Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-41012: Command Execution Vulnerability in China Mobile Intelligent Home Gateway HG6543C4 Identity verification has design flaws

An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism.

CVE
#vulnerability#web#mac#intel#auth
CVE-2023-41108: Sicherheitsschwachstellen im tef-Händlerportal (SYSS-2023-020/-021)

TEF portal 2023-07-17 is vulnerable to authenticated remote code execution.

The Strange Afterlife of Wagner’s Yevgeny Prigozhin

Posts praising the Wagner Group boss following his death in a mysterious plane crash last month indicate he was still in control of his "troll farm," researchers claim.

GHSA-2pxw-r47w-4p8c: Privilege Escalation on Linux/MacOS

### Impact An attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. ### Patches ``` commit 67f4ba154a27a1b06e48bfabda38355a010dfca5 Author: Aditya Manthramurthy <[email protected]> Date: Sun Mar 19 21:15:20 2023 -0700 fix: post policy request security bypass (#16849) ``` ### Workarounds Browser API access must be enabled turning off `MINIO_BROWSER=off` allows for this workaround. ### References The vulnerable code: ```go // minio/cmd/generic-handlers.go func setRequestValidityHandler(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // ... // For