#vulnerability

Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data.

### Summary Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using `file:../../../etc/passwd` or `file: ///etc/passwd` can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. ### Details The check in this line of code is insufficient. ``` if re.search(r'^file:/', url.strip(), re.IGNORECASE): ``` The attacker can still bypass this by using: -`file:../../../../etc/passwd` -`file: ///etc/passwd` (with space before /) ### PoC - Open up a changedetection.io instance with a webdriver configured. - Create a new watch with `file:../../../../etc/passwd`. - Check the watch preview. - The contents of `/etc/passwd` should pop out. ### Screenshots ![image](https://github.com/user-attachme...

Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.

The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'variant' HTTP POST parameter called by the clearProjectConfigurationAjax.php script.

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by calendarUpdate.php script.

The BMS/BAS controller suffers from an arbitrary file deletion vulnerability. Input passed to the 'variant' parameter in clearProjectConfigurationAjax.php is not properly sanitised before being used to delete files. This can be exploited by an authenticated attacker to delete files with root permissions using directory traversal sequences passed within the affected POST parameter.

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'variant' HTTP POST parameter called by the clearProjectConfigurationAjax.php script.

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by calendarUpdate.php script.

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg