Posts
230
Following
Hidden
Followers
53
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2024-3094

Topic description: "Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0 ..."

"On the one hand, it's backdoored software, so "exploitation" could arguably have already occurred (in the form of an already executed supply chain attack) ..."

Link: https://www.attackerkb.com/assessments/c9511426-7250-4e5f-bd18-d42861f3ccae
0
0
0
New assessment for topic: CVE-2024-3094

Topic description: "Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0 ..."

"xz backdoor leads to authentication bypass on OpenSSH ..."

Link: https://www.attackerkb.com/assessments/12d28505-ef0b-42d3-ab4b-4854d443b6dc
0
0
0
New assessment for topic: CVE-2024-3094

Topic description: "Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0 ..."

"This one has gained significant attention over the past few days ..."

Link: https://www.attackerkb.com/assessments/05a530d9-2cbb-4405-baec-c6ed4a9472a8
0
0
0
New assessment for topic: CVE-2023-20269

Topic description: "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. ..."

"Rapid7 observed pre-patch exploitation of this vulnerability from March through at least August of 2023 ..."

Link: https://www.attackerkb.com/assessments/d8b380b1-597a-4352-8807-975512f6cd89
0
1
0
New assessment for topic: CVE-2024-24725

Topic description: "Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/51ea97f1-d279-45df-9b7a-b2fad2252273
0
0
0
New assessment for topic: CVE-2023-41724

Topic description: "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network ..."

"Ivanti Standalone Sentry serves as a conduit, connecting devices with an organization's ActiveSync-compatible email systems (like Microsoft Exchange Server) or other backend resources (such as Microsoft SharePoint server) ..."

Link: https://www.attackerkb.com/assessments/62df9c8e-67f9-4b0a-bf01-18217ce3218b
0
0
0
New assessment for topic: CVE-2024-20767

Topic description: "ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read ..."

"CVE-2024-20767 highlights a vulnerability in a ColdFusion application, specifically within a server management component (`/CFIDE/adminapi/_servermanager/servermanager.cfc`) ..."

Link: https://www.attackerkb.com/assessments/c8f6490e-19ef-4780-9f2e-2092da6f0f8b
0
1
1
New assessment for topic: CVE-2024-23759

Topic description: "Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/eb1a9fc0-e1ae-4953-88b8-541a251a0263
0
0
0
New assessment for topic: CVE-2023-48788

Topic description: "A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/bd0a0b70-bf0b-4079-a334-c636135a39cc
0
0
0
New assessment for topic: CVE-2024-21413

Topic description: "Microsoft Outlook Remote Code Execution Vulnerability ..."

"By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file ..."

Link: https://www.attackerkb.com/assessments/fe6b7788-e442-4032-883f-8fb416a4f8b1
0
0
0
New assessment for topic: CVE-2024-2054

Topic description: "The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/e73cbea0-774c-46e7-bf40-d0a988c026f6
0
0
0
New assessment for topic: CVE-2022-31791

Topic description: "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/514c3424-a21c-429d-999f-b5d46b0e3762
0
0
0
New assessment for topic: CVE-2024-27199

Topic description: "In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible ..."

"CVE-2024-27199, allows for a limited amount of information disclosure and a limited amount of system modification, including the ability for an unauthenticated attacker to replace the HTTPS certificate in a vulnerable TeamCity server with a certificate of the attacker's choosing. ..."

Link: https://www.attackerkb.com/assessments/343cb821-e285-4854-8351-5429e90e1d73
0
1
0
New assessment for topic: CVE-2024-27198

Topic description: "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible ..."

"CVE-2024-27198, allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker, including unauthenticated RCE ..."

Link: https://www.attackerkb.com/assessments/3a990b09-ee98-4f26-8bdb-8aaa27da4b44
0
2
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-27198

"CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288) and has a CVSS base score of 9.8 (Critical). ..."

Link: https://www.attackerkb.com/topics/272a41fd-6e6b-4bf6-8544-0481382e8b2b
0
0
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-27199

"CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22) and has a CVSS base score of 7.3 (High). ..."

Link: https://www.attackerkb.com/topics/7f1c8d00-ae08-447b-86b6-756b2e89da2b
0
0
0
New assessment for topic: CVE-2022-26318

Topic description: "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786 ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/dca1d0dc-daa6-452b-90a2-292308a1405d
0
0
0
New assessment for topic: CVE-2024-21423

Topic description: "Microsoft Edge (Chromium-based) Information Disclosure Vulnerability ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/b7e7584c-f44e-41d4-a2f9-20eeefab2d9e
0
0
0
New assessment for topic: CVE-2024-23334

Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."

"[metadata only] ..."

Link: https://www.attackerkb.com/assessments/3ba6ec55-2c39-4110-9841-7fa7d61e3410
0
0
0
New assessment for topic: CVE-2024-23334

Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."

" web.static("/static", "static/", follow_symlinks=True), # Remove follow_symlinks to avoid the vulnerability ..."

Link: https://www.attackerkb.com/assessments/98db16f7-5369-4174-8e63-36fc1b244d45
0
0
0
Show older