logo
Vulnerability feed
Contributors
About
Blog
CONTRIBUTE

Check vulnerabilities

CVE exploitation data check using “IntheWild”

There are tens of thousands of vulnerabilities disclosed each year. Only a handful of them will ever be exploited.
Triaging vulnerabilities is hard, one thing is easy though: if you know something is actively exploited inTheWild you have to move within hours.
We believe that exploitation information is about safety and it should be easy to access and not be behind paywalls.

Get alerts on new reports of exploitation via RSS, Twitter, grab our docker image, the hourly database exports or get the full exploited list a /api/exploited

Most recently
exploited
in the wild

Vulnerability Feeds
CVE-2024-8956

Data reported first

11/04/2024

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. Additionally, the attacker can update individual configuration values or overwrite the whole file.

Reference

Credit

CVE-2024-8957

Data reported first

11/04/2024

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices.

Reference

Credit

CVE-2024-51378

Data reported first

10/29/2024

getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.

Reference

Credit

Thanks for the exploitation information!
google
microsoft
apple

Know when
to panic

warn

Get alerts for new exploited vulnerabilities

Be informed about the few vulnerabilities that really matter. Subscribe to the RSS and hook it up to your alerts channel, follow us on Twitter or look at our feed or API about new exploitations.
icon

Prioritize vulnerabilities

Your vulnerability scanners probably return thousands of vulnerabilities. Triaging and prioritizing them is hard. Use our hourly database export or directly the our CLI to enrich your reports about exploits and exploitation activity.
world

Find Exploits

Need to verify a vulnerability or the exploit you found seems to be broken. We collect exploits from a number of different sources and do the github scouring for you. Check out the report page or automate your searches using the CLI.
share

Share exploitation information

If you identified a new exploitation activity during research or just saw some reports are missing from out database, you can Tweet @inthewildio or similarly tag us in you LinkedIn post. You can also just use this form.
inTheWild

Help the Community Move Fast.

Contribute Now!
Contribute

How to
Contribute

As simple as writing a tweet

twitter
  • Add a @inthewildio tag
thumbnail
Impacket - Exploit for CVE-2020-17049
everyone can reply
Tweet

Post about it

linkedin
  • Add a @inthewildio tag

Create a post

thumbnail
You
Anyone
Exploitation of Atlassian Confluence CVE-2021-26084 is ongoing.
Patch immediately!
Add Hastag
Post
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy