Overview: Recently, an authenticated RCE vulnerability was found in the Wing FTP Server. This vulnerability allows authenticated remote attackers to execute arbitrary commands on the targeted server. On Shodan, we observed more than 150 devices that are publicly available on the internet, which may be vulnerable. … Continue reading “Wing FTP Server Remote Code Execution Vulnerability”
Tag: July 2020
Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)
Overview On June 2020, VMware published a report to address Directory Traversal vulnerability (CVE-2020-5410), found in VMware Spring Cloud Config. This product provides server and client-side support for storing and serving distributed configurations across multiple applications and environments. With this config server, customers have a central place for managing external properties of all the applications. … Continue reading “Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)”
Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)
On July 14, 2020, Microsoft issued a new security advisory on Microsoft Windows Patch Day – addressing CVE-2020-1350, also known as SigRed – a Remote Code Execution (RCE) vulnerability in Windows Domain Name System (DNS) servers. SigRed affects Windows servers that are configured to run the DNS Server role as described in advisory. Description Microsoft mentioned … Continue reading “Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)”
Apache Guacamole Remote Code Execution Vulnerability (CVE-2020-9497, CVE-2020-9498)
Summary: In the first week of July,2020, Apache released patches to address two critical vulnerabilities – CVE-2020-9497 and CVE-2020-9498. Researchers from the Check Point team found these vulnerabilities in FreeRDP and reverse RDP connection of Apache Guacamole. Description: According to Apache’s documentation: “guacd is the heart of Guacamole.” Upon startup, guacd listens on TCP port 4822 and waits for incoming instructions from the … Continue reading “Apache Guacamole Remote Code Execution Vulnerability (CVE-2020-9497, CVE-2020-9498)”
F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)
Overview: F5 Networks recently released updates for the critical RCE vulnerability (CVE-2020-5902) that affects its BIG-IP products. The vulnerability that has been actively exploited in the wild allows attackers to read files, execute code or take complete control over vulnerable systems having network access. The vulnerability has a CVSS score of 10. F5 Networks specializes … Continue reading “F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)”
Microsoft Windows Codec Library RCE Vulnerabilities (CVE-2020-1425, CVE-2020-1457)
Summary: Microsoft released emergency fixes ahead of the July 2020 Patch Tuesday to address two critical Remote Code Execution (RCE) vulnerabilities. Description: According to advisories, Abdul-Aziz Hariri of Trend Micro’s Zero Day initiative observed and reported two RCE vulnerabilities, CVE-2020-1425 and CVE-2020-1457, to Microsoft. Both CVEs are related to Microsoft Windows Codecs Library and affect … Continue reading “Microsoft Windows Codec Library RCE Vulnerabilities (CVE-2020-1425, CVE-2020-1457)”
Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)
Overview: An active privilege escalation vulnerability was observed in Docker Desktop application. This vulnerability is assigned as CVE-2020-10665 and the research credits belongs to ACTIVELabs team. Successful exploitation leads to local elevation of privilege to NT AUTHORITY\SYSTEM. Docker Desktop for Windows is an easy-to-install application that enables you to build and share containerized applications and … Continue reading “Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)”