AttackerKB
attackerkb
New assessment for topic: CVE-2023-6553
Topic description: "The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file ..."
"The Backup Migration Wordpress plugin describes itself as an all in one solution if you need to migrate your WordPress site to another host or just restore the site from a backup ..."
Link: https://www.attackerkb.com/assessments/2c58ed71-2d98-4aec-9b22-bb835fea1371
Topic description: "The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file ..."
"The Backup Migration Wordpress plugin describes itself as an all in one solution if you need to migrate your WordPress site to another host or just restore the site from a backup ..."
Link: https://www.attackerkb.com/assessments/2c58ed71-2d98-4aec-9b22-bb835fea1371
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-23897
Topic description: "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. ..."
"CVE-2024-23897 has been identified as an arbitrary file read vulnerability in Jenkins, specifically through its built-in command line interface (CLI) ..."
Link: https://www.attackerkb.com/assessments/bfc5dce6-718d-4e43-a6f4-07e88f4e09cf
Topic description: "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. ..."
"CVE-2024-23897 has been identified as an arbitrary file read vulnerability in Jenkins, specifically through its built-in command line interface (CLI) ..."
Link: https://www.attackerkb.com/assessments/bfc5dce6-718d-4e43-a6f4-07e88f4e09cf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-22527
Topic description: "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance ..."
"A vulnerability exists within Atlassian Confluence which enables a remote and unauthenticated attacker to achieve OS command execution in the context of the application ..."
Link: https://www.attackerkb.com/assessments/f4db997d-7a6a-4670-8c3a-0f660db486d4
Topic description: "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance ..."
"A vulnerability exists within Atlassian Confluence which enables a remote and unauthenticated attacker to achieve OS command execution in the context of the application ..."
Link: https://www.attackerkb.com/assessments/f4db997d-7a6a-4670-8c3a-0f660db486d4
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-0204
Topic description: "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. ..."
"Based on the [technical writeup](https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/) and [PoC](https://github.com/horizon3ai/CVE-2024-0204) from Horizion3, this vulnerability can be exploited by an unauthenticated attacker with access to the management interface of GoAnywhere MFT (by default the management interface is available over TCP port 8000 for HTTP and TCP port 8001 for HTTPS), to create a new administrator account on the system ..."
Link: https://www.attackerkb.com/assessments/eea1031a-9a25-482b-8a3f-df80e318f4d9
Topic description: "Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. ..."
"Based on the [technical writeup](https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/) and [PoC](https://github.com/horizon3ai/CVE-2024-0204) from Horizion3, this vulnerability can be exploited by an unauthenticated attacker with access to the management interface of GoAnywhere MFT (by default the management interface is available over TCP port 8000 for HTTP and TCP port 8001 for HTTPS), to create a new administrator account on the system ..."
Link: https://www.attackerkb.com/assessments/eea1031a-9a25-482b-8a3f-df80e318f4d9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-43208
Topic description: "NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution ..."
"CVE-2023-43208 is a significant security vulnerability in NextGen Healthcare's Mirth Connect, a widely used open-source data integration platform in the healthcare sector ..."
Link: https://www.attackerkb.com/assessments/b400d3c6-a29f-498b-bac9-7c944fedae3b
Topic description: "NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution ..."
"CVE-2023-43208 is a significant security vulnerability in NextGen Healthcare's Mirth Connect, a widely used open-source data integration platform in the healthcare sector ..."
Link: https://www.attackerkb.com/assessments/b400d3c6-a29f-498b-bac9-7c944fedae3b
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-21306
Topic description: "Microsoft Bluetooth Driver Spoofing Vulnerability ..."
"CVE-2024-21306 is part of a series of vulnerabilities affecting the Bluetooth stacks in multiple operating systems, allowing attackers to pair a virtual Bluetooth keyboard without authentication or user confirmation ..."
Link: https://www.attackerkb.com/assessments/e28ec35e-6f67-4b22-b738-dc5815c2d4ea
Topic description: "Microsoft Bluetooth Driver Spoofing Vulnerability ..."
"CVE-2024-21306 is part of a series of vulnerabilities affecting the Bluetooth stacks in multiple operating systems, allowing attackers to pair a virtual Bluetooth keyboard without authentication or user confirmation ..."
Link: https://www.attackerkb.com/assessments/e28ec35e-6f67-4b22-b738-dc5815c2d4ea
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-2868
Topic description: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 ..."
