New assessment for topic: CVE-2024-49113

Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability ..."

"CVE-2024-49113 is a denial-of-service (DoS) vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) ..."

Link: https://attackerkb.com/assessments/ee558a5f-bfde-4c37-8367-cc3821b0aecb

New assessment for topic: CVE-2024-49112

Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability ..."

"CVE-2024-49112 is a critical vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service ..."

Link: https://attackerkb.com/assessments/07d80193-ab91-4495-ad6c-eeeb6ffbb112

New assessment for topic: CVE-2024-38134

Topic description: "Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/1666dde0-3e50-40c8-a117-96b9df707b45

New assessment for topic: CVE-2025-0282

Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."

"On January 8, 2025, Ivanti published [a security advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283) for two vulnerabilities, CVE-2025-0282, and CVE-2025-0283, affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways. ..."

Link: https://attackerkb.com/assessments/2c7673d5-c3c5-4f02-ba7c-4fa0927b06ac

New assessment for topic: CVE-2024-43452

Topic description: "Windows Registry Elevation of Privilege Vulnerability ..."

"This seems like a really fascinating exploit from the point of view of a researcher, but an utter and complete nightmare for an attacker ..."

Link: https://attackerkb.com/assessments/64b2d2dd-287e-4d2c-8e31-435ffae4440c

New assessment for topic: CVE-2024-48457

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the endpoint /cgi-bin/skk_set.cgi and binary /bin/scripts/start_wifi.sh ..."

"Several Netis Routers including rebranded routers from GLCtec and Stonet suffer from an authentication bypass that allows for an unauthenticated reset of the Wifi and admin password of the router. ..."

Link: https://attackerkb.com/assessments/8d380611-c7f7-4cff-92e3-8bd1113560c9

New assessment for topic: CVE-2024-48455

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the mode_name, wl_link parameters of the skk_get.cgi component. ..."

"`CVE-2024-48555` allows for unauthenticated information disclosure revealing sensitive configuration information of the router which can be used by the attacker to determine of the router is running specific vulnerable firmware. ..."

Link: https://attackerkb.com/assessments/a46c9420-553b-4d8f-abeb-a852a1052d64

New assessment for topic: CVE-2024-48456

Topic description: "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the parameter password at the change admin password page at the router web interface. ..."

"Several Netis Routers including rebranded routers from GLCtec and Stonet suffer from an authenticated command injection vulnerability at the change admin password page of the router web interface. ..."

Link: https://attackerkb.com/assessments/d6c45973-3c8f-41c6-992f-a276f3a579fe

New assessment for topic: CVE-2024-48455

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48455](https://www.cve.org/CVERecord?id=CVE-2024-48455) is a vulnerability discovered in Netis routers where an unauthenticated remote attacker can obtain sensitive information from the router. ..."

Link: https://attackerkb.com/assessments/b9e42efa-bca4-4811-b71c-81c2ac09a1a8

New assessment for topic: CVE-2024-48456

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48456](https://www.cve.org/CVERecord?id=CVE-2024-48456) is an authenticated remote code execution (RCE) in the parameter `password` at the change admin password page at the router web interface. ..."

Link: https://attackerkb.com/assessments/db6b427a-1fea-487a-974d-191031bda560

New assessment for topic: CVE-2024-48457

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"[CVE-2024-48457](https://www.cve.org/CVERecord?id=CVE-2024-48457) is an authentication bypass that allows for an unauthenticated reset of the Wifi and admin password of the router. ..."

Link: https://attackerkb.com/assessments/182d054a-a1ba-4e39-8b00-bae34a0a894a

New assessment for topic: CVE-2019-2684

Topic description: "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI) ..."

"With [remote-method-guesser](https://github.com/qtc-de/remote-method-guesser): detection with `rmg enum` and exploitation with `rmg bind` of the RMI registry localhost bypass. ..."

Link: https://attackerkb.com/assessments/89ae2f1f-63a0-40b2-b8d8-20e6d536574d

New assessment for topic: CVE-2024-53677

Topic description: "File upload logic is flawed vulnerability in Apache Struts. ..."

"[CVE-2024-53677](https://nvd.nist.gov/vuln/detail/CVE-2024-53677) is a flawed upload logic vulnerability in Apache Struts 2 ..."

Link: https://attackerkb.com/assessments/28f08c0a-702c-4ab0-99cb-eea00202fa2c

New assessment for topic: CVE-2024-55956

Topic description: "In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. ..."

"Based on performing the [technical analysis](https://attackerkb.com/topics/geR0H8dgrE/cve-2024-55956/rapid7-analysis) of this vulnerability, and writing a working exploit, I have rated the `Attacker Value` as `Very High`, as the target software is a file sharing system, and we know this is being exploited in the wild ..."

Link: https://attackerkb.com/assessments/fd31b57f-a2cd-440b-959b-2751f6940688

New Rapid7 Analysis on AttackerKB topic: CVE-2024-55956

"On December 9, 2024, multiple security firms began privately reporting [exploitation in the wild](https://www.rapid7.com/blog/post/2024/12/10/etr-widespread-exploitation-of-cleo-file-transfer-software-cve-2024-50623/) targeting the Cleo file transfer products [LexiCom](https://www.cleo.com/cleo-lexicom), [VLTrader](https://www.cleo.com/cleo-vltrader), and [Harmony](https://www.cleo.com/cleo-harmony) ..."

Link: https://attackerkb.com/topics/4f87308e-fb76-4cc9-baa8-22ca5c9c24dc

New assessment for topic: CVE-2024-11320

Topic description: "Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/935658a6-2af0-4357-af6d-1f939a42cc94

New assessment for topic: CVE-2024-52053

Topic description: "Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts. ..."

"Wowza Streaming Engine below v4.9.1 on Windows and Linux is vulnerable to stored Cross-Site Scripting (XSS) ..."

Link: https://attackerkb.com/assessments/33bf7fba-baba-40f4-9cfa-a1e0ddf54e91

New assessment for topic: CVE-2024-52052

Topic description: "Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution. ..."

"Wowza Streaming Engine below v4.9.1 on Windows and Linux is vulnerable to high-privilege remote code execution via the Manager HTTP service (port 8088) ..."

Link: https://attackerkb.com/assessments/10d71e2e-82ba-47d8-97dd-30e8ea604c5e

New assessment for topic: CVE-2024-6235

Topic description: "Sensitive information disclosure in NetScaler Console ..."

"[CVE-2024-6235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6235) is a critical information disclosure vulnerability in Citrix NetScaler Console ..."

Link: https://attackerkb.com/assessments/645f7d33-f250-412f-a116-e71ada952ef9

New assessment for topic: CVE-2024-1708

Topic description: "ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker ..."

"CVE-2024-1708 is a path traversal vulnerability affecting ConnectWise ScreenConnect ..."

Link: https://attackerkb.com/assessments/1b849988-c20e-4489-b536-148cd9c60645