diff --git a/2021/CVE-2021-25920.md b/2021/CVE-2021-25920.md new file mode 100644 index 0000000000..a54bf794d8 --- /dev/null +++ b/2021/CVE-2021-25920.md @@ -0,0 +1,17 @@ +### [CVE-2021-25920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25920) +![](https://img.shields.io/static/v1?label=Product&message=openemr&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Access%20Control&color=brighgreen) + +### Description + +In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user. + +### POC + +#### Reference +- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25920 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2021/CVE-2021-25930.md b/2021/CVE-2021-25930.md index 56437f4fa2..8a1f7f9830 100644 --- a/2021/CVE-2021-25930.md +++ b/2021/CVE-2021-25930.md @@ -10,7 +10,7 @@ In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNM ### POC #### Reference -No PoCs from references. +- https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25930 #### Github - https://github.com/ARPSyndicate/cvemon diff --git a/2021/CVE-2021-29133.md b/2021/CVE-2021-29133.md index c6bab9badb..cd57929f08 100644 --- a/2021/CVE-2021-29133.md +++ b/2021/CVE-2021-29133.md @@ -10,7 +10,7 @@ Lack of verification in haserl, a component of Alpine Linux Configuration Framew ### POC #### Reference -No PoCs from references. +- https://gitlab.alpinelinux.org/alpine/aports/-/issues/12539 #### Github - https://github.com/ARPSyndicate/cvemon diff --git a/2023/CVE-2023-30612.md b/2023/CVE-2023-30612.md new file mode 100644 index 0000000000..b4eded1a4c --- /dev/null +++ b/2023/CVE-2023-30612.md @@ -0,0 +1,17 @@ +### [CVE-2023-30612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30612) +![](https://img.shields.io/static/v1?label=Product&message=cloud-hypervisor&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%2030.0%2C%20%3C%2030.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%3A%20Missing%20Authentication%20for%20Critical%20Function&color=brighgreen) + +### Description + +Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily crashed, causing Deny-of-Service (DoS). This can also be a potential Use-After-Free (UAF) vulnerability. Users require to have the write access to the API socket file to trigger this vulnerability. Impacted versions of Cloud Hypervisor include upstream main branch, v31.0, and v30.0. The vulnerability was initially detected by our `http_api_fuzzer` via oss-fuzz. This issue has been addressed in versions 30.1 and 31.1. Users unable to upgrade may mitigate this issue by ensuring the write access to the API socket file is granted to trusted users only. + +### POC + +#### Reference +- https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5373 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3503.md b/2023/CVE-2023-3503.md new file mode 100644 index 0000000000..1fdf3093bc --- /dev/null +++ b/2023/CVE-2023-3503.md @@ -0,0 +1,17 @@ +### [CVE-2023-3503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3503) +![](https://img.shields.io/static/v1?label=Product&message=Shopping%20Website&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232951. + +### POC + +#### Reference +- https://vuldb.com/?id.232951 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3756.md b/2023/CVE-2023-3756.md new file mode 100644 index 0000000000..5637676744 --- /dev/null +++ b/2023/CVE-2023-3756.md @@ -0,0 +1,17 @@ +### [CVE-2023-3756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3756) +![](https://img.shields.io/static/v1?label=Product&message=Atlas%20Business%20Directory%20Listing&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.13%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this issue is some unknown functionality of the file /home/search. The manipulation of the argument search_string leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-234428. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://vuldb.com/?id.234428 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-3791.md b/2023/CVE-2023-3791.md new file mode 100644 index 0000000000..c7eb9db490 --- /dev/null +++ b/2023/CVE-2023-3791.md @@ -0,0 +1,17 @@ +### [CVE-2023-3791](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3791) +![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.5.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in IBOS OA 4.5.5 and classified as critical. Affected by this issue is the function actionExport of the file ?r=contact/default/export of the component Personal Office Address Book. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-235058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/zry-wyj/cve/blob/main/ibos.