{"vulnerability": "cve-2024-4790", "sightings": [{"uuid": "ed7c229e-8c5b-4b4f-86bb-b388826d3fb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47903", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-01", "content": "", "creation_timestamp": "2024-10-29T12:00:00.000000Z"}, {"uuid": "590d5d40-d509-46c5-9bc4-54c32313b176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47902", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-01", "content": "", "creation_timestamp": "2024-10-29T12:00:00.000000Z"}, {"uuid": "36ad0931-a481-4cf5-8f4f-abfe59d12ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47904", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-01", "content": "", "creation_timestamp": "2024-10-29T12:00:00.000000Z"}, {"uuid": "0c6ba199-105a-44cc-a8f0-5338815705dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-01", "content": "", "creation_timestamp": "2024-10-29T12:00:00.000000Z"}, {"uuid": "d911bef8-51a1-47cd-9ca7-0687ac06b181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47900", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113920848404764905", "content": "", "creation_timestamp": "2025-01-31T03:29:56.404499Z"}, {"uuid": "ea6f6689-39a6-468e-a75e-3c40610b90d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47900", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgz5amge4n2e", "content": "", "creation_timestamp": "2025-01-31T04:16:06.284719Z"}, {"uuid": "3303ee09-48d2-4691-a813-19ad10b62099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lhwek3xmgt2i", "content": "", "creation_timestamp": "2025-02-11T19:13:54.805099Z"}, {"uuid": "545f819e-5443-4fc3-a594-732da893266f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113985939700497507", "content": "", "creation_timestamp": "2025-02-11T15:23:30.642181Z"}, {"uuid": "0041be87-26c0-4aba-8fce-262562b21ce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113985946487899400", "content": "", "creation_timestamp": "2025-02-11T15:25:14.193156Z"}, {"uuid": "059477ea-e022-4774-bb6b-c63c243b213f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986005516389449", "content": "", "creation_timestamp": "2025-02-11T15:40:14.778151Z"}, {"uuid": "41ab4bfc-a63a-4806-82dd-31a7fff75d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw2mtguw22s", "content": "", "creation_timestamp": "2025-02-11T16:16:27.463992Z"}, {"uuid": "e00db3ea-ba67-4550-81fa-e77fa01db7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113986273945119595", "content": "", "creation_timestamp": "2025-02-11T16:48:31.147200Z"}, {"uuid": "9aafc965-7328-4ef7-bb0c-795404a78d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhw5dyb7fz2w", "content": "", "creation_timestamp": "2025-02-11T17:05:13.204086Z"}, {"uuid": "6f612282-11d6-4d3c-832b-6dfc69d42b33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lhwek3xmgu2i", "content": "", "creation_timestamp": "2025-02-11T19:13:55.319816Z"}, {"uuid": "88d67b3f-8b4c-4131-a01e-adf38579ab00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lhypiivg5y2l", "content": "", "creation_timestamp": "2025-02-12T17:35:11.117633Z"}, {"uuid": "cf341d94-08f7-400e-abb5-716c84fdb040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhwbqsi7vc2o", "content": "", "creation_timestamp": "2025-02-11T18:23:58.626715Z"}, {"uuid": "d147f193-39c8-4e8d-99c8-9139a2d32b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-6c3cfb92-62b4327e96b9e56e", "content": "", "creation_timestamp": "2025-02-13T07:09:22.134139Z"}, {"uuid": "d3701617-2261-4998-adf4-8d22d85b3155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lnr43365uv2t", "content": "", "creation_timestamp": "2025-04-27T01:30:10.430238Z"}, {"uuid": "a220cff5-27fc-4731-b90d-8fa5f5c3b190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47900", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3578", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47900\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-31T04:15:08.930\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.imaginationtech.com/gpu-driver-vulnerabilities/", "creation_timestamp": "2025-01-31T05:24:35.000000Z"}, {"uuid": "fd557415-4c4f-45c3-85a9-d781824c709f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lntp6yc5vi2o", "content": "", "creation_timestamp": "2025-04-28T02:17:42.608327Z"}, {"uuid": "bd8394f2-e0b0-4e60-9ceb-02352a901cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47900", "type": "seen", "source": "https://t.me/cvedetector/16878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47900 - Apache OpenCL Graphic Processing Unit (GPU) Out-of-Bounds (OOB) Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47900 \nPublished : Jan. 31, 2025, 4:15 a.