CVE-2024-3721

Overview

TBK
DVR-4104

13 Apr 2024

Published

01 Aug 2024

Updated

CVSS v3.1

MEDIUM (6.3)

EPSS

83.86%

MITRE

KEV

Description

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability.

Statistics

7 Posts
5 Interactions

Last activity: 1 hour ago

Fediverse

jbz @jbz

☣️ Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

｢ The attack activity outlined by Fortinet involves the exploitation of CVE-2024-3721 to obtain and drop a downloader script, which then launches the botnet payload based on the Linux system's architecture. Once the malware is executed, it displays a message stating "nexuscorp has taken control." ｣

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

#iot #ddos #botnet #cybersecurity

2
0
0
17h ago

Patrick C Miller :donor: @patrickcmiller

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

1
1
1
2h ago

TechNadu @technadu

FortiGuard Labs tracks #Nexcorium, a Mirai variant targeting TBK DVRs via CVE-2024-3721. It uses aggressive persistence (systemd, cron) and wide-ranging DDoS vectors. Check your IoT logs for "X-Hacked-By" headers.

Details: https://www.fortinet.com/blog/threat-research/tracking-mirai-variant-nexcorium

What’s your take?

#Botnet #IoT #DDoS #InfoSec

1
0
0
1h ago

Bluesky

キタきつね @kitafox.bsky.social

Miraiの亜種NexcoriumがCVE-2024-3721を悪用し、TBK DVRを乗っ取ってDDoSボットネットを構築 Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet #HackerNews (Apr 18) thehackernews.com/2026/04/mira...

0
0
0
18h ago

ReconBee @reconbee.bsky.social

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet reconbee.com/mirai-varian... #mirai #nexcorium #DDoSbotnet #botnet #TBK #DVR #hijack #cyberattack

0
0
0
11h ago

TechNadu @technadu.com

Nexcorium, a new Mirai variant, is exploiting TBK DVRs (CVE-2024-3721). It features robust persistence and multi-architecture support for large-scale DDoS. Are we doing enough to secure the IoT edge? Comment your opinion. #CyberSecurity #IoT #Malware

0
0
0
1h ago

CVE-2026-35616

Overview

Fortinet
FortiClientEMS

04 Apr 2026

Published

07 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

25.26%

MITRE

KEV

Description

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Statistics

2 Posts
11 Interactions

Last activity: 1 hour ago

Fediverse

N_{Dario Fadda} @nuke

Fortinet FortiClientEMS Under Active Attack: Critical CVE-2026-35616 (CVSS 9.1) Added to CISA KEV Catalog
#CyberSecurity
https://securebulletin.com/fortinet-forticlientems-under-active-attack-critical-cve-2026-35616-cvss-9-1-added-to-cisa-kev-catalog/

4
0
0
5h ago

Bluesky

The Shadowserver Foundation @shadowserver.bsky.social

We added CVE-2026-35616 scans based on the vulnerability detector developed by Bishop Fox bishopfox.com/blog/api-aut.... Over 60 IPs still assessed as vulnerable: dashboard.shadowserver.org/statistics/c... Data shared daily in our Vulnerable HTTP reporting: shadowserver.org/what-we-do/n...

2
5
0
1h ago

CVE-2026-23500

Overview

Dolibarr
dolibarr

17 Apr 2026

Published

18 Apr 2026

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

0.35%

MITRE

KEV

Description

Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without sanitization. An authenticated administrator can inject arbitrary OS commands via this constant using command separators, achieving remote code execution as the web server user when any ODT template is generated. This issue has been fixed in version 23.0.0.

Statistics

2 Posts

Last activity: 16 hours ago

Bluesky

nixpkgs security changes @nixpkgssecuritychanges.gerbet.me

[25.11] dolibarr: add CVE-2026-23500 to knownVulnerabilities https://github.com/NixOS/nixpkgs/pull/511496 https://tracker.security.nixos.org/issues/NIXPKGS-2026-1156 #security

0
0
0
22h ago

nixpkgs prs bot @nixpkgs-prs-bot.bsky.social

#511519 qwen-code: 0.14.3 -> 0.14.5 #511510 python3Packages.contourpy: fix cross #511504 plexamp: 4.13.0 -> 4.13.1 #511500 resterm: 0.26.2 -> 0.28.2 #511496 [25.11] dolibarr: add CVE-2026-23500 to knownVulnerabilities #511493 python3Packages.mhcflurry: 2.2.0 -> 2.2.1

