โผ CVE-2021-36916 โผ
๐ Read
via "National Vulnerability Database".
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. The function "hmwp_get_user_ip" tries to retrieve the IP address from multiple headers, including IP address headers that the user can spoof, such as "X-Forwarded-For." As a result, the malicious payload supplied in one of these IP address headers will be directly inserted into the SQL query, making SQL injection possible.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-38873 โผ
๐ Read
via "National Vulnerability Database".
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.๐ Read
via "National Vulnerability Database".
๐ด How Threat Actors Get into OT Systems ๐ด
๐ Read
via "Dark Reading".
The convergence and integration of OT and IT has resulted in a growing number of cyber risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.๐ Read
via "Dark Reading".
Dark Reading
How Threat Actors Get Into OT Systems
The convergence and integration of OT and IT has resulted in a growing number of cyber-risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.
โผ CVE-2021-41267 โผ
๐ Read
via "National Vulnerability Database".
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-41270 โผ
๐ Read
via "National Vulnerability Database".
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-41268 โผ
๐ Read
via "National Vulnerability Database".
Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-43778 โผ
๐ Read
via "National Vulnerability Database".
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22957 โผ
๐ Read
via "National Vulnerability Database".
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said userรขโฌโขs account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-44219 โผ
๐ Read
via "National Vulnerability Database".
Gin-Vue-Admin before 2.4.6 mishandles a SQL database.๐ Read
via "National Vulnerability Database".
๐ฆฟ Get 1,000 hours of cybersecurity training for $21 this Black Friday ๐ฆฟ
๐ Read
via "Tech Republic".
Stay up to date for a lifetime with this cybersecurity training bundle with more than 1,000 hours of instruction.๐ Read
via "Tech Republic".
TechRepublic
Get 1,000 hours of cybersecurity training for $21 this Black Friday
Stay up to date for a lifetime with this cybersecurity training bundle with more than 1,000 hours of instruction.
๐๏ธ Data breach at New Mexico healthcare business impacts 62,000 state residents ๐๏ธ
๐ Read
via "The Daily Swig".
True Health New Mexico was hit by a cyber-attack in October๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Data breach at New Mexico healthcare business impacts 62,000 state residents
True Health New Mexico was hit by a cyber-attack in October
โ S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast] โ
๐ Read
via "Naked Security".
Latest episode - listen now! Solid cybersecurity advice in plain English.๐ Read
via "Naked Security".
Naked Security
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
Latest episode โ listen now! Solid cybersecurity advice in plain English.
๐๏ธ WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws ๐๏ธ
๐ Read
via "The Daily Swig".
Bugs deemed โvery easy to exploit as they require no prerequisitesโ๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws
Bugs deemed โvery easy to exploit as they require no prerequisitesโ
โ New Twists on Gift-Card Scams Flourish on Black Friday โ
๐ Read
via "Threat Post".
Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.๐ Read
via "Threat Post".
Threat Post
New Twists on Gift-Card Scams Flourish on Black Friday
Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.
๐๏ธ New differential fuzzing tool reveals novel HTTP request smuggling techniques ๐๏ธ
๐ Read
via "The Daily Swig".
White paper systematically examines the attack while showcasing a โlaundry listโ of new flaws๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
New differential fuzzing tool reveals novel HTTP request smuggling techniques
White paper systematically examines the attack while showcasing a โlaundry listโ of new flaws
โผ CVE-2021-44223 โผ
๐ Read
via "National Vulnerability Database".
WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2021-44225 โผ
๐ Read
via "National Vulnerability Database".
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property๐ Read
via "National Vulnerability Database".
๐๏ธ Maritime giant Swire Pacific Offshore suffers data breach following cyber-attack ๐๏ธ
๐ Read
via "The Daily Swig".
Organization said it suffered โunauthorized accessโ to systems๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Maritime giant Swire Pacific Offshore suffers data breach following cyber-attack
Organization said it suffered โunauthorized accessโ to systems
๐๏ธ Microsoft pushes ahead with controversial โbuy now, pay laterโ feature for Edge browser ๐๏ธ
๐ Read
via "The Daily Swig".
โItโs like youโre recapitulating the worst IE browser extensions and installing them by defaultโ, grumbles one user๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Microsoft pushes ahead with controversial โbuy now, pay laterโ feature for Edge browser
โItโs like youโre recapitulating the worst IE browser extensions and installing them by defaultโ, grumbles one user
โผ CVE-2021-38686 โผ
๐ Read
via "National Vulnerability Database".
An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later๐ Read
via "National Vulnerability Database".
โผ CVE-2021-38685 โผ
๐ Read
via "National Vulnerability Database".
A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later๐ Read
via "National Vulnerability Database".