Artica Proxy is a system that provides a Web Ajax console in order to manage a full Proxy server with latest Squid technology. Security Researcher Amar Kaldate, and Pratiksha Dhone from Qualys have reported multiple vulnerabilities in Artica Proxy Project. Vulnerability Details CVE-2020-13158 – Directory Traversal Artica Proxy Community Edition allows Directory Traversal via the … Continue reading “Artica Proxy Multiple Security Vulnerabilities”
Microsoft Windows Elevation of Privilege Vulnerability (CVE-2020-1313)
On June 9th 2020, Microsoft issued a security advisory addressing Elevation of Privilege vulnerability (CVE-2020-1313) in Windows Update Orchestrator Service that has a CVSS score of 7.8 and severity marked as Important. Vulnerability Details: Windows Update Orchestrator Service is a DCOM service which is used by other components to install windows updates that are already … Continue reading “Microsoft Windows Elevation of Privilege Vulnerability (CVE-2020-1313)”
Grafana SSRF Vulnerability (CVE-2020-13379)
On 3rd June 2020, Grafana published a security advisory addressing CVE-2020-13379, SSRF (Server-side request forgery) Incorrect Access Control issue. This is a high-severity vulnerability with a CVSS score of 6.4. Vulnerability Details The avatar feature in Grafana has an SSRF Incorrect Access Control issue. This allows unauthenticated attackers to force Grafana to send HTTP requests … Continue reading “Grafana SSRF Vulnerability (CVE-2020-13379)”
Zero-days of Pandemic Year till August, 2020
With more than half of 2020 behind us, Google Security Researchers of Google’s Project Zero security team compared the vulnerability stats of the year with the stats from 2019. Interestingly, by this month last year, the same numbers of zero-days were detected in the wild as this year. Qualys has been uptodate with all the … Continue reading “Zero-days of Pandemic Year till August, 2020”
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)
On 29th July 2020, a team of security researchers disclosed a high priority bug in GRUB2(GRand Unified Bootloader version 2) , affecting billions of Linux and Windows systems using secure boot. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”. “Boothole” Secure Boot is designed to verify all the firmware of the computer … Continue reading “GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)”
QSnatch malware aka “Derek” multiple vulnerabilities
In mid-June 2020, QNAP devices were found to be vulnerable to older Qsnatch malware campaigns of 2014 and 2017. Description The vulnerabilities due to Qsnatch has high to critical impact on QNAP NAS devices. A joint advisory published by CISA and NCSC says that “it has infected 62,000 devices worldwide, including 3900 in the UK … Continue reading “QSnatch malware aka “Derek” multiple vulnerabilities”
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-1147)
On July 14th 2020, Microsoft issued a security advisory addressing CVE-2020-1147, a Remote Code Execution vulnerability in Microsoft SharePoint Servers with a CVSS score of 7.8 and severity marked as Critical. Vulnerability Details CVE-2020-1147 is a critical vulnerability caused by insufficient checks of the source markup of the XML file input that could be further exploited … Continue reading “Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-1147)”
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability
On 22nd July 2020, Cisco published an high-severity advisory (CVE-2020-3452) with CVSS score of 7.5. Vulnerability Details Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software contains a vulnerability in web services that can allow unauthenticated, remote attackers to perform directory traversal attacks to read sensitive information on the system. The vulnerability … Continue reading “Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability”
Wing FTP Server Remote Code Execution Vulnerability
Overview: Recently, an authenticated RCE vulnerability was found in the Wing FTP Server. This vulnerability allows authenticated remote attackers to execute arbitrary commands on the targeted server. On Shodan, we observed more than 150 devices that are publicly available on the internet, which may be vulnerable. … Continue reading “Wing FTP Server Remote Code Execution Vulnerability”
Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)
Overview On June 2020, VMware published a report to address Directory Traversal vulnerability (CVE-2020-5410), found in VMware Spring Cloud Config. This product provides server and client-side support for storing and serving distributed configurations across multiple applications and environments. With this config server, customers have a central place for managing external properties of all the applications. … Continue reading “Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)”
