY AUTOMATION COMMAND CENTER\",\n style=\"bold bright_cyan\"\n )\n\n layout[\"header\"].update(\n Panel(\n Align.center(header_text),\n border_style=\"bright_blue\"\n )\n )\n\n # -----------------------\n # THREAT MATRIX\n # -----------------------\n\n threat_table = Table(expand=True)\n\n threat_table.add_column(\"Metric\", style=\"cyan\")\n threat_table.add_column(\"Value\", style=\"bright_green\")\n\n with lock:\n threat_table.add_row(\n \"Alerts\",\n str(stats[\"alerts\"])\n )\n threat_table.add_row(\n \"Blocked IPs\",\n str(stats[\"blocked_ips\"])\n )\n threat_table.add_row(\n \"Isolated Proc\",\n str(stats[\"isolated_processes\"])\n )\n threat_table.add_row(\n \"CVE Matches\",\n str(stats[\"cves_detected\"])\n )\n threat_table.add_row(\n \"Events\",\n str(stats[\"events_processed\"])\n )\n\n layout[\"left\"].update(\n Panel(\n threat_table,\n title=\"[bold red]THREAT MATRIX[/bold red]\"\n )\n )\n\n # -----------------------\n # LIVE EVENTS\n # -----------------------\n\n events_table = Table(expand=True)\n\n events_table.add_column(\n \"Real-Time Telemetry\",\n style=\"green\"\n )\n\n with lock:\n for e in recent_events[:18]:\n events_table.add_row(e)\n\n layout[\"center\"].update(\n Panel(\n events_table,\n title=\"[bold cyan]STREAMING ENGINE[/bold cyan]\"\n )\n )\n\n # -----------------------\n # ALERT PANEL\n # -----------------------\n\n alert_table = Table(expand=True)\n\n alert_table.add_column(\n \"Critical Alerts\",\n style=\"bold red\"\n )\n\n with lock:\n for a in recent_alerts[:12]:\n alert_table.add_row(a)\n\n layout[\"right\"].update(\n Panel(\n alert_table,\n title=\"[bold red]INCIDENT RESPONSE[/bold red]\"\n )\n )\n\n # -----------------------\n # FOOTER\n # -----------------------\n\n pulse = random.choice([\n \"[green]ONLINE[/green]\",\n \"[yellow]ANALYZING[/yellow]\",\n \"[red]ENGAGED[/red]\"\n ])\n\n footer = Group(\n Text(\n f\"SOC STATUS: {pulse}\",\n style=\"bold\"\n ),\n Text(\n f\"UTC {datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')}\",\n style=\"bright_white\"\n ),\n Text(\n \"AI Detection Engine | Behavioral Analytics | Threat Intelligence Fusion\",\n style=\"cyan\"\n )\n )\n\n layout[\"footer\"].update(\n Panel(\n footer,\n border_style=\"bright_magenta\"\n )\n )\n\n return layout\n\n\n# =====================================================\n# MAIN\n# =====================================================\n\ndef start_threads():\n\n workers = [\n packet_scanner,\n threat_hunter,\n cve_monitor,\n memory_analyzer,\n incident_response\n ]\n\n for worker in workers:\n t = threading.Thread(\n target=worker,\n daemon=True\n )\n t.start()\n\n\ndef main():\n\n os.system(\"\")\n\n start_threads()\n\n with Live(\n build_dashboard(),\n refresh_per_second=8,\n screen=True\n ) as live:\n\n while True:\n live.update(\n build_dashboard()\n )\n\n time.sleep(\n random.uniform(\n 0.08,\n 0.20\n )\n )\n\n\nif __name__ == \"__main__\":\n main()", "creation_timestamp": "2026-06-20T20:32:39.000000Z"}]}