Posts
231
Following
Hidden
Followers
53
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2019-2684

Topic description: "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI) ..."

"With [remote-method-guesser](https://github.com/qtc-de/remote-method-guesser): detection with `rmg enum` and exploitation with `rmg bind` of the RMI registry localhost bypass. ..."

Link: https://attackerkb.com/assessments/89ae2f1f-63a0-40b2-b8d8-20e6d536574d
0
0
0
New assessment for topic: CVE-2024-53677

Topic description: "File upload logic is flawed vulnerability in Apache Struts. ..."

"[CVE-2024-53677](https://nvd.nist.gov/vuln/detail/CVE-2024-53677) is a flawed upload logic vulnerability in Apache Struts 2 ..."

Link: https://attackerkb.com/assessments/28f08c0a-702c-4ab0-99cb-eea00202fa2c
0
0
1
New assessment for topic: CVE-2024-55956

Topic description: "In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. ..."

"Based on performing the [technical analysis](https://attackerkb.com/topics/geR0H8dgrE/cve-2024-55956/rapid7-analysis) of this vulnerability, and writing a working exploit, I have rated the `Attacker Value` as `Very High`, as the target software is a file sharing system, and we know this is being exploited in the wild ..."

Link: https://attackerkb.com/assessments/fd31b57f-a2cd-440b-959b-2751f6940688
0
0
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-55956

"On December 9, 2024, multiple security firms began privately reporting [exploitation in the wild](https://www.rapid7.com/blog/post/2024/12/10/etr-widespread-exploitation-of-cleo-file-transfer-software-cve-2024-50623/) targeting the Cleo file transfer products [LexiCom](https://www.cleo.com/cleo-lexicom), [VLTrader](https://www.cleo.com/cleo-vltrader), and [Harmony](https://www.cleo.com/cleo-harmony) ..."

Link: https://attackerkb.com/topics/4f87308e-fb76-4cc9-baa8-22ca5c9c24dc
0
0
0
New assessment for topic: CVE-2024-11320

Topic description: "Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/935658a6-2af0-4357-af6d-1f939a42cc94
0
0
0
New assessment for topic: CVE-2024-52053

Topic description: "Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts. ..."

"Wowza Streaming Engine below v4.9.1 on Windows and Linux is vulnerable to stored Cross-Site Scripting (XSS) ..."

Link: https://attackerkb.com/assessments/33bf7fba-baba-40f4-9cfa-a1e0ddf54e91
0
0
0
New assessment for topic: CVE-2024-52052

Topic description: "Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution. ..."

"Wowza Streaming Engine below v4.9.1 on Windows and Linux is vulnerable to high-privilege remote code execution via the Manager HTTP service (port 8088) ..."

Link: https://attackerkb.com/assessments/10d71e2e-82ba-47d8-97dd-30e8ea604c5e
0
0
0
New assessment for topic: CVE-2024-6235

Topic description: "Sensitive information disclosure in NetScaler Console ..."

"[CVE-2024-6235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6235) is a critical information disclosure vulnerability in Citrix NetScaler Console ..."

Link: https://attackerkb.com/assessments/645f7d33-f250-412f-a116-e71ada952ef9
0
0
0
New assessment for topic: CVE-2024-1708

Topic description: "ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker ..."

"CVE-2024-1708 is a path traversal vulnerability affecting ConnectWise ScreenConnect ..."

Link: https://attackerkb.com/assessments/1b849988-c20e-4489-b536-148cd9c60645
1
4
0
New assessment for topic: CVE-2024-9474

Topic description: "A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. ..."

"[CVE-2024-9474](https://security.paloaltonetworks.com/CVE-2024-9474) was exploited in the wild as part of an exploit chain, paired with the authentication bypass [CVE-2024-0012](https://attackerkb.com/topics/MLL6c2Y4Oo/cve-2024-0012), to allow for unauthenticated RCE ..."

Link: https://attackerkb.com/assessments/83a9c0f2-2ff0-4b7a-ab52-a8f4897d148b
0
1
0
New assessment for topic: CVE-2024-49019

Topic description: "Active Directory Certificate Services Elevation of Privilege Vulnerability ..."