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2023/CVE-2023-6574.md b/2023/CVE-2023-6574.md index bafb96658f..6caaf5f59e 100644 --- a/2023/CVE-2023-6574.md +++ b/2023/CVE-2023-6574.md @@ -10,7 +10,7 @@ A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as c ### POC #### Reference -No PoCs from references. +- https://vuldb.com/?id.247154 #### Github - https://github.com/tanjiti/sec_profile diff --git a/2024/CVE-2024-10418.md b/2024/CVE-2024-10418.md index 3aa61be121..2de1830266 100644 --- a/2024/CVE-2024-10418.md +++ b/2024/CVE-2024-10418.md @@ -11,6 +11,7 @@ A vulnerability was found in code-projects Blood Bank Management System 1.0. It #### Reference - https://gist.github.com/higordiego/25a103a1fe84c4db4530e68d2f998d11 +- https://vuldb.com/?submit.431782 #### Github No PoCs found on GitHub currently. diff --git a/2024/CVE-2024-57030.md b/2024/CVE-2024-57030.md index e9803f5523..3b1ce083a4 100644 --- a/2024/CVE-2024-57030.md +++ b/2024/CVE-2024-57030.md @@ -10,7 +10,7 @@ Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_f ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57030 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57031.md b/2024/CVE-2024-57031.md index a6d3feb449..0c7db9528a 100644 --- a/2024/CVE-2024-57031.md +++ b/2024/CVE-2024-57031.md @@ -10,7 +10,7 @@ WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57031 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57032.md b/2024/CVE-2024-57032.md index 049843653a..45f720eecd 100644 --- a/2024/CVE-2024-57032.md +++ b/2024/CVE-2024-57032.md @@ -10,7 +10,7 @@ WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-57032 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57033.md b/2024/CVE-2024-57033.md index e174f8b934..897501cc30 100644 --- a/2024/CVE-2024-57033.md +++ b/2024/CVE-2024-57033.md @@ -10,7 +10,7 @@ WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57033 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57034.md b/2024/CVE-2024-57034.md index 57e34de9fb..0b1425984e 100644 --- a/2024/CVE-2024-57034.md +++ b/2024/CVE-2024-57034.md @@ -10,7 +10,7 @@ WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the q ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57034 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57035.md b/2024/CVE-2024-57035.md index 326e5ae330..112f5748d7 100644 --- a/2024/CVE-2024-57035.md +++ b/2024/CVE-2024-57035.md @@ -10,7 +10,7 @@ WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /contro ### POC #### Reference -No PoCs from references. +- https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57035 #### Github - https://github.com/Sec-Dojo-Cyber-House/cve-hunters diff --git a/2024/CVE-2024-57159.md b/2024/CVE-2024-57159.md new file mode 100644 index 0000000000..1c4ece7a22 --- /dev/null +++ b/2024/CVE-2024-57159.md @@ -0,0 +1,17 @@ +### [CVE-2024-57159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57159) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html. + +### POC + +#### Reference +- https://github.com/1091101/yang.xian/tree/main/6/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57160.md b/2024/CVE-2024-57160.md new file mode 100644 index 0000000000..e866664bae --- /dev/null +++ b/2024/CVE-2024-57160.md @@ -0,0 +1,17 @@ +### [CVE-2024-57160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57160) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html. + +### POC + +#### Reference +- https://github.com/1091101/yang.xian/tree/main/7/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57161.md b/2024/CVE-2024-57161.md new file mode 100644 index 0000000000..ec38ba0099 --- /dev/null +++ b/2024/CVE-2024-57161.md @@ -0,0 +1,17 @@ +### [CVE-2024-57161](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57161) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html + +### POC + +#### Reference +- https://github.com/1091101/yang.xian/tree/main/8/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57580.md b/2024/CVE-2024-57580.md new file mode 100644 index 0000000000..6e2d110158 --- /dev/null +++ b/2024/CVE-2024-57580.md @@ -0,0 +1,17 @@ +### [CVE-2024-57580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57580) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. + +### POC + +#### Reference +- https://github.com/qijiale/Tenda/tree/main/7 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57581.md b/2024/CVE-2024-57581.md new file mode 100644 index 0000000000..e396c2c354 --- /dev/null +++ b/2024/CVE-2024-57581.md @@ -0,0 +1,17 @@ +### [CVE-2024-57581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57581) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. + +### POC + +#### Reference +- https://github.com/qijiale/Tenda/tree/main/8 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57582.md b/2024/CVE-2024-57582.md new file mode 100644 index 0000000000..d8c76abb27 --- /dev/null +++ b/2024/CVE-2024-57582.md @@ -0,0 +1,17 @@ +### [CVE-2024-57582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57582) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. + +### POC + +#### Reference +- https://github.com/qijiale/Tenda/tree/main/9 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57611.md b/2024/CVE-2024-57611.md new file mode 100644 index 0000000000..c9640b1586 --- /dev/null +++ b/2024/CVE-2024-57611.md @@ -0,0 +1,17 @@ +### [CVE-2024-57611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57611) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId. + +### POC + +#### Reference +- https://github.com/daodaoshao/Yunpeng-Yin/tree/main/7/readme.