{"vulnerability": "cve-2024-5723", "sightings": [{"uuid": "b7bcfd19-87f9-49ba-bcd9-dee58d1df6e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-57237", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941520017397058", "content": "", "creation_timestamp": "2025-02-03T19:06:59.924354Z"}, {"uuid": "f5f8b07d-9f27-438d-a1ec-49e82320b71d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-57238", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941520032392306", "content": "", "creation_timestamp": "2025-02-03T19:07:00.125169Z"}, {"uuid": "b7465046-e6e1-422a-b247-38815615e300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57237", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcax2xa2y2b", "content": "", "creation_timestamp": "2025-02-03T19:16:19.447056Z"}, {"uuid": "4a32a07f-b4a4-4296-84ff-8ff7cd5b6466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57238", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcax5fmnm2c", "content": "", "creation_timestamp": "2025-02-03T19:16:21.763288Z"}, {"uuid": "28f5467e-b461-42d9-b1b3-f9502a5e1b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57237", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6244", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57237\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter does not properly sanitize input and the response is served with a Content-Type of text/html. This behavior allows the browser to execute injected JavaScript code.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T17:22:46.711Z\n\ud83d\udd17 References:\n1. https://prolink2u.com/products/dl-7203e-b\n2. https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-xss-cve-2024-57237", "creation_timestamp": "2025-03-03T17:31:26.000000Z"}, {"uuid": "c278a61f-3c03-484b-81ea-c350fb8ecad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57237", "type": "seen", "source": "https://t.me/cvedetector/17119", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57237 - Prolink 4G LTE Mobile Wi-Fi Prolink XSS\", \n  \"Content\": \"CVE ID : CVE-2024-57237 \nPublished : Feb. 3, 2025, 7:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter does not properly sanitize input and the response is served with a Content-Type of text/html. This behavior allows the browser to execute injected JavaScript code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T22:00:21.000000Z"}, {"uuid": "742221a3-a5de-4b6d-8991-c60ab1c96460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5723", "type": "seen", "source": "https://t.me/cvedetector/3804", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5723 - Centreon SQL Injection Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5723 \nPublished : Aug. 21, 2024, 5:15 p.m. | 30\u00a0minutes ago \nDescription : Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability.  \n  \nThe specific flaw exists within the updateServiceHost function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the apache user. Was ZDI-CAN-23294. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T19:55:42.000000Z"}, {"uuid": "3d180d20-98ef-4d9b-98e7-51e8e7c0edcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57233", "type": "seen", "source": "https://t.me/cvedetector/24463", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57233 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57233 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:39.000000Z"}, {"uuid": "fa42a056-036b-4479-b464-b2b6bbb1474e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57234", "type": "seen", "source": "https://t.me/cvedetector/24464", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57234 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57234 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:40.000000Z"}, {"uuid": "e4cd97b9-05ea-4969-aa70-3d2cd221e59f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57235", "type": "seen", "source": "https://t.me/cvedetector/24465", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57235 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57235 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:41.000000Z"}, {"uuid": "529f7e84-656a-4360-aaa3-1d93813cdeea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57231", "type": "seen", "source": "https://t.me/cvedetector/24468", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57231 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57231 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:47.000000Z"}, {"uuid": "fa43d659-82ee-4668-a6b1-01945f6a0a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57230", "type": "seen", "source": "https://t.me/cvedetector/24470", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57230 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57230 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:48.000000Z"}, {"uuid": "d9f49cca-7e40-4c36-9759-8c51cd679c91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57232", "type": "seen", "source": "https://t.me/cvedetector/24462", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57232 - NETGEAR RAX5 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57232 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:38.000000Z"}]}