"Microsoft's Active Directory Certificate Services (AD CS) is affected by a vulnerability whereby certificate templates using schema version 1 allow the requester to specify the application policies in the form of OIDs to be included in the signed certificate ..."

Link: https://attackerkb.com/assessments/54369d46-36dd-4e8d-9d13-8b6e7d966228
0
0
0
New assessment for topic: CVE-2024-6100

Topic description: "Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/04193c43-00f7-47b9-b65c-504b6fd49772
0
0
0
New assessment for topic: CVE-2023-28324

Topic description: "A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. ..."

"CVE-2023-28324 is an unauthenticated RCE affecting Ivanti EPM versions 2022 SU2 and prior ..."

Link: https://attackerkb.com/assessments/567fabee-824d-4bf2-9b05-8bbfa083d2b3
0
0
0
New assessment for topic: CVE-2024-11477

Topic description: "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability ..."

"This vulnerability was [introduced](https://github.com/ip7z/7zip/commits/main/C/ZstdDec.c) into 7zip in version 24.05 (released circa May 15, 2024), and then [fixed](https://github.com/ip7z/7zip/commit/a7a1d4a241492e81f659a920f7379c193593ebc6#diff-896855d0e24931a930fa2e2a5e6c4a92d3589a70c1f8436d76e0f3c673888624R1313) in version 24.07 (released circa June 19, 2024), so therefore the vulnerability was only present in two releases over a 1 month period ..."

Link: https://attackerkb.com/assessments/8eb9f1f7-057b-4b6e-943f-d26f65249edf
0
1
0
New assessment for topic: CVE-2024-28986

Topic description: "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine ..."

"On Aug 9, 2024, SolarWinds published an [advisory](https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986) for [CVE-2024-28986](https://nvd.nist.gov/vuln/detail/cve-2024-28986), with a CVSS score of 9.8 (Critical), affecting the Web Help Desk product ..."

Link: https://attackerkb.com/assessments/fb6830c1-6cdc-4a39-b75b-befe370fe728
0
0
0
New assessment for topic: CVE-2024-31497

Topic description: "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures ..."

"CVE-2024-31497 is a cryptographic flaw (specifically [CWE-338](http://cwe.mitre.org/data/definitions/338.html), or "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)") in PuTTY 0.68 through 0.80 ..."

Link: https://attackerkb.com/assessments/5c3654b6-3f53-4658-a932-fd39bf0d6c28
0
0
0
New assessment for topic: CVE-2024-28987

Topic description: "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. ..."

"Solar Winds [Web Help Desk](https://www.solarwinds.com/web-help-desk) is described as an “Affordable Help Desk Ticketing and Asset Management Software” ..."

Link: https://attackerkb.com/assessments/cac27cf6-977a-457b-917a-7b46c7a9d1a4
0
0
0
New assessment for topic: CVE-2024-40711

Topic description: "A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). ..."

"Critical unauthenticated remote code execution vulnerability in Veeam Backup & Replication, a perennially popular target for abuse (including by ransomware groups) ..."

Link: https://attackerkb.com/assessments/a11762ae-41f5-4ba8-b535-ed775b4b1f01
0
0
0
New assessment for topic: CVE-2021-34473

Topic description: "Microsoft Exchange Server Remote Code Execution Vulnerability ..."

"CISA released an updated advisory on the BianLian ransomware group including the vulnerabilities the group is using to gain initial access towards victims ..."

Link: https://attackerkb.com/assessments/d1f7012f-3d3e-4b13-a288-b5729c538d08
0
0
0
New assessment for topic: CVE-2021-34523

Topic description: "Microsoft Exchange Server Elevation of Privilege Vulnerability ..."

"CVE-2021-34523 is a privilege escalation vulnerability in Microsoft Exchange Server that arises due to improper validation of PowerShell remoting requests ..."

Link: https://attackerkb.com/assessments/9481eef1-fd69-4d2e-bdcd-ee023134810c
0
0
0
Show older