Earlier this year, Qualys discovered a heap-based buffer overflow in Sudo, named ‘Baron Samedit’ (CVE-2021-3156). Baron Samedit A vulnerability in the command line parameter parsing code of Sudo could allow an attacker with access to Sudo to execute commands or binaries with root privileges. Baron Samedit is exploitable by any local user (normal users and … Continue reading “Aruba AirWave Web-Based Management Interface Stored Cross Site Scripting (XSS) Vulnerability (CVE-2021- 37715)”
Tag: Stored Cross Site Scripting
Artica Proxy Multiple Security Vulnerabilities
Artica Proxy is a system that provides a Web Ajax console in order to manage a full Proxy server with latest Squid technology. Security Researcher Amar Kaldate, and Pratiksha Dhone from Qualys have reported multiple vulnerabilities in Artica Proxy Project. Vulnerability Details CVE-2020-13158 – Directory Traversal Artica Proxy Community Edition allows Directory Traversal via the … Continue reading “Artica Proxy Multiple Security Vulnerabilities”