Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

About the Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575) vulnerability

About the Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575) vulnerability. FortiManager is a centralized solution for configuring, enforcing policies, updating, and monitoring Fortinet network devices. 🔻 The vulnerability was released on October 23. A missing authentication for critical function in the FortiManager fgfmd (FortiGate-to-FortiManager) daemon allows remote attacker to execute arbitrary code or commands via […]

Alexander V. Leonov
Open in Source
#vulnerability#rce#auth#blog
GHSA-hrxh-9w67-g4cv: Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

### **tl;dr:** unprivileged user creates a symlink to /etc/sudoers, /etc/shadow or similar and waits for a privileged user or process to copy/backup/mirror users data (using `--links` and `--metadata`). unprivileged user now owns /etc/sudoers. ### Summary Insecure handling of symlinks with `--links` and `--metadata` in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files (e.g., /etc/shadow), compromising system integrity, confidentiality, and availability. For instance, an unprivileged user could set a symlink to a sensitive file within their home directory, waiting for an administrator or automated process (e.g., a cron job running with elevated privileges) to copy their files with rclone using the --links and --metadata options. Upon copying, rclo...

Russian Ransomware Gangs on the Hunt for Pen Testers

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

GHSA-m5vv-7jxc-8p6x: Redaxo Core CMS Cross Site Scripting (XSS)

The mediapool feature of the Redaxo Core CMS application v 5.17.1 is vulnerable to Cross Site Scripting(XSS) which allows a remote attacker to escalate privileges.

'Phobos' Ransomware Cybercriminal Extradited From South Korea

According to the unsealed criminal charges, the operation is believed to have running for nearly four years.

Salt Typhoon Hits T-Mobile as Part of Telecom Attack Spree

The company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals.

WordPress Really Simple Security Authentication Bypass

WordPress Really Simple Security plugin versions prior to 9.1.2 proof of concept authentication bypass exploit.

Palo Alto PAN-OS Authentication Bypass / Remote Command Execution

Proof of concept code to exploit an authentication bypass in Palo Alto's PAN-OS that is coupled with remote command execution.

We Can Do Better Than Free Credit Monitoring After a Breach

Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail.

Free AI editor lures in victims, installs information stealer instead on Windows and Mac

A widespread social media campaign for EditProAI turns out to spread information stealers for both Windows and MacOS users.