Tag: cve
-
Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788
In a recent investigation, Kaspersky’s Global Emergency Response Team (GERT) uncovered active exploitation of a patched vulnerability in Fortinet FortiClient EMS. This SQL injection vulnerability, identified as CVE-2023-48788, affects FortiClient... First seen on securityonline.info Jump to article: securityonline.info/kaspersky-uncovers-active-exploitation-of-fortinet-vulnerability-cve-2023-48788/
-
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM
Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. >>A relative path traversal [CWE-23] in FortiWLM may allow a remote, unauthenticated…
-
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information.The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0.”A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive…
-
Apache Tomcat Conditional Competition Code Execution Vulnerability (CVE-2024-50379)
Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement, fixing the Apache Tomcat conditional competition code execution vulnerability (CVE-2024-50379). Due to the inconsistency between Windows file system and Tomcat in case-distinguishing processing of paths, when the write function of default servlet is enabled (set readonly=false and allow PUT method), unauthenticated attackers can construct…The…
-
Next.js Vulnerability Let Attackers Bypass Authentication
A high-severity vulnerability has been discovered in the popular web framework, Next.js, which allows attackers to bypass authentication under specific circumstances. The issue, cataloged as CVE-2024-51479, affects versions from 9.5.5 up to 14.2.14. Developers using these versions must quickly upgrade to the patched version 14.2.15 to secure their applications. Authorization Bypass in Next.js ( CVE-2024-51479)…
-
Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677
Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) in Apache Struts. A remote attacker could exploit this vulnerability to upload malicious files, potentially leading to arbitrary code execution. >>An attacker can…
-
1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely
GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting (XSS) attacks and other security compromises. The vulnerabilities, tracked as CVE-2024-52875 and KIS-2024-07, highlight the…
-
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution.The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug the project maintainers addressed in December 2023 (CVE-2023-50164,…
-
New critical Apache Struts flaw exploited to find vulnerable servers
A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-critical-apache-struts-flaw-exploited-to-find-vulnerable-servers/
-
Cleo releases CVE for actively exploited flaw in file-transfer software
Researchers confirmed a new zero-day vulnerability is separate from a flaw originally disclosed in October. A notorious ransomware group;linked itself to the attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cleo-exploited-flaw-file-transfer-software/735664/
-
Cleo zero-day vulnerability gets CVE as attacks continue
The new Cleo zero-day vulnerability, CVE-2024-55956, is separate from CVE-2024-50623 despite both vulnerabilities being used by threat actors to target the same endpoints. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617333/Cleo-zero-day-vulnerability-gets-CVE-as-attacks-continue
-
Hitachi Authentication Bypass Vulnerability Allows Attackers to Hack the System Remotely
Critical Authentication Bypass Vulnerability Identified in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer. A severe vulnerability has been discovered in Hitachi’s Infrastructure Analytics Advisor and Ops Center Analyzer, posing a significant security risk to users of these products. The vulnerability, identified as CVE-2024-10205, has a CVSS 3.1 score of 9.4, categorized as >>High.
-
CISA Warns of Adobe Windows Kernel Driver Vulnerabilities Exploited in Attacks
Tags: access, adobe, attack, cisa, control, cve, cyber, cybersecurity, exploit, infrastructure, kev, malicious, risk, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, actively exploited by malicious actors, underscore the growing risks facing organizations. Adobe ColdFusion Access Control Weakness (CVE-2024-20767) One of the newly added vulnerabilities, CVE-2024-20767, affects Adobe ColdFusion due to improper access…
-
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
Tags: access, adobe, cisa, control, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.The list of flaws is below -CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or…
-
Security community raises concern as Cleo file-transfer CVE delayed
After the company urged users to patch a critical flaw, researchers are asking about the lack of a CVE and additional guidance. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/security-cleo-file-transfer-cve-delayed/735517/
-
Cleo MFT Zero-Day Exploits Are About to Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cleo-mft-zero-day-exploits-escalate-analysts-warn
-
CVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for Exploitation
The Cl0p ransomware group has taken credit for exploitation of the Cleo product vulnerability tracked as CVE-2024-55956. The post CVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for Exploitation appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cve-assigned-to-cleo-vulnerability-as-cl0p-ransomware-group-takes-credit-for-exploitation/
-
Apache Struts Arbitrary File Upload Vulnerability S2-067 (CVE-2024-53677)
Overview Recently, NSFOCUS CERT monitored that Apache released a security bulletin, fixing the Apache Struts arbitrary file upload vulnerability S2-067 (CVE-2024-53677). Due to a logical defect in the file upload function, an unauthenticated attacker can perform path traversal by controlling the file upload parameters, thereby uploading malicious files to achieve remote code execution. The CVSS…The…
-
Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads
Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source framework for developing Java web applications. The vulnerability, assigned the identifier CVE-2024-53677, has a critical CVSS score of 9.5, indicating its potential for severe impact if left unaddressed. Background on the Vulnerability Apache Struts2 announced the vulnerability last week, highlighting…
-
SAP-Systeme geraten zunehmend ins Visier von Cyber-Angreifern
Tags: access, authentication, china, cve, cyber, cybercrime, dark-web, exploit, hacker, intelligence, Internet, ransomware, sap, siem, update, vulnerability, zero-daywidth=”5000″ height=”2813″ sizes=”(max-width: 5000px) 100vw, 5000px”>Angriffe auf SAP-Systeme versprechen Hackern fette Beute. ShutterstockEin Rückblick auf Bedrohungsdaten aus den zurückliegenden vier Jahren macht deutlich, dass immer mehr Cyberkriminelle SAP-Systeme ins Visier nehmen. Das berichtete Yvan Genuer, leitender Sicherheitsforscher bei Onapsis auf der Black Hat Europe, die vom 9. bis 12. Dezember 2024 in London stattfand. Demzufolge…
-
Kritische Schwachstelle in Mitel MiCollab-Telefonanlage
In Mitel MiCollab-Telefonanlagen gibt es die Authentication Bypass Schwachstelle CVE-2024-41713, die einen Lesezugriff auf Dateien ermöglicht. Inzwischen gibt es auch ein Proof of Concept (PoC) und Hunter.io hat über 14.000 dieser angreifbaren Anlagen im Internet erreichbar gefunden. MiCollab ist eine … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/13/kritische-schwachstelle-in-mitel-micollab-telefonanlage/
-
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cleo-mft-zero-day-exploits-escalate-analysts-warn
-
BTS #43 CVE Turns 25
In this episode, Paul Asadoorian, Alec Summers, and Lisa Olson discuss the 25th anniversary of the CVE program, its evolution, and the importance of transparency in vulnerability management. They explore the history of CVE, the process of creating CVE records, and the role of CNAs in ensuring accountability. The conversation also addresses challenges related to……
-
Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages.The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting…
-
Cleo releases new patch as threat groups ramp up exploitation of critical CVE
Researchers warned that companies primarily;in the trucking, food, retail and shipping industries were under attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cleo-patch-threat-groups-exploitation/735388/