Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-36804)

Atlassian has released a security advisory to address a command injection vulnerability in multiple API endpoints of Bitbucket Server and Data Center. Tracked as CVE-2022-36804, Atlassian has rated the vulnerability as critical as it affects many Bitbucket Server and Data Server versions. The vulnerability was discovered by @TheGrandPew via Atlassian’s bug bounty program.   Bitbucket is … Continue reading “Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-36804)”

Cisco Patched Small Business RV Series Routers Multiple Vulnerabilities (CVE-2022-20827, CVE-2022-20841, and CVE-2022-20842)

Cisco has released a security advisory addressing multiple vulnerabilities affecting Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers. The vulnerabilities (CVE-2022-20827, CVE-2022-20841, and CVE-2022-20842) are rated with high and critical severity and assigned a base CVSS base score between 8.3-9.8. These vulnerabilities could allow unauthenticated, remote attackers to execute arbitrary code and trigger … Continue reading “Cisco Patched Small Business RV Series Routers Multiple Vulnerabilities (CVE-2022-20827, CVE-2022-20841, and CVE-2022-20842)”

Zyxel Fixes Critical Firewall OS Command Injection Vulnerability (CVE-2022-30525)

Hackers are actively exploiting a recently patched critical command injection vulnerability (CVE-2022-30525) that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), which includes the ATP series, VPN series, and the USG FLEX series (including USG20-VPN and USG20W-VPN). Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to inject arbitrary commands.    Jake Baines … Continue reading “Zyxel Fixes Critical Firewall OS Command Injection Vulnerability (CVE-2022-30525)”

Artica Proxy Multiple Security Vulnerabilities

Artica Proxy is a system that provides a Web Ajax console in order to manage a full Proxy server with latest Squid technology. Security Researcher Amar Kaldate, and Pratiksha Dhone from Qualys have reported multiple vulnerabilities in Artica Proxy Project. Vulnerability Details CVE-2020-13158 – Directory Traversal Artica Proxy Community Edition allows Directory Traversal via the … Continue reading “Artica Proxy Multiple Security Vulnerabilities”

Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)

Summary: Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). Only Windows  is exploitable while running in a non-default configuration in conjunction with batch files. Description: conf/context.xml as well conf/web.xml enables CGI in tomcat. Common Gateway Interface (CGI) is a standard protocol allows passing of … Continue reading “Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)”

Cisco Small Business Router Vulnerabilities

Two vulnerabilities have been disclosed in the Cisco’s Small Business Routers RV320 and RV325. CVE-2019-1652: Routers Command Injection Vulnerability A command injection vulnerability has been disclosed in Cisco Small Business routers RV320 and RV325 on firmware versions 1.4.2.15 through 1.4.2.19. CVE-2019-1652 has been assigned to track this vulnerability. An attacker can target this vulnerability by sending … Continue reading “Cisco Small Business Router Vulnerabilities”

Cisco Webex Update Service Command Injection Vulnerability : CVE-2018-15442

A command injection vulnerability has been disclosed in Cisco Webex. Upon successful exploitation an attacker can execute arbitrary commands on the target machine. The vulnerability has been assigned CVE-2018-15442. The vulnerability has been named ‘WebExec‘. Cisco has addressed this issue in cisco-sa-20181024-webex-injection. The issue affects All Cisco Webex Meetings Desktop App releases prior to 33.6.0. … Continue reading “Cisco Webex Update Service Command Injection Vulnerability : CVE-2018-15442”

IBM QRadar Authentication Bypass: CVE-2018-1418

Multiple vulnerabilities in IBM QRadar have been disclosed. Upon successful exploitation an attacker can bypass authentication and achieve remote code execution. CVE-2018-1418 has been assigned to track this vulnerability. IBM Qradar is an SIEM tool used to detect and analyze security anomalies. The issue affects QRadar SIEM 7.3.0 to 7.3.1 Patch 2 and 7.2.0 to 7.2.8 … Continue reading “IBM QRadar Authentication Bypass: CVE-2018-1418”

PAN-OS Remote Root Code Execution : CVE-2017-15944

A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”