{"vulnerability": "cve-2024-4882", "sightings": [{"uuid": "04afad56-8489-4b11-b64f-a0efadc2fd56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-48825", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-28T19:31:09.549475Z"}, {"uuid": "a737a397-04df-410c-9577-d48a19e614ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-48826", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-28T19:31:09.778797Z"}, {"uuid": "d619268b-8716-4736-977e-00938b47d808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48828", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114179224013214264", "content": "", "creation_timestamp": "2025-03-17T18:38:15.187583Z"}, {"uuid": "7c2c574a-9997-4f78-95d1-15f0ce357d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48823", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7686", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48823\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page.\n\ud83d\udccf Published: 2024-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-15T15:12:51.953Z\n\ud83d\udd17 References:\n1. https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software/", "creation_timestamp": "2025-03-15T15:45:13.000000Z"}, {"uuid": "e8012eb5-fd05-450e-93cf-ab53f7f34353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48828", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7847", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48828\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.\n\ud83d\udccf Published: 2025-03-17T17:10:05.434Z\n\ud83d\udccf Modified: 2025-03-17T18:55:31.578Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities\n2. https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities\n3. https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities\n4. https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities", "creation_timestamp": "2025-03-17T19:48:03.000000Z"}, {"uuid": "ae890d30-f41c-45a2-abaa-4067aa74f72a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48827", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/4441", "content": "CVE-2024-48827 exploits Watcharr 1.43.0 by forging JWT tokens to escalate privileges, granting admin access to unauthorized users. Affects up to 50,000 installations. Risks include full system compromise and data theft.\n\nJoin: https://t.me/+qeejqIiGum9jOTI9\nContact: @a1887bot", "creation_timestamp": "2025-05-04T07:31:23.000000Z"}, {"uuid": "20b9601a-ea66-40f1-93cc-3af8e3c62dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48822", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7955", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48822\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page.\n\ud83d\udccf Published: 2024-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T18:38:47.963Z\n\ud83d\udd17 References:\n1. https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software/", "creation_timestamp": "2025-03-18T19:02:47.000000Z"}, {"uuid": "c3d63afd-19a8-4511-bb2a-7e995d501c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48826", "type": "seen", "source": "https://t.me/cvedetector/9174", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48826 - Tenda AC7 Remote Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48826 \nPublished : Oct. 28, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T22:01:30.000000Z"}, {"uuid": "e7e36b80-489e-4402-acbf-b3fb6c2d873a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48828", "type": "seen", "source": "https://t.me/cvedetector/20518", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48828 - Dell SmartFabric OS10 Unauthorized Access Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48828 \nPublished : March 17, 2025, 6:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T21:39:50.000000Z"}, {"uuid": "f976f6cb-7e84-4830-8472-9654efbe5b46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48825", "type": "seen", "source": "https://t.me/cvedetector/9173", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48825 - Tenda AC7 Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48825 \nPublished : Oct. 28, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T22:01:29.000000Z"}, {"uuid": "b894e2fb-f973-473d-8292-68f9b3706f72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48824", "type": "seen", "source": "https://t.me/cvedetector/7866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48824 - Automatic Systems Maintenance SlimLane Remote File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-48824 \nPublished : Oct. 14, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to obtain sensitive information via the Racine & FileName parameters in the download-file.php component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T00:12:43.000000Z"}, {"uuid": "b2bbe88f-951f-47ab-80b1-faa11d61e7ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48823", "type": "seen", "source": "https://t.me/cvedetector/7865", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48823 - Automatic Systems Maintenance SlimLane Local File Inclusion Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-48823 \nPublished : Oct. 14, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T00:12:42.000000Z"}, {"uuid": "eb0af55e-71b3-4fa4-842f-f4acc1872a1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48822", "type": "seen", "source": "https://t.me/cvedetector/7864", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48822 - SlimLane Automatic Systems Maintenance FTPConfig Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48822 \nPublished : Oct. 14, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T00:12:38.000000Z"}, {"uuid": "dc2dfa89-58fe-4bdc-8a9f-94a826991952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48821", "type": "seen", "source": "https://t.me/cvedetector/7863", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48821 - SlimLane Automatic Systems Maintenance Cross Site Scripting (XSS) Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-48821 \nPublished : Oct. 14, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T00:12:38.000000Z"}, {"uuid": "9dbfda1a-1cbd-4f6f-8fb0-2a4d9f0725fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48827", "type": "seen", "source": "https://t.me/cvedetector/7699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48827 - sbondCo Watcharr Code Execution and Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48827 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and escalate privileges via the Change Password function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:45.000000Z"}, {"uuid": "9202a564-f5ae-44eb-9c44-163b43a5d37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4882", "type": "seen", "source": "https://t.me/cvedetector/211", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4882 - The user may be redirected to an arbitrary site in\", \n  \"Content\": \"CVE ID : CVE-2024-4882 \nPublished : July 8, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T20:46:07.000000Z"}]}