The security research team at Veloxity identified an active exploitation of two vulnerabilities (CVE-2023-46805 & CVE-2024-21887) impacting Ivanti Connect Secure VPN devices. When chained together, the vulnerabilities may allow attackers to transmit malicious requests and execute arbitrary commands on a targeted system. According to the research, a Chinese nation-state-level threat actor has exploited the vulnerabilities. … Continue reading “Ivanti Connect Secure (ICS) and Ivanti Policy Secure Gateway Vulnerabilities Exploited in the Wild (CVE-2023-46805 & CVE-2024-21887)”
Tag: Command Injection Vulnerability
pfSense Releases Patch to Address Multiple Vulnerabilities (CVE-2023-42325, CVE-2023-42326, & CVE-2023-42327)
pfSense, an open-source firewall solution by Netgate, is vulnerable to command injection and cross-site scripting vulnerabilities tracked as CVE-2023-42325, CVE-2023-42327, & CVE-2023-42326. The vulnerabilities may lead to remote code execution when chained together. Oskar Zeino-Mahmalat of SonarSource has discovered and reported the vulnerabilities. pfSense computer software distribution based on FreeBSD. The firewall software helps with … Continue reading “pfSense Releases Patch to Address Multiple Vulnerabilities (CVE-2023-42325, CVE-2023-42326, & CVE-2023-42327)”
QNAP QTS Command Injection Vulnerabilities (CVE-2023-23368 & CVE-2023-23369)
QNAP has released security advisories to address command injection vulnerabilities in multiple QNAP operating system versions. Tracked as CVE-2023-23368 and CVE-2023-23369, the vulnerabilities are rated as critical with a CVSS score of 9.8 and 9, respectively. Successful exploitation of the vulnerabilities may allow a remote attacker to execute commands via a network.
Cisco Firepower Management Center (FMC) Software Command Injection Vulnerability (CVE-2023-20048)
Cisco has released software updates to address a command injection vulnerability in the Firepower Management Center (FMC). Tracked as CVE-2023-20048, the vulnerability has been given a critical severity rating with a CVSS base score of 9.9. Successful exploitation of the vulnerability may allow an attacker to execute specific unauthorized configuration commands on a Firepower Threat … Continue reading “Cisco Firepower Management Center (FMC) Software Command Injection Vulnerability (CVE-2023-20048)”
CISA Added GLPI Command Injection Vulnerability to its KEV Catalog (CVE-2022-35914)
GLPI, an open-source IT Asset Management software, is vulnerable to a command injection flaw that could lead to remote code execution on successful exploitation. The critical severity vulnerability is tracked as CVE-2022-35914 and has a CVSSv3 score of 9.8. GLPI patched the vulnerability on September 14, 2022. The advisory states, “CVE-2022-35914 has been massively exploited … Continue reading “CISA Added GLPI Command Injection Vulnerability to its KEV Catalog (CVE-2022-35914)”
Apache Spark Command Injection Vulnerability (CVE-2022-33891)
Kostya Kortchinsky has discovered a command injection vulnerability in the Apache Spark User Interface (UI). Assigned with CVE-2022-33891, the vulnerability can be exploited when Access Control Lists (ACLs) are enabled. Apache fixed the vulnerability on July 18, 2022; however, the flaw is being exploited in the wild. CISA has added the vulnerability to its Known … Continue reading “Apache Spark Command Injection Vulnerability (CVE-2022-33891)”
ArubaOS Multiple Vulnerabilities (CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, CVE-2023-22750, CVE-2023-22751, and CVE-2023-22752)
Aruba Networks has released a security advisory to address 33 vulnerabilities that affect different versions of ArubaOS. The vulnerabilities affect various products, including Aruba Mobility Conductor, Aruba Mobility Controllers, and Aruba-managed WLAN Gateways and SD-WAN Gateways. Out of these 33 vulnerabilities, six are rated as critical. CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, and CVE-2023-22750 are critical severity command … Continue reading “ArubaOS Multiple Vulnerabilities (CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, CVE-2023-22750, CVE-2023-22751, and CVE-2023-22752)”
Cacti Unauthenticated Command Injection Vulnerability (CVE-2022-46169)
Cacti, a web-based device monitoring tool, is vulnerable to a critical command injection vulnerability. Tracked as CVE-2022-46169, this vulnerability requires no authentication for exploitation. On successful exploitation, this could allow an unauthenticated attacker to execute arbitrary code if a specific data source was selected for any monitored device. Cacti is a network monitoring and graphing … Continue reading “Cacti Unauthenticated Command Injection Vulnerability (CVE-2022-46169)”
Atlassian Patches Critical Command Injection Vulnerability in Bitbucket Server and Data Center (CVE-2022-43781)
Atlassian has released a security advisory to address a critical vulnerability in Bitbucket Server and Data Center (CVE-2022-43781). Bitbucket is a Git-based code hosting and collaboration tool built for teams. Bitbucket Server is hosted on-premises while the Bitbucket Data Center is hosted on several servers in a cluster in your environment. CVE-2022-43781 is a command … Continue reading “Atlassian Patches Critical Command Injection Vulnerability in Bitbucket Server and Data Center (CVE-2022-43781)”