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T07:00:19.000000Z"}, {"uuid": "76cece2e-e0f3-4276-8e3a-7b76d10da1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://t.me/true_secator/6726", "content": "\u041f\u0440\u043e\u0441\u043b\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u00ab\u043e\u0441\u043e\u0431\u043e\u0439 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0435\u0439\u00bb \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Connect Secure (ICS), Policy Secure (IPS) \u0438 Cloud Services Application (CSA), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u0412\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441 CVSS: 9,1 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a:\n\n- CVE-2024-38657: \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0438\u043c\u0435\u043d\u0438 \u0444\u0430\u0439\u043b\u0430 \u0432 Ivanti Connect Secure \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.4 \u0438 Ivanti Policy Secure \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R1.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b.\n\n- CVE-2025-22467: \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 \u0432 Ivanti Connect Secure \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.6 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n- CVE-2024-10644: \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Ivanti Connect Secure \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R2.4 \u0438 Ivanti Policy Secure \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 22.7R1.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n- CVE-2024-47908: \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421 \u0432 \u0432\u0435\u0431-\u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 Ivanti CSA \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.0.5 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445: Ivanti Connect Secure 22.7R2.6, Ivanti Policy Secure 22.7R1.3 \u0438 Ivanti CSA 5.0.5.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u043d\u0435 \u0437\u043d\u0430\u0435\u0442 \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u0445 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041d\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0435 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c \u0430\u0442\u0430\u043a\u0430\u043c \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u0435\u0442 \u0432\u0441\u0435 \u0443\u0441\u0438\u043b\u0438\u044f \u043f\u043e \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044e \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c, 50 \u043e\u0442\u0442\u0435\u043d\u043a\u043e\u0432 Ivanti. \u0418 \u0432\u0441\u0435 \u043a\u043e\u0440\u0438\u0447\u043d\u0435\u0432\u044b\u0435.", "creation_timestamp": "2025-02-12T16:00:07.000000Z"}, {"uuid": "763bdbf1-6f72-4a50-b485-562d59da357e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://t.me/CyberBulletin/1270", "content": "\u26a1\ufe0fCVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh.\n\n#CyberBulletin", "creation_timestamp": "2024-10-25T07:32:17.000000Z"}, {"uuid": "b6f654ec-6a91-4339-a008-a05b2f868324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47909", "type": "seen", "source": "https://t.me/cvedetector/10649", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47909 - Ivanti Connect Secure Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47909 \nPublished : Nov. 12, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:03:23.000000Z"}, {"uuid": "8e151fd2-4de8-4cef-8813-36672a4e36bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47903", "type": "seen", "source": "https://t.me/cvedetector/8704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47901 - InterMesh Hybrid Subscriber and Fire Subscriber Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-47901 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not sanitize the input parameters in specific GET requests that allow for code execution on operating system level. In combination with other vulnerabilities (CVE-2024-47902, CVE-2024-47903, CVE-2024-47904) this could allow an unauthenticated remote attacker to execute arbitrary code with root privileges. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:38.000000Z"}, {"uuid": "4cb9f56d-91ba-49e0-b3bb-c35c84c93f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47904", "type": "seen", "source": "https://t.me/cvedetector/8704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47901 - InterMesh Hybrid Subscriber and Fire Subscriber Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-47901 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not sanitize the input parameters in specific GET requests that allow for code execution on operating system level. In combination with other vulnerabilities (CVE-2024-47902, CVE-2024-47903, CVE-2024-47904) this could allow an unauthenticated remote attacker to execute arbitrary code with root privileges. