New assessment for topic: CVE-2024-3094

Topic description: "Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0 ..."

"This one has gained significant attention over the past few days ..."

Link: https://www.attackerkb.com/assessments/05a530d9-2cbb-4405-baec-c6ed4a9472a8

New assessment for topic: CVE-2023-20269

Topic description: "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. ..."

"Rapid7 observed pre-patch exploitation of this vulnerability from March through at least August of 2023 ..."

Link: https://www.attackerkb.com/assessments/d8b380b1-597a-4352-8807-975512f6cd89

New assessment for topic: CVE-2024-24725

Topic description: "Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/51ea97f1-d279-45df-9b7a-b2fad2252273

New assessment for topic: CVE-2023-41724

Topic description: "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network ..."

"Ivanti Standalone Sentry serves as a conduit, connecting devices with an organization's ActiveSync-compatible email systems (like Microsoft Exchange Server) or other backend resources (such as Microsoft SharePoint server) ..."

Link: https://www.attackerkb.com/assessments/62df9c8e-67f9-4b0a-bf01-18217ce3218b

New assessment for topic: CVE-2024-20767

Topic description: "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read ..."

"CVE-2024-20767 highlights a vulnerability in a ColdFusion application, specifically within a server management component (`/CFIDE/adminapi/_servermanager/servermanager.cfc`) ..."

Link: https://www.attackerkb.com/assessments/c8f6490e-19ef-4780-9f2e-2092da6f0f8b

New assessment for topic: CVE-2024-23759

Topic description: "Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/eb1a9fc0-e1ae-4953-88b8-541a251a0263

New assessment for topic: CVE-2023-48788

Topic description: "A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/bd0a0b70-bf0b-4079-a334-c636135a39cc

New assessment for topic: CVE-2024-21413

Topic description: "Microsoft Outlook Remote Code Execution Vulnerability ..."

"By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file ..."

Link: https://www.attackerkb.com/assessments/fe6b7788-e442-4032-883f-8fb416a4f8b1

New assessment for topic: CVE-2024-2054

Topic description: "The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/e73cbea0-774c-46e7-bf40-d0a988c026f6

New assessment for topic: CVE-2022-31791

Topic description: "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/514c3424-a21c-429d-999f-b5d46b0e3762

New assessment for topic: CVE-2024-27199

Topic description: "In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible ..."

"CVE-2024-27199, allows for a limited amount of information disclosure and a limited amount of system modification, including the ability for an unauthenticated attacker to replace the HTTPS certificate in a vulnerable TeamCity server with a certificate of the attacker's choosing. ..."

Link: https://www.attackerkb.com/assessments/343cb821-e285-4854-8351-5429e90e1d73

New assessment for topic: CVE-2024-27198

Topic description: "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible ..."

"CVE-2024-27198, allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker, including unauthenticated RCE ..."

Link: https://www.attackerkb.com/assessments/3a990b09-ee98-4f26-8bdb-8aaa27da4b44

New Rapid7 Analysis on AttackerKB topic: CVE-2024-27198

"CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288) and has a CVSS base score of 9.8 (Critical). ..."

Link: https://www.attackerkb.com/topics/272a41fd-6e6b-4bf6-8544-0481382e8b2b

New Rapid7 Analysis on AttackerKB topic: CVE-2024-27199

"CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22) and has a CVSS base score of 7.3 (High). ..."

Link: https://www.attackerkb.com/topics/7f1c8d00-ae08-447b-86b6-756b2e89da2b

New assessment for topic: CVE-2022-26318

Topic description: "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786 ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/dca1d0dc-daa6-452b-90a2-292308a1405d

New assessment for topic: CVE-2024-21423

Topic description: "Microsoft Edge (Chromium-based) Information Disclosure Vulnerability ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/b7e7584c-f44e-41d4-a2f9-20eeefab2d9e

New assessment for topic: CVE-2024-23334

Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/3ba6ec55-2c39-4110-9841-7fa7d61e3410

New assessment for topic: CVE-2024-23334

Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."

" web.static("/static", "static/", follow_symlinks=True), # Remove follow_symlinks to avoid the vulnerability ..."

Link: https://www.attackerkb.com/assessments/98db16f7-5369-4174-8e63-36fc1b244d45

New assessment for topic: CVE-2024-1548

Topic description: "A website could have obscured the fullscreen notification by using a dropdown select input element ..."

"I reckon we got ourselves a CVE on our hands – CVE-2024-1548, ya see? This little critter's been sneaky, messin' with Firefox, Thunderbird, and them ESR versions ..."

Link: https://www.attackerkb.com/assessments/b3b020c7-dcf3-434d-88f0-ef5a724ae504

New assessment for topic: CVE-2024-1709

Topic description: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel ..."

"Based on writing the [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/18870) for this vulnerability, I have rated the exploitability as very high, as leveraging CVE-2203-1709 to create a new administrator account is trivial ..."

Link: https://www.attackerkb.com/assessments/082b6adc-c4e1-4ebd-9fc0-3a4afeb73892