βΌ CVE-2021-33354 βΌ
π Read
via "National Vulnerability Database".
Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40756 βΌ
π Read
via "National Vulnerability Database".
If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20847 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DHCP messages. An attacker could exploit this vulnerability by sending malicious DHCP messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20769 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20848 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20945 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by the AP. An attacker could exploit this vulnerability by sending a crafted 802.11 association request to a nearby device. An exploit could allow the attacker to unexpectedly reload the device, resulting in a DoS condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40341 βΌ
π Read
via "National Vulnerability Database".
mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20930 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36865 βΌ
π Read
via "National Vulnerability Database".
Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20810 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20775 βΌ
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20855 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. To successfully exploit this vulnerability, an attacker would need valid credentials for a privilege level 15 user of the wireless controller.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20818 βΌ
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40944 βΌ
π Read
via "National Vulnerability Database".
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20856 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition.π Read
via "National Vulnerability Database".
π΄ LA School District Ransomware Attackers Now Threaten to Leak Stolen Data π΄
π Read
via "Dark Reading".
Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid.π Read
via "Dark Reading".
Darkreading
LA School District Ransomware Attackers Now Threaten to Leak Stolen Data
Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid.
π΄ Worried About the Exchange Zero-Day? Here's What to Do π΄
π Read
via "Dark Reading".
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations.π Read
via "Dark Reading".
Darkreading
Worried About the Exchange Zero-Day? Here's What to Do
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations.
π€1
βΌ CVE-2022-42002 βΌ
π Read
via "National Vulnerability Database".
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.π Read
via "National Vulnerability Database".
β S3 Ep102.5: βProxyNotShellβ Exchange bugs β an expert speaks [Audio + Text] β
π Read
via "Naked Security".
Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
ποΈ Nepxion Discovery software with Spring Cloud functionality fails to patch RCE, info leak bugs ποΈ
π Read
via "The Daily Swig".
Maintainer of Chinese project closes public issue apparently without issuing a fixπ Read
via "The Daily Swig".
ποΈ Microsoft confirms zero-day exploits against Exchange Server in βlimitedβ attacks ποΈ
π Read
via "The Daily Swig".
βProxyNotShellβ abuse less severe than 2021 attack wave due to authentication requirementπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Microsoft confirms zero-day exploits against Exchange Server in βlimitedβ attacks
βProxyNotShellβ abuse less severe than 2021 attack wave due to authentication requirement