{"vulnerability": "cve-2024-5400", "sightings": [{"uuid": "79fc6758-4023-465a-ad3a-36c681043a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54003", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113556017660691651", "content": "", "creation_timestamp": "2024-11-27T17:08:41.159119Z"}, {"uuid": "8a2e2297-5e32-4aa6-8440-f32f10bec935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54004", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113556017675511462", "content": "", "creation_timestamp": "2024-11-27T17:08:41.193755Z"}, {"uuid": "e1a7bf88-2e09-4303-bdf6-dd00616369c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54003", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113556384343564769", "content": "", "creation_timestamp": "2024-11-27T18:41:56.077632Z"}, {"uuid": "248206c4-625d-4674-a432-1ed23e85e96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54004", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113556384343564769", "content": "", "creation_timestamp": "2024-11-27T18:41:56.102373Z"}, {"uuid": "5f730193-0836-4cd0-950c-4d9f3eaa9335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54000", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113589627910748026", "content": "", "creation_timestamp": "2024-12-03T15:36:12.631224Z"}, {"uuid": "b75d6bc1-c124-4aaa-a217-ca6d48cb8b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54002", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113595307922783526", "content": "", "creation_timestamp": "2024-12-04T15:40:42.636785Z"}, {"uuid": "994e65e5-cb8e-4e37-b9d5-c1f01446486e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54001", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113600895742025946", "content": "", "creation_timestamp": "2024-12-05T15:21:46.019287Z"}, {"uuid": "0e9b3f9d-0147-45f9-9667-fa3ff52f8fc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54005", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-08", "content": "", "creation_timestamp": "2024-12-12T11:00:00.000000Z"}, {"uuid": "cf996518-36e2-43d0-b544-d8c4de44fec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54009", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoyuh2smb2a", "content": "", "creation_timestamp": "2024-12-19T23:15:31.535278Z"}, {"uuid": "630b73fa-ec6b-482b-a412-8351777bf128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54009", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681851372789274", "content": "", "creation_timestamp": "2024-12-19T22:29:50.929869Z"}, {"uuid": "a47ab672-de99-4d2f-a8ba-8266fdd1687d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lfbqiu7pnk2q", "content": "", "creation_timestamp": "2025-01-09T03:31:42.253713Z"}, {"uuid": "8a77b3b7-5641-457f-ace6-398b401caa19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lfbqiu7pnk2q", "content": "", "creation_timestamp": "2025-01-09T03:31:42.303110Z"}, {"uuid": "7c76523d-b3f3-4d6a-adc0-87a18bcc9de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lfetd5iyec22", "content": "", "creation_timestamp": "2025-01-10T09:00:08.508344Z"}, {"uuid": "12054900-014d-4ab0-a93f-2c93eaaacc09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lfetd5iyec22", "content": "", "creation_timestamp": "2025-01-10T09:00:08.547820Z"}, {"uuid": "f31626a0-7203-4c1a-abed-59fbceadc410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lfcfhenul72q", "content": "", "creation_timestamp": "2025-01-09T09:46:37.851858Z"}, {"uuid": "47c8a639-d527-4b0f-8a42-76506c2873d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lfcfhenul72q", "content": "", "creation_timestamp": "2025-01-09T09:46:37.899751Z"}, {"uuid": "83a714bf-3008-494d-a175-6f5a55150d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/spritzfinance.bsky.social/post/3lfd4rqzkhk2z", "content": "", "creation_timestamp": "2025-01-09T16:44:01.807383Z"}, {"uuid": "adc83782-0898-4db5-8bd5-5d3d7e436a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/spritzfinance.bsky.social/post/3lfd4rqzkhk2z", "content": "", "creation_timestamp": "2025-01-09T16:44:01.843784Z"}, {"uuid": "f5844e89-ef22-4091-a76b-1ac293746f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6aybdnio2o", "content": "", "creation_timestamp": "2025-01-07T18:15:56.655649Z"}, {"uuid": "10861f1a-0b9f-4f61-a5b3-4770b0c325f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6aydxsu62o", "content": "", "creation_timestamp": "2025-01-07T18:15:59.347513Z"}, {"uuid": "cb0379f0-56cb-45eb-bfe4-91725c72324f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf6creh26o2r", "content": "", "creation_timestamp": "2025-01-07T18:47:58.053356Z"}, {"uuid": "070991c8-2374-4815-940c-a94fe46bb925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf6crdodcd25", "content": "", "creation_timestamp": "2025-01-07T18:47:53.968061Z"}, {"uuid": "ab525634-2080-45fa-8c84-a1e89d4edd9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54006", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lfc3ifmmd22j", "content": "", "creation_timestamp": "2025-01-09T06:48:15.319877Z"}, {"uuid": "7a51d2ea-cb4f-45df-9763-3130bc6a4881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54007", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lfc3ifmmd22j", "content": "", "creation_timestamp": "2025-01-09T06:48:15.362741Z"}, {"uuid": "9fd74e82-94f6-48dc-a20f-267d003eb1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54006", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3lfsvj2csjit2", "content": "", "creation_timestamp": "2025-01-15T23:16:30.693233Z"}, {"uuid": "150fca7b-8119-4e63-8d78-e1490d8df65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54007", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3lfsvj2csjit2", "content": "", "creation_timestamp": "2025-01-15T23:16:30.739388Z"}, {"uuid": "74155371-ca78-4f25-8b8f-fc47080e2005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m5ezvq66mu2e", "content": "", "creation_timestamp": "2025-11-11T21:02:38.909087Z"}, {"uuid": "9acb731c-380d-4e0a-8c73-9bf615c98526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54009", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"}, {"uuid": "33fd08b4-258b-4ae3-a9cd-e0818c1dde43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/488", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54006\n\ud83d\udd39 Description: Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.\n\ud83d\udccf Published: 2025-01-07T17:12:19.205Z\n\ud83d\udccf Modified: 2025-01-07T17:16:19.431Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04763en_us&docLocale=en_US", "creation_timestamp": "2025-01-07T17:40:27.000000Z"}, {"uuid": "893e0d97-8163-4176-a238-a471182b12bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54009", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:00.000000Z"}, {"uuid": "01f2d4c3-65fb-4e31-8708-1986473d8749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/487", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54007\n\ud83d\udd39 Description: Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.\n\ud83d\udccf Published: 2025-01-07T17:17:39.607Z\n\ud83d\udccf Modified: 2025-01-07T17:17:39.607Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04763en_us&docLocale=en_US", "creation_timestamp": "2025-01-07T17:40:22.000000Z"}, {"uuid": "b233d666-bb4e-4b78-8a70-6c93107d785f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54005", "type": "seen", "source": "https://t.me/cvedetector/12500", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54005 - \"Siemens COMOS XML External Entity Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-54005 \nPublished : Dec. 10, 2024, 2:30 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 (All versions), COMOS V10.4.1 (All versions), COMOS V10.4.2 (All versions), COMOS V10.4.3 (All versions < V10.4.3.0.47), COMOS V10.4.4 (All versions < V10.4.4.2), COMOS V10.4.4.1 (All versions < V10.4.4.1.21). The PDMS/E3D Engineering Interface improperly handles XML External Entity (XXE) entries when communicating with an external application. This could allow an attacker to extract any file with a known location on the user's system or accessible network folders by injecting malicious data into the communication channel between the two systems. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T16:38:08.000000Z"}, {"uuid": "00111606-babb-4cf5-a002-497481050df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "seen", "source": "https://t.me/cvedetector/14589", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54007 - 501 Wireless Client Bridge Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54007 \nPublished : Jan. 7, 2025, 6:15 p.m. | 24\u00a0minutes ago \nDescription : Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T19:44:23.000000Z"}, {"uuid": "cfc15c10-0b61-43d8-bea3-76fcaff102a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "seen", "source": "https://t.me/cvedetector/14588", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54006 - \"501 Wireless Client Bridge Command Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-54006 \nPublished : Jan. 7, 2025, 6:15 p.m. | 24\u00a0minutes ago \nDescription : Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T19:44:22.000000Z"}, {"uuid": "10be23eb-ea09-421a-b21e-e0b6acce6fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54009", "type": "seen", "source": "https://t.me/cvedetector/13386", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54009 - HPE Alletra Storage MP B10000 Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54009 \nPublished : Dec. 19, 2024, 11:15 p.m. | 28\u00a0minutes ago \nDescription : Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could be remotely exploited to allow disclosure of information. