AttackerKB
attackerkb
New assessment for topic: CVE-2024-21413
Topic description: "Microsoft Outlook Remote Code Execution Vulnerability ..."
"By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file ..."
Link: https://www.attackerkb.com/assessments/fe6b7788-e442-4032-883f-8fb416a4f8b1
Topic description: "Microsoft Outlook Remote Code Execution Vulnerability ..."
"By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file ..."
Link: https://www.attackerkb.com/assessments/fe6b7788-e442-4032-883f-8fb416a4f8b1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-2054
Topic description: "The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/e73cbea0-774c-46e7-bf40-d0a988c026f6
Topic description: "The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/e73cbea0-774c-46e7-bf40-d0a988c026f6
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-31791
Topic description: "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/514c3424-a21c-429d-999f-b5d46b0e3762
Topic description: "WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/514c3424-a21c-429d-999f-b5d46b0e3762
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-27199
Topic description: "In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible ..."
"CVE-2024-27199, allows for a limited amount of information disclosure and a limited amount of system modification, including the ability for an unauthenticated attacker to replace the HTTPS certificate in a vulnerable TeamCity server with a certificate of the attacker's choosing. ..."
Link: https://www.attackerkb.com/assessments/343cb821-e285-4854-8351-5429e90e1d73
Topic description: "In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible ..."
"CVE-2024-27199, allows for a limited amount of information disclosure and a limited amount of system modification, including the ability for an unauthenticated attacker to replace the HTTPS certificate in a vulnerable TeamCity server with a certificate of the attacker's choosing. ..."
Link: https://www.attackerkb.com/assessments/343cb821-e285-4854-8351-5429e90e1d73
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-27198
Topic description: "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible ..."
"CVE-2024-27198, allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker, including unauthenticated RCE ..."
Link: https://www.attackerkb.com/assessments/3a990b09-ee98-4f26-8bdb-8aaa27da4b44
Topic description: "In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible ..."
"CVE-2024-27198, allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker, including unauthenticated RCE ..."
Link: https://www.attackerkb.com/assessments/3a990b09-ee98-4f26-8bdb-8aaa27da4b44
0
2
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-27198
"CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288) and has a CVSS base score of 9.8 (Critical). ..."
Link: https://www.attackerkb.com/topics/272a41fd-6e6b-4bf6-8544-0481382e8b2b
"CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288) and has a CVSS base score of 9.8 (Critical). ..."
Link: https://www.attackerkb.com/topics/272a41fd-6e6b-4bf6-8544-0481382e8b2b
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-27199
"CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22) and has a CVSS base score of 7.3 (High). ..."
Link: https://www.attackerkb.com/topics/7f1c8d00-ae08-447b-86b6-756b2e89da2b
"CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22) and has a CVSS base score of 7.3 (High). ..."
Link: https://www.attackerkb.com/topics/7f1c8d00-ae08-447b-86b6-756b2e89da2b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-26318
Topic description: "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786 ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/dca1d0dc-daa6-452b-90a2-292308a1405d
Topic description: "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786 ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/dca1d0dc-daa6-452b-90a2-292308a1405d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-21423
Topic description: "Microsoft Edge (Chromium-based) Information Disclosure Vulnerability ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/b7e7584c-f44e-41d4-a2f9-20eeefab2d9e
Topic description: "Microsoft Edge (Chromium-based) Information Disclosure Vulnerability ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/b7e7584c-f44e-41d4-a2f9-20eeefab2d9e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-23334
Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/3ba6ec55-2c39-4110-9841-7fa7d61e3410
Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/3ba6ec55-2c39-4110-9841-7fa7d61e3410
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-23334
Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."
" web.static("/static", "static/", follow_symlinks=True), # Remove follow_symlinks to avoid the vulnerability ..."
Link: https://www.attackerkb.com/assessments/98db16f7-5369-4174-8e63-36fc1b244d45
Topic description: "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python ..."
" web.static("/static", "static/", follow_symlinks=True), # Remove follow_symlinks to avoid the vulnerability ..."
Link: https://www.attackerkb.com/assessments/98db16f7-5369-4174-8e63-36fc1b244d45
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-1548
Topic description: "A website could have obscured the fullscreen notification by using a dropdown select input element ..."
"I reckon we got ourselves a CVE on our hands – CVE-2024-1548, ya see? This little critter's been sneaky, messin' with Firefox, Thunderbird, and them ESR versions ..."
Link: https://www.attackerkb.com/assessments/b3b020c7-dcf3-434d-88f0-ef5a724ae504
Topic description: "A website could have obscured the fullscreen notification by using a dropdown select input element ..."
"I reckon we got ourselves a CVE on our hands – CVE-2024-1548, ya see? This little critter's been sneaky, messin' with Firefox, Thunderbird, and them ESR versions ..."
Link: https://www.attackerkb.com/assessments/b3b020c7-dcf3-434d-88f0-ef5a724ae504
1
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-1709
Topic description: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel ..."
"Based on writing the [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/18870) for this vulnerability, I have rated the exploitability as very high, as leveraging CVE-2203-1709 to create a new administrator account is trivial ..."
Link: https://www.attackerkb.com/assessments/082b6adc-c4e1-4ebd-9fc0-3a4afeb73892
Topic description: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel ..."
"Based on writing the [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/18870) for this vulnerability, I have rated the exploitability as very high, as leveraging CVE-2203-1709 to create a new administrator account is trivial ..."
Link: https://www.attackerkb.com/assessments/082b6adc-c4e1-4ebd-9fc0-3a4afeb73892
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-47218
Topic description: "An OS command injection vulnerability has been reported to affect several QNAP operating system versions ..."
