Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/14 12:50 p.m.14 views

CVE-2024-13872

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /settemptoken API method. Then, an unauthenticated and...

9.4CVSS8.2AI score0.00227EPSS
Exploits0References3
Circl
Circl
added 2025/03/12 12:40 p.m.12 views

CVE-2024-13872

creationtimestamp| type| source ---|---|--- 2025-03-12 12:40:20+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk6m33fr4b2g 2025-03-12 12:56:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114149569646900003 2025-03-12 14:40:55+00:00| published-proof-of-concept|...

9.4CVSS8AI score0.00227EPSS
Exploits0References8
NVD
NVD
added 2025/03/12 12:15 p.m.11 views

CVE-2024-13872

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /settemptoken API method. Then, an unauthenticated and...

9.4CVSS0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/12 11:47 a.m.8 views

CVE-2024-13872 Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /settemptoken API method. Then, an unauthenticated and...

9.4CVSS7.6AI score0.00227EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/12 11:47 a.m.22 views

CVE-2024-13872 Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /settemptoken API method. Then, an unauthenticated and...

9.4CVSS0.00227EPSS
Exploits0References1
Rows per page
Query Builder