Browse all 5 CVE security advisories affecting DEMON1A. AI-powered Chinese analysis, POCs, and references for each vulnerability.
DEMON1A primarily targets enterprise applications, focusing on unauthorized access and data exfiltration. Historically, it exploits RCE vulnerabilities, XSS flaws, and privilege escalation weaknesses to gain system control. The actor demonstrates sophisticated evasion techniques, often using living-off-the-land tactics to avoid detection. With five CVEs attributed, it consistently targets outdated software components and misconfigured services. Notable characteristics include its persistence mechanisms and lateral movement capabilities. While no major public incidents have been definitively linked, its activity pattern suggests organized operations with potential state sponsorship. DEMON1A remains a persistent threat, particularly to organizations with legacy systems and insufficient patch management practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-21663 | Remote code execution on ReconServer due to improper input sanitization on the prips command — Discord-ReconCWE-20 | 10.0 | Critical | 2024-01-08 |
| CVE-2021-29466 | Path Traversal at Discord-Recon .recon Command Path — Discord-ReconCWE-24 | 6.5 | Medium | 2021-04-22 |
| CVE-2021-29465 | Remote file overwrite on discord-recon can result in DoS and Remote Code Execution — Discord-ReconCWE-94 | 8.3 | High | 2021-04-22 |
| CVE-2021-29461 | LFI and possible code execution on discord-recon using tools arguments — Discord-ReconCWE-94 | 8.1 | High | 2021-04-20 |
| CVE-2021-21433 | Remote code execution on discord-recon .dirsearch and .arjun commands due to improper input validation — Discord-ReconCWE-94 | 9.9 | Critical | 2021-04-09 |
This page lists every published CVE security advisory associated with DEMON1A. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.