‼ CVE-2022-35230 ‼
📖 Read
via "National Vulnerability Database".
An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-23163 ‼
📖 Read
via "National Vulnerability Database".
JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.33.6 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x.📖 Read
via "National Vulnerability Database".
🕴 Roundtable: Amid Cyberattack Frenzy, How Can QNAP Customers Protect the Business? 🕴
📖 Read
via "Dark Reading".
Our roundtable of cybersecurity experts weighs in on what makes QNAP network-attached storage catnip for attackers, and what organizations can do about it.📖 Read
via "Dark Reading".
Dark Reading
Roundtable: Amid Cyberattack Frenzy, How Can QNAP Customers Protect the Business?
Our roundtable of cybersecurity experts weighs in on what makes QNAP network-attached storage catnip for attackers, and what organizations can do about it.
🗓️ High severity OpenSSL bug could lead to remote code execution 🗓️
📖 Read
via "The Daily Swig".
Fixes are available, update now📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
High severity OpenSSL bug could lead to remote code execution
Fixes are available, update now
‼ CVE-2022-32385 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32383 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32290 ‼
📖 Read
via "National Vulnerability Database".
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to this TCP port and send HTTP requests. The Mender Client will forward these requests to the Mender Server. Additionally, if mTLS is set up, the Mender Client will connect to the Mender Server using the device's client certificate, making it possible for the attacker to bypass mTLS authentication and send requests to the Mender Server without direct access to the client certificate and related private key. Accessing the HTTP proxy from the local network doesn't represent a direct threat, because it doesn't expose any device or server-specific data. However, it increases the attack surface and can be a potential vector to exploit other vulnerabilities both on the Client and the Server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28935 ‼
📖 Read
via "National Vulnerability Database".
Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31678 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can delete import information about a user's company.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24138 ‼
📖 Read
via "National Vulnerability Database".
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31679 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that allows attackers to delete admin and other members' account numbers.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32386 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24139 ‼
📖 Read
via "National Vulnerability Database".
In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31676 ‼
📖 Read
via "National Vulnerability Database".
A reflected XSS was discovered in PESCMS-V2.3.3. When combined with CSRF in the same file, they can cause bigger destruction.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24141 ‼
📖 Read
via "National Vulnerability Database".
The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient().📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33980 ‼
📖 Read
via "National Vulnerability Database".
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37839 ‼
📖 Read
via "National Vulnerability Database".
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31677 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24140 ‼
📖 Read
via "National Vulnerability Database".
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file and will try to install the update automatically with ADMIN privileges. An attacker Intercepting this communication can supply the product a fake config file with malicious locations for the updates thus gaining a remote code execution on an endpoint.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30591 ‼
📖 Read
via "National Vulnerability Database".
** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_discoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the vendor's position is that this behavior should not be listed as a vulnerability on the CVE List.📖 Read
via "National Vulnerability Database".
🕴 The Cyber-Asset Management Playbook for Supply Chain Modernization 🕴
📖 Read
via "Dark Reading".
Organizations must balance the risk and reward of new cyber-asset management technologies.📖 Read
via "Dark Reading".
Dark Reading
The Cyber-Asset Management Playbook for Supply Chain Modernization
Organizations must balance the risk and reward of new cyber-asset management technologies.