"An unauthenticated command injection vulnerability exists in the `quick.cgi` component of the web administration server for QNAP QTS and QuTS Hero operating systems, used by numerous QNAP NAS devices ..."
Link: https://www.attackerkb.com/assessments/361bb4d2-f43a-4b49-aba7-8cfba4d74d75
Topic description: "An OS command injection vulnerability has been reported to affect several QNAP operating system versions ..."
"An unauthenticated command injection vulnerability exists in the `quick.cgi` component of the web administration server for QNAP QTS and QuTS Hero operating systems, used by numerous QNAP NAS devices ..."
Link: https://www.attackerkb.com/assessments/361bb4d2-f43a-4b49-aba7-8cfba4d74d75
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-20328
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"ClamAV is a open-source antivirus engine that has been around for the past 21 years and runs on many different operating systems including for AIX, BSD, HP-UX, Linux, macOS, OpenVMS, OSF, Solaris and Haiku and as of version 0.97.5, ClamAV builds and runs on Microsoft Windows ..."
Link: https://www.attackerkb.com/assessments/3fd6ffcf-dc4d-4c0c-8ed7-dac98ebde64e
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"ClamAV is a open-source antivirus engine that has been around for the past 21 years and runs on many different operating systems including for AIX, BSD, HP-UX, Linux, macOS, OpenVMS, OSF, Solaris and Haiku and as of version 0.97.5, ClamAV builds and runs on Microsoft Windows ..."
Link: https://www.attackerkb.com/assessments/3fd6ffcf-dc4d-4c0c-8ed7-dac98ebde64e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-20931
Topic description: "In the latest official January 2024 patch released by Oracle, a remote command execution vulnerability CVE-2024-20931 based on the Weblogic T3\IIOP protocol has been fixed ..."
"In early 2023 a vulnerability was found in the Oracle WebLogic IIOP/T3 protocol ..."
Link: https://www.attackerkb.com/assessments/c741fce5-764f-4c32-a646-1fb167423e6d
Topic description: "In the latest official January 2024 patch released by Oracle, a remote command execution vulnerability CVE-2024-20931 based on the Weblogic T3\IIOP protocol has been fixed ..."
"In early 2023 a vulnerability was found in the Oracle WebLogic IIOP/T3 protocol ..."
Link: https://www.attackerkb.com/assessments/c741fce5-764f-4c32-a646-1fb167423e6d
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-24942
Topic description: "In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives ..."
"If we decompile and diff the REST API from TeamCity 2023.11.2 (`C:\TeamCity\webapps\ROOT\WEB-INF\plugins\rest-api\server\rest-api-2023.09-147486.jar`) against TeamCity 2023.11.3 (`C:\TeamCity\webapps\ROOT\WEB-INF\plugins\rest-api\server\rest-api-2023.09-147512.jar`), we can see the `SwaggerUI` class has been modified. ..."
Link: https://www.attackerkb.com/assessments/25397f72-670e-4ef4-a19b-2a3a55120d18
Topic description: "In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives ..."
"If we decompile and diff the REST API from TeamCity 2023.11.2 (`C:\TeamCity\webapps\ROOT\WEB-INF\plugins\rest-api\server\rest-api-2023.09-147486.jar`) against TeamCity 2023.11.3 (`C:\TeamCity\webapps\ROOT\WEB-INF\plugins\rest-api\server\rest-api-2023.09-147512.jar`), we can see the `SwaggerUI` class has been modified. ..."
Link: https://www.attackerkb.com/assessments/25397f72-670e-4ef4-a19b-2a3a55120d18
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2023-41179
Topic description: "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. ..."
"This was [disclosed as 0day](https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US) in September 2023 and then kind of never spoken of again, true to form for Trend Micro product 0days ([exhibit 1](https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US), [exhibit 2](https://www.zdnet.com/article/two-trend-micro-zero-days-exploited-in-the-wild-by-hackers/), [exhibit 3](https://success.trendmicro.com/dcx/s/solution/000151730-SECURITY-BULLETIN-Trend-Micro-OfficeScan-Arbitrary-File-Upload-with-Directory-Traversal-Vulnerability?language=en_US)) ..."
Link: https://www.attackerkb.com/assessments/3de957ef-5820-4be5-ae16-3102d27f3df9
Topic description: "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. ..."
"This was [disclosed as 0day](https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US) in September 2023 and then kind of never spoken of again, true to form for Trend Micro product 0days ([exhibit 1](https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US), [exhibit 2](https://www.zdnet.com/article/two-trend-micro-zero-days-exploited-in-the-wild-by-hackers/), [exhibit 3](https://success.trendmicro.com/dcx/s/solution/000151730-SECURITY-BULLETIN-Trend-Micro-OfficeScan-Arbitrary-File-Upload-with-Directory-Traversal-Vulnerability?language=en_US)) ..."
Link: https://www.attackerkb.com/assessments/3de957ef-5820-4be5-ae16-3102d27f3df9
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-22024
Topic description: "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication. ..."
"An HTTP POST request towards /dana-na/auth/saml-sso.cgi using the SAMLRequest as the vehicle with a base64 decoded XXE payload works and is already observed being abused in the wild. ..."
Link: https://www.attackerkb.com/assessments/e3572615-0a93-4e5b-a181-432316d5c6d3
Topic description: "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication. ..."
"An HTTP POST request towards /dana-na/auth/saml-sso.cgi using the SAMLRequest as the vehicle with a base64 decoded XXE payload works and is already observed being abused in the wild. ..."
Link: https://www.attackerkb.com/assessments/e3572615-0a93-4e5b-a181-432316d5c6d3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2020-17482
Topic description: "An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/fde87f20-64d4-4e1c-a272-106f3b74a629
Topic description: "An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/fde87f20-64d4-4e1c-a272-106f3b74a629
0
0
0