"See the [Rapid7 Analysis](https://attackerkb.com/topics/2Z0CWopGPX/cve-2023-2868/rapid7-analysis) for a full technical analysis of this vulnerability, including proof-of-concept code ..."
Link: https://www.attackerkb.com/assessments/f3a9a56e-4bd5-490a-9123-2fbdfab5e353
Topic description: "A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006 ..."
"See the [Rapid7 Analysis](https://attackerkb.com/topics/2Z0CWopGPX/cve-2023-2868/rapid7-analysis) for a full technical analysis of this vulnerability, including proof-of-concept code ..."
Link: https://www.attackerkb.com/assessments/f3a9a56e-4bd5-490a-9123-2fbdfab5e353
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2023-35636
Topic description: "Microsoft Outlook Information Disclosure Vulnerability ..."
"Discovered by Dolev Taler from the Varonis Threat Labs team, CVE-2023-35636 is an exploit of the calendar-sharing function in Microsoft Outlook, whereby adding two headers to an email directs Outlook to share content and contact a designated machine, creating an opportunity to intercept an NTLM v2 hash ..."
Link: https://www.attackerkb.com/assessments/e0b9a9db-17a2-47d1-a8e2-6cb0691b8829
Topic description: "Microsoft Outlook Information Disclosure Vulnerability ..."
"Discovered by Dolev Taler from the Varonis Threat Labs team, CVE-2023-35636 is an exploit of the calendar-sharing function in Microsoft Outlook, whereby adding two headers to an email directs Outlook to share content and contact a designated machine, creating an opportunity to intercept an NTLM v2 hash ..."
Link: https://www.attackerkb.com/assessments/e0b9a9db-17a2-47d1-a8e2-6cb0691b8829
0
2
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-52251
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/dd3eeaea-d0af-4baa-a093-51ccbbf54678
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/dd3eeaea-d0af-4baa-a093-51ccbbf54678
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-34048
Topic description: "vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. ..."
"Critical out-of-bounds write vuln in vCenter Server and Cloud Foundation ..."
Link: https://www.attackerkb.com/assessments/5707cf70-b245-462a-b40d-4fc16e653817
Topic description: "vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. ..."
"Critical out-of-bounds write vuln in vCenter Server and Cloud Foundation ..."
Link: https://www.attackerkb.com/assessments/5707cf70-b245-462a-b40d-4fc16e653817
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-41056
Topic description: "Redis is an in-memory database that persists on disk ..."
"The redis project patched a possible memory corruption vulnerability in the `sdsResize` method using commit [5f5f298a](https://github.com/redis/redis/commit/5f5f298a4a071abf8f1d3b066c39d050ee1a03a7) ..."
Link: https://www.attackerkb.com/assessments/d14fe2c9-4823-4246-8be3-adb88742cc58
Topic description: "Redis is an in-memory database that persists on disk ..."
"The redis project patched a possible memory corruption vulnerability in the `sdsResize` method using commit [5f5f298a](https://github.com/redis/redis/commit/5f5f298a4a071abf8f1d3b066c39d050ee1a03a7) ..."
Link: https://www.attackerkb.com/assessments/d14fe2c9-4823-4246-8be3-adb88742cc58
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-36874
Topic description: "Windows Error Reporting Service Elevation of Privilege Vulnerability ..."
"CVE-2023-36874 is a filesystem redirection vulnerability that relies on a trusted process using relative filepath data and poor file validation to allow a malicious actor to escalate privilege on Windows 10 hosts ..."
Link: https://www.attackerkb.com/assessments/54d2e5af-4cf7-40de-8aac-0afe7a59972e
Topic description: "Windows Error Reporting Service Elevation of Privilege Vulnerability ..."
"CVE-2023-36874 is a filesystem redirection vulnerability that relies on a trusted process using relative filepath data and poor file validation to allow a malicious actor to escalate privilege on Windows 10 hosts ..."
Link: https://www.attackerkb.com/assessments/54d2e5af-4cf7-40de-8aac-0afe7a59972e
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-35618
Topic description: "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/58a96fbf-a409-41e8-87a2-21ae6ddecadf
Topic description: "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/58a96fbf-a409-41e8-87a2-21ae6ddecadf
0
0
0
AttackerKB
attackerkb
New assessment for topic: Laravel Framework Unserialize Token RCE (CVE-2018-15133)
Topic description: "In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value ..."
