Pulse Connect Secure Remote Code Execution via Uncontrolled Gzip Extraction (CVE-2020-8260)

On Oct 26th, 2020, Pulse issued a security advisory addressing multiple vulnerabilities of high severity in Pulse appliances. Among the multiple vulnerabilities, CVE-2020-8260 was identified as a Remote Code Execution vulnerability via Uncontrolled Gzip Extraction with a CVSSv3 base score of 7.2. Vulnerability Details: Security researchers Richard Warren and David Cash of NCC Group Research … Continue reading “Pulse Connect Secure Remote Code Execution via Uncontrolled Gzip Extraction (CVE-2020-8260)”

HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)

Overview  On 25 September 2020, HP released an advisory to address multiple vulnerabilities (CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927) in the HP Device Manager. Successful exploitation of these vulnerabilities could lead to dictionary attacks, unauthorized remote access to resources, and elevation of privilege.  Description  CVE-2020-6925 – This vulnerability exists due to weak cipher implementation in HP Device Manager. It may allow dictionary attacks against locally managed accounts in … Continue reading “HP Device Manager Multiple Vulnerabilities (CVE-2020-6925, CVE-2020-6926, CVE-2020-6927)”

PRTG Network Monitor Information-Disclosure Vulnerability

Today We will exploit a simple but Important Vulnerability in PRTG Network Monitor. It is the most commonly used software for the monitor and classify system conditions like bandwidth usage or uptime and collect statistics from miscellaneous hosts as switches, routers, servers and other devices and applications. PRTG released a Patch fixing a vulnerability that … Continue reading “PRTG Network Monitor Information-Disclosure Vulnerability”

SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)

Summary: Solar Winds Firewall Security Manager was observed to be vulnerable, recently. While following up on this we stumbled upon a public exploit for CVE-2015-2284, userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code. Description: The vulnerability is a source code disclosure related to the underlying Java application … Continue reading “SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)”

Google Chrome Exploit in wild

Trick or Treat! Treat it is xD Rather than live in dread of Trick, Google chrome decided to treat its user with the Latest Chrome Update on Halloween Eve. But this twitchiness is not because of ghosts or goblins, the thought of Security breach gave Google the cold sweat. What you need to know On … Continue reading “Google Chrome Exploit in wild”

Nginx + PHP 7 Remote Code Execution Vulnerability

On October 24th2019, PHP released updates to address a remote code execution vulnerability. The vulnerability allows an attacker to run arbitrary commands on a vulnerable server by a specially crafted URL. This issue is tracked with CVE-2019-11043. Vulnerability Analysis: The vulnerability resides in the “env_path_info” underflow in PHP-FPM . It contains pointer arithmetics that assumes that … Continue reading “Nginx + PHP 7 Remote Code Execution Vulnerability”

Cisco ASA Shadow Brokers Exploit – CVE-2016-6366

Cisco recently released an advisory for Cisco ASA (Adaptive Security Appliance) SNMP Remote Code Execution Vulnerability. (cisco-sa-20160817-asa-snmp) The vulnerability allows the attacker to obtain full control of the system when crafted SNMP packets are sent to the affected system using SNMP community string. All supported versions of SNMP (v1, v2c, and 3) are affected by … Continue reading “Cisco ASA Shadow Brokers Exploit – CVE-2016-6366”

KAIXIN Exploit Kit Update

KaiXin exploit kit (EK) was first identified in August 2012 by Kahu Security.  We believe this exploit kit is written by a Chinese hacker. The word KaiXin means “Happy” In Chinese. Here is the latest research for this exploit kit.     Targeted Operating System: The KaiXin exploit kit is actively targeting Windows XP, Windows Vista, … Continue reading “KAIXIN Exploit Kit Update”