APSB24-05, APSB24-14: Multiple vulns in Adobe products, critical rating 🔥

Two vulnerabilities from the new Adobe security bulletin, the exploitation of which will allow an attacker to achieve arbitrary file system read, code execution, and security feature bypass.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/EEZn7
👉🏻 Dork: tag.name:"adobe_experience_manager" OR tag.name:"adobe_coldfusion"

Vendor's advisory: https://helpx.adobe.com/security/security-bulletin.html

CVE-2024-23334: Path Traversal in aiohttp Python lib, 7.5 rating❗

An old vulnerability that has started to gain attention again recently. According to Cyble research, attackers have been scanning nodes with a vulnerable version of the library since the end of February. We recommend that everyone who uses it update immediately!

Search at Netlas.io:
👉 Link: https://nt.ls/lrzzv
👉 Dork: http.headers.server:"aiohttp"

Read more: https://www.bleepingcomputer.com/news/security/hackers-exploit-aiohttp-bug-to-find-vulnerable-networks/

🚧Planned update 🚧

The update will last 21.03.2024 from ~08:00 - 09:00 UTC ⏰, during which time the application will be unavailable.

Don't forget to save the results of your work before this.

Major Attack Surface Discovery Tool update🔥

New features:
- Grouping results;
- Group searches;
- Improved color segregation;
- Hiding excluded nodes;
- History tab;
and more.

👉 Read more: https://blog.netlas.io/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb
👉 Help topic: https://docs.netlas.io/easm/
👉 Try now: https://app.netlas.io/asd/

Come quickly and test the new functionality of Netlas! ✨

How to find industrial objects with Netlas.io? 🏭

Short cheat sheet based on one of our articles. A few filters will allow you to make sure that nearby factories are protected.

👉 Read more about industrial devices search: https://medium.com/@netlas/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2

CVE-2024-21677: Path Traversal in Atlassian Confluence, 8.3 rating❗

The vulnerability discovered during the Bug Bounty program allows an unauthenticated attacker to carry out actions that threaten the confidentiality and availability of the system. The patch has already been released.

Search at Netlas.io:
👉 Link: https://nt.ls/mghaY
👉 Dork: http.meta:"confluence-base-url"

Vendor's bulletin: https://confluence.atlassian.com/security/security-bulletin-march-19-2024-1369444862.html

CVE-2024-20767: Improper Access Control in Adobe ColdFusion, 8.2 rating❗️

A new vulnerability in ColdFusion that allows an unauthenticated attacker to gain access to sensitive files. PoC is available!

Search at Netlas.io:
👉🏻 Link: https://nt.ls/jl0cW
👉🏻 Dork: tag.name:"adobe_coldfusion"

Vendor's bulletin: https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

CVE-2024-31136 and other: Multiple vulns in JetBrains TeamCity, 4.1 - 7.4 rating❗

Seven new vulnerabilities in TeamCity: Improrer Validation, Neutralization and others. Install the patch quickly!

Search at Netlas.io:
👉 Link: https://nt.ls/HmnT2
👉 Dork: tag.name:"teamcity"

Vendor's advisories: https://www.jetbrains.com/privacy-security/issues-fixed/

CVE-2024-2879: SQL injection in LayerSlider plugin for WordPress, 9.8 rating 🔥

Plugin used on millions of websites had a feature that was vulnerable to blind SQL injection. If the vulnerability was successfully exploited, the attacker could gain access to any confidential information.

Search at Netlas.io:
👉 Link: https://nt.ls/8CmgD
👉 Dork: http.body:"plugins/layerslider"

Read more: https://www.wordfence.com/blog/2024/04/5500-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-layerslider-wordpress-plugin/

👾 Netlas 0.23.1 update 👾

👉 Two API endpoints added, one depricated
👉 API schema documentation updated
🐞 Super annoying autocomplete bug fixed!

❗ We also noticed that Netlas is often used through a proxy without registration. To reduce the load on the servers, the number of requests available to unregistered users has been reduced to 10 ❗


Changelog: https://nt.ls/changelog


📖 Netlas Docs update 📖

👉 To learn more about the features of Netlas Search tools, read the recently published help topic: https://nt.ls/pPte1
👉 Details and examples of usage Netlas IP/Domain tool: https://nt.ls/wDuYN

CVE-2024-3273: RCE in D-Link NAS, 7.3 rating 🔥

The vulnerability can be exploited due to a combination of two weaknesses: a hardcoded account and the ability to inject commands through the “system” parameter. There are many devices affected that have reached the end of their lifespan.

According to GreyNoise, hackers are already carrying out attacks! 😨

Search at Netlas.io:
👉 Link: https://nt.ls/TyD6H
👉 Dork: http.body:"Text:In order to access the ShareCenter"

Read more: https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-92-000-d-link-nas-devices-now-exploited-in-attacks/

❗️Cookie consent update❗️

To improve usability and functionality of the site, as well as in connection with new requirements from Google, we are changing the mechanism for obtaining cookie consent.

After the update, consent will be consistent across all of our resources, including the website, app, and help portal.

We would be grateful if you check the box again ✅

Bug Bounty reconnaissance with Netlas.io 🔍

👉🏻 Try it: https://nt.ls/host

CVE-2024-3400: command injection in Palo Alto Networks PAN-OS, 10.0 rating 🔥🔥🔥

A 0-day vulnerability in PAN-OS that allows an unauthenticated attacker to execute arbitrary code on the firewall with root rights. According to Palo Alto Networks, attacks have already been carried out that exploit this vulnerability!

Search at Netlas.io:
👉 Link: https://nt.ls/eprag
👉 Dork: tag.name:"palo_alto"

Vendor's advisory: https://security.paloaltonetworks.com/CVE-2024-3400

🔥 Netlas.io Discord server 🔥

Engage in live chat with our community on Discord!

Here you can quickly get answers to important questions, talk with other users, and read the latest news in a new convenient format.

👉 Follow the link: https://nt.ls/discord

CVE-2024-21006: Vulnerability in Oracle WebLogic Server, 7.5 rating❗

Vulnerability from the report on the new Oracle patch. Allows an unauthenticated attacker to gain unauthorized access to critical activities. According to NVD, exploitation is quite simple.

Search at Netlas.io:
👉 Link: https://nt.ls/RrPD2
👉 Dork: port:7001 AND protocol:t3

Read more: https://nvd.nist.gov/vuln/detail/CVE-2024-21006

Business-focused OSINT with Netlas.io 🔎

Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!

👉 Read here: https://nt.ls/osint

Good news 🔥

Yesterday we fixed three bugs in subscription system that were discovered during the penetration testing.

Now Netlas has become even safer!

👉🏻 Changelog: https://docs.netlas.io/changelog/

New vulnerability in CrushFTP, "serious" rating 🔥

The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already been used in real attacks!

Search at Netlas.io:
👉🏻 Link: https://nt.ls/5fGPm
👉🏻 Dork: http.headers.server:"CrushFTP"

Vendor's advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update

CVE-2024-20356: Command Injection in Cisco Integrated Management Controller, 8.7 rating 🔥

The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!

Search at Netlas.io:
👉🏻 Link: https://nt.ls/WixwE
👉🏻 Dork: http.title:"Cisco Integrated Management Controller"

Read more: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/