Posts
230
Following
Hidden
Followers
53
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2024-6387

Topic description: "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously ..."

"**TL;DR:** Neat! Doesn't sound like something that's going to be easily exploited or automated in pretty much any scenario, so I have little initial concern about widespread exploitation, or even exploitation at all ..."

Link: https://attackerkb.com/assessments/4449caee-544e-4984-ace6-4f5b53c0d2f2
0
0
1
New assessment for topic: CVE-2024-5806

Topic description: "Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. ..."

"Based on our AttackerKB [Rapid7 Analysis](https://attackerkb.com/topics/44EZLG2xgL/cve-2024-5806#rapid7-analysis), I have rated the exploitability as high, as an exploit can easily be implemented by modifying an existing SFTP library to trigger the auth bypass ..."

Link: https://attackerkb.com/assessments/b4dd0bda-ae2f-4ec2-992e-bea386861f29
0
0
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-5806

"On June 25, 2024 Progress Software published an [advisory](https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-Alert-Bulletin-June-2024-CVE-2024-5806) for [CVE-2024-5806](https://www.cve.org/cverecord?id=CVE-2024-5806), an authentication bypass vulnerability affecting the SFTP module of MOVEit Transfer ..."

Link: https://attackerkb.com/topics/f83ee394-ee97-468b-bfa6-48e80210983d
0
0
0
New assessment for topic: CVE-2024-21762

Topic description: "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests ..."

"CVE-2024-21762 is a memory corruption vulnerability that affects a very wide range of FortiNet Firewalls ..."

Link: https://attackerkb.com/assessments/90bfe080-9e30-4248-8bfc-882ba39cef39
0
0
0
New assessment for topic: CVE-2024-26148

Topic description: "Querybook is a user interface for querying big data ..."

"Entered URL through Draft.js entity data (props.contentState.getEntity(props.entityKey).getData()) in querybook/webapp/lib/richtext/ index.tsx (line 13) misses validation of URL schema using Safelist ('http:', 'https:'), resulting in client-side XSS at <Link to={url} newTab> (line 15), enabling ACE when exploited. ..."

Link: https://attackerkb.com/assessments/4e765b62-7e23-42f7-a194-a9166d3ed70d
0
0
0
New assessment for topic: CVE-2024-25641

Topic description: "Cacti provides an operational monitoring and fault management framework ..."

"Cacti versions prior to 1.2.27 are [vulnerable](https://karmainsecurity.com/KIS-2024-04) to arbitrary file write that could lead to RCE ..."

Link: https://attackerkb.com/assessments/07c9b36e-09e6-4af9-bcee-447510ffbcdb
0
1
0
New assessment for topic: CVE-2024-29212

Topic description: "Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine. ..."

"This deserialization vulnerability piqued my interest after I saw it had received a ["patch reissue"](https://www.veeam.com/kb4575) a couple of weeks after it was initially patched ..."

Link: https://attackerkb.com/assessments/9a2c9fe5-eca6-44d9-9eb6-107acd44172a
0
0
0
New assessment for topic: CVE-2024-2389

Topic description: "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.  An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands. ..."

"Progress Flowmon is a network performance monitoring and security solution developed by Progress Software ..."

Link: https://attackerkb.com/assessments/eac89c1b-f915-4cc4-be12-3c7e647408a1
0
0
0
New assessment for topic: CVE-2024-31077

Topic description: "Forminator prior to 1.29.3 contains a SQL injection vulnerability ..."

"Forminator Wordpress plugin versions prior to 1.29.3 are vulnerable to SQL injection ..."

Link: https://attackerkb.com/assessments/3652f19f-55a2-4ba0-95ba-ff07a429c23d
0
0
0
New assessment for topic: CVE-2024-30080

Topic description: "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/00f64473-c826-4bb2-b199-25069dd56068
0
0
0
New assessment for topic: CVE-2024-28995

Topic description: " ..."

