β Keep Attackers Out of VPNs: Feds Offer Guidance β
π Read
via "Threat Post".
The NSA and CISA issued recommendations on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.π Read
via "Threat Post".
Threat Post
Keep Attackers Out of VPNs: Feds Offer Guidance
The NSA and CISA issued guidance on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.
βΌ CVE-2020-20128 βΌ
π Read
via "National Vulnerability Database".
LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.π Read
via "National Vulnerability Database".
βΌ CVE-2020-20131 βΌ
π Read
via "National Vulnerability Database".
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.π Read
via "National Vulnerability Database".
βΌ CVE-2020-20781 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41034 βΌ
π Read
via "National Vulnerability Database".
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Java 8 (alpine and centos), Android and PHP. The vulnerability is not exploitable at runtime but only when building Che.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41821 βΌ
π Read
via "National Vulnerability Database".
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager.π Read
via "National Vulnerability Database".
βΌ CVE-2020-20129 βΌ
π Read
via "National Vulnerability Database".
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25963 βΌ
π Read
via "National Vulnerability Database".
In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41616 βΌ
π Read
via "National Vulnerability Database".
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used ObjectInputStream.readObject without validating that the input data was safe to deserialize. Please note that DdlUtils is no longer being actively developed. To address the insecurity of the BinaryObjectHelper class, the following changes to DdlUtils have been made: (1) BinaryObjectsHelper.java has been deleted from the DdlUtils source repository and the DdlUtils feature of propagating data of SQL binary types is therefore no longer present in DdlUtils; (2) The ddlutils-1.0 release has been removed from the Apache Release Distribution Infrastructure; (3) The DdlUtils web site has been updated to indicate that DdlUtils is now available only as source code, not as a packaged release.π Read
via "National Vulnerability Database".
β Thousands of University Wi-Fi Networks Expose Log-In Credentials β
π Read
via "Threat Post".
Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.π Read
via "Threat Post".
Threat Post
Thousands of University Wi-Fi Networks Expose Log-In Credentials
Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.
βΌ CVE-2021-41292 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and circumvent physical access controls in smart homes and buildings and manipulate HVAC.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41295 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands (GET, POST, PUT, DELETE) to perform arbitrary operations in the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41302 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain userΓ’β¬β’s privilege.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41298 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41300 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controllerΓ’β¬β’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41291 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41296 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41293 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41301 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41297 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41290 βΌ
π Read
via "National Vulnerability Database".
ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device.π Read
via "National Vulnerability Database".