"CVE-2018-15133 is a vulnerability in the Laravel Framework versions 5.5.40 and 5.6.x up to 5.6.29 ..."
Link: https://www.attackerkb.com/assessments/6299bb2e-ccce-4e7b-863f-0788d8a138d8
Topic description: "In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value ..."
"CVE-2018-15133 is a vulnerability in the Laravel Framework versions 5.5.40 and 5.6.x up to 5.6.29 ..."
Link: https://www.attackerkb.com/assessments/6299bb2e-ccce-4e7b-863f-0788d8a138d8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-29357
Topic description: "Microsoft SharePoint Server Elevation of Privilege Vulnerability ..."
"CVE-2023-29357 is a critical vulnerability in Microsoft SharePoint Server, classified as an Elevation of Privilege (EoP) flaw ..."
Link: https://www.attackerkb.com/assessments/ce69360d-3c58-465a-b630-302d99e8baa9
Topic description: "Microsoft SharePoint Server Elevation of Privilege Vulnerability ..."
"CVE-2023-29357 is a critical vulnerability in Microsoft SharePoint Server, classified as an Elevation of Privilege (EoP) flaw ..."
Link: https://www.attackerkb.com/assessments/ce69360d-3c58-465a-b630-302d99e8baa9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-38146
Topic description: "Windows Themes Remote Code Execution Vulnerability ..."
"CVE-2023-38146, A.K.A ..."
Link: https://www.attackerkb.com/assessments/4f61b101-be1f-453a-9127-efc203315d47
Topic description: "Windows Themes Remote Code Execution Vulnerability ..."
"CVE-2023-38146, A.K.A ..."
Link: https://www.attackerkb.com/assessments/4f61b101-be1f-453a-9127-efc203315d47
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2023-46805
"Starting January 10, 2024, multiple parties ([Ivanti](https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US), [Volexity](https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/), and [Mandiant](https://www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day)) disclosed the existence of a zero-day exploit chain affecting Ivanti Connect Secure (previously called Pulse Connect Secure) and Ivanti Policy Secure gateway ..."
Link: https://www.attackerkb.com/topics/40a59992-3535-439c-a358-ec629cfa6115
"Starting January 10, 2024, multiple parties ([Ivanti](https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US), [Volexity](https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/), and [Mandiant](https://www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day)) disclosed the existence of a zero-day exploit chain affecting Ivanti Connect Secure (previously called Pulse Connect Secure) and Ivanti Policy Secure gateway ..."
Link: https://www.attackerkb.com/topics/40a59992-3535-439c-a358-ec629cfa6115
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-20656
Topic description: "Visual Studio Elevation of Privilege Vulnerability ..."
"CVE-2024-20656 is an elevation of privilege vulnerability in Microsoft Visual Studio, specifically in the Diagnostics Hub Standard Collector ..."
Link: https://www.attackerkb.com/assessments/a0b65cce-4750-4947-9ff2-2a53f853b2a4
Topic description: "Visual Studio Elevation of Privilege Vulnerability ..."
"CVE-2024-20656 is an elevation of privilege vulnerability in Microsoft Visual Studio, specifically in the Diagnostics Hub Standard Collector ..."
Link: https://www.attackerkb.com/assessments/a0b65cce-4750-4947-9ff2-2a53f853b2a4
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-7028
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"Tested on Gitlab CE 16.6.1 ..."
Link: https://www.attackerkb.com/assessments/e4f7a426-1beb-45a4-ac47-b2f56237be20
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"Tested on Gitlab CE 16.6.1 ..."
Link: https://www.attackerkb.com/assessments/e4f7a426-1beb-45a4-ac47-b2f56237be20
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-35737
Topic description: "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. ..."
"CVE-2022-35737 is a vulnerability in SQLite, specifically in versions 1.0.12 through 3.39.x before 3.39.2 ..."
Link: https://www.attackerkb.com/assessments/eab8c044-5a9c-4a4b-91f7-7eec584f2127
Topic description: "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. ..."
"CVE-2022-35737 is a vulnerability in SQLite, specifically in versions 1.0.12 through 3.39.x before 3.39.2 ..."
Link: https://www.attackerkb.com/assessments/eab8c044-5a9c-4a4b-91f7-7eec584f2127
0
0
0