Summary: Trend Micro antivirus maker has released patches on Monday to address the two zero-days, along with three other similarly critical issues (although, not exploited in the wild, YET). A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote malicious users to execute arbitrary code … Continue reading “Critical Vulnerabilities in Trend Micro Apex One and OfficeScan (CVE-2020-8467,CVE-2020-8468)”
Tag: RCE
Liferay Portal JSONWS Unauthenticated Remote code execution Vulnerability (CVE-2020-7961)
Summary: Arbitrary code execution is possible via JSON web services (JSONWS) leads to deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2. Description: Liferay Portal provides a comprehensive JSON web service API at ‘/api/jsonws’ with examples for three different ways of invoking the web service method: Via the generic URL /api/jsonws/invoke Via … Continue reading “Liferay Portal JSONWS Unauthenticated Remote code execution Vulnerability (CVE-2020-7961)”
Apache Solr DataImportHandler Remote Code Execution Vulnerability (CVE-2019–0193)
Summary: A vulnerability in Apache Solr could allow an authenticated, remote malicious user to execute arbitrary code on a targeted system. The vulnerability exists in the DataImportHandler module and is due to insufficient security restrictions imposed by the affected software. Description: The DataImportHandler, a popular module to pull in data from databases has a feature … Continue reading “Apache Solr DataImportHandler Remote Code Execution Vulnerability (CVE-2019–0193)”
Microsoft Windows Adobe Type Manager Library Remote Code Execution zero-day Vulnerability (ADV200006)
Summary: Amidst the global pandemic, there has been an emerge of a zero-day reported in Microsoft Windows. On March 23, Microsoft acknowledged the existence of a critical security vulnerability in multiple versions of Windows and Windows Server, in Adobe Type Manager (ATM) Library, an integrated PostScript font library found in all versions of Windows. Description: … Continue reading “Microsoft Windows Adobe Type Manager Library Remote Code Execution zero-day Vulnerability (ADV200006)”
Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)
Summary: Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. In the Oracle Critical Patch Update Advisory – January 2020, Oracle officially fixed a high-risk vulnerability (CVE-2020-2555) that affect to Oracle Coherence library in Oracle WebLogic Server. Description: Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 protocol to … Continue reading “Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)”
Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
Summary: In second week of February,2020, after MSPT, a static key vulnerability in Microsoft Exchange Control Panel (ECP), a component of Microsoft Exchange Server was observed, that leads to RCE. To perform the exploit, an authenticated user with any privilege level sends a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary … Continue reading “Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)”
PhpUnit Remote Command Execution Vulnerability
Summary: PHPUnit is widely used testing framework for PHP. A remote code execution vulnerability was discovered in Util/PHP/eval-stdin.php in that allows remote attackers to execute arbitrary PHP code. This issue was assigned under CVE-2017-9841. Affected Versions: PHPUnit versions from 4.8.19 before 4.8.28 and from 5.0.10 before 5.6.3 Description: CVE-2017-9841 is a code execution vulnerability in … Continue reading “PhpUnit Remote Command Execution Vulnerability”
Apache-Tomcat-Ajp File containment Vulnerability (CVE-2020-1938, CNVD-2020-10487)
Summary: In third week of February,2020, after MSPT, a file containing vulnerability, which can be used by an attacker to read or include any files in all webapp directories on Tomcat, such as webapp configuration files or source code. Description: AJP is a protocol that is supported by various WAS such as Apache HTTP Server, … Continue reading “Apache-Tomcat-Ajp File containment Vulnerability (CVE-2020-1938, CNVD-2020-10487)”
Remote Desktop Client Remote Code Execution Vulnerability. (CVE-2020-0734, CVE-2020-0681)
Summary: In the month of February,2020, among MSPT, a remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. On account of this vulnerability, an attacker could execute arbitrary code as well as compromise a legitimate server and perform CnC operation. Description: An attacker would need … Continue reading “Remote Desktop Client Remote Code Execution Vulnerability. (CVE-2020-0734, CVE-2020-0681)”
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Alert (CVE-2020-0618)
Summary: In the month of February,2020, among MSPT, Microsoft SQL Server Reporting Services had to deal with a remote code execution vulnerability. This happens as it incorrectly handles page requests. The SSRS web application allowed low privileged user accounts to run code on the server by exploiting a deserialization issue. Description: As a initial part … Continue reading “Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Alert (CVE-2020-0618)”
