Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

CVE-2022-27930: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.

CVE
Open in Source
#vulnerability#web#microsoft#linux#dos#apache#rce#perl#auth#ssl
CVE-2022-27932: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

GHSA-fr75-x856-q6j8: Octobot before 0.4.4 mishandles Tentacles upload

WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.

CVE-2021-36711: Sashimi Evil OctoBot Tentacle ≈ Packet Storm

WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo

New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain

Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices.  "Since this service is typically executed with extensive privileges in an Active Directory environment, the attacker would likely be able to compromise the Active Directory domain," Bishop Fox said in an

GHSA-hwqr-f3v9-hwxr: Workers for local Dask clusters mistakenly listened on public interfaces

Versions of `distributed` earlier than `2021.10.0` had a potential security vulnerability relating to single-machine Dask clusters. Clusters started with `dask.distributed.LocalCluster` or `dask.distributed.Client()` (which defaults to using `LocalCluster`) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on `localhost`. A Dask cluster created using this method AND running on a machine that has these ports exposed could be used by a sophisticated attacker to enable remote code execution. Users running on machines with standard firewalls in place, or using clusters created via cluster objects other than `LocalCluster` (e.g. `dask_kubernetes.KubeCluster`) should not be affected. This vulnerability is documented in CVE-2021-42343, and was fixed in version `2021.10.0` (PR #5427).

CVE-2022-31161

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.

CVE-2022-32417: PbootCMS v3.1.2 remote code execution · Issue #1 · Snakinya/Vuln

PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.

Elden Ring maker Bandai Namco hit by ransomware and data leaks

We take a look at a major ransomware attack impacting video game giant Bandai Namco, laced with the potential threat of data leakage. The post Elden Ring maker Bandai Namco hit by ransomware and data leaks appeared first on Malwarebytes Labs.