On 25th May 2021, VMware released a security advisory to address two vulnerabilities (CVE-2021-21986, CVE-2021-21985) for vCenter Server. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the vulnerable system. VMware has assigned critical severity for CVE-2021-21985 with a maximum CVSSv3 base score of 9.8. The severity of CVE-2021-21986 … Continue reading “VMware vCenter Server Multiple Vulnerabilities (CVE-2021-21986, CVE-2021-21985)”
Author: Pallavi Pangavhane
F5 BIG-IP Remote Code Execution Vulnerabilities (CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, CVE-2021-22992)
Overview On 10th March 2021, F5 released a security advisory to address multiple vulnerabilities for BIG-IP – CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992. Out of 7, 4 vulnerabilities are flagged as Critical, 2 rated as High and one rated as Medium in severity. Successful exploitation of these vulnerabilities could allow a remote attacker … Continue reading “F5 BIG-IP Remote Code Execution Vulnerabilities (CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, CVE-2021-22992)”
VMware vCenter Server Remote Code Execution Vulnerability (CVE-2021-21972)
Overview On February 23, 2021, VMware released an update to fix three vulnerabilities – CVE-2021-21972, CVE-2021-21973, and CVE-2021-21974. Out of these, CVE-2021-21972 is a critical remote code execution vulnerability with the highest CVE score (9.8). The bug exists in the vROPs (vRealize Operations) plugin of VMware vCenter Server. Successful exploitation of this vulnerability could allow … Continue reading “VMware vCenter Server Remote Code Execution Vulnerability (CVE-2021-21972)”
Google Chrome Heap Buffer Overflow Vulnerability (CVE-2021-21148)
Overview On 4th February 2021, Google released an update to fix a critical heap buffer overflow vulnerability (CVE-2021-21148) in the Chrome browser. It has been fixed in Chrome version 88.0.4324.150 for Windows, Mac, and Linux OS. The vulnerability was found in Google’s open-source JavaScript and WebAssembly engine called V8. Successful exploitation of this vulnerability could … Continue reading “Google Chrome Heap Buffer Overflow Vulnerability (CVE-2021-21148)”
Drupal Core Remote Code Execution Vulnerability (CVE-2020-13671)
Overview On 18 November 2020, Drupal released an advisory for critical Remote Code Execution Vulnerability (CVE-2020-13671). Successful exploitation of this vulnerability may allow attackers to take over vulnerable sites. The bug exists in Drupal core due to improper sanitization of certain filenames on uploaded files. This results in the files being interpreted as an invalid extension and can be treated as a wrong MIME … Continue reading “Drupal Core Remote Code Execution Vulnerability (CVE-2020-13671)”
Oracle Solaris Buffer Overflow Vulnerability (CVE-2020-14871)
Overview A critical buffer overflow vulnerability (CVE-2020-14871) was addressed in Oracle Critical Patch Update (CPU) released in October 2020. This vulnerability was present in the Pluggable authentication module, which is a component of Oracle Systems. Successful exploitation of this flaw could result in taking complete control over vulnerable systems with network access. FireEye security researchers … Continue reading “Oracle Solaris Buffer Overflow Vulnerability (CVE-2020-14871)”
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-14882)
Overview Recently, Oracle released the Critical Patch Update (CPU) for the critical RCE vulnerability (CVE-2020-14882). This vulnerability is discovered in the console component of WebLogic Server which is a product of Oracle Fusion Middleware. Successful exploitation of this flaw could result in taking complete control over vulnerable systems having network access. In this patch, two … Continue reading “Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-14882)”
HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)
Overview On 25 September 2020, HP released an advisory to address multiple vulnerabilities (CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927) in the HP Device Manager. Successful exploitation of these vulnerabilities could lead to dictionary attacks, unauthorized remote access to resources, and elevation of privilege. Description CVE-2020-6925 – This vulnerability exists due to weak cipher implementation in HP Device Manager. It may allow dictionary attacks against locally managed accounts in … Continue reading “HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)”
Tenda Routers Multiple Security Vulnerabilities
Overview Netlab security researchers published a report recently for a new Mirai-based IoT botnet called Ttint. This IoT botnet spreads by exploiting the two Tenda router zero-day vulnerabilities (CVE-2020-10987, second one is not yet disclosed). Ttint is a remote access Trojan based on Mirai botnet code. Traditional Mirai botnet is mostly used to launch a … Continue reading “Tenda Routers Multiple Security Vulnerabilities”
Apache OFBiz Remote Code Execution Vulnerability (CVE-2020-9496)
Overview: On 19 May 2020, Apache published an advisory to address an insecure deserialization vulnerability in Apache OFBiz. The vulnerability occurs due to Java serialization issues while processing requests sent to the “/webtools/control/xmlrpc” URL. This vulnerability may lead to a variety of attacks like stealing user/admin credentials. This issue can be escalated into a Remote … Continue reading “Apache OFBiz Remote Code Execution Vulnerability (CVE-2020-9496)”