{"vulnerability": "cve-2024-2919", "sightings": [{"uuid": "a7dfe9b9-02b7-47c9-856e-26b068293510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113589627910748026", "content": "", "creation_timestamp": "2024-12-03T15:36:12.683703Z"}, {"uuid": "56d5562f-d2c9-4a7f-93f3-6c42c3b6b517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29198", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lubdsqtlyp23", "content": "", "creation_timestamp": "2025-07-18T21:02:27.202423Z"}, {"uuid": "69c449a5-486a-47ac-b861-5eb304aa19ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29198", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-29198.yaml", "content": "", "creation_timestamp": "2025-07-14T12:40:37.000000Z"}, {"uuid": "b6a3db33-1d99-46a7-8794-deca9d71fc5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29198", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvh2scqyqy25", "content": "", "creation_timestamp": "2025-08-02T21:02:21.444708Z"}, {"uuid": "323c64d9-3e05-47cc-b2f0-c6e742594ad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29197", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6849", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aTENDA ROUTER AC10 - RCE (full research)\nURL\uff1ahttps://github.com/mansploit/CVE-2024-29197-exploit\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-25T11:55:39.000000Z"}, {"uuid": "44312a51-c7e3-4891-8405-eeefe7dda8bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12599", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2024-29190: MobSF Pen-Testing Tool Input Validation Flaw Leads to SSRF.\n\nhttps://drive.google.com/file/d/1nbKMd2sKosbJef5Mh4DxjcHcQ8Hw0BNR/view\n\nhttps://cybersecuritynews.com/mobsf-pen-testing-tool-flaw/", "creation_timestamp": "2024-03-26T12:48:13.000000Z"}, {"uuid": "ad60c212-85cd-495a-b428-604ad9ac54a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29198", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18654", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-29198\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery (SSRF) via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the TestWfsPost servlet resolving this issue.\n\ud83d\udccf Published: 2025-06-10T14:27:39.485Z\n\ud83d\udccf Modified: 2025-06-17T19:12:00.664Z\n\ud83d\udd17 References:\n1. https://github.com/geoserver/geoserver/security/advisories/GHSA-5gw5-jccf-6hxw\n2. https://osgeo-org.atlassian.net/browse/GEOS-11390\n3. https://osgeo-org.atlassian.net/browse/GEOS-11794", "creation_timestamp": "2025-06-17T19:39:30.000000Z"}, {"uuid": "521ed538-e07f-4d33-b70b-db1f88090c13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9716", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31116\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L)\n\ud83d\udd39 Description: Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in valid_host() uses socket.gethostbyname(), which is vulnerable to SSRF abuse using DNS rebinding technique. This vulnerability is fixed in 4.3.2.\n\ud83d\udccf Published: 2025-03-31T16:42:42.618Z\n\ud83d\udccf Modified: 2025-03-31T16:43:13.602Z\n\ud83d\udd17 References:\n1. https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-fcfq-m8p6-gw56\n2. https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/4b8bab5a9858c69fe13be4631b82d82186e0d3bd", "creation_timestamp": "2025-03-31T17:31:08.000000Z"}, {"uuid": "74e8e7d4-6a33-4a1d-b5b8-6986e7dcc54b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "seen", "source": "https://t.me/androidMalware/2190", "content": "SSRF in Mobile Security Framework (MobSF) version 3.9.5 Beta and prior (CVE-2024-29190)\nMobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also be sent to local hostnames. This can lead to server-side request forgery (SSRF). An attacker can cause the server to make a connection to internal-only services within the organization's infrastructure\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wfgj-wrgh-h3r3", "creation_timestamp": "2024-06-01T02:51:42.000000Z"}, {"uuid": "1cfa843b-a0f5-42ee-8f17-c757090a7ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "seen", "source": "https://t.me/cvedetector/11887", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54000 - Mobile Security Framework (MobSF) Server-Side Request Forgery (SSRF)\", \n  \"Content\": \"CVE ID : CVE-2024-54000 \nPublished : Dec. 3, 2024, 4:15 p.m. | 37\u00a0minutes ago \nDescription : Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get() request in the _check_url method is specified as allow_redirects=True, which allows a server-side request forgery when a request to .well-known/assetlinks.json\" returns a 302 redirect. This is a bypass of the fix for CVE-2024-29190 and is fixed in 3.9.7. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-03T18:10:18.000000Z"}, {"uuid": "e4a74448-c910-46e4-9d2b-7772584661b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "seen", "source": "https://t.me/cvedetector/21640", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31116 - Mobile Security Framework (MobSF) SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31116 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in valid_host() uses socket.gethostbyname(), which is vulnerable to SSRF abuse using DNS rebinding technique. This vulnerability is fixed in 4.3.2. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:22.000000Z"}, {"uuid": "f336607b-d78f-4f88-b1c2-3c26913b02f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29190", "type": "published-proof-of-concept", "source": "Telegram/TWxU8iN-TYn0kncSO1uxug7sedY_GGHFx9vwZnyjHkQUOEM", "content": "", "creation_timestamp": "2024-03-27T20:12:45.000000Z"}]}