AttackerKB
attackerkb
New assessment for topic: CVE-2023-4220
Topic description: "Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. ..."
"Chamilo LMS is a free software e-learning and content management system ..."
Link: https://attackerkb.com/assessments/bf6c1ddd-3805-4e8e-89ed-eecd9feb237b
Topic description: "Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. ..."
"Chamilo LMS is a free software e-learning and content management system ..."
Link: https://attackerkb.com/assessments/bf6c1ddd-3805-4e8e-89ed-eecd9feb237b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-8069
Topic description: "Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server ..."
"On November 12, 2024, Citrix published [an advisory](https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069) for an unsafe deserialization bug affecting the Citrix Session Recording software from the Citrix Virtual Apps and Desktops product ..."
Link: https://attackerkb.com/assessments/92f22b7b-ec2b-4fa4-9f26-4ff6fea1a6a4
Topic description: "Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server ..."
"On November 12, 2024, Citrix published [an advisory](https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069) for an unsafe deserialization bug affecting the Citrix Session Recording software from the Citrix Virtual Apps and Desktops product ..."
Link: https://attackerkb.com/assessments/92f22b7b-ec2b-4fa4-9f26-4ff6fea1a6a4
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-47575
"On October 23, 2024, Fortinet published an [advisory](https://www.fortiguard.com/psirt/FG-IR-24-423) for [CVE-2024-47575](https://www.rapid7.com/blog/post/2024/10/23/etr-fortinet-fortimanager-cve-2024-47575-exploited-in-zero-day-attacks/), a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices ..."
Link: https://attackerkb.com/topics/233a6e31-b2a2-400c-94a9-20c1a3297683
"On October 23, 2024, Fortinet published an [advisory](https://www.fortiguard.com/psirt/FG-IR-24-423) for [CVE-2024-47575](https://www.rapid7.com/blog/post/2024/10/23/etr-fortinet-fortimanager-cve-2024-47575-exploited-in-zero-day-attacks/), a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices ..."
Link: https://attackerkb.com/topics/233a6e31-b2a2-400c-94a9-20c1a3297683
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-9464
Topic description: "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. ..."
"Note: While this is an authenticated exploit, CVE-2024-5910 affects the same versions and allows an attacker to reset the admin password to allow authentication. ..."
Link: https://attackerkb.com/assessments/911948de-467d-4804-b97d-d943203fae60
Topic description: "An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. ..."
"Note: While this is an authenticated exploit, CVE-2024-5910 affects the same versions and allows an attacker to reset the admin password to allow authentication. ..."
Link: https://attackerkb.com/assessments/911948de-467d-4804-b97d-d943203fae60
0
3
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-5910
Topic description: "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. ..."
"This is a vulnerability in the password reset of the Palo Alto Expedition web server, and is disturbingly simple ..."
Link: https://attackerkb.com/assessments/ad9409b6-bb16-492b-8392-b8a44c5e3021
Topic description: "Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. ..."
"This is a vulnerability in the password reset of the Palo Alto Expedition web server, and is disturbingly simple ..."
Link: https://attackerkb.com/assessments/ad9409b6-bb16-492b-8392-b8a44c5e3021
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-34102
Topic description: "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution ..."
"Note: This write up will focus on the impact that CVE-2024-34102 can have when combined with CVE-2024-2961 and how the two bugs can be used to achieve RCE ..."
Link: https://attackerkb.com/assessments/fd4b6425-8316-441d-bd58-b14f022873c9
Topic description: "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution ..."
"Note: This write up will focus on the impact that CVE-2024-34102 can have when combined with CVE-2024-2961 and how the two bugs can be used to achieve RCE ..."
Link: https://attackerkb.com/assessments/fd4b6425-8316-441d-bd58-b14f022873c9
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-35250
Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."
"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."
Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53
Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."
"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."
Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-37404
Topic description: "Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution. ..."
"Ivanti Connect Secure versions prior to 22.7R2.1 and 22.7R2.2, and Ivanti Policy Secure versions prior to 22.7R1 are vulnerable to [CRLF injection](https://owasp.org/www-community/vulnerabilities/CRLF_Injection), which leads to remote code execution with the privileges of the user `root` ..."
Link: https://attackerkb.com/assessments/34ea5769-e0d6-4c65-bfc3-510c679ef515
Topic description: "Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution. ..."
"Ivanti Connect Secure versions prior to 22.7R2.1 and 22.7R2.2, and Ivanti Policy Secure versions prior to 22.7R1 are vulnerable to [CRLF injection](https://owasp.org/www-community/vulnerabilities/CRLF_Injection), which leads to remote code execution with the privileges of the user `root` ..."
Link: https://attackerkb.com/assessments/34ea5769-e0d6-4c65-bfc3-510c679ef515
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-47575
Topic description: "A missing authentication for critical function vulnerability in Fortinet's FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. ..."
"The flaw lies in the FortiGate to FortiManager Protocol (FGFM), which is designed for deployment scenarios where NAT traversal is needed ..."
Link: https://attackerkb.com/assessments/89ecce82-7a39-4376-82e1-8f5bfaad47f6
Topic description: "A missing authentication for critical function vulnerability in Fortinet's FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. ..."
"The flaw lies in the FortiGate to FortiManager Protocol (FGFM), which is designed for deployment scenarios where NAT traversal is needed ..."
Link: https://attackerkb.com/assessments/89ecce82-7a39-4376-82e1-8f5bfaad47f6
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-3405
Topic description: "Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/d1b91dad-cf7b-440a-bcec-69d9332d95ff
Topic description: "Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/d1b91dad-cf7b-440a-bcec-69d9332d95ff
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-30995
Topic description: "Sensitive information disclosure due to improper authentication ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/5b2f7148-394b-4035-8e70-f9d3d6eb0737
Topic description: "Sensitive information disclosure due to improper authentication ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/5b2f7148-394b-4035-8e70-f9d3d6eb0737
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-41874
Topic description: "ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user ..."
