#remote-code-execution

[ follow ]
#security-vulnerability

Doomsday 9.9 unauthenticated RCE bug affects all Linux

A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.

D-Link says replace vulnerable routers or risk pwnage

Users of older D-Link VPN routers should replace their devices to avoid critical security vulnerabilities.
The vulnerability allows for remote code execution without authentication, raising significant security concerns.

Doomsday 9.9 unauthenticated RCE bug affects all Linux

A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.

D-Link says replace vulnerable routers or risk pwnage

Users of older D-Link VPN routers should replace their devices to avoid critical security vulnerabilities.
The vulnerability allows for remote code execution without authentication, raising significant security concerns.
moresecurity-vulnerability
#vulnerability

Zero Day Initiative - CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

Ivanti Avalanche, an enterprise mobility management program, has recently been patched for a remote code execution vulnerability.
Successful exploitation of the vulnerability could allow an authenticated attacker to execute code in the context of SYSTEM.

Critical OpenSSH vulnerability threatens millions of Linux systems

A severe vulnerability in OpenSSH's server (sshd) (CVE-2024-6387) allows remote unauthenticated code execution, impacting millions of Linux systems worldwide.

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

A critical vulnerability known as '0.0.0.0 Day' impacts major web browsers, allowing malicious sites to breach local networks.

First OpenSSH vulnerability in nearly two decades leaves over 14 million servers potentially at risk

Over 14 million OpenSSH servers face a critical security flaw, CVE-2024-6387, allowing unauthenticated remote code execution.

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

A critical vulnerability in the GiveWP plugin could expose over 100,000 websites to remote code execution attacks, necessitating an urgent update.

Critical Zimbra RCE now mass-exploited, experts say

Urgent patches are needed for critical vulnerabilities in Zimbra mail servers due to ongoing mass exploitation.

Zero Day Initiative - CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

Ivanti Avalanche, an enterprise mobility management program, has recently been patched for a remote code execution vulnerability.
Successful exploitation of the vulnerability could allow an authenticated attacker to execute code in the context of SYSTEM.

Critical OpenSSH vulnerability threatens millions of Linux systems

A severe vulnerability in OpenSSH's server (sshd) (CVE-2024-6387) allows remote unauthenticated code execution, impacting millions of Linux systems worldwide.

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

A critical vulnerability known as '0.0.0.0 Day' impacts major web browsers, allowing malicious sites to breach local networks.

First OpenSSH vulnerability in nearly two decades leaves over 14 million servers potentially at risk

Over 14 million OpenSSH servers face a critical security flaw, CVE-2024-6387, allowing unauthenticated remote code execution.

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

A critical vulnerability in the GiveWP plugin could expose over 100,000 websites to remote code execution attacks, necessitating an urgent update.

Critical Zimbra RCE now mass-exploited, experts say

Urgent patches are needed for critical vulnerabilities in Zimbra mail servers due to ongoing mass exploitation.
morevulnerability
#vulnerabilities

Zero Day Initiative - CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections

CVE-2024-38213 allows bypassing Windows mark-of-the-web protections leading to remote code execution via WebDAV shares.

Microsoft offers updates on 117 vulnerabilities on Patch Tuesday

Microsoft released updates addressing 117 vulnerabilities, including two actively exploited threats that pose significant risks to users.

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

As many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.

CISA issues warning about another Ivanti flaw under active attack | TechCrunch

The U.S. government warns of active exploitation of Ivanti Endpoint Manager vulnerabilities.

Atlassian Confluence Server RCE attacks underway

600 IP addresses are launching thousands of exploit attempts against a critical bug in Atlassian Confluence Data Center and Server.
More than 11,000 instances of Confluence remain exposed on the internet, and criminals are attempting remote code execution attacks.

Patch Tuesday: 6 Microsoft fixes for flaws already exploited

Microsoft disclosed 90 vulnerabilities in August Patch Tuesday, with six actively exploited, reflecting significant cybersecurity risks.

Zero Day Initiative - CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections

CVE-2024-38213 allows bypassing Windows mark-of-the-web protections leading to remote code execution via WebDAV shares.

Microsoft offers updates on 117 vulnerabilities on Patch Tuesday

Microsoft released updates addressing 117 vulnerabilities, including two actively exploited threats that pose significant risks to users.

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

As many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.

CISA issues warning about another Ivanti flaw under active attack | TechCrunch

The U.S. government warns of active exploitation of Ivanti Endpoint Manager vulnerabilities.

Atlassian Confluence Server RCE attacks underway

600 IP addresses are launching thousands of exploit attempts against a critical bug in Atlassian Confluence Data Center and Server.
More than 11,000 instances of Confluence remain exposed on the internet, and criminals are attempting remote code execution attacks.

Patch Tuesday: 6 Microsoft fixes for flaws already exploited

Microsoft disclosed 90 vulnerabilities in August Patch Tuesday, with six actively exploited, reflecting significant cybersecurity risks.
morevulnerabilities
#data-security

700K+ DrayTek routers are sitting ducks on the internet

A critical vulnerability in DrayTek routers could allow remote-code execution, risking sensitive data and system integrity.

