ioc[.]one - OSINT Cyber Threat Intelligence Database

【在野利用】ProjectSend 身份认证绕过漏洞(CVE-2024-11680)安全风险通告

Tags

Show in Graph

Common Information

Type	Value
UUID	1d4b7777-0855-455a-b480-da80a99e7254
Fingerprint	bd3836dd75323bf4
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 26, 2024, midnight
Added to db	Nov. 28, 2024, 12:19 p.m.
Last updated	Dec. 18, 2024, 3:09 p.m.
Headline	【在野利用】ProjectSend 身份认证绕过漏洞(CVE-2024-11680)安全风险通告
Title	【在野利用】ProjectSend 身份认证绕过漏洞(CVE-2024-11680)安全风险通告
Detected Hints/Tags/Attributes	4/0/14

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502502&idx=1&sn=874d1d96ffd31643476939deced0fd4f&chksm=fe79ee3ec90e6728cb38cbc7cf03b5ac32273e1cc74442e830866650cc7551ccda12fd8ab98b&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	266	✔	奇安信 CERT	https://wechat2rss.xlab.app/feed/981c000a01bbdc1f128d260cc91c15d3a6afb530.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	34		cve-2024-11680
Details	Domain	4335		github.com
Details	Domain	43		vulncheck.com
Details	Domain	147		www.securityweek.com
Details	Domain	303		thehackernews.com
Details	File	20		options.php
Details	File	1		critical-flaw-in-projectsend-under.html
Details	Github username	2		projectsend
Details	sha1	2		193367d937b1a59ed5b68dd4e60bd53317473744
Details	Url	2		https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744
Details	Url	1		https://github.com/projectsend/projectsend/releases/tag/r1720
Details	Url	4		https://vulncheck.com/blog/projectsend-exploited-itw
Details	Url	1		https://www.securityweek.com/projectsend-vulnerability-exploited-in-the-wild
Details	Url	1		https://thehackernews.com/2024/11/critical-flaw-in-projectsend-under.html