"[CVE-2024-41874](https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html) is described as a critical unauthenticated remote code execution vulnerability affecting Adobe ColdFusion ..."
Link: https://attackerkb.com/assessments/2093f32c-29b0-4a2f-b0a3-b38bb9e950c9
Topic description: "ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user ..."
"[CVE-2024-41874](https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html) is described as a critical unauthenticated remote code execution vulnerability affecting Adobe ColdFusion ..."
Link: https://attackerkb.com/assessments/2093f32c-29b0-4a2f-b0a3-b38bb9e950c9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-36401
Topic description: "GeoServer is an open source server that allows users to share and edit geospatial data ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/1621d3f4-5531-4bc9-a499-285f6e252c7b
Topic description: "GeoServer is an open source server that allows users to share and edit geospatial data ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/1621d3f4-5531-4bc9-a499-285f6e252c7b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-45519
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"This is one of a [list of vulnerabilities](https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories) disclosed in Synacor's Zimbra Collaboration Suite recently — this particular issue lies in Zimbra's postjournal service and evidently allows for unauthenticated command execution ..."
Link: https://attackerkb.com/assessments/cdb2647d-620f-4987-aad5-477c0b0ac1ad
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"This is one of a [list of vulnerabilities](https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories) disclosed in Synacor's Zimbra Collaboration Suite recently — this particular issue lies in Zimbra's postjournal service and evidently allows for unauthenticated command execution ..."
Link: https://attackerkb.com/assessments/cdb2647d-620f-4987-aad5-477c0b0ac1ad
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-25950
Topic description: "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request ..."
"HAProxy's HTTP/3 implementation fails to block a **malformed HTTP header field name**, and **when deployed in front of a server that incorrectly process this malformed header**, it may be used to conduct an HTTP request/response smuggling attack ..."
Link: https://attackerkb.com/assessments/410b285d-5724-4300-bcc4-603cc4c726ac
Topic description: "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request ..."
"HAProxy's HTTP/3 implementation fails to block a **malformed HTTP header field name**, and **when deployed in front of a server that incorrectly process this malformed header**, it may be used to conduct an HTTP request/response smuggling attack ..."
Link: https://attackerkb.com/assessments/410b285d-5724-4300-bcc4-603cc4c726ac
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-47176
Topic description: "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers ..."
"On September 26, 2024, technical details of a four-vulnerability exploit chain affecting the Common UNIX Printing System (CUPS) [were disclosed](https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/) ..."
Link: https://attackerkb.com/assessments/0db25c11-bd76-45d3-9338-4341b3da0e75
Topic description: "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers ..."
"On September 26, 2024, technical details of a four-vulnerability exploit chain affecting the Common UNIX Printing System (CUPS) [were disclosed](https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/) ..."
Link: https://attackerkb.com/assessments/0db25c11-bd76-45d3-9338-4341b3da0e75
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-45195
Topic description: "Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. ..."
"[Apache OFBiz](https://ofbiz.apache.org/) is an open-source web-based enterprise resource planning and customer relationship management suite ..."
Link: https://attackerkb.com/assessments/33abbf06-f2b3-4792-9a9c-bca92ea20fd9
Topic description: "Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. ..."
"[Apache OFBiz](https://ofbiz.apache.org/) is an open-source web-based enterprise resource planning and customer relationship management suite ..."
Link: https://attackerkb.com/assessments/33abbf06-f2b3-4792-9a9c-bca92ea20fd9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-7029
Topic description: "Commands can be injected over the network and executed without authentication. ..."
"**TL;DR:** Unpatched command injection vulnerability in an end-of-life IP camera, being exploited to drop a Mirai botnet malware variant ..."
Link: https://attackerkb.com/assessments/b1fb9ef3-b8b1-4bab-9942-179341ec4cbc
Topic description: "Commands can be injected over the network and executed without authentication. ..."
"**TL;DR:** Unpatched command injection vulnerability in an end-of-life IP camera, being exploited to drop a Mirai botnet malware variant ..."
Link: https://attackerkb.com/assessments/b1fb9ef3-b8b1-4bab-9942-179341ec4cbc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-45249
Topic description: "Remote command execution due to use of default passwords ..."
"On 24 July, Acronis published the security advisory [SEC-6452: Remote command execution due to use of default passwords](https://security-advisory.acronis.com/advisories/SEC-6452) where default passwords are exploited to gain admin access to the Acronis Cyber Infrastructure ..."
Link: https://attackerkb.com/assessments/11c1c3e7-7035-4201-85d8-100b3c567e5b
Topic description: "Remote command execution due to use of default passwords ..."
"On 24 July, Acronis published the security advisory [SEC-6452: Remote command execution due to use of default passwords](https://security-advisory.acronis.com/advisories/SEC-6452) where default passwords are exploited to gain admin access to the Acronis Cyber Infrastructure ..."
Link: https://attackerkb.com/assessments/11c1c3e7-7035-4201-85d8-100b3c567e5b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-42115
Topic description: "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability ..."
" - Vulnerability Type: Service-specific security vulnerability ..."
Link: https://attackerkb.com/assessments/16ed4828-fca4-450f-a37e-882f1c766c8d
Topic description: "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability ..."
" - Vulnerability Type: Service-specific security vulnerability ..."
Link: https://attackerkb.com/assessments/16ed4828-fca4-450f-a37e-882f1c766c8d
0
0
0