0
0
0
16h ago

CVE-2026-33824

Overview

Microsoft
Windows 10 Version 1607

14 Apr 2026

Published

17 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.10%

MITRE

KEV

Description

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

Statistics

2 Posts

Last activity: 11 hours ago

Bluesky

OpsMatters @handle.invalid

The latest update for #Sentrium includes "#Windows IKE Service Extensions Vulnerability Enables Remote Code Execution (CVE-2026-33824)" and "How to prepare for SOC 2 #penetrationtesting". #Cybersecurity #PenTesting #infosec https://opsmtrs.com/3aPKkxS

0
0
0
11h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Microsoft、2026年4月の定例パッチを公開-CVE-2026-33824とCVE-2026-33827などの脆弱性を修正 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews

0
0
0
17h ago

CVE-2005-2541

Overview

Pending

10 Aug 2005

Published

07 Aug 2024

Updated

CVSS

Pending

EPSS

3.76%

MITRE

KEV

Description

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Statistics

1 Post
8 Interactions

Last activity: 3 hours ago

Fediverse

Aadaliina :blobCat: @ada

CVE-2005-2541 feels like a good example for some of what is wrong with CVSS :blobCat_eyes:

2
6
0
3h ago

CVE-2026-21445

Overview

langflow-ai
langflow

02 Jan 2026

Published

26 Feb 2026

Updated

CVSS v4.0

HIGH (8.8)

EPSS

6.97%

MITRE

KEV

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization. Version 1.7.0.dev45 contains a patch.

Statistics

2 Posts
2 Interactions

Last activity: 5 hours ago

Fediverse

CrowdSec @CrowdSec

🚨 In this week’s newsletter, we cover CVE-2026-21445, a Langflow authentication bypass now under active exploitation. We break down how PoCs turned into real attacks and what defenders should do next.

Read the full analysis and protect your systems 👉 https://www.crowdsec.net/vulntracking-report/cve-2026-21445-langflow-authentication-bypass-exploitation

1
1
1
5h ago

CVE-2026-41113

Overview

sagredo
qmail

16 Apr 2026

Published

18 Apr 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.10%

MITRE

KEV

Description

sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c.

Statistics

2 Posts
1 Interaction

Last activity: 3 hours ago

Fediverse

buherator @buherator

Command injection in a qmail fork (not the original!) - CVE-2026-41113:

"On the wire, a DNS label is just a length byte followed by up to 63 arbitrary bytes; RFC 1035 lets you put nearly anything in there, and most recursive resolvers will happily pass it through."

https://blog.calif.io/p/we-asked-claude-to-audit-sagredos

#LLM

1
0
1
3h ago

CVE-2026-6603

Overview

modelscope
agentscope

20 Apr 2026

Published

20 Apr 2026

Updated

CVSS v4.0

MEDIUM (6.9)

EPSS

0.04%

MITRE

KEV

Description

A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/_python.py. This manipulation causes code injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

1 Post
1 Interaction

Last activity: 8 hours ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

AI agents that can execute code introduce a new attack surface. CVE-2026-6603 shows how ModelScope AgentScope allows remote code injection via Python execution functions. 🔗 basefortify.eu/cve_reports/... #CyberSecurity #AI #CVE

0
1
0
8h ago

CVE-2026-33829

Overview

Microsoft
Windows 10 Version 1607

14 Apr 2026

Published

17 Apr 2026

Updated

CVSS v3.1

MEDIUM (4.3)

EPSS

0.07%

MITRE

KEV

Description

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

Statistics

1 Post

Last activity: 23 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

CVE-2026-33829: “One Click to Own the Domain” — How a Built‑In Windows Tool Leaks Your NTLMv2 Hash + Video Introduction A newly disclosed vulnerability (CVE‑2026‑33829) in the Windows Snipping Tool allows an attacker to silently steal a user’s NTLMv2 password hash over a network using a single…

0
0
0
23h ago

CVE-2020-11868

Overview

Pending

17 Apr 2020

Published

05 May 2025

Updated

CVSS v3.0

MEDIUM (5.9)

EPSS

Pending

MITRE

KEV

Description

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

Statistics

1 Post

Last activity: Last hour

Bluesky

piggo @pigondrugs.bsky.social

~Cybergcca~ CCCS issued 6 security advisories covering critical updates for IBM, Dell, Ubuntu, Red Hat, Moxa, and CISA ICS products. - IOCs: CVE-2020-11868 - #PatchNow #ThreatIntel #Vulnerability

0
0
0
Last hour