AWS 'Bucket Monopoly' attacks could allow account takeover

Critical flaws in AWS services allowed remote code execution and account takeover, fixed by AWS after Aqua Security's research.

700K+ DrayTek routers are sitting ducks on the internet

A critical vulnerability in DrayTek routers could allow remote-code execution, risking sensitive data and system integrity.

AWS 'Bucket Monopoly' attacks could allow account takeover

Critical flaws in AWS services allowed remote code execution and account takeover, fixed by AWS after Aqua Security's research.
moredata-security
#security-vulnerabilities

Printing vulnerability affecting Linux distros raises alarm | Computer Weekly

The newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Traccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.

Printing vulnerability affecting Linux distros raises alarm | Computer Weekly

The newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Traccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.
moresecurity-vulnerabilities

Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 3 - DLL Loading Chain for RCE

The article explains a chain of vulnerabilities in Microsoft Exchange that lead to remote code execution.
#microsoft

Critical SharePoint, Qakbot-linked flaws focus of May Patch Tuesday | Computer Weekly

The critical vulnerability on Microsoft SharePoint Server and two zero-day flaws in Windows should be addressed immediately by administrators.

September Patch Tuesday: Update before 1 October | Computer Weekly

Microsoft has issued critical fixes for multiple remote code vulnerabilities in its September 2024 update, indicating urgency for users to patch their systems.

Critical SharePoint, Qakbot-linked flaws focus of May Patch Tuesday | Computer Weekly

The critical vulnerability on Microsoft SharePoint Server and two zero-day flaws in Windows should be addressed immediately by administrators.

September Patch Tuesday: Update before 1 October | Computer Weekly

Microsoft has issued critical fixes for multiple remote code vulnerabilities in its September 2024 update, indicating urgency for users to patch their systems.
moremicrosoft

PoCcode released for zero-click Windows critical vuln

Windows users must install the latest patches swiftly to protect against CVE-2024-38063, a critical vulnerability that allows remote code execution.

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

Sonos smart speakers have vulnerabilities that could allow remote code execution and covert audio capture by hackers.

Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, enabling unauthorized remote code execution and system compromise.
The vulnerabilities are being actively exploited by a Chinese nation-state threat actor called UTA0178.
#organizations

Chinese APT Uses New 'Stack Rumbling' Technique to Disable Security Software

A subgroup of the Chinese state-sponsored threat actor known as APT41 has been observed using a new denial-of-service (DoS) technique to disable security software, cybersecurity firm Trend Micro reports.Tracked as Earth Longzhi, the APT41 subgroup is known for the targeting of organizations in the Philippines, Taiwan, and Thailand.

US govt web server attacked by 'multiple' criminal gangs

Multiple criminals, including at least one nation-state group, broke into a US federal government agency's Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution.The snafu happened between November 2022 and early January, according to a joint alert from the FBI, CISA, and America's Multi-State Information Sharing and Analysis Center (MS-ISAC) this week.

Chinese APT Uses New 'Stack Rumbling' Technique to Disable Security Software

A subgroup of the Chinese state-sponsored threat actor known as APT41 has been observed using a new denial-of-service (DoS) technique to disable security software, cybersecurity firm Trend Micro reports.Tracked as Earth Longzhi, the APT41 subgroup is known for the targeting of organizations in the Philippines, Taiwan, and Thailand.

US govt web server attacked by 'multiple' criminal gangs

Multiple criminals, including at least one nation-state group, broke into a US federal government agency's Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution.The snafu happened between November 2022 and early January, according to a joint alert from the FBI, CISA, and America's Multi-State Information Sharing and Analysis Center (MS-ISAC) this week.
moreorganizations

Google adds account sync for Authenticator, without E2EE

in brief You may have heard news this week that Google is finally updating its authenticator app to add Google account synchronization.Before you rush to ensure your two-factor secrets are safe in the event you lose your device, take heed: The sync process isn't end-to-end encrypted.The lack of synchronization encryption was pointed out in a tweet by two-man developer and security research team Mysk, which said it found the problem by analyzing network traffic during the secret-syncing process.

POC exploit code published for critical Apache HugeGraph bug

Upgrade to Apache HugeGraph 1.3.0 to address critical CVE-2024-27348 bug with remote code execution potential.

Over 14M servers may be vulnerable to OpenSSH's regreSSHion RCE flaw. Here's what you need to do

A critical vulnerability dubbed 'regreSSHion' in OpenSSH (CVE-2024-6387) allows unauthenticated remote code execution, posing a serious threat to Linux systems.

Patch now: 'Easy-to-exploit' RCE in open source Ollama

A vulnerability in Ollama allowed remote code execution, affecting over 1,000 instances. Wiz Research disclosed CVE-2024-37032, fixed in version 0.1.34.
Ollama's vulnerability stemmed from insufficient validation on the server side of its REST API, enabling attackers to trigger API endpoints for remote code execution.
[ Load more ]