{"vulnerability": "cve-2024-4654", "sightings": [{"uuid": "2a8c864f-2c4a-4463-8722-a22cc4cf9de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46542", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742951005979114", "content": "", "creation_timestamp": "2024-12-30T17:28:17.314757Z"}, {"uuid": "62b54ccb-3a05-4766-9e9d-3dbc75e8b7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46542", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lepnaiivin2j", "content": "", "creation_timestamp": "2025-01-01T22:45:22.945123Z"}, {"uuid": "894507e7-53fb-408c-ac18-2bd7f903b358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46546", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnfxbot6752v", "content": "", "creation_timestamp": "2025-04-22T15:05:10.269348Z"}, {"uuid": "613aa09d-3b64-405a-b5fd-f2ee5a74132b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46546", "type": "seen", "source": "https://gist.github.com/laskdjlaskdj12/5b29b8b68f8a2279c9294708f080496b", "content": "", "creation_timestamp": "2025-04-21T15:58:24.000000Z"}, {"uuid": "d56c3402-0aee-475f-8de2-c90c5ff79b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46546", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12854", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46546\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.\n\ud83d\udccf Published: 2025-04-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T13:29:11.721Z\n\ud83d\udd17 References:\n1. https://ez-net.co.kr/new_2012/customer/download_view.php?cid=&sid=&goods=&cate=&q=&seq=233\n2. https://ez-net.co.kr/new_2012/product/view.php?cid=461&sid=467&q=%C7%C3%B7%B9%C5%B8&seq=3479&page=\n3. https://gist.github.com/laskdjlaskdj12/5b29b8b68f8a2279c9294708f080496b", "creation_timestamp": "2025-04-22T14:03:50.000000Z"}, {"uuid": "11385f4d-2fde-458a-9639-d7c494afe40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46547", "type": "seen", "source": "https://t.me/cvedetector/12440", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46547 - Wampserver PHP Info Page Sensitive Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46547 \nPublished : Dec. 9, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control validation via PHP Info Page. This issue can lead to data leaks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T21:24:02.000000Z"}, {"uuid": "de4ea3e6-d70b-4283-93ed-c757feeafa56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46546", "type": "seen", "source": "https://t.me/cvedetector/23526", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46546 - NEXTU FLETA AX1500 WIFI6 Router Stack Overflow Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-46546 \nPublished : April 22, 2025, 2:15 p.m. | 1\u00a0hour, 45\u00a0minutes ago \nDescription : NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T18:24:20.000000Z"}, {"uuid": "4ac15c06-7e8e-4102-8f3d-822f294ebedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46542", "type": "seen", "source": "https://t.me/cvedetector/13947", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46542 - Veritas Arctera Data Insight SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46542 \nPublished : Dec. 30, 2024, 6:15 p.m. | 36\u00a0minutes ago \nDescription : Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T20:08:51.000000Z"}, {"uuid": "0ad0cafb-13c5-4682-8c99-34c04dc06146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46549", "type": "seen", "source": "https://t.me/cvedetector/6672", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46549 - \"TP-Link Kasa KP125M Impersonation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-46549 \nPublished : Sept. 30, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-30T20:00:24.000000Z"}, {"uuid": "bf85ecbe-021a-43d7-9714-cbb4dc0d69a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46548", "type": "seen", "source": "https://t.me/cvedetector/6671", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46548 - TP-Link Tapo P125M and Kasa KP125M SSL/TLS Fingerprinting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46548 \nPublished : Sept. 30, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates, allowing attackers to eavesdrop on communications and access sensitive information via a man-in-the-middle attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-30T20:00:23.000000Z"}, {"uuid": "713d3c68-b018-4d7a-b54d-3f99ee2d70cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46540", "type": "seen", "source": "https://t.me/cvedetector/6670", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46540 - Emlog Pro Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-46540 \nPublished : Sept. 30, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before v2.3.15 allows attackers to use remote file downloads and self-extract fucntions to upload webshells to the target server, thereby obtaining system privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-30T20:00:22.000000Z"}, {"uuid": "6484564b-e147-405f-a026-e4555a8f91ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46544", "type": "seen", "source": "https://t.me/cvedetector/6180", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46544 - Apache Tomcat Connectors Shared Memory Permission Tampering\", \n  \"Content\": \"CVE ID : CVE-2024-46544 \nPublished : Sept. 23, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service.  \n  \nThis issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected.  \n  \nUsers are recommended to upgrade to version 1.2.50, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T13:48:30.000000Z"}]}