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:38.000000Z"}, {"uuid": "e5f70acc-18f9-4770-aa14-31b7f20cfd8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47902", "type": "seen", "source": "https://t.me/cvedetector/8704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47901 - InterMesh Hybrid Subscriber and Fire Subscriber Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-47901 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not sanitize the input parameters in specific GET requests that allow for code execution on operating system level. In combination with other vulnerabilities (CVE-2024-47902, CVE-2024-47903, CVE-2024-47904) this could allow an unauthenticated remote attacker to execute arbitrary code with root privileges. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:38.000000Z"}, {"uuid": "8f20058b-df29-4576-9cc3-3fa680aecb13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47904", "type": "seen", "source": "https://t.me/cvedetector/8699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47904 - InterMesh Subscriber SUID Binary Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47904 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The affected devices contain a SUID binary that could allow an authenticated local attacker to execute arbitrary commands with root privileges. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:31.000000Z"}, {"uuid": "4001b1d3-8f57-4201-9385-6e813a9e439f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47903", "type": "seen", "source": "https://t.me/cvedetector/8698", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47903 - InterMesh Hybrid Subscriber File Writeability Web Server Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-47903 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices allows to write arbitrary files to the web server's DocumentRoot directory. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:30.000000Z"}, {"uuid": "e03e6622-b052-41ef-86f7-487962d4b308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47902", "type": "seen", "source": "https://t.me/cvedetector/8697", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47902 - InterMesh Subscriber Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47902 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not authenticate GET requests that execute specific commands (such as `ping`) on operating system level. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:29.000000Z"}, {"uuid": "22d1a18a-ce12-4bc0-800a-a3ee6d6eca89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://t.me/cvedetector/8704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47901 - InterMesh Hybrid Subscriber and Fire Subscriber Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-47901 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not sanitize the input parameters in specific GET requests that allow for code execution on operating system level. In combination with other vulnerabilities (CVE-2024-47902, CVE-2024-47903, CVE-2024-47904) this could allow an unauthenticated remote attacker to execute arbitrary code with root privileges. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:38.000000Z"}, {"uuid": "28f22fa3-9982-4b0a-bdd3-7912058c605a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "Telegram/1zFCt1ZtDog8ueAvhl9tX8a2L5E2wtWLeoLU2w6kHI8ikD-c", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}, {"uuid": "f41d2ee5-0404-469a-9546-6619347bb8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://t.me/InfoSecInsider/24188", "content": "\u26a1\ufe0fCVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh.\n\n#CyberBulletin", "creation_timestamp": "2024-10-25T08:55:42.000000Z"}, {"uuid": "e6a55f44-8dd7-475f-8cdb-0f12b600956d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47908", "type": "seen", "source": "https://t.me/thehackernews/6324", "content": "\ud83d\udea8 Critical security flaws discovered in Ivanti products could allow attackers to execute arbitrary code remotely.\n\nThe vulnerabilities (CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908) impact Ivanti Connect Secure, Policy Secure, and Cloud Services Application.\n\nRead the full details: https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html", "creation_timestamp": "2025-02-12T07:09:15.000000Z"}, {"uuid": "a16618e4-a1bd-4f3d-975b-8c0004f753ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://t.me/CyberBulletin/26210", "content": "\u26a1\ufe0fCVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh.\n\n#CyberBulletin", "creation_timestamp": "2024-10-25T07:32:16.000000Z"}, {"uuid": "3f0643cb-217b-4199-bc23-b1467bd65fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47901", "type": "seen", "source": "https://t.me/InfoSecInsider/567", "content": "\u26a1\ufe0fCVE-2024-47901 (CVSS 10): Critical Security Flaw in Siemens InterMesh.\n\n#CyberBulletin", "creation_timestamp": "2024-10-25T08:55:43.000000Z"}]}