Overview Microsoft has released a patch in April,2020 to fix the Remote Code Execution vulnerability CVE-2020-0932 discovered in SharePoint. Successful exploitation of this vulnerability allows authenticated user to execute arbitrary command on the server. POC is available on GitHub. Description: There are different web services present in SharePoint. One of them is WebPartPages, provide the … Continue reading “Microsoft SharePoint Remote Code Execution Vulnerability(CVE-2020-0932)”
Parallels Desktop Privilege Escalation And Out-Of-Bounds Vulnerability(CVE-2020-8871)
Overview: On May 2020, Parallels company has released security patch to fix the vulnerability CVE-2020-8871. Vulnerability could allow local user on the guest OS to escalate privileges and execute code on the host. Bug present in Parallels Desktop for Mac, product of Parallels. Parallels Desktop for Mac is software providing hardware virtualization for Mac. To … Continue reading “Parallels Desktop Privilege Escalation And Out-Of-Bounds Vulnerability(CVE-2020-8871)”
QNAP Pre-Auth Root RCE Vulnerability(CVE-2019-7192,CVE-2019-7193,CVE-2019-7194,CVE-2019-7195)
Overview In 2019, multiple vulnerabilities had discovered for QNAP PhotoStation and CGI programs. These vulnerabilities can be chained into a pre-auth root Remote Code Execution. More than 450K devices using QNAP PhotoStation and CGI programs are vulnerable to attack. Vulnerability 1: Pre-Auth Local File Disclosure Vulnerable code present in following function, After execution of exportfile … Continue reading “QNAP Pre-Auth Root RCE Vulnerability(CVE-2019-7192,CVE-2019-7193,CVE-2019-7194,CVE-2019-7195)”
Symantec Endpoint Protection Privilege Escalation Vulnerability(CVE-2020-5837)
Overview A Privilege Escalation vulnerability has found in the Symantec Endpoint Protection (SEP) which allows attacker to create file anywhere in the system. Description Symantec Endpoint Protection create scanning log at “C:\Users\%username%\AppData\Local\Symantec\Symantec Endpoint Protection\Logs” with high privileges It’s possible to save scanning logs at different location using symbolic link. In windows to create symbolic link … Continue reading “Symantec Endpoint Protection Privilege Escalation Vulnerability(CVE-2020-5837)”
Thunderspy attacking Thunderbolt enabled PCs
Summary: In February 2020, researchers reached out to Intel with a report on Thunderbolt, which they refer to as “Thunderspy”. The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019. Description: This Vulnerability is in fact new, and their … Continue reading “Thunderspy attacking Thunderbolt enabled PCs”
Windows Print Spooler Privilege Escalation Vulnerability(CVE-2020-1048)
Overview On May 2020 Microsoft has released the patch for privilege escalation vulnerability present in Windows Print Spooler service. The Print Spooler Service helps your Windows computer interact with the printer, and orders the print jobs in your queue. To exploit this vulnerability attacker must have access to target system. The vulnerability is not remotely … Continue reading “Windows Print Spooler Privilege Escalation Vulnerability(CVE-2020-1048)”
Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR
Summary: Amidst the global pandemic time period, DHS CISA and FBI share list of top 10 most exploited vulnerabilities on May 12,2020. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to … Continue reading “Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR”
Zoho AD Manager Plus multiple Vulnerabilities
Overview AD Manager Plus product of Zoho corporation is vulnerable to multiple Unauthenticated critical vulnerability. Active Directory management tool offers administrators customizable templates to manage all the aspects of Active Directory account creation and modification Bypass Authentication check: AD Manager Plus is a java web application. web.xml contains declaration for java servlet. Web.xml <servlet-mapping> section … Continue reading “Zoho AD Manager Plus multiple Vulnerabilities”
Pi-hole Remote Code Execution and Privilege Escalation Vulnerability(CVE-2020-11108)
Vulnerability Overview: Pi-hole web application has been affected by Remote Code Execution and Privilege Escalation vulnerability. An authenticated user of the Web portal can execute arbitrary commands and escalate privileges to root. Pi-hole is a Linux based network-level advertisement and Internet tracker blocking application. It functions similarly to a network firewall. POC for the exploit … Continue reading “Pi-hole Remote Code Execution and Privilege Escalation Vulnerability(CVE-2020-11108)”
Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)
Summary: In the start of May 2020, a mischievous exploit has been out in the wild that uses two CVEs in combination to perform insecure deserialization to a vendor named Telerik. The vulnerability lies in a suite of UI components for web applications called Telerik UI for ASP.NET AJAX. The insecure deserialization of JSON objects … Continue reading “Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)”
