New assessment for topic: CVE-2024-57728

Topic description: "SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e ..."

"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an authenticated file upload affecting the following versions: ..."

Link: https://attackerkb.com/assessments/ceb2ad15-73e9-4da8-887d-ff69dbb8ee91

New assessment for topic: CVE-2024-57727

Topic description: "SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests ..."

"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an unauthenticated path traversal affecting the following versions: ..."

Link: https://attackerkb.com/assessments/1711e1d9-4407-4c28-ae4e-379952e65026

New assessment for topic: CVE-2025-0108

Topic description: "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts ..."

"On February 12, 2025, Palo Alto Networks published an [advisory for CVE-2025-0108](https://security.paloaltonetworks.com/CVE-2025-0108) ..."

Link: https://attackerkb.com/assessments/951efdb5-288e-4608-8bde-667656782321

New assessment for topic: CVE-2024-12356

Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."

"Based upon both writing a [technical analysis](https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356#rapid7-analysis) of this vuln, and an accompanying [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19877), I have rated the exploitability as `Very High`, as exploitation is reliable, repeatable, and can be fully automated by an exploit script ..."

Link: https://attackerkb.com/assessments/4b8511fd-3dcf-4ea3-8dd2-7df3b2245055

New Rapid7 Analysis on AttackerKB topic: CVE-2024-12356

"On December 16, 2024, BeyondTrust published both [an advisory](https://www.beyondtrust.com/trust-center/security-advisories/bt24-10) and patches for CVE-2024-12356, a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Privileged Remote Access (PRA) and Remote Support (RS) ..."

Link: https://attackerkb.com/topics/bf309bc8-5c3d-4ad1-bd68-0c095978cce6

New assessment for topic: CVE-2025-25181

Topic description: "A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. ..."

"CVE-2025-25181 is an SQL Injection vulnerability identified in the VeraCore application, specifically within the timeoutWarning endpoint ..."

Link: https://attackerkb.com/assessments/8eb75af7-8535-4adc-8a0f-97c3aeaf4ca9

New assessment for topic: CVE-2024-24578

Topic description: "RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/be4bcbb2-499b-40df-85ed-92de2fbec245

New assessment for topic: CVE-2024-53704

Topic description: "An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. ..."

"On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."

Link: https://attackerkb.com/assessments/82f8d49a-9a1d-48bd-86df-542635a5540a

New Rapid7 Analysis on AttackerKB topic: CVE-2024-53704

"On January 7, 2025, [SonicWall announced](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003) an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."

Link: https://attackerkb.com/topics/a5d8a13b-f707-474b-8d3e-a885f9d0f1cd

New assessment for topic: CVE-2024-49113

Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability ..."

"CVE-2024-49113 is a denial-of-service (DoS) vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) ..."

Link: https://attackerkb.com/assessments/ee558a5f-bfde-4c37-8367-cc3821b0aecb

New assessment for topic: CVE-2024-49112

Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability ..."

"CVE-2024-49112 is a critical vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service ..."

Link: https://attackerkb.com/assessments/07d80193-ab91-4495-ad6c-eeeb6ffbb112

New assessment for topic: CVE-2024-38134

Topic description: "Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/1666dde0-3e50-40c8-a117-96b9df707b45

New assessment for topic: CVE-2025-0282

Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."

"On January 8, 2025, Ivanti published [a security advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283) for two vulnerabilities, CVE-2025-0282, and CVE-2025-0283, affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways. ..."

Link: https://attackerkb.com/assessments/2c7673d5-c3c5-4f02-ba7c-4fa0927b06ac

New assessment for topic: CVE-2024-43452

Topic description: "Windows Registry Elevation of Privilege Vulnerability ..."

"This seems like a really fascinating exploit from the point of view of a researcher, but an utter and complete nightmare for an attacker ..."

Link: https://attackerkb.com/assessments/64b2d2dd-287e-4d2c-8e31-435ffae4440c

New assessment for topic: CVE-2024-48457

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the endpoint /cgi-bin/skk_set.cgi and binary /bin/scripts/start_wifi.sh ..."

"Several Netis Routers including rebranded routers from GLCtec and Stonet suffer from an authentication bypass that allows for an unauthenticated reset of the Wifi and admin password of the router. ..."

Link: https://attackerkb.com/assessments/8d380611-c7f7-4cff-92e3-8bd1113560c9

New assessment for topic: CVE-2024-48455

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the mode_name, wl_link parameters of the skk_get.cgi component. ..."

"`CVE-2024-48555` allows for unauthenticated information disclosure revealing sensitive configuration information of the router which can be used by the attacker to determine of the router is running specific vulnerable firmware. ..."

Link: https://attackerkb.com/assessments/a46c9420-553b-4d8f-abeb-a852a1052d64

New assessment for topic: CVE-2024-48456

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the parameter password at the change admin password page at the router web interface. ..."

"Several Netis Routers including rebranded routers from GLCtec and Stonet suffer from an authenticated command injection vulnerability at the change admin password page of the router web interface. ..."

Link: https://attackerkb.com/assessments/d6c45973-3c8f-41c6-992f-a276f3a579fe

New assessment for topic: CVE-2024-48455

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48455](https://www.cve.org/CVERecord?id=CVE-2024-48455) is a vulnerability discovered in Netis routers where an unauthenticated remote attacker can obtain sensitive information from the router. ..."

Link: https://attackerkb.com/assessments/b9e42efa-bca4-4811-b71c-81c2ac09a1a8

New assessment for topic: CVE-2024-48456

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48456](https://www.cve.org/CVERecord?id=CVE-2024-48456) is an authenticated remote code execution (RCE) in the parameter `password` at the change admin password page at the router web interface. ..."

Link: https://attackerkb.com/assessments/db6b427a-1fea-487a-974d-191031bda560

New assessment for topic: CVE-2024-48457

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48457](https://www.cve.org/CVERecord?id=CVE-2024-48457) is an authentication bypass that allows for an unauthenticated reset of the Wifi and admin password of the router. ..."

Link: https://attackerkb.com/assessments/182d054a-a1ba-4e39-8b00-bae34a0a894a