{"vulnerability": "cve-2025-2497", "sightings": [{"uuid": "679d430c-bcf4-4354-bec3-e560ea39a1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24971", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947144108335156", "content": "", "creation_timestamp": "2025-02-04T18:57:16.866857Z"}, {"uuid": "7be221ca-428e-4635-9565-7e9d503ad2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24971", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lherfrzjqf2i", "content": "", "creation_timestamp": "2025-02-04T19:16:11.923922Z"}, {"uuid": "c02ca325-6851-486e-a402-55c1ff55cfcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/yawk.at/post/3lhtmyhwgvc27", "content": "", "creation_timestamp": "2025-02-10T17:07:08.592227Z"}, {"uuid": "c95e6c12-729b-423a-a456-3adf42c72ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981856178857798", "content": "", "creation_timestamp": "2025-02-10T22:05:00.954075Z"}, {"uuid": "25560bc0-84b2-43ab-aee1-c847c747456b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhu6avxgt32c", "content": "", "creation_timestamp": "2025-02-10T22:16:03.033819Z"}, {"uuid": "055b671d-033f-48e0-8089-10fb6ae63c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhueuezjro2e", "content": "", "creation_timestamp": "2025-02-11T00:14:20.840303Z"}, {"uuid": "ac19be69-b1ec-4bbd-9dfd-a623c9a750f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24973", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw2oatdeh2i", "content": "", "creation_timestamp": "2025-02-11T16:17:15.032502Z"}, {"uuid": "2537c0a4-2a65-4701-9fc6-dcef6a6f9d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24976", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw2oe6i3g2s", "content": "", "creation_timestamp": "2025-02-11T16:17:18.577717Z"}, {"uuid": "bb054afc-1e59-43c5-b44c-c950d571df1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24973", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113986274179874082", "content": "", "creation_timestamp": "2025-02-11T16:48:34.805594Z"}, {"uuid": "747ecacd-74f7-4899-93a4-deedf01801a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24973", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhw5dyzlwe2t", "content": "", "creation_timestamp": "2025-02-11T17:05:16.377514Z"}, {"uuid": "2b38d546-5be8-4597-b9d6-1b440d62ca99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114456436384488510", "content": "", "creation_timestamp": "2025-05-05T17:37:00.221147Z"}, {"uuid": "9ca4b489-0e71-443d-b24f-1c8f07012b2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24977", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114456475112556261", "content": "", "creation_timestamp": "2025-05-05T17:46:51.068558Z"}, {"uuid": "82fadcbf-081d-4706-a7b8-342cb6168a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.com/post/3logwewqy722c", "content": "", "creation_timestamp": "2025-05-05T17:46:58.992976Z"}, {"uuid": "abab47fc-e87b-4b32-b01c-80918666c0c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3loh2zecnb42k", "content": "", "creation_timestamp": "2025-05-05T19:09:53.925833Z"}, {"uuid": "1db391ba-c725-494f-b506-d7c43f25774a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lokeckgjek2n", "content": "", "creation_timestamp": "2025-05-07T02:34:09.745646Z"}, {"uuid": "a03c980e-0d0f-4a69-94d8-e263bec809d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lolfpbtnop2o", "content": "", "creation_timestamp": "2025-05-07T12:31:46.609775Z"}, {"uuid": "34ddbdc5-9f99-40a9-9a99-592f6f472756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuwsiue2i", "content": "", "creation_timestamp": "2025-09-30T01:31:27.438049Z"}, {"uuid": "c864a0f6-58ce-4315-83e5-7592b74866f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeux6e4m24", "content": "", "creation_timestamp": "2025-09-30T01:31:28.932808Z"}, {"uuid": "c6901bb2-ab78-4d7a-b1b0-533c7e829890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3m326cbqdaj24", "content": "", "creation_timestamp": "2025-10-13T02:31:30.679843Z"}, {"uuid": "3931b3d0-1413-4656-b17f-6cda12c720b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1833", "content": "", "creation_timestamp": "2026-04-21T21:00:00.000000Z"}, {"uuid": "2e0d58cf-ebd1-4b69-8cb0-8d2baca02f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "seen", "source": "https://t.me/cvedetector/17611", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24970 - Netty SslHandler Native Crash Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24970 \nPublished : Feb. 10, 2025, 10:15 p.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T01:27:18.000000Z"}, {"uuid": "88597c51-6599-4fa7-9f03-0fee09b0520a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4940", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24970\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.\n\ud83d\udccf Published: 2025-02-10T21:57:28.730Z\n\ud83d\udccf Modified: 2025-02-21T18:03:37.212Z\n\ud83d\udd17 References:\n1. https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw\n2. https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4", "creation_timestamp": "2025-02-21T18:18:55.000000Z"}, {"uuid": "23ad6482-458f-43d5-b642-18d32c8d1276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24971", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/14489", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24971 exploit\nURL\uff1ahttps://github.com/be4zad/CVE-2025-24971\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-20T17:04:26.000000Z"}, {"uuid": "5f0fe85b-7ab6-417c-975b-a0d4774f1abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24974", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7485", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24974\n\ud83d\udd25 CVSS Score: 7.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, authenticated users can read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available.\n\ud83d\udccf Published: 2025-03-13T16:37:34.126Z\n\ud83d\udccf Modified: 2025-03-13T19:28:40.041Z\n\ud83d\udd17 References:\n1. https://github.com/dataease/dataease/security/advisories/GHSA-wmfp-mjf3-57f5", "creation_timestamp": "2025-03-13T19:42:47.000000Z"}, {"uuid": "67080ef9-7656-41cb-9387-24c546ed00ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24972", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8843", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24972\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, in specific circumstances, users could be added to group direct messages despite disabling direct messaging in their preferences. Versions `3.3.4` and `3.4.0.beta5` contain a patch for the issue. A workaround is available. If a user disables chat in their preferences then they cannot be added to new group chats.\n\ud83d\udccf Published: 2025-03-26T14:15:13.164Z\n\ud83d\udccf Modified: 2025-03-26T14:15:13.164Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-4p63-qw6g-4mv2", "creation_timestamp": "2025-03-26T14:25:07.000000Z"}, {"uuid": "eb66f16b-aeb9-4236-be1e-ebbd30fea6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2497", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2497\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.\n\ud83d\udccf Published: 2025-04-15T20:55:34.931Z\n\ud83d\udccf Modified: 2025-04-18T03:55:32.214Z\n\ud83d\udd17 References:\n1. https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0005", "creation_timestamp": "2025-04-18T03:57:51.000000Z"}, {"uuid": "f0b96830-6cf9-4c23-afc5-bbaefe403b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14937", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24977\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with the capability `manage customizations` can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the malicious user gets a root shell inside a container this opens up the the infrastructure environment for further attacks and exposures. Version 6.4.11 fixes the issue.\n\ud83d\udccf Published: 2025-05-05T17:07:35.812Z\n\ud83d\udccf Modified: 2025-05-05T17:07:35.812Z\n\ud83d\udd17 References:\n1. https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-mf88-g2wq-p7qm", "creation_timestamp": "2025-05-05T17:20:26.000000Z"}, {"uuid": "b7867a86-67d5-4520-aa1c-ca578240f628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://t.me/DarkWebInformer_News/4170", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: Critical Vulnerability in OpenCTI (CVE-2025-24977) Allows Infrastructure Takeover via Webhook Abuse\nLink: https://darkwebinformer.com/critical-vulnerability-in-opencti-cve-2025-24977-allows-infrastructure-takeover-via-webhook-abuse/", "creation_timestamp": "2025-05-05T17:46:48.000000Z"}, {"uuid": "96f59843-cb43-4651-9723-2c5eb5ebb3ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://t.me/poxek/5122", "content": "\ud83d\udea8 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenCTI (CVE-2025-24977) \n\n\u0412 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 \u0438 \u043e\u0431\u043c\u0435\u043d\u0430 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 (CTI) OpenCTI - \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0447\u0435\u0440\u0435\u0437 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c webhook.\n\n\ud83d\udd0d \u0421\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b:\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 webhook-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 OpenCTI, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 (RCE) \u0438 \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0435\u0441\u043b\u0438 webhook \u043e\u0442\u043a\u0440\u044b\u0442 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\n\ud83d\udee1 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438:\n\u0421\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c OpenCTI \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u0438\u0435\u043c CVE-2025-24977\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 webhook, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430\u043c\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\n\ud83d\udd17 \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n#CVE2025 #OpenCTI", "creation_timestamp": "2025-05-08T09:18:06.000000Z"}, {"uuid": "c29bef27-d625-4ca8-987a-26d5a212a204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24974", "type": "seen", "source": "https://t.me/cvedetector/20244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24974 - DataEase Unauthenticated File Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24974 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, authenticated users can read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:22.000000Z"}, {"uuid": "e2819e20-fb89-4adc-a1de-0b5315d0357d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24971", "type": "seen", "source": "https://t.me/cvedetector/17236", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24971 - DumpDrop OS Command Injection allows Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-24971 \nPublished : Feb. 4, 2025, 7:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : DumpDrop is a stupid simple file upload application that provides an interface for dragging and dropping files. An OS Command Injection vulnerability was discovered in the DumbDrop application, `/upload/init` endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely when the **Apprise Notification** enabled. This issue has been addressed in commit `4ff8469d` and all users are advised to patch. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T22:15:20.000000Z"}, {"uuid": "85a5b8c5-4553-4bca-8205-5f7b3694b2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/16824", "content": "\ud83d\udea8Critical Vulnerability in OpenCTI (CVE-2025-24977) Allows Infrastructure Takeover via Webhook Abuse\n\nhttps://darkwebinformer.com/critical-vulnerability-in-opencti-cve-2025-24977-allows-infrastructure-takeover-via-webhook-abuse/", "creation_timestamp": "2025-05-05T19:46:57.000000Z"}, {"uuid": "2e9dbe60-0787-4cdb-89ec-dc226a7ae06e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24970", "type": "published-proof-of-concept", "source": "Telegram/DuV8iUCxIXBbl9t6SczBxzChqbbn8lVOHpA0Wci_qR4AsgM", "content": "", "creation_timestamp": "2025-02-11T00:00:43.000000Z"}, {"uuid": "33f77ff7-f8a9-40f7-9ed3-6c537924a2d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24971", "type": "published-proof-of-concept", "source": "Telegram/fqLvqvawPy0wHjcP9KYWuU804CLssO4ItWzY6I4Zad418gc", "content": "", "creation_timestamp": "2025-02-20T22:00:06.000000Z"}, {"uuid": "51263543-0441-4d3a-900a-8adc57b57a42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/12021", "content": "#exploit\nCVE-2025-24977\nCritical Vulnerability in OpenCTI\nAllows Infrastructure Takeover via Webhook Abuse\nhttps://darkwebinformer.com/critical-vulnerability-in-opencti-cve-2025-24977-allows-infrastructure-takeover-via-webhook-abuse/", "creation_timestamp": "2025-05-08T17:51:02.000000Z"}, {"uuid": "feb710d2-9b35-4fca-b074-e0004961632a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24977", "type": "seen", "source": "https://t.me/cvedetector/24461", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24977 - OpenCTI Container Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24977 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with the capability `manage customizations` can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the malicious user gets a root shell inside a container this opens up the the infrastructure environment for further attacks and exposures. Version 6.4.11 fixes the issue. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:38.000000Z"}]}