Summary: Intel(R) Processors suffer from information disclosure vulnerability via Cache Evictions named as CacheOut Vulnerability. An issue was discovered in Intel processors due to Cleanup errors in some data cache evictions that allow an authenticated user to potentially enable information disclosure via local access. This was assigned under CVE-2020-0549. Description: Recently, researchers have discovered vulnerability … Continue reading “Intel Processors CacheOut Vulnerability”
Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability (CVE-2020-3119)
Summary: Recently, multiple vulnerabilities were observed in Feb,2020 on Cisco’s various devices identified by researcher Barak Hadad of Armis. Out of which few were RCE, among which CVE-2020-3119 is one where an unauthenticated, adjacent attacker can arbitrary code execution. Description: Cisco switches, IP phones, routers and cameras information can be observed using this problematic protocol … Continue reading “Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability (CVE-2020-3119)”
Linear eMerge E3 Multiple Security Vulnerabilities
Nortek has announced a critical vulnerabilities in Linear eMerge E3-Series. The vulnerabilities exists because the affected product fails to sanitize HTTP request parameter values, which can be used to construct a shell commands. This allows an attacker to execute arbitrary commands on the affected system as a root. Below CVE id’s has been assigned to … Continue reading “Linear eMerge E3 Multiple Security Vulnerabilities”
PhpFileManager 0.9.8 Remote Command Execution Vulnerability(CVE-2015-5958)
Summary: phpFileManager version suffers from a RCE vulnerability that can be executed via cross site request forgery. Product: phpFileManager version 0.9.8 Vulnerability Type: Remote Command Execution CVE Reference: CVE-2015-5958 Description: PHPFileManager is vulnerable to remote command execution and execute operating system commands via GET requests from a victims browser.Once the call to the operating systems … Continue reading “PhpFileManager 0.9.8 Remote Command Execution Vulnerability(CVE-2015-5958)”
PWFeedback Buffer Overflow Vulnerability in Sudo (CVE-2019-18634)
Summary: ‘sudo’ utility allows non-privileged Linux and macOS users to run commands as Root was discovered in recent days, tracked as CVE-2019-18634. Description: A core command utility that is pre-installed on macOS and almost every UNIX or Linux-based operating system, well-known as “Sudo” Sudo’s pwfeedback option can be used to provide visual feedback when the … Continue reading “PWFeedback Buffer Overflow Vulnerability in Sudo (CVE-2019-18634)”
SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)
Summary: Solar Winds Firewall Security Manager was observed to be vulnerable, recently. While following up on this we stumbled upon a public exploit for CVE-2015-2284, userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code. Description: The vulnerability is a source code disclosure related to the underlying Java application … Continue reading “SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)”
OpenBSD OpenSMTPD Remote Command Execution Vulnerability (CVE-2020-7247)
Summary: Recently there was a discovery of vulnerabaility tracked as (CVE-2020-7247) in OpenSMTPD, OpenBSD’s mail server. This vulnerability was exploitable since May 2018 (commit a8e222352f, “switch smtpd to new grammar”) that allows an attacker to execute arbitrary shell commands, as root: >> either locally, in OpenSMTPD’s default configuration (that listens on loopback interface and only … Continue reading “OpenBSD OpenSMTPD Remote Command Execution Vulnerability (CVE-2020-7247)”
Microsoft Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerabilities
Overview: This January Patch Tuesday, Microsoft released patches related to Windows Remote Desktop Gateway (RD Gateway) that address the CVE-2020-0610 and CVE-2020-0609. Microsoft Remote Desktop Gateway (RDG), previously known as Terminal Services Gateway, allows users on public networks to access Windows desktops and applications hosted in cloud environment. The RD Gateway component uses Secure Sockets … Continue reading “Microsoft Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerabilities”
Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)
Summary: A local privilege escalation vulnerability was observed in Ricoh printer drivers for Windowsdue to insecure file permissions. This was assigned under CVE-2019-19363. Description: Any local user is able to overwrite program library files (DLLs) with own code as file permissions of file system entries are improperly set while a printer is added to the … Continue reading “Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)”
Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)
Summary: Recent Internet Explorer has been observed with zero-day remote code execution vulnerability attacks. To address Microsoft’s Internet Explorer (IE) web browser RCE vulnerability CVE-2020-0674 Microsoft published an advisory ADV200001. Description: jscript.dll is the vulnerable component for IE 11, and moderate for IE 9 and IE 10. Memory corruption at ease by an attacker leads … Continue reading “Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)”
