{"vulnerability": "cve-2025-2938", "sightings": [{"uuid": "e11d5950-f744-40c5-9d11-1e8cf6f1d028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29384", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5wuqab2e", "content": "", "creation_timestamp": "2025-03-14T20:46:20.261231Z"}, {"uuid": "25f5c319-4fb6-4747-b17e-940a37a7dfd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29385", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5xc4zk2s", "content": "", "creation_timestamp": "2025-03-14T20:46:22.382500Z"}, {"uuid": "3a4ec14c-914c-4bfb-a339-064b6bbba6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29386", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5x3gt32x", "content": "", "creation_timestamp": "2025-03-14T20:46:21.291662Z"}, {"uuid": "9472ea26-c6e1-4595-89d6-4f78f8ce6b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29387", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7828", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29387\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.\n\ud83d\udccf Published: 2025-03-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-17T18:34:19.639Z\n\ud83d\udd17 References:\n1. https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan2.md", "creation_timestamp": "2025-03-17T19:34:23.000000Z"}, {"uuid": "e75c0ce5-9614-47c7-9772-dc7daf55c02e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29387", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5xplpu2k", "content": "", "creation_timestamp": "2025-03-14T20:46:24.733859Z"}, {"uuid": "7d5e6772-0d49-4ea5-9416-abb48ac6b948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2938", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsivvpk3kp2p", "content": "", "creation_timestamp": "2025-06-26T10:24:28.025879Z"}, {"uuid": "5de5d2bf-f1d3-4fcc-9db9-17aaf0bd2994", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29386", "type": "seen", "source": "https://t.me/cvedetector/20312", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29386 - Tenda AC9 Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29386 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:06.000000Z"}, {"uuid": "33843e44-984d-4293-8a66-863b5cbbc8da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2938", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19573", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2938\n\ud83d\udd25 CVSS Score: 3.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval process resulted in unintended permission grants.\n\ud83d\udccf Published: 2025-06-26T05:31:30.851Z\n\ud83d\udccf Modified: 2025-06-26T05:31:30.851Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/529006\n2. https://hackerone.com/reports/3063091", "creation_timestamp": "2025-06-26T05:49:27.000000Z"}, {"uuid": "23e8d064-6708-4ed1-9102-2f813eb543ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29389", "type": "seen", "source": "https://t.me/cvedetector/22562", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29389 - PbootCMS Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-29389 \nPublished : April 9, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T18:26:47.000000Z"}, {"uuid": "36b9bde3-6648-44c8-a5ad-5c1c2bb80f17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29385", "type": "seen", "source": "https://t.me/cvedetector/20311", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29385 - Tenda AC9 Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29385 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:05.000000Z"}, {"uuid": "25b0a172-d372-49d7-8d0e-d6554532f5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29384", "type": "seen", "source": "https://t.me/cvedetector/20310", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29384 - Tenda AC9 Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29384 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:04.000000Z"}, {"uuid": "785897bb-c75e-4854-8c3f-5581ae04c2e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29387", "type": "seen", "source": "https://t.me/cvedetector/20313", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29387 - Tenda AC9 Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29387 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:07.000000Z"}]}