AttackerKB
attackerkb
New assessment for topic: CVE-2024-45519
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"This is one of a [list of vulnerabilities](https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories) disclosed in Synacor's Zimbra Collaboration Suite recently — this particular issue lies in Zimbra's postjournal service and evidently allows for unauthenticated command execution ..."
Link: https://attackerkb.com/assessments/cdb2647d-620f-4987-aad5-477c0b0ac1ad
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"This is one of a [list of vulnerabilities](https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories) disclosed in Synacor's Zimbra Collaboration Suite recently — this particular issue lies in Zimbra's postjournal service and evidently allows for unauthenticated command execution ..."
Link: https://attackerkb.com/assessments/cdb2647d-620f-4987-aad5-477c0b0ac1ad
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-25950
Topic description: "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request ..."
"HAProxy's HTTP/3 implementation fails to block a **malformed HTTP header field name**, and **when deployed in front of a server that incorrectly process this malformed header**, it may be used to conduct an HTTP request/response smuggling attack ..."
Link: https://attackerkb.com/assessments/410b285d-5724-4300-bcc4-603cc4c726ac
Topic description: "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request ..."
"HAProxy's HTTP/3 implementation fails to block a **malformed HTTP header field name**, and **when deployed in front of a server that incorrectly process this malformed header**, it may be used to conduct an HTTP request/response smuggling attack ..."
Link: https://attackerkb.com/assessments/410b285d-5724-4300-bcc4-603cc4c726ac
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-47176
Topic description: "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers ..."
"On September 26, 2024, technical details of a four-vulnerability exploit chain affecting the Common UNIX Printing System (CUPS) [were disclosed](https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/) ..."
Link: https://attackerkb.com/assessments/0db25c11-bd76-45d3-9338-4341b3da0e75
Topic description: "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers ..."
"On September 26, 2024, technical details of a four-vulnerability exploit chain affecting the Common UNIX Printing System (CUPS) [were disclosed](https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/) ..."
Link: https://attackerkb.com/assessments/0db25c11-bd76-45d3-9338-4341b3da0e75
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-45195
Topic description: "Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. ..."
"[Apache OFBiz](https://ofbiz.apache.org/) is an open-source web-based enterprise resource planning and customer relationship management suite ..."
Link: https://attackerkb.com/assessments/33abbf06-f2b3-4792-9a9c-bca92ea20fd9
Topic description: "Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. ..."
"[Apache OFBiz](https://ofbiz.apache.org/) is an open-source web-based enterprise resource planning and customer relationship management suite ..."
Link: https://attackerkb.com/assessments/33abbf06-f2b3-4792-9a9c-bca92ea20fd9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-7029
Topic description: "Commands can be injected over the network and executed without authentication. ..."
"**TL;DR:** Unpatched command injection vulnerability in an end-of-life IP camera, being exploited to drop a Mirai botnet malware variant ..."
Link: https://attackerkb.com/assessments/b1fb9ef3-b8b1-4bab-9942-179341ec4cbc
Topic description: "Commands can be injected over the network and executed without authentication. ..."
"**TL;DR:** Unpatched command injection vulnerability in an end-of-life IP camera, being exploited to drop a Mirai botnet malware variant ..."
Link: https://attackerkb.com/assessments/b1fb9ef3-b8b1-4bab-9942-179341ec4cbc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-45249
Topic description: "Remote command execution due to use of default passwords ..."
"On 24 July, Acronis published the security advisory [SEC-6452: Remote command execution due to use of default passwords](https://security-advisory.acronis.com/advisories/SEC-6452) where default passwords are exploited to gain admin access to the Acronis Cyber Infrastructure ..."
Link: https://attackerkb.com/assessments/11c1c3e7-7035-4201-85d8-100b3c567e5b
Topic description: "Remote command execution due to use of default passwords ..."
"On 24 July, Acronis published the security advisory [SEC-6452: Remote command execution due to use of default passwords](https://security-advisory.acronis.com/advisories/SEC-6452) where default passwords are exploited to gain admin access to the Acronis Cyber Infrastructure ..."
Link: https://attackerkb.com/assessments/11c1c3e7-7035-4201-85d8-100b3c567e5b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-42115
Topic description: "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability ..."
" - Vulnerability Type: Service-specific security vulnerability ..."
Link: https://attackerkb.com/assessments/16ed4828-fca4-450f-a37e-882f1c766c8d
Topic description: "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability ..."
" - Vulnerability Type: Service-specific security vulnerability ..."
Link: https://attackerkb.com/assessments/16ed4828-fca4-450f-a37e-882f1c766c8d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-44000
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2024-44000 is an unauthenticated account takeover vulnerability in LiteSpeed Cache, a Wordpress plugin that currently has around 6 million active installations ..."
Link: https://attackerkb.com/assessments/5558a403-7673-4b3c-913b-f2ae6ddcc5fd
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2024-44000 is an unauthenticated account takeover vulnerability in LiteSpeed Cache, a Wordpress plugin that currently has around 6 million active installations ..."
Link: https://attackerkb.com/assessments/5558a403-7673-4b3c-913b-f2ae6ddcc5fd
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-40766
Topic description: "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash ..."
"Many reports have been made of the Akira and/or Fog ransomware group abusing this vulnerability ..."
Link: https://attackerkb.com/assessments/bf26a127-61bc-4142-a2c4-ade9dd595c66
Topic description: "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash ..."
"Many reports have been made of the Akira and/or Fog ransomware group abusing this vulnerability ..."
