Overview A Remote Code Execution (RCE) vulnerability had discovered in FusionAuth. An authencated attacker can execute commands on system using the Apache FreeMarker Expression language. What is FusionAuth? FusionAuth is an identity access management application. It provides features like registration, login, SSO, MFA, password hashing, password constraints, password reset, email templates, OAuth, OpenID Connect and others. All … Continue reading “FusionAuth Remote Code Execution Vulnerability(CVE-2020-7799)”
Tag: Remote Code Execution
Microsoft SharePoint Remote Code Execution Vulnerability(CVE-2020-0932)
Overview Microsoft has released a patch in April,2020 to fix the Remote Code Execution vulnerability CVE-2020-0932 discovered in SharePoint. Successful exploitation of this vulnerability allows authenticated user to execute arbitrary command on the server. POC is available on GitHub. Description: There are different web services present in SharePoint. One of them is WebPartPages, provide the … Continue reading “Microsoft SharePoint Remote Code Execution Vulnerability(CVE-2020-0932)”
Pi-hole Remote Code Execution and Privilege Escalation Vulnerability(CVE-2020-11108)
Vulnerability Overview: Pi-hole web application has been affected by Remote Code Execution and Privilege Escalation vulnerability. An authenticated user of the Web portal can execute arbitrary commands and escalate privileges to root. Pi-hole is a Linux based network-level advertisement and Internet tracker blocking application. It functions similarly to a network firewall. POC for the exploit … Continue reading “Pi-hole Remote Code Execution and Privilege Escalation Vulnerability(CVE-2020-11108)”
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-2883)
Summary: Oracle’s April 2020 patch addresses, a critical flaw in Oracle WebLogic Server as CVE-2020-2883 that can be exploited by an unauthenticated user for remote code execution. It has got major attention as CVssV3 score is 9.8/10. Description: WebLogic is a Java-based middleware solution, with thousands of servers running online. It sits between a front-facing … Continue reading “Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2020-2883)”
Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)
Summary: Recently, Apache ShardingSphereofficial release announcement of the 4.0.1 version. An authenticated attacker with default credentials can cause code execution when he/she submits a malicious yaml in the background management office. Classified as CWE-269, impacting confidentiality, integrity, and availability. Description: SnakeYAML library for parsing YAML inputs to load datasource configuration in ShardingSphere’s web console of … Continue reading “Apache ShardingSphere UI Remote Code Execution Vulnerability (CVE-2020-1947)”
Oracle Coherence Remote Code Execution Vulnerability
Summary: Oracle Coherence is a product in Oracle Fusion Middleware that enables organizations to scale mission critical application by providing them fast access to the frequently used data. Oracle Coherence is prone to Remote Code Execution vulnerability. This issue was assigned under CVE-2020-2555. Description: Oracle in their Advisory for January critical updates released patch for … Continue reading “Oracle Coherence Remote Code Execution Vulnerability”
Sonatype Nexus Repository Manager 3 Multiple Vulnerabilities
Summary: Sonatype Nexus Repository Manager 3 suffer from Multiple Vulnerabilities which were assigned under following CVE’s. CVE-2020-10199: Remote Code Execution vulnerability. (Any account) CVE-2020-10204: Remote Code Execution. (Requires Admin Privileges) CVE-2020-10203: Cross-Site Scripting (XSS) vulnerability. Description: Recently, Sonatype officially released the vulnerability announcements for CVE-2020-10199 , CVE-2020-10204 and CVE-2020-10203 in Sonatype Nexus Security Advisory. CVE-2020-10199 … Continue reading “Sonatype Nexus Repository Manager 3 Multiple Vulnerabilities”
Grandstream UCM62xx Remote Code Execution Vulnerability
Summary: IP PBX series allows businesses to unify multiple communication technologies, such as voice, video calling, video conferencing, video surveillance, data tools, mobility options and facility access management onto one common network. UCM62xx series is prone to Unauthenticated Remote code Execution and HTML Injection.This issue was assigned under CVE-2020-5722. Description: The web interface of UCM62xx … Continue reading “Grandstream UCM62xx Remote Code Execution Vulnerability”
Liferay Portal JSONWS Unauthenticated Remote code execution Vulnerability (CVE-2020-7961)
Summary: Arbitrary code execution is possible via JSON web services (JSONWS) leads to deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2. Description: Liferay Portal provides a comprehensive JSON web service API at ‘/api/jsonws’ with examples for three different ways of invoking the web service method: Via the generic URL /api/jsonws/invoke Via … Continue reading “Liferay Portal JSONWS Unauthenticated Remote code execution Vulnerability (CVE-2020-7961)”
Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)
Summary: Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. In the Oracle Critical Patch Update Advisory – January 2020, Oracle officially fixed a high-risk vulnerability (CVE-2020-2555) that affect to Oracle Coherence library in Oracle WebLogic Server. Description: Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 protocol to … Continue reading “Oracle WebLogic Server deserialization bug to remote code execution vulnerability (CVE-2020-2555)”
