Update June 5, 2020: Qualys’ standard procedure is to give proper credit to the security research teams working diligently to discover and report vulnerabilities. In our rush to deliver this article to customers, we missed giving credit to the talented Cisco Talos team, who are the original authors of this research. After additional review with a … Continue reading “Zoom path traversal into remote code execution vulnerabilities (CVE-2020-6109, CVE-2020-6110)”
VMware Cloud Director Remote Code Execution Vulnerability
On May 19,2020 VMware released an advisory to address Remote Code Execution vulnerability in VMware Cloud Director. CVE-2020-3956 has assigned to track this vulnerability. vCloud Director VMware Cloud Director (formerly known as vCloud Director) is a popular deployment, automation, and management software that’s used to operate and manage cloud resources, allowing businesses to data centers distributed … Continue reading “VMware Cloud Director Remote Code Execution Vulnerability”
ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)
Summary: Two critical vulnerabilities were observed as CVE-2020-8616 and CVE-2020-8617 for ISC BIND in May 2020. To address those vulnerabilities patches were released. ISC Berkeley Internet Name Domain (BIND) is the most widely used Domain Name System (DNS) software on the Internet. This vulnerability can be exploited when an unwanted user get an access of … Continue reading “ISC BIND NXNSAttack Vulnerability (CVE-2020-8616,CVE-2020-8617)”
eG Manager Remote Code Execution Vulnerability(CVE-2020-8591)
Overview: On January 2020, an Improper Access Control vulnerability had discovered in eG manager. Exploitation leads to Remote Code Execution. Improper Access Control describes failure in AAA (Authentication, Authorization, Accounting) security model. The eG Manager is a central web portal which provides administrators with authenticated access over the web to the performance statistics stored in … Continue reading “eG Manager Remote Code Execution Vulnerability(CVE-2020-8591)”
FusionAuth Remote Code Execution Vulnerability(CVE-2020-7799)
Overview A Remote Code Execution (RCE) vulnerability had discovered in FusionAuth. An authencated attacker can execute commands on system using the Apache FreeMarker Expression language. What is FusionAuth? FusionAuth is an identity access management application. It provides features like registration, login, SSO, MFA, password hashing, password constraints, password reset, email templates, OAuth, OpenID Connect and others. All … Continue reading “FusionAuth Remote Code Execution Vulnerability(CVE-2020-7799)”
Docker Desktop Privilege Escalation Vulnerability(CVE-2020-11492)
Vulnerability Overview: Recently, a vulnerability has been discovered in Docker Desktop. This flaw allows a local user to escalate privilege on the system. Vulnerability exist in the docker Desktop service. Before looking into vulnerability, understand few concepts Docker Desktop and named pipe. Docker Desktop for Windows provides an environment for building, shipping, and running dockerized … Continue reading “Docker Desktop Privilege Escalation Vulnerability(CVE-2020-11492)”
CISCO ANYCONNECT secure mobility client on Windows Privilege Escalation Vulnerability (CVE-2020-3153)
Summary: Recently,a critical vulnerability was observed in wild in Cisco AnyConnect Secure Mobility Client on Windows. Its a privilege escalation vulnerability occurs with a manipulation with an unknown input. Classified as CWE-427 impacting the CIA triad. Description: This vulnerability is exploitable only by an authenticated as well as local attacker. It allows an attacker to … Continue reading “CISCO ANYCONNECT secure mobility client on Windows Privilege Escalation Vulnerability (CVE-2020-3153)”
Microsoft SharePoint Remote Code Execution Vulnerability(CVE-2020-0932)
Overview Microsoft has released a patch in April,2020 to fix the Remote Code Execution vulnerability CVE-2020-0932 discovered in SharePoint. Successful exploitation of this vulnerability allows authenticated user to execute arbitrary command on the server. POC is available on GitHub. Description: There are different web services present in SharePoint. One of them is WebPartPages, provide the … Continue reading “Microsoft SharePoint Remote Code Execution Vulnerability(CVE-2020-0932)”
Parallels Desktop Privilege Escalation And Out-Of-Bounds Vulnerability(CVE-2020-8871)
Overview: On May 2020, Parallels company has released security patch to fix the vulnerability CVE-2020-8871. Vulnerability could allow local user on the guest OS to escalate privileges and execute code on the host. Bug present in Parallels Desktop for Mac, product of Parallels. Parallels Desktop for Mac is software providing hardware virtualization for Mac. To … Continue reading “Parallels Desktop Privilege Escalation And Out-Of-Bounds Vulnerability(CVE-2020-8871)”
QNAP Pre-Auth Root RCE Vulnerability(CVE-2019-7192,CVE-2019-7193,CVE-2019-7194,CVE-2019-7195)
Overview In 2019, multiple vulnerabilities had discovered for QNAP PhotoStation and CGI programs. These vulnerabilities can be chained into a pre-auth root Remote Code Execution. More than 450K devices using QNAP PhotoStation and CGI programs are vulnerable to attack. Vulnerability 1: Pre-Auth Local File Disclosure Vulnerable code present in following function, After execution of exportfile … Continue reading “QNAP Pre-Auth Root RCE Vulnerability(CVE-2019-7192,CVE-2019-7193,CVE-2019-7194,CVE-2019-7195)”