Link: https://attackerkb.com/assessments/bf26a127-61bc-4142-a2c4-ade9dd595c66
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-21060
Topic description: "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary) ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/ee7b24cb-1d62-4f3b-b7b7-a785510a1d19
Topic description: "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary) ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/ee7b24cb-1d62-4f3b-b7b7-a785510a1d19
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-33044
Topic description: "The identity authentication bypass vulnerability found in some Dahua products during the login process ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/3171642d-f89e-41bd-9ebe-75c267602634
Topic description: "The identity authentication bypass vulnerability found in some Dahua products during the login process ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/3171642d-f89e-41bd-9ebe-75c267602634
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-33045
Topic description: "The identity authentication bypass vulnerability found in some Dahua products during the login process ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/b363ab32-d16a-4ed2-b720-67a9ac625ef9
Topic description: "The identity authentication bypass vulnerability found in some Dahua products during the login process ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/b363ab32-d16a-4ed2-b720-67a9ac625ef9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-26134
Topic description: "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/c466c1e4-b5eb-43b5-bd9c-3b86b8c2663e
Topic description: "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/c466c1e4-b5eb-43b5-bd9c-3b86b8c2663e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-26138
Topic description: "The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/4bb352f3-5c69-4acc-a27f-7ce2b03fb199
Topic description: "The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/4bb352f3-5c69-4acc-a27f-7ce2b03fb199
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-3236
Topic description: "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/9a9d108b-b1c1-4c52-afb3-e9d99b7a416b
Topic description: "A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. ..."
"On September 5th 2024, CISA released a security bulletin highlighting the cyber-attacks from a Russian actor ..."
Link: https://attackerkb.com/assessments/9a9d108b-b1c1-4c52-afb3-e9d99b7a416b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-30088
Topic description: "Windows Kernel Elevation of Privilege Vulnerability ..."
"CVE-2024-30088 is a Windows Kernel Elevation of Privilege Vulnerability which affects many recent versions of Windows 10, Windows 11 and Windows Server 2016, 2019 and 2022 ..."
Link: https://attackerkb.com/assessments/320a5ebf-9140-4fd8-8348-566f25c54ac7
Topic description: "Windows Kernel Elevation of Privilege Vulnerability ..."
"CVE-2024-30088 is a Windows Kernel Elevation of Privilege Vulnerability which affects many recent versions of Windows 10, Windows 11 and Windows Server 2016, 2019 and 2022 ..."
Link: https://attackerkb.com/assessments/320a5ebf-9140-4fd8-8348-566f25c54ac7
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-40766
Topic description: "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash ..."
"On August 22, 2024, SonicWall published [an advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015) for an improper access control vulnerability affecting multiple models in their Next Generation Firewall (NGFW) series of devices, specifically those running SonicOS v5, v6 and the latest version v7: ..."
Link: https://attackerkb.com/assessments/85106b81-693e-4e27-bddf-4ae992d7dea3
Topic description: "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash ..."
"On August 22, 2024, SonicWall published [an advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015) for an improper access control vulnerability affecting multiple models in their Next Generation Firewall (NGFW) series of devices, specifically those running SonicOS v5, v6 and the latest version v7: ..."
Link: https://attackerkb.com/assessments/85106b81-693e-4e27-bddf-4ae992d7dea3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-43044
Topic description: "Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. ..."
"[CVE-2024-43044](https://nvd.nist.gov/vuln/detail/CVE-2024-43044) is an arbitrary file read vulnerability in Jenkins Automation Server, and it's exploitable via [Jenkins Remoting](https://github.com/jenkinsci/remoting) ..."
Link: https://attackerkb.com/assessments/37724f7c-2b1d-43ef-9d31-48fff258f4d3
Topic description: "Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. ..."
"[CVE-2024-43044](https://nvd.nist.gov/vuln/detail/CVE-2024-43044) is an arbitrary file read vulnerability in Jenkins Automation Server, and it's exploitable via [Jenkins Remoting](https://github.com/jenkinsci/remoting) ..."
Link: https://attackerkb.com/assessments/37724f7c-2b1d-43ef-9d31-48fff258f4d3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38063
Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."
"As a quick addendum to @sfewer-r7's excellent assessment, I've seen this vulnerability compared with [CVE-2020-16898](https://attackerkb.com/topics/17lFRTT1DO/cve-2020-16898-aka-bad-neighbor-ping-of-death-redux) in a few news articles, alongside the dreaded "w" word ("wormable") ..."
Link: https://attackerkb.com/assessments/675ac514-4a44-4197-af6c-38b33d372455
Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."
"As a quick addendum to @sfewer-r7's excellent assessment, I've seen this vulnerability compared with [CVE-2020-16898](https://attackerkb.com/topics/17lFRTT1DO/cve-2020-16898-aka-bad-neighbor-ping-of-death-redux) in a few news articles, alongside the dreaded "w" word ("wormable") ..."
Link: https://attackerkb.com/assessments/675ac514-4a44-4197-af6c-38b33d372455
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38063
Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."
"On August 13, 2024, Microsoft disclosed CVE-2024-38063, an integer underflow vulnerability ([CWE-191](https://cwe.mitre.org/data/definitions/191.html)) affecting the IPv6 component of the Windows TCP/IP networking stack ..."
Link: https://attackerkb.com/assessments/92c8c4df-81fd-426e-bf53-60a08563d643
Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."
"On August 13, 2024, Microsoft disclosed CVE-2024-38063, an integer underflow vulnerability ([CWE-191](https://cwe.mitre.org/data/definitions/191.html)) affecting the IPv6 component of the Windows TCP/IP networking stack ..."
Link: https://attackerkb.com/assessments/92c8c4df-81fd-426e-bf53-60a08563d643
0
1
1