βΌ CVE-2021-20038 βΌ
π Read
via "National Vulnerability Database".
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20040 βΌ
π Read
via "National Vulnerability Database".
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20044 βΌ
π Read
via "National Vulnerability Database".
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20039 βΌ
π Read
via "National Vulnerability Database".
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20043 βΌ
π Read
via "National Vulnerability Database".
A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20045 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20041 βΌ
π Read
via "National Vulnerability Database".
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20042 βΌ
π Read
via "National Vulnerability Database".
An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.π Read
via "National Vulnerability Database".
β Emotetβs Behavior & Spread Are Omens of Ransomware Attacks β
π Read
via "Threat Post".
The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets.π Read
via "Threat Post".
Threat Post
Emotetβs Behavior & Spread Are Omens of Ransomware Attacks
The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets.
π΄ 5 Tips to Stay on the Offensive and Safeguard Your Attack Surface π΄
π Read
via "Dark Reading".
New, global-scale attacks aren't a security problem; they're a big data problem requiring a data-led solution.π Read
via "Dark Reading".
Dark Reading
5 Tips to Stay on the Offensive and Safeguard Your Attack Surface
New, global-scale attacks aren't a security problem; they're a big data problem requiring a data-led solution.
βΌ CVE-2021-43064 βΌ
π Read
via "National Vulnerability Database".
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43063 βΌ
π Read
via "National Vulnerability Database".
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to the login webpage.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41014 βΌ
π Read
via "National Vulnerability Database".
A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to make the httpsd daemon unresponsive via huge HTTP packetsπ Read
via "National Vulnerability Database".
βΌ CVE-2021-36191 βΌ
π Read
via "National Vulnerability Database".
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlersπ Read
via "National Vulnerability Database".
βΌ CVE-2021-41015 βΌ
π Read
via "National Vulnerability Database".
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to SAML login handlerπ Read
via "National Vulnerability Database".
βΌ CVE-2021-41024 βΌ
π Read
via "National Vulnerability Database".
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26109 βΌ
π Read
via "National Vulnerability Database".
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41027 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36190 βΌ
π Read
via "National Vulnerability Database".
A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26108 βΌ
π Read
via "National Vulnerability Database".
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.π Read
via "National Vulnerability Database".
π¦Ώ Telemedicine: Doctors and patients are both worried about privacy and data security π¦Ώ
π Read
via "Tech Republic".
Kaspersky survey finds 34% of telehealth providers admit to a wrong diagnosis due to poor video or photo quality.π Read
via "Tech Republic".
TechRepublic
Telemedicine: Doctors and patients are both worried about privacy and data security
Kaspersky survey finds 34% of telehealth providers admit to a wrong diagnosis due to poor video or photo quality.