{"vulnerability": "CVE-2025-2813", "sightings": [{"uuid": "00f981b0-eadb-473c-af4d-c938d8b894d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28138", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114241785248469459", "content": "", "creation_timestamp": "2025-03-28T19:48:23.957801Z"}, {"uuid": "98cf8863-9508-4947-aa45-5207cb0613aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28138", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114241785248469459", "content": "", "creation_timestamp": "2025-03-28T19:48:23.955912Z"}, {"uuid": "270bcd15-0dc9-44d6-a4ab-a2c9fda86662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28138", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llhzo3pzsx2c", "content": "", "creation_timestamp": "2025-03-29T00:02:46.520126Z"}, {"uuid": "b5c6a1d5-428c-4400-bca6-c36db8100421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmujasss7m2g", "content": "", "creation_timestamp": "2025-04-15T16:38:50.839474Z"}, {"uuid": "9c2e0aa2-d5f9-4565-9ddd-ca59b06fce77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28136", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmujatgh4m2g", "content": "", "creation_timestamp": "2025-04-15T16:38:53.423882Z"}, {"uuid": "82cf2ffc-bf6b-4300-a543-ad7b68fc9b74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw56253h23", "content": "", "creation_timestamp": "2025-07-23T21:02:30.015495Z"}, {"uuid": "5dc520e5-c058-4c83-94e7-d85654d4210e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114343941659414629", "content": "", "creation_timestamp": "2025-04-15T20:48:10.370305Z"}, {"uuid": "08bef4cd-1aab-4a92-a567-69fc930b8f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2813", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lp2at6pkyms2", "content": "", "creation_timestamp": "2025-05-13T10:15:28.777453Z"}, {"uuid": "4d84be38-40fd-43b6-8ed4-7eb446227e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28135", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-28135\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi.\n\ud83d\udccf Published: 2025-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T16:13:08.034Z\n\ud83d\udd17 References:\n1. https://sudsy-eyeliner-a59.notion.site/BufferOverflow-V4-1-2cu-5182_B20201026-19872b8cd95f80808902fac8449fee64", "creation_timestamp": "2025-03-28T16:28:00.000000Z"}, {"uuid": "ecd74c81-d5df-4f7a-b04d-d415cc27d1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2813", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvbbcid3t22l", "content": "", "creation_timestamp": "2025-07-31T13:42:44.897851Z"}, {"uuid": "7264313f-3071-42cf-9322-39a6545fff61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://t.me/cvedetector/22954", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28137 - TOTOLINK A810R Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28137 \nPublished : April 15, 2025, 2:15 p.m. | 54\u00a0minutes ago \nDescription : The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T17:26:32.000000Z"}, {"uuid": "61bfea58-87ec-451d-8999-83df3374ad8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28132", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10021", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-28132\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing an attacker to impersonate users and perform actions on their behalf.\n\ud83d\udccf Published: 2025-04-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T19:49:32.374Z\n\ud83d\udd17 References:\n1. https://www.nagios.com/changelog/#network-analyzer\n2. https://github.com/harshal79/Insufficient-Session-Expiration.git", "creation_timestamp": "2025-04-01T20:33:48.000000Z"}, {"uuid": "c4573fb7-dce1-4901-afcf-3d8f63ad4188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28136", "type": "seen", "source": "https://t.me/cvedetector/22953", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28136 - TOTOLINK A800R Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28136 \nPublished : April 15, 2025, 2:15 p.m. | 54\u00a0minutes ago \nDescription : TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T17:26:32.000000Z"}, {"uuid": "ef591bbd-1a01-436f-868a-84be2e4ae6b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28132", "type": "seen", "source": "https://t.me/cvedetector/21777", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28132 - Nagios Network Analyzer Session Reuse Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28132 \nPublished : April 1, 2025, 5:15 p.m. | 15\u00a0minutes ago \nDescription : A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing an attacker to impersonate users and perform actions on their behalf. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:18.000000Z"}, {"uuid": "4df22886-0ea2-4a20-9160-b4489c2429ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28131", "type": "seen", "source": "https://t.me/cvedetector/21776", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28131 - Nagios Network Analyzer Broken Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28131 \nPublished : April 1, 2025, 5:15 p.m. | 15\u00a0minutes ago \nDescription : A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege users with \"Read-Only\" access to perform administrative actions, including stopping system services and deleting critical resources. This flaw arises due to improper authorization enforcement, enabling unauthorized modifications that compromise system integrity and availability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:17.000000Z"}]}