Microsoft has released its monthly security update for March 2023. This month’s updates addressed various vulnerabilities in different products. Let’s go through this month’s Patch Tuesday details and discuss the security updates. Microsoft Patches for March 2023 Microsoft has addressed 101 vulnerabilities in the month of March, including 22 Microsoft Edge (Chromium-based) vulnerabilities. Microsoft has … Continue reading “The March 2023 Patch Tuesday Security Update Review”
Jenkins Server Cross-Site Scripting (XSS) Vulnerability (CVE-2023-27898)
Researchers from Aqua Nautilus have identified a series of flaws in the widely used Jenkins Server and Update Center that they have termed CorePlague (CVE-2023-27898 and CVE-2023-27905). An unauthenticated attacker might be able to execute arbitrary code on the victim’s Jenkins server by exploiting these vulnerabilities. Successful exploitation could result in a complete compromise of … Continue reading “Jenkins Server Cross-Site Scripting (XSS) Vulnerability (CVE-2023-27898)”
CISA Added GLPI Command Injection Vulnerability to its KEV Catalog (CVE-2022-35914)
GLPI, an open-source IT Asset Management software, is vulnerable to a command injection flaw that could lead to remote code execution on successful exploitation. The critical severity vulnerability is tracked as CVE-2022-35914 and has a CVSSv3 score of 9.8. GLPI patched the vulnerability on September 14, 2022. The advisory states, “CVE-2022-35914 has been massively exploited … Continue reading “CISA Added GLPI Command Injection Vulnerability to its KEV Catalog (CVE-2022-35914)”
FortiOS and FortiProxy Heap Buffer Underflow Vulnerability (CVE-2023-25610)
Fortinet has released a security update to fix a heap buffer underflow vulnerability in its products such as FortiOS and FortiProxy. CVE-2023-25610 has been rated as critical with a CVSSv3 score of 9.3. On successful exploitation, the vulnerability can allow an unauthenticated, remote attacker to execute arbitrary code on the target system and/or perform a DoS … Continue reading “FortiOS and FortiProxy Heap Buffer Underflow Vulnerability (CVE-2023-25610)”
Zoho Patched Remote Code Execution Vulnerability in ManageEngine ADSelfService Plus (CVE-2022-28810)
Multiple Zoho ManageEngine ADSelfService Plus instances are vulnerable to a vulnerability that could allow an authenticated end-user to gain remote code execution on a vulnerable ADSelfService Plus. Assigned with CVE-2022-28810, the vulnerability was fixed by Zoho on April 9, 2022, but the flaw is being exploited in the wild. CISA has added the vulnerability … Continue reading “Zoho Patched Remote Code Execution Vulnerability in ManageEngine ADSelfService Plus (CVE-2022-28810)”
Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Kostya Kortchinsky has discovered a command injection vulnerability in the Apache Spark User Interface (UI). Assigned with CVE-2022-33891, the vulnerability can be exploited when Access Control Lists (ACLs) are enabled. Apache fixed the vulnerability on July 18, 2022; however, the flaw is being exploited in the wild. CISA has added the vulnerability to its Known … Continue reading “Apache Spark Command Injection Vulnerability (CVE-2022-33891)”
Cisco Patched Multiple Vulnerabilities in IP Phone 6800, 7800, 7900, and 8800 Series (CVE-2023-20078 & CVE-2023-20079)
Cisco has released a security advisory to address two critical vulnerabilities in its IP Phone 6800, 7800, 7900, and 8800 Series Web UI. CVE-2023-20078 may allow an unauthenticated, remote attacker to inject arbitrary commands executed with root privileges. CVE-2023-20079 may allow an unauthenticated, remote attacker to reload the affected device, resulting in a … Continue reading “Cisco Patched Multiple Vulnerabilities in IP Phone 6800, 7800, 7900, and 8800 Series (CVE-2023-20078 & CVE-2023-20079)”
jai-ext Remote Code Execution Vulnerability (CVE-2022-24816)
jai-ext, a JAI extension API, is vulnerable to a command injection vulnerability. Assigned with CVE-2022-24816, the vulnerability may allow an attacker to execute code remotely on a vulnerable system. The vulnerability is rated as critical and has a CVSSv3 base score of 9.8. Security researchers at Synacktiv have released a PoC. GeoServer is an … Continue reading “jai-ext Remote Code Execution Vulnerability (CVE-2022-24816)”
ArubaOS Multiple Vulnerabilities (CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, CVE-2023-22750, CVE-2023-22751, and CVE-2023-22752)
Aruba Networks has released a security advisory to address 33 vulnerabilities that affect different versions of ArubaOS. The vulnerabilities affect various products, including Aruba Mobility Conductor, Aruba Mobility Controllers, and Aruba-managed WLAN Gateways and SD-WAN Gateways. Out of these 33 vulnerabilities, six are rated as critical. CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, and CVE-2023-22750 are critical severity command … Continue reading “ArubaOS Multiple Vulnerabilities (CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, CVE-2023-22750, CVE-2023-22751, and CVE-2023-22752)”
ZK Java Framework Remote Code Execution Vulnerability (CVE-2022-36537)
There is an active exploitation of a remote code execution vulnerability that affects multiple versions of the ZK Framework. Assigned with CVE-2022-36537, the vulnerability may allow an attacker to access critical information by sending a specially crafted POST request to the AuUploader component. Markus Wulftange of Code White GmbH discovered the vulnerability last year, and … Continue reading “ZK Java Framework Remote Code Execution Vulnerability (CVE-2022-36537)”
