Rajvardhan Agarwal, a security researcher, recently tweeted about a zero-day remote code execution vulnerability creating havoc in the browser-based vulnerability trend. Hereleased a working proof-of-concept exploit for the RCE for the V8 JavaScript engine in Chromium-based browsers. This zero-day concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web … Continue reading “Google Chrome Zero-day Remote Code Execution Vulnerability”
Tag: RCE
Apache Solr Arbitrary File Read Vulnerability (Zero Day)
Recently, a critical zero-day vulnerability was observed in Apache Solr. Apache Solr, written in Java, is an open-source enterprise search platform from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features and rich document handling. As it has a dynamic range of … Continue reading “Apache Solr Arbitrary File Read Vulnerability (Zero Day)”
F5 BIG-IP Remote Code Execution Vulnerabilities (CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, CVE-2021-22992)
Overview On 10th March 2021, F5 released a security advisory to address multiple vulnerabilities for BIG-IP – CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992. Out of 7, 4 vulnerabilities are flagged as Critical, 2 rated as High and one rated as Medium in severity. Successful exploitation of these vulnerabilities could allow a remote attacker … Continue reading “F5 BIG-IP Remote Code Execution Vulnerabilities (CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, CVE-2021-22992)”
Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Microsoft has released patches for the four zero-days exploited in the attacks (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), discovered during the subsequent investigation. These bugs were observed by Microsoft Threat Intelligence Center (MSTIC) since January 2021. The OS giant, said that Hafnium operators used the four Exchange zero-days as part of a multi-part attack chain to … Continue reading “Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)”
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks
Overview Microsoft released out-of-band updates today that fix seven critical vulnerabilities in Microsoft Exchange Server. According to the Microsoft Security Response Center, four of these seven vulnerabilities are used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Description Today Microsoft releases several security updates for Microsoft Exchange Server to address … Continue reading “Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks”
SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)
Three critical vulnerabilities were observed in SolarWinds products. All these severe bugs allow remote code execution with high privileges. At the time of this blog being published, there has been no active PoC in the wild. CVE-2021-25274 – MSMQ Remote Code Execution SolarWinds Collector Service uses MSMQ (Microsoft Message Queue), and it doesn’t set permissions … Continue reading “SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)”
DNSpooq vulnerability (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)
Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment. Multiple organizations, operating systems and products were affected by the DNSpooq vulnerability. Attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks on affected … Continue reading “DNSpooq vulnerability (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)”
Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)
Zend Framework, used by developers to build object-oriented web applications, consists of PHP packages installed millions of times all over the globe. The framework along with Laminas Project is vulnerable to untrusted deserialization, leveraging attacker’s ability to exploit it to gain Remote Code Execution (RCE) on vulnerable PHP sites. Tracked as CVE-2021-3007 and rated high-risk, … Continue reading “Zend Framework Remote Code Execution vulnerability (CVE-2021-3007)”
Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks
AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”
Apache Struts OGNL Remote Code Execution Vulnerability (CVE-2020-17530)
On December 9, 2020, a security update for Struts 2 was released by the Apache Software foundation. According to an Apache advisory, the vulnerability lies in the “forced OGNL evaluation on raw user input in tag attributes”. This flaw is classified as CVE-2020-17530. A very similar flaw related to OGNL evaluation was addressed in August … Continue reading “Apache Struts OGNL Remote Code Execution Vulnerability (CVE-2020-17530)”