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57676.md b/2024/CVE-2024-57676.md new file mode 100644 index 0000000000..be020a8b31 --- /dev/null +++ b/2024/CVE-2024-57676.md @@ -0,0 +1,17 @@ +### [CVE-2024-57676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57676) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2WlanBasicSetup.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57677.md b/2024/CVE-2024-57677.md new file mode 100644 index 0000000000..db20109425 --- /dev/null +++ b/2024/CVE-2024-57677.md @@ -0,0 +1,17 @@ +### [CVE-2024-57677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57677) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2Wan.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57678.md b/2024/CVE-2024-57678.md new file mode 100644 index 0000000000..f89381dc79 --- /dev/null +++ b/2024/CVE-2024-57678.md @@ -0,0 +1,17 @@ +### [CVE-2024-57678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57678) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2WlAc.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57679.md b/2024/CVE-2024-57679.md new file mode 100644 index 0000000000..04a0c0ece6 --- /dev/null +++ b/2024/CVE-2024-57679.md @@ -0,0 +1,17 @@ +### [CVE-2024-57679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57679) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2RepeaterSetup.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57680.md b/2024/CVE-2024-57680.md new file mode 100644 index 0000000000..102650dfcb --- /dev/null +++ b/2024/CVE-2024-57680.md @@ -0,0 +1,17 @@ +### [CVE-2024-57680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57680) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2PortriggerRule.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the port trigger of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2PortriggerRule.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57681.md b/2024/CVE-2024-57681.md new file mode 100644 index 0000000000..17b5ac1882 --- /dev/null +++ b/2024/CVE-2024-57681.md @@ -0,0 +1,17 @@ +### [CVE-2024-57681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57681) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2alg.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57682.md b/2024/CVE-2024-57682.md new file mode 100644 index 0000000000..d402528e2d --- /dev/null +++ b/2024/CVE-2024-57682.md @@ -0,0 +1,17 @@ +### [CVE-2024-57682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57682) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/d_status.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57683.md b/2024/CVE-2024-57683.md new file mode 100644 index 0000000000..a036b63cec --- /dev/null +++ b/2024/CVE-2024-57683.md @@ -0,0 +1,17 @@ +### [CVE-2024-57683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57683) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/websURLFilterAddDel.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57684.md b/2024/CVE-2024-57684.md new file mode 100644 index 0000000000..b2a57307cf --- /dev/null +++ b/2024/CVE-2024-57684.md @@ -0,0 +1,17 @@ +### [CVE-2024-57684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57684) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. + +### POC + +#### Reference +- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/formDMZ.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57703.md b/2024/CVE-2024-57703.md new file mode 100644 index 0000000000..f20dec97aa --- /dev/null +++ b/2024/CVE-2024-57703.md @@ -0,0 +1,17 @@ +### [CVE-2024-57703](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57703) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. + +### POC + +#### Reference +- https://github.com/Pr0b1em/IoT/blob/master/Tenda%20AC8v4%20V16.03.34.06.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-57704.md b/2024/CVE-2024-57704.md new file mode 100644 index 0000000000..53dd09e98c --- /dev/null +++ b/2024/CVE-2024-57704.md @@ -0,0 +1,17 @@ +### [CVE-2024-57704](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57704) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. + +### POC + +#### Reference +- https://github.com/Pr0b1em/IoT/blob/master/Tenda%20AC8v4%20V16.03.34.06.