{"vulnerability": "cve-2024-5488", "sightings": [{"uuid": "e74c98fd-b52a-4ce7-8ec5-831c8c85f326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113782629801086616", "content": "", "creation_timestamp": "2025-01-06T17:39:07.777356Z"}, {"uuid": "63cf9727-c44a-4d34-91df-5d7b87cdc99f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf3qj7fav525", "content": "", "creation_timestamp": "2025-01-06T18:15:52.183110Z"}, {"uuid": "57af56d9-f433-4107-a485-41710a127a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf3s2muefd2y", "content": "", "creation_timestamp": "2025-01-06T18:43:30.365305Z"}, {"uuid": "7dde49eb-9f49-4ef1-bb23-f0c4c2479dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdipcmt3n2i", "content": "", "creation_timestamp": "2025-01-09T20:17:24.953897Z"}, {"uuid": "0344ab08-80b6-4e60-b73a-bf5839a6c749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/decryptbot.bsky.social/post/3lfojg663w723", "content": "", "creation_timestamp": "2025-01-14T05:29:29.652262Z"}, {"uuid": "462ffc34-769c-4843-92ef-662ec0a37bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lgawgah2ns27", "content": "", "creation_timestamp": "2025-01-21T13:10:06.015125Z"}, {"uuid": "3515c74f-e1ad-4ee5-809f-b7b6022a12d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lga34bcy622j", "content": "", "creation_timestamp": "2025-01-21T05:01:27.288204Z"}, {"uuid": "011ffbaa-0e4e-48d5-a3d8-5764b093f80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3lgb2pkd42r32", "content": "", "creation_timestamp": "2025-01-21T14:27:05.932308Z"}, {"uuid": "835be6ad-9be9-44e0-9f9a-6d331f13533b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/cybermaterial.bsky.social/post/3lgbgwxlwqc2d", "content": "", "creation_timestamp": "2025-01-21T18:05:46.612892Z"}, {"uuid": "16b34ff0-0def-43d2-a24b-b68245412fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/seifreed.bsky.social/post/3lgbr5hxpja2y", "content": "", "creation_timestamp": "2025-01-21T21:08:23.733767Z"}, {"uuid": "d4d4cd93-d298-44bd-94df-f91bf9a1ab76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/neroqc.bsky.social/post/3lgbsz3sfwc2h", "content": "", "creation_timestamp": "2025-01-21T21:41:46.004274Z"}, {"uuid": "3839fd7e-88f6-4729-939a-227a417ce7bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54887", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lgcrzilpzk2y", "content": "", "creation_timestamp": "2025-01-22T06:56:42.396016Z"}, {"uuid": "75ba418d-9666-4939-867c-0996c44dafb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3lgcza7abe6i2", "content": "", "creation_timestamp": "2025-01-22T09:13:02.321207Z"}, {"uuid": "877ec6d2-b89d-4bef-88c3-f1410620a931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/551", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54880\n\ud83d\udd39 Description: SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk.\n\ud83d\udccf Published: 2025-01-06T00:00:00\n\ud83d\udccf Modified: 2025-01-07T20:18:20.943Z\n\ud83d\udd17 References:\n1. https://www.seacms.net/\n2. https://blog.csdn.net/weixin_46686336/article/details/144797063", "creation_timestamp": "2025-01-07T20:38:13.000000Z"}, {"uuid": "d9ee8b8f-8650-413a-844b-6100f21af97a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1864", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54887\n\ud83d\udd39 Description: TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user.\n\ud83d\udccf Published: 2025-01-09T00:00:00\n\ud83d\udccf Modified: 2025-01-15T20:26:04.335Z\n\ud83d\udd17 References:\n1. http://tp-link.com\n2. https://github.com/JBince/vulnerability-research/tree/main/CVE-2024-54887", "creation_timestamp": "2025-01-15T20:55:04.000000Z"}, {"uuid": "42da2dfb-1e82-4319-8033-af9697b31133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://t.me/cvedetector/14903", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54887 - TP-Link TL-WR940N DNS Server Buffer Overflow (Remote Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-54887 \nPublished : Jan. 9, 2025, 8:15 p.m. | 38\u00a0minutes ago \nDescription : TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T21:57:20.000000Z"}, {"uuid": "b5af24e6-3d18-4505-8e92-9d415c00daa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "seen", "source": "https://t.me/cvedetector/14393", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54880 - SeaCMS Unauthenticated Mass Account Registration Buffering\", \n  \"Content\": \"CVE ID : CVE-2024-54880 \nPublished : Jan. 6, 2025, 6:15 p.m. | 44\u00a0minutes ago \nDescription : SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-06T20:17:31.000000Z"}, {"uuid": "4ba764c8-0614-4c88-b13f-996045c6731b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/7420", "content": "PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887) \u2013 gbhackers.com\n\nWed, 22 Jan 2025 01:08:17", "creation_timestamp": "2025-01-21T21:03:23.000000Z"}, {"uuid": "ffcd9cf9-c1bc-418f-9116-e9374dd82809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5488", "type": "seen", "source": "https://t.me/cvedetector/252", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5488 - The SEOPress WordPress plugin before 7.9 does not\", \n  \"Content\": \"CVE ID : CVE-2024-5488 \nPublished : July 9, 2024, 6:15 a.m. | 30\u00a0minutes ago \nDescription : The SEOPress  WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T08:53:49.000000Z"}, {"uuid": "4c8d1a40-4380-4d95-a602-83b230590740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/7386", "content": "PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887) \u2013 gbhackers.com\n\nTue, 21 Jan 2025 14:47:15", "creation_timestamp": "2025-01-21T09:03:43.000000Z"}, {"uuid": "d71d61a0-7568-486d-8546-f234c0f40e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/1395", "content": "PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887) \u2013 gbhackers.com\n\nWed, 22 Jan 2025 01:08:17", "creation_timestamp": "2025-01-21T21:03:23.000000Z"}, {"uuid": "90531dd5-335d-4a1f-be4e-66698ca5ef75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5488", "type": "seen", "source": "https://t.me/HackingInsights/3751", "content": "\u200aSEOPress Plugin Alert: CVE-2024-5488 Flaw Exposes 300K Sites\n\nhttps://securityonline.info/seopress-plugin-alert-cve-2024-5488-flaw-exposes-300k-sites/", "creation_timestamp": "2024-06-27T04:28:27.000000Z"}, {"uuid": "a1c8911a-543e-4757-b166-9baf8bb27c24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/1378", "content": "PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887) \u2013 gbhackers.com\n\nTue, 21 Jan 2025 14:47:15", "creation_timestamp": "2025-01-21T09:03:43.000000Z"}, {"uuid": "42baf220-b074-4f2e-a168-8444d535e781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "Telegram/sOSLcl_JVRn8LR-hcFVCofqaNEuqYDwQYG4OgtKUcxWQC6k", "content": "", "creation_timestamp": "2025-01-21T21:03:20.000000Z"}, {"uuid": "992d76b6-40d8-4a0b-bff9-252545e4bfed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "published-proof-of-concept", "source": "Telegram/sNb5qaN6ylFfQHFthwWWJbaEVt7VYZFjAgrbiLxt7iii3is", "content": "", "creation_timestamp": "2025-01-21T09:03:40.000000Z"}, {"uuid": "1175d418-b752-453b-9185-42c564960822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11717", "content": "#exploit\n1. CVE-2024-54887:\nTP-Link TL-WR940N BoF\n\n2. CVE-2024-41570:\nAuthenticated Havoc-Chained-RCE\n\n3. CVE-2025-21298:\nWindows OLE RCE (CVSS 9.8)", "creation_timestamp": "2025-01-22T17:35:10.000000Z"}, {"uuid": "2de25e34-93dd-42cf-8b7c-2440c2953567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54880", "type": "published-proof-of-concept", "source": "Telegram/QbKsrVZo62SnFgMaF2CMO5HKDx0dEQUP8BMaXCucwzSM5V8", "content": "", "creation_timestamp": "2025-01-20T22:00:06.000000Z"}, {"uuid": "46b4ba0e-4063-40ef-a730-41169f737f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54887", "type": "seen", "source": "https://t.me/LearnExploit/7519", "content": "#exploit\n1. CVE-2024-54887:\nTP-Link TL-WR940N BoF\n\n2. CVE-2024-41570:\nAuthenticated Havoc-Chained-RCE\n\n3. CVE-2025-21298:\nWindows OLE RCE (CVSS 9.8)\n\n\nIR0Day.Today Bax \n@LearnExploit", "creation_timestamp": "2025-01-25T12:35:33.000000Z"}]}