Summary: Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router management interface are prone to an unauthenticated, remote code execution. Improper validation of user-supplied data in the web-based management interface is the vulnerability. Description: For Cisco RV110/RV130/RV215 ,the web-based management interface is available through a local LAN … Continue reading “Cisco RV110/RV130/RV215 Unauthenticated Configuration Export Vulnerability (CVE-2019-1663)”
Google Chrome Exploit in wild
Trick or Treat! Treat it is xD Rather than live in dread of Trick, Google chrome decided to treat its user with the Latest Chrome Update on Halloween Eve. But this twitchiness is not because of ghosts or goblins, the thought of Security breach gave Google the cold sweat. What you need to know On … Continue reading “Google Chrome Exploit in wild”
Nginx + PHP 7 Remote Code Execution Vulnerability
On October 24th2019, PHP released updates to address a remote code execution vulnerability. The vulnerability allows an attacker to run arbitrary commands on a vulnerable server by a specially crafted URL. This issue is tracked with CVE-2019-11043. Vulnerability Analysis: The vulnerability resides in the “env_path_info” underflow in PHP-FPM . It contains pointer arithmetics that assumes that … Continue reading “Nginx + PHP 7 Remote Code Execution Vulnerability”
SUDO Security Policy Bypass Vulnerability
Sudo is one of the most important and widely used core command that allows a permitted user to execute a command as the superuser or with other user privileges. It is basically used to allow unprivileged users to execute commands as root. Summary: The vulnerability found in sudo security policy bypass issue that could allow … Continue reading “SUDO Security Policy Bypass Vulnerability”
Vbulletin remote code execution vulnerability
Summary: vBulletin 5.x are prone to remote code execution vulnerability. (CVE-2019-16759). It can be exploited without authentication and takes control of web hosts. Description: vBulletin is a proprietary Internet forum software package sold by MH Sub I, LLC doing business as vBulletin. It uses PHP and uses a MySQL database server. A pre-authentication remote code … Continue reading “Vbulletin remote code execution vulnerability”
Atlassian Jira Server SSRF Vulnerability
Atlassian Jira Server is vulnerable to Server Side Request Forgery (SSRF). The vulnerability affects Jira Core and Jira Software versions 7.6.0 prior to 8.4.0. CVE 2019–8451 has been assigned to track this vulnerability. Thousands of Jira Servers are potentially affected by this vulnerability. Vulnerability Details: The vulnerability was found in the Atlassian Jira /plugins/servlet/gadgets/makeRequest resource … Continue reading “Atlassian Jira Server SSRF Vulnerability”
Microsoft Released Out-of-Band Security Updates
Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities – The Internet Explorer remote code execution vulnerability (CVE-2019-1367) and Microsoft Defender Denial of Service Vulnerability (CVE-2019-1255). According to the Microsoft advisory CVE-2019-1367, the Internet Explorer scripting engine vulnerability has been exploited in active attacks in the wild. Users are advised to manually update … Continue reading “Microsoft Released Out-of-Band Security Updates”
Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities
Recently, multiple vulnerabilities have been identified in the management console of the Citrix SD-WAN Center, NetScaler SD-WAN Center, Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance. The vulnerabilities exist because affected product fails to sanitize certain HTTP request parameter values, which are used to construct a shell command. This would allow an attacker to execute arbitrary … Continue reading “Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities”
Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253
Summary: September MSPT has come with a local privilege-escalation vulnerability in Microsoft Windows. Description: Windows AppX Deployment Server improperly handles junctions resulting into privilege escalation. An attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability‘ to exploit this vulnerability, A Poc is available that demonstrates on Microsoft … Continue reading “Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253”
Grandnode Path Traversal Arbitrary file download vulnerability
Summary: A path traversal vulnerability has been reported in Grandnode. LetsEncryptController.cs in the Index action method is the vulnerable component., via which the server access the token validation URL, without authentication. Description: Grandnode is an open-source eCommerce solution powered by .NET Core 2.2, supporting Windows, Linux and Mac operating systems. LetsEncryptController.cs method is used in … Continue reading “Grandnode Path Traversal Arbitrary file download vulnerability”