"Based upon our [Rapid7 Analysis](https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis), I have rated the attacker value of this vulnerability as Very High, as an unauthenticated attacker can read files from a server, and the vulnerable product is a file tranfser solution ..."

Link: https://attackerkb.com/assessments/a8ea00b2-323b-4d09-b313-3cfc404d8542
0
0
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-28995

"On June 5, 2024, SolarWinds published an [advisory](https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995) for CVE-2024-28995, a high-severity directory traversal vulnerability affecting their file transfer solution Serv-U ..."

Link: https://attackerkb.com/topics/ec88a622-e23a-4ed4-b4bd-adca7bee9acf
0
0
0
New assessment for topic: CVE-2024-4577

Topic description: "In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions ..."

"I have rated the attacker value as high, as if the requirement to exploitation are met the attacker can get remote unauthenticated RCE on the target Windows server ..."

Link: https://attackerkb.com/assessments/04d81142-6675-4a32-8d7f-e573b8f7ddde
0
0
0
New assessment for topic: CVE-2024-23692

Topic description: "Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability ..."

"The Rejetto HTTP File Server (HFS) version 2.x is vulnerable to an unauthenticated server side template injection (SSTI) vulnerability ..."

Link: https://attackerkb.com/assessments/f5c5359d-2446-4e33-a1a2-6a66aa2fb5f6
0
0
0
New assessment for topic: CVE-2024-4358

Topic description: "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. ..."

"So far, 2024 has seen a few notable vulnerabilities, such as [CVE-2024-1709](https://www.rapid7.com/blog/post/2024/02/20/etr-high-risk-vulnerabilities-in-connectwise-screenconnect/), that attack setup wizard flows for authentication bypass ..."

Link: https://attackerkb.com/assessments/20d30f34-ff47-402d-9991-678b34b3fbb4
0
0
0
New assessment for topic: CVE-2024-22026

Topic description: "A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. ..."

"Ivanti EPMM (previously known as MobileIron Core) is vulnerable to a local privilege escalation vulnerability ..."

Link: https://attackerkb.com/assessments/8e941ab8-690f-4125-b598-9a8ff7d935f0
0
0
1
New assessment for topic: CVE-2024-24919

Topic description: "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades ..."

"This is trivial to exploit ..."

Link: https://attackerkb.com/assessments/ad36fea3-37bf-43b3-a5d3-1e4715d23ecb
0
0
0
New assessment for topic: CVE-2024-24919

Topic description: "Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades ..."

"On May 28, 2024, Check Point published an advisory for an unauthenticated information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade ..."

Link: https://attackerkb.com/assessments/1b3e554c-47a1-40f1-a09a-ea867bb4f8a4
0
1
0
New assessment for topic: CVE-2024-21683

Topic description: "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. ..."

"This vulnerability can be leveraged by an authenticated attacker to execute OS commands within the context of the Confluence application server ..."

Link: https://attackerkb.com/assessments/5ad314a1-9fd7-47d7-835f-f29680b3961d
0
0
0
New assessment for topic: CVE-2024-28741

Topic description: "Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component. ..."

" [NorthStarC2]([https://github.com/EnginDemirbilek/NorthStarC2](https://github.com/EnginDemirbilek/NorthStarC2)) is an open source web based command and control framework used by real world threat actors including [UNC3890](https://www.mandiant.com/resources/blog/suspected-iranian-actor-targeting-israeli-shipping](https://www.mandiant.com/resources/blog/suspected-iranian-actor-targeting-israeli-shipping), [APT33](https://exchange.xforce.ibmcloud.com/collection/Recent-Hive0016-Infrastructure-and-Use-of-NorthStarC2-Pentest-Framework-77196fe57bb122088c210286da5d5b20) and [Patchwork/APT-Q-36](https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/may-hot-apt-security-events-techniques-tracker) to name a few ..."

Link: https://attackerkb.com/assessments/0e9af56e-90c5-4900-8384-9d33bdfe7e26
0
0
0
Show older