diff --git a/2024/28xxx/CVE-2024-28138.json b/2024/28xxx/CVE-2024-28138.json
index 9a34a079d7f..c7e26f5bb1e 100644
--- a/2024/28xxx/CVE-2024-28138.json
+++ b/2024/28xxx/CVE-2024-28138.json
@@ -1,18 +1,127 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-28138",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-research@sec-consult.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the \"msg_events.php\" script as the www-data user.\u00a0The HTTP GET parameter \"data\" is not properly sanitized."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+ "cweId": "CWE-78"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Image Access GmbH",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Scan2Net",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "changes": [
+ {
+ "at": "7.40",
+ "status": "unaffected"
+ }
+ ],
+ "lessThan": "7.40",
+ "status": "affected",
+ "version": "0",
+ "versionType": "custom"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://r.sec-consult.com/imageaccess",
+ "refsource": "MISC",
+ "name": "https://r.sec-consult.com/imageaccess"
+ },
+ {
+ "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
+ "refsource": "MISC",
+ "name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
+ }
+ ],
+ "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The vendor provides a firmware update to version 7.40, which can be downloaded via the vendor's customer server portal.
"
+ }
+ ],
+ "value": "The vendor provides a firmware update to version 7.40, which can be downloaded via the vendor's customer server portal."
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
+ },
+ {
+ "lang": "en",
+ "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2024/47xxx/CVE-2024-47397.json b/2024/47xxx/CVE-2024-47397.json
new file mode 100644
index 00000000000..44dceca6849
--- /dev/null
+++ b/2024/47xxx/CVE-2024-47397.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-47397",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/47xxx/CVE-2024-47946.json b/2024/47xxx/CVE-2024-47946.json
index 642ee99ddd6..64f67acf6a3 100644
--- a/2024/47xxx/CVE-2024-47946.json
+++ b/2024/47xxx/CVE-2024-47946.json
@@ -1,18 +1,127 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47946",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-research@sec-consult.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as desktop backgrounds or lock screens. After the upload, the PHP script is available in the web root. The PHP code executes once the uploaded file is accessed. This allows the execution of arbitrary PHP code and OS commands on the device as \"www-data\"."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
+ "cweId": "CWE-434"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Image Access GmbH",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Scan2Net",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "changes": [
+ {
+ "at": "7.42",
+ "status": "unaffected"
+ }
+ ],
+ "lessThan": "7.42",
+ "status": "affected",
+ "version": "0",
+ "versionType": "custom"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://r.sec-consult.com/imageaccess",
+ "refsource": "MISC",
+ "name": "https://r.sec-consult.com/imageaccess"
+ },
+ {
+ "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
+ "refsource": "MISC",
+ "name": "https://www.imageaccess.de/?page=SupportPortal&lang=en"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "exploit": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
+ }
+ ],
+ "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."
+ }
+ ],
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "The vendor provides a firmware update to version 7.42, which can be downloaded via the vendor's customer server portal.
"
+ }
+ ],
+ "value": "The vendor provides a firmware update to version 7.42, which can be downloaded via the vendor's customer server portal."
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"
+ },
+ {
+ "lang": "en",
+ "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2024/53xxx/CVE-2024-53688.json b/2024/53xxx/CVE-2024-53688.json
new file mode 100644
index 00000000000..9962e5a80ae
--- /dev/null
+++ b/2024/53xxx/CVE-2024-53688.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-53688",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/54xxx/CVE-2024-54457.json b/2024/54xxx/CVE-2024-54457.json
new file mode 100644
index 00000000000..8747e340858
--- /dev/null
+++ b/2024/54xxx/CVE-2024-54457.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-54457",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file