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/references.txt b/references.txt index bd866aae65..15fd76d6cd 100644 --- a/references.txt +++ b/references.txt @@ -79877,6 +79877,7 @@ CVE-2021-25916 - https://www.whitesourcesoftware.com/vulnerability-database/CVE- CVE-2021-25917 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25917 CVE-2021-25918 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25918 CVE-2021-25919 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25919 +CVE-2021-25920 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25920 CVE-2021-25921 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25921 CVE-2021-25922 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25922 CVE-2021-25923 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25923 @@ -79886,6 +79887,7 @@ CVE-2021-25926 - https://www.whitesourcesoftware.com/vulnerability-database/CVE- CVE-2021-25927 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25927 CVE-2021-25928 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25928 CVE-2021-25929 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25929 +CVE-2021-25930 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25930 CVE-2021-25931 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25931 CVE-2021-25932 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25932 CVE-2021-25933 - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25933 @@ -80590,6 +80592,7 @@ CVE-2021-29075 - https://kb.netgear.com/000063010/Security-Advisory-for-Post-Aut CVE-2021-29081 - https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465 CVE-2021-29099 - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-e21-03-server-sql/ CVE-2021-29100 - https://www.esri.com/arcgis-blog/products/arcgis-earth/administration/arcgis-earth-security-update +CVE-2021-29133 - https://gitlab.alpinelinux.org/alpine/aports/-/issues/12539 CVE-2021-29154 - http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html CVE-2021-29154 - https://news.ycombinator.com/item?id=26757760 CVE-2021-29154 - https://www.oracle.com/security-alerts/cpujul2022.html @@ -98011,6 +98014,7 @@ CVE-2023-3056 - https://github.com/HuBenLab/HuBenVulList/blob/main/YFCMF-TP6-3.0 CVE-2023-3057 - https://github.com/HuBenLab/HuBenVulList/blob/main/YFCMF-TP6-3.0.4%20has%20a%20Remote%20Command%20Execution%20(RCE)%20vulnerability%202.md CVE-2023-30577 - https://github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3 CVE-2023-30591 - https://starlabs.sg/advisories/23/23-30591/ +CVE-2023-30612 - https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5373 CVE-2023-30613 - https://huntr.dev/bounties/c30d3503-600d-4d00-9571-98826a51f12c CVE-2023-30620 - https://github.com/mindsdb/mindsdb/security/advisories/GHSA-2g5w-29q9-w6hx CVE-2023-30623 - https://securitylab.github.com/research/github-actions-untrusted-input/ @@ -98890,6 +98894,7 @@ CVE-2023-35002 - https://talosintelligence.com/vulnerability_reports/TALOS-2023- CVE-2023-3501 - https://wpscan.com/vulnerability/d3fb4a2b-ed51-4654-b7c1-4b0f59cd1ecf CVE-2023-35016 - https://www.ibm.com/support/pages/node/7014397 CVE-2023-35019 - https://www.ibm.com/support/pages/node/7014397 +CVE-2023-3503 - https://vuldb.com/?id.232951 CVE-2023-35055 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761 CVE-2023-35056 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761 CVE-2023-35057 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821 @@ -99260,6 +99265,7 @@ CVE-2023-37477 - https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-p CVE-2023-37478 - https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7 CVE-2023-3752 - https://vuldb.com/?id.234422 CVE-2023-37543 - https://medium.com/@hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed +CVE-2023-3756 - https://vuldb.com/?id.234428 CVE-2023-37569 - http://packetstormsecurity.com/files/174084/Emagic-Data-Center-Management-Suite-6.0-Remote-Command-Execution.html CVE-2023-37581 - http://seclists.org/fulldisclosure/2023/Jul/43 CVE-2023-37596 - https://github.com/sahiloj/CVE-2023-37596/blob/main/README.md @@ -99362,6 +99368,7 @@ CVE-2023-3790 - https://www.vulnerability-lab.com/get_content.php?id=2274 CVE-2023-37900 - https://github.com/crossplane/crossplane/blob/ac8b24fe739c5d942ea885157148497f196c3dd3/security/ADA-security-audit-23.pdf CVE-2023-37903 - https://github.com/patriksimek/vm2/security/advisories/GHSA-g644-9gfx-q4q4 CVE-2023-37907 - https://github.com/cryptomator/cryptomator/security/advisories/GHSA-9c9p-c3mg-hpjq +CVE-2023-3791 - https://github.com/zry-wyj/cve/blob/main/ibos.md CVE-2023-37910 - https://jira.xwiki.org/browse/XWIKI-20334 CVE-2023-37915 - https://github.com/OpenDDS/OpenDDS/security/advisories/GHSA-v5pp-7prc-5xq9 CVE-2023-37916 - https://github.com/1Panel-dev/KubePi/security/advisories/GHSA-87f6-8gr7-pc6h @@ -102181,6 +102188,7 @@ CVE-2023-6568 - https://huntr.com/bounties/816bdaaa-8153-4732-951e-b0d92fddf709 CVE-2023-6569 - https://huntr.com/bounties/a5d003dc-c23e-4c98-8dcf-35ba9252fa3c CVE-2023-6570 - https://huntr.com/bounties/82d6e853-013b-4029-a23f-8b50ec56602a CVE-2023-6571 - https://huntr.com/bounties/f02781e7-2a53-4c66-aa32-babb16434632 +CVE-2023-6574 - https://vuldb.com/?id.247154 CVE-2023-6575 - https://github.com/houhuidong/cve/blob/main/rce.md CVE-2023-6579 - http://packetstormsecurity.com/files/176124/osCommerce-4-SQL-Injection.html CVE-2023-6584 - https://wpscan.com/vulnerability/e528e3cd-a45c-4bf7-a37a-101f5c257acd/ @@ -102683,6 +102691,7 @@ CVE-2024-10415 - https://gist.github.com/higordiego/2aba05ef2277d85ea4148dc42189 CVE-2024-10416 - https://gist.github.com/higordiego/18cf04067697c8ceb2cba68980139dcc CVE-2024-10417 - https://gist.github.com/higordiego/bf0cf963ec56cfe0dcaba2956352bafd CVE-2024-10418 - https://gist.github.com/higordiego/25a103a1fe84c4db4530e68d2f998d11 +CVE-2024-10418 - https://vuldb.com/?submit.431782 CVE-2024-10419 - https://gist.github.com/higordiego/62ad5208270c67834d02818d6ba44126 CVE-2024-10426 - https://github.com/ppp-src/CVE/issues/21 CVE-2024-10427 - https://github.com/ppp-src/CVE/issues/22 @@ -108001,8 +108010,17 @@ CVE-2024-57022 - https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK CVE-2024-57023 - https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md CVE-2024-57024 - https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md CVE-2024-57025 - https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md +CVE-2024-57030 - https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57030 +CVE-2024-57031 - https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57031 +CVE-2024-57032 - https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-57032 +CVE-2024-57033 - https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57033 +CVE-2024-57034 - https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57034 +CVE-2024-57035 - https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57035 CVE-2024-5713 - https://wpscan.com/vulnerability/eb3f24a7-3171-42c3-9016-e29da4f384fa/ CVE-2024-5715 - https://wpscan.com/vulnerability/d86bc001-51ae-4dcc-869b-80c91251cc2e/ +CVE-2024-57159 - https://github.com/1091101/yang.xian/tree/main/6/readme.md +CVE-2024-57160 - https://github.com/1091101/yang.xian/tree/main/7/readme.md +CVE-2024-57161 - https://github.com/1091101/yang.xian/tree/main/8/readme.md CVE-2024-5727 - https://wpscan.com/vulnerability/5f677863-2f4f-474f-ba48-f490f9d6e71c/ CVE-2024-5728 - https://wpscan.com/vulnerability/287c4e8c-9092-4cb9-9642-e4f3d10f46fa/ CVE-2024-5729 - https://wpscan.com/vulnerability/0352f6f5-cdfd-4cef-9ed5-fdc1cbcb368a/ @@ -108019,6 +108037,10 @@ CVE-2024-57487 - https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-5748 CVE-2024-57488 - https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488 CVE-2024-5758 - https://research.cleantalk.org/cve-2024-4305/ CVE-2024-5758 - https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/ +CVE-2024-57580 - https://github.com/qijiale/Tenda/tree/main/7 +CVE-2024-57581 - https://github.com/qijiale/Tenda/tree/main/8 +CVE-2024-57582 - https://github.com/qijiale/Tenda/tree/main/9 +CVE-2024-57611 - https://github.com/daodaoshao/Yunpeng-Yin/tree/main/7/readme.md CVE-2024-57615 - https://github.com/MonetDB/MonetDB/issues/7413 CVE-2024-57616 - https://github.com/MonetDB/MonetDB/issues/7412 CVE-2024-57617 - https://github.com/MonetDB/MonetDB/issues/7432 @@ -108071,6 +108093,17 @@ CVE-2024-57662 - https://github.com/openlink/virtuoso-opensource/issues/1217 CVE-2024-57663 - https://github.com/openlink/virtuoso-opensource/issues/1218 CVE-2024-57664 - https://github.com/openlink/virtuoso-opensource/issues/1211 CVE-2024-5767 - https://wpscan.com/vulnerability/e4ba26b4-5f4f-4c9e-aa37-885b30ef8088/ +CVE-2024-57676 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2WlanBasicSetup.md +CVE-2024-57677 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2Wan.md +CVE-2024-57678 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2WlAc.md +CVE-2024-57679 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2RepeaterSetup.md +CVE-2024-57680 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2PortriggerRule.md +CVE-2024-57681 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2alg.md +CVE-2024-57682 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/d_status.md +CVE-2024-57683 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/websURLFilterAddDel.md +CVE-2024-57684 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/formDMZ.md +CVE-2024-57703 - https://github.com/Pr0b1em/IoT/blob/master/Tenda%20AC8v4%20V16.03.34.06.md +CVE-2024-57704 - https://github.com/Pr0b1em/IoT/blob/master/Tenda%20AC8v4%20V16.03.34.06.md CVE-2024-5772 - https://github.com/charliecatsec/cve1/blob/main/NS-ASG-sql-deleteiscuser.md CVE-2024-5773 - https://github.com/L1OudFd8cl09/CVE/issues/3 CVE-2024-5774 - https://github.com/CveSecLook/cve/issues/43