May 17, 2024Newsroom Vulnerabilities / Network Security
Here is the checklist of vulnerabilities:
CVE-2014-100005 – Cross-site request forgery (CSRF) vulnerability affecting the D-Link DIR-600 router permits an attacker to hijack an current administrator session and alter the router’s configuration. CVE-2021-40655 – Information disclosure vulnerability affecting D-Link DIR-600 router – Allows an attacker to acquire usernames and passwords by forging an HTTP POST request to the /getcfg.php web page Link the DIR-605 router.
Although particulars about how these flaws could possibly be exploited within the wild are at the moment unknown, federal companies are required to use vendor-provided mitigations by June 6, 2024.
This improvement comes after the SSD Secure Disclosure workforce revealed an unpatched safety difficulty within the DIR-X4860 router. This difficulty might enable a distant, unauthenticated attacker to entry her HNAP port to be able to acquire elevated permissions and execute instructions as root.
SSD Secure Disclosure additionally made out there a proof of idea (PoC) exploit. It makes use of a specifically crafted HNAP login request to the router’s administration interface to bypass authentication safety and leverage a command injection vulnerability to execute code.
Ivanti patches a number of flaws in Endpoint Manager Mobile (EPMM)
Cybersecurity researchers have additionally launched a PoC exploit for a brand new vulnerability in Ivanti EPMM (CVE-2024-22026, CVSS rating: 6.7). This might probably enable an authenticated native person to bypass shell restrictions and execute arbitrary instructions on the equipment.
“This vulnerability permits a neighborhood attacker to take advantage of the software program replace course of utilizing a malicious RPM package deal from a distant URL to realize root entry to the system,” stated Brian Smith of Redline Cyber Security. It turns into attainable.”
This difficulty is because of inadequate validation of the set up command within the EPMM command-line interface, which might enable the command to fetch arbitrary RPM packages from user-specified URLs with out verifying their authenticity. .
CVE-2024-22026 impacts all variations of EPMM previous to 12.1.0.0. Also patched by Ivanti are two different SQL injection flaws (CVE-2023-46806 and CVE-2023-46807, CVSS rating: 6.7) that enable authenticated customers with applicable privileges to It could also be attainable to entry or modify information within the underlying database.
Although there is no such thing as a proof that these flaws have been exploited, we advocate updating to the newest model to mitigate potential threats.
Did you discover this text attention-grabbing? Follow us Twitter ○ You can learn extra unique content material from us on LinkedIn.
Source hyperlink