An authenticated bypass vulnerability was discovered under Pulse Connect Secure (PCS), that allows an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway. News in the wild states that the new zero-day vulnerability in Pulse Secure VPN devices with CVE-2021-22893 were exploited to take over multiple US and European government … Continue reading “Pulse Connect Secure Remote Code Execution Vulnerability (CVE-2021-22893)”
Author: Dhiren Vaghela
Google Chrome and Microsoft Edge Zero-day Remote Code Execution Vulnerability
The second and effective zero day on Chromium-based browsers such as Google Chrome and Microsoft Edge was posted consecutively, just after yesterday’s zero-day RCE. This time, Frust, a security researcher, tweeted about a zero-day remote code execution vulnerability creating havoc in the browser-based vulnerability trend. He has released a working proof-of-concept exploit. Unless a threat … Continue reading “Google Chrome and Microsoft Edge Zero-day Remote Code Execution Vulnerability”
Google Chrome Zero-day Remote Code Execution Vulnerability
Rajvardhan Agarwal, a security researcher, recently tweeted about a zero-day remote code execution vulnerability creating havoc in the browser-based vulnerability trend. Hereleased a working proof-of-concept exploit for the RCE for the V8 JavaScript engine in Chromium-based browsers. This zero-day concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web … Continue reading “Google Chrome Zero-day Remote Code Execution Vulnerability”
SAP Multiple Vulnerabilities (CVE-2020-6287, CVE-2020-6207, CVE-2018-2380, CVE-2016-9563, CVE-2016-3976, CVE-2010-5326)
Unpatched SAP applications are vulnerable and actively exploited in the wild as per the report jointly published by SAP and Onapsis on Tuesday. Applications such as enterprise resource planning, customer relationship management software, and supply chain systems are being targeted. Onapsis researchers have recorded more than 300 successful exploit attempts from the middle of 2020 … Continue reading “SAP Multiple Vulnerabilities (CVE-2020-6287, CVE-2020-6207, CVE-2018-2380, CVE-2016-9563, CVE-2016-3976, CVE-2010-5326)”
Apache Solr Arbitrary File Read Vulnerability (Zero Day)
Recently, a critical zero-day vulnerability was observed in Apache Solr. Apache Solr, written in Java, is an open-source enterprise search platform from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features and rich document handling. As it has a dynamic range of … Continue reading “Apache Solr Arbitrary File Read Vulnerability (Zero Day)”
Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Microsoft has released patches for the four zero-days exploited in the attacks (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), discovered during the subsequent investigation. These bugs were observed by Microsoft Threat Intelligence Center (MSTIC) since January 2021. The OS giant, said that Hafnium operators used the four Exchange zero-days as part of a multi-part attack chain to … Continue reading “Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)”
Google Chrome Multiple Vulnerabilities (CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152, CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156, CVE-2021-21157)
Recently, on 16th Feb, 2021, Google released a stable update to address a number of CVEs – CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152, CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156 and CVE-2021-21157. Multiple vulnerabilities were discovered in Google Chrome that allowed an attacker to create a security problem, which has not been specified by the publisher yet. No POC or … Continue reading “Google Chrome Multiple Vulnerabilities (CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152, CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156, CVE-2021-21157)”
SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)
Three critical vulnerabilities were observed in SolarWinds products. All these severe bugs allow remote code execution with high privileges. At the time of this blog being published, there has been no active PoC in the wild. CVE-2021-25274 – MSMQ Remote Code Execution SolarWinds Collector Service uses MSMQ (Microsoft Message Queue), and it doesn’t set permissions … Continue reading “SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)”
DNSpooq vulnerability (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)
Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment. Multiple organizations, operating systems and products were affected by the DNSpooq vulnerability. Attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks on affected … Continue reading “DNSpooq vulnerability (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)”
SAP Solution Manager Missing Authentication Vulnerability (CVE-2020-6207)
Tracked as CVE-2020-6207, an age-old critical vulnerability with a CVSS score of 10 has come into the limelight at the start of 2021. The vulnerability belongs to SAP Solution Manager version 7.2 (March 2020), for which SAP released a patch in March 2020. SolMan is a centralized application used to manage on-premises, hybrid, and cloud … Continue reading “SAP Solution Manager Missing Authentication Vulnerability (CVE-2020-6207)”