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T00:51:25.000000Z"}, {"uuid": "8b454845-f790-4fba-8b5b-66fd1c9435a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54006", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/2014", "content": "\u26a1\ufe0fCVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available.\n\n#CyberBulletin", "creation_timestamp": "2025-01-09T05:36:08.000000Z"}, {"uuid": "43ef5ef6-6462-4e40-a0f9-26135697db7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54007", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/2014", "content": "\u26a1\ufe0fCVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available.\n\n#CyberBulletin", "creation_timestamp": "2025-01-09T05:36:08.000000Z"}, {"uuid": "ee5afe40-90b8-4eda-a50a-095a9e33a619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54008", "type": "seen", "source": "https://t.me/cvedetector/12547", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54008 - \"Cisco AirWave Remote Command Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-54008 \nPublished : Dec. 10, 2024, 7:15 p.m. | 33\u00a0minutes ago \nDescription : An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T20:49:38.000000Z"}, {"uuid": "ebcbd528-70ee-4538-9958-f7e1daf3f8f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54000", "type": "seen", "source": "https://t.me/cvedetector/11887", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54000 - Mobile Security Framework (MobSF) Server-Side Request Forgery (SSRF)\", \n  \"Content\": \"CVE ID : CVE-2024-54000 \nPublished : Dec. 3, 2024, 4:15 p.m. | 37\u00a0minutes ago \nDescription : Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get() request in the _check_url method is specified as allow_redirects=True, which allows a server-side request forgery when a request to .well-known/assetlinks.json\" returns a 302 redirect. This is a bypass of the fix for CVE-2024-29190 and is fixed in 3.9.7. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-03T18:10:18.000000Z"}, {"uuid": "1019a6f2-4265-4ea8-9027-dc4ba7da02b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54001", "type": "seen", "source": "https://t.me/cvedetector/12115", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54001 - Kanboard is project management software that focus\", \n  \"Content\": \"CVE ID : CVE-2024-54001 \nPublished : Dec. 5, 2024, 4:15 p.m. | 35\u00a0minutes ago \nDescription : Kanboard is project management software that focuses on the Kanban methodology. HTML can be injected and stored into the application settings section. The fields application_language, application_date_format,application_timezone and application_time_format allow arbirary user input which is reflected. The vulnerability can become xss if the user input is javascript code that bypass CSP. This vulnerability is fixed in 1.2.41. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T17:52:12.000000Z"}, {"uuid": "2e7de500-c4c6-48be-a807-b1822067c0b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54002", "type": "seen", "source": "https://t.me/cvedetector/12012", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54002 - Dependency-Track is a Component Analysis platform\", \n  \"Content\": \"CVE ID : CVE-2024-54002 \nPublished : Dec. 4, 2024, 4:15 p.m. | 18\u00a0minutes ago \nDescription : Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Performing a login request against the /api/v1/user/login endpoint with a username that exist in the system takes significantly longer than performing the same action with a username that is not known by the system. The observable difference in request duration can be leveraged by actors to enumerate valid names of managed users. LDAP and OpenID Connect users are not affected. The issue has been fixed in Dependency-Track 4.12.2. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T17:35:58.000000Z"}, {"uuid": "2dd4753a-76e7-417f-8ae2-be4acd904f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54003", "type": "seen", "source": "Telegram/nvQbiI6jvgAeQ0STKKY3niAfrf5jfDMnyqUbjE3mAW196ZV_", "content": "", "creation_timestamp": "2025-01-01T20:29:49.000000Z"}, {"uuid": "ae90b219-ca0b-4613-bcfe-f373bc26bcbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54004", "type": "seen", "source": "Telegram/nvQbiI6jvgAeQ0STKKY3niAfrf5jfDMnyqUbjE3mAW196ZV_", "content": "", "creation_timestamp": "2025-01-01T20:29:49.000000Z"}]}