Summary: A sensitive and yet extreme scope changing vulnerability was disclosed as zero-day recently in Netgear Routers. Adam, who has deep-dived into Netgear routers had tested various models and firmware has come up with this idea of this vulnerability. As an organization, Netgear it trying to workaround for the same, henceforth, no official advisory or … Continue reading “Netgear Stack Overflow to Remote Code Execution Vulnerability”
Author: Dhiren Vaghela
Cisco NX-OS IP-in-IP Information Disclosure vulnerability (CVE-2020-10136)
Summary: Multiple products such as Cisco, Digi, HP and such other were reported to be vulnerable to IP-in-IP packet processing vulnerability. CVE-2020-10136 and CWE-19 were assigned to the said vulnerability. Here we’ll share some information about the same for Cisco NX-OS devices. Description: An authentication is primary requirement to access this vulnerability. An unauthenticated attacker … Continue reading “Cisco NX-OS IP-in-IP Information Disclosure vulnerability (CVE-2020-10136)”
Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)
Update June 5, 2020: Qualys’ standard procedure is to give proper credit to the security research teams working diligently to discover and report vulnerabilities. In our rush to deliver this article to customers, we missed giving credit to the talented Cisco Talos team, who are the original authors of this research. After additional review with a … Continue reading “Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)”
ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)
Summary: Two critical vulnerabilities were observed as CVE-2020-8616 and CVE-2020-8617 for ISC BIND in May 2020. To address those vulnerabilities patches were released. ISC Berkeley Internet Name Domain (BIND) is the most widely used Domain Name System (DNS) software on the Internet. This vulnerability can be exploited when an unwanted user get an access of … Continue reading “ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)”
CISCO ANYCONNECT secure mobility client on Windows Privilege Escalation Vulnerability (CVE-2020-3153)
Summary: Recently,a critical vulnerability was observed in wild in Cisco AnyConnect Secure Mobility Client on Windows. Its a privilege escalation vulnerability occurs with a manipulation with an unknown input. Classified as CWE-427 impacting the CIA triad. Description: This vulnerability is exploitable only by an authenticated as well as local attacker. It allows an attacker to … Continue reading “CISCO ANYCONNECT secure mobility client on Windows Privilege Escalation Vulnerability (CVE-2020-3153)”
Thunderspy attacking Thunderbolt enabled PCs
Summary: In February 2020, researchers reached out to Intel with a report on Thunderbolt, which they refer to as “Thunderspy”. The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019. Description: This Vulnerability is in fact new, and their … Continue reading “Thunderspy attacking Thunderbolt enabled PCs”
Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR
Summary: Amidst the global pandemic time period, DHS CISA and FBI share list of top 10 most exploited vulnerabilities on May 12,2020. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to … Continue reading “Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR”
Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)
Summary: In the start of May 2020, a mischievous exploit has been out in the wild that uses two CVEs in combination to perform insecure deserialization to a vendor named Telerik. The vulnerability lies in a suite of UI components for web applications called Telerik UI for ASP.NET AJAX. The insecure deserialization of JSON objects … Continue reading “Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)”
Draytek Command Injection Vulnerability (CVE-2020-8515)
Summary: In the first week of May 2020,certain vulnerabilities have been observed that allows command injection in DrayTek devices. DrayTek manufactures firewalls, VPN devices, routers and wireless LAN devices. Successful exploitation could allow an attacker to manipulate and play on network traffic, escalated privileges or accounts even, operate SSH ans as such. Description: DrayTek Vigor … Continue reading “Draytek Command Injection Vulnerability (CVE-2020-8515)”
Saltstack multiple Vulnerabilities (CVE-2020-11651, CVE-2020-11652)
Summary: Amidst the global Pandemic, a serious hacking campaign is currently underway, and several companies have been hacked already., that stands in Fortune 500 companies. For the past 24 hours, hackers have been mass-scanning the internet for Salt, a type of software used as configuration management inside data centers, cloud server clusters, and enterprise networks. … Continue reading “Saltstack multiple Vulnerabilities (CVE-2020-11651, CVE-2020-11652)”
