{"vulnerability": "cve-2024-2500", "sightings": [{"uuid": "f7acbb5f-1d81-46c2-a3f5-0179f3ef02de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25003", "type": "seen", "source": "https://t.me/ctinow/198453", "content": "https://ift.tt/OIVwzfl\nCVE-2024-25003 | KiTTY up to 0.76.1.13 hostname stack-based overflow (ID 177032)", "creation_timestamp": "2024-03-02T19:21:25.000000Z"}, {"uuid": "d76c545e-ad73-42a3-bb42-c267b29d91ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25008", "type": "seen", "source": "https://t.me/cvedetector/3326", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25008 - Ericsson RAN Compute and Site Controller 6610 Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-25008 \nPublished : Aug. 16, 2024, 10:15 a.m. | 37\u00a0minutes ago \nDescription : Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T12:52:58.000000Z"}, {"uuid": "f73ca605-e06c-4a04-ae0f-2885dc031432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25009", "type": "seen", "source": "https://t.me/cvedetector/3615", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25009 - Ericsson Packet Core Controller (PCC) AMF Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-25009 \nPublished : Aug. 20, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : Ericsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T14:37:03.000000Z"}, {"uuid": "f64473ec-a92e-4e1e-aac8-7050edc44008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25006", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15412", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25006\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: XenForo before 2.2.14 allows Directory Traversal (with write access) by an authenticated user who has permissions to administer styles, and uses a ZIP archive for Styles Import.\n\ud83d\udccf Published: 2024-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T20:09:55.457Z\n\ud83d\udd17 References:\n1. https://xenforo.com/docs/xf2/permissions/\n2. https://xenforo.com/tickets/BC37EB98/?v=5da7bd5728\n3. https://xenforo.com/community/threads/xenforo-2-2-14-released.219044/", "creation_timestamp": "2025-05-07T20:22:53.000000Z"}, {"uuid": "161f30c7-d7b3-4c4d-8f13-bf2695fa87ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25003", "type": "seen", "source": "https://t.me/arpsyndicate/3429", "content": "#ExploitObserverAlert\n\nCVE-2024-25003\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25003. KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-11T15:49:09.000000Z"}, {"uuid": "6d0ecf04-5b6f-4c09-86a9-bdde520b8858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25004", "type": "seen", "source": "https://t.me/arpsyndicate/3388", "content": "#ExploitObserverAlert\n\nCVE-2024-25004\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25004. KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-11T13:37:09.000000Z"}, {"uuid": "590d56cd-2b95-465d-80dd-d2fca3aa7230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25004", "type": "seen", "source": "https://t.me/ctinow/184479", "content": "https://ift.tt/rKRyqvF\nBuffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables", "creation_timestamp": "2024-02-14T08:57:00.000000Z"}, {"uuid": "21e8248e-e2d5-4a08-88f6-f527840c42b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25004", "type": "seen", "source": "https://t.me/ctinow/198451", "content": "https://ift.tt/P7XklQz\nCVE-2024-25004 | KiTTY up to 0.76.1.13 username stack-based overflow (ID 177032)", "creation_timestamp": "2024-03-02T19:21:22.000000Z"}, {"uuid": "cf89d488-3ac5-4dd9-913b-cca9bdff3825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25006", "type": "seen", "source": "https://t.me/ctinow/192908", "content": "https://ift.tt/EcGo6Ii\nCVE-2024-25006 | XenForo up to 2.2.13 ZIP Archive path traversal", "creation_timestamp": "2024-02-25T15:16:24.000000Z"}, {"uuid": "dfd35515-ea19-497e-a2fe-42ed816a373c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25003", "type": "seen", "source": "https://t.me/ctinow/184479", "content": "https://ift.tt/rKRyqvF\nBuffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables", "creation_timestamp": "2024-02-14T08:57:00.000000Z"}, {"uuid": "f9bb4f3f-7a65-4df9-8899-0a9d6b646cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25001", "type": "seen", "source": "https://t.me/ctinow/178018", "content": "https://ift.tt/MG1SE5X\nCVE-2024-25001", "creation_timestamp": "2024-02-02T10:31:50.000000Z"}, {"uuid": "ebe2cccc-0656-4184-b239-9dc66621c56b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25004", "type": "seen", "source": "https://t.me/ctinow/184828", "content": "https://ift.tt/l0zYdAQ\nCVE-2024-25004 Exploit", "creation_timestamp": "2024-02-14T17:16:43.000000Z"}, {"uuid": "567b2205-edb8-4831-b35f-ce3e81cb0a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25003", "type": "seen", "source": "https://t.me/ctinow/184829", "content": "https://ift.tt/ORXJtHB\nCVE-2024-25003 Exploit", "creation_timestamp": "2024-02-14T17:16:44.000000Z"}, {"uuid": "48d81815-8367-440b-aeb3-4614f09848d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25003", "type": "seen", "source": "https://t.me/ctinow/181862", "content": "https://ift.tt/xPOrMts\nCVE-2024-25003", "creation_timestamp": "2024-02-09T08:21:53.000000Z"}, {"uuid": "5c7eec9f-17b9-48f6-9ed6-1a518e98add8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25004", "type": "seen", "source": "https://t.me/ctinow/181863", "content": "https://ift.tt/0witK8A\nCVE-2024-25004", "creation_timestamp": "2024-02-09T08:21:54.000000Z"}, {"uuid": "3413f1a0-f4e2-4fd6-84f8-5f61ee774598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25006", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10533", "content": "#exploit\n1. CVE-2024-32002:\nRCE via git clone\nhttps://amalmurali.me/posts/git-rce\n\n2. CVE-2024-25006:\nXenForo <=2.2.13 Zip Slip Vulnerability\nhttps://karmainsecurity.com/KIS-2024-01\n\n3. CVE-2024-0200:\nGitHub's Environment Variables & GHES Shell\nhttps://starlabs.sg/blog/2024/04-sending-myself-github-com-environment-variables-and-ghes-shell", "creation_timestamp": "2024-05-21T15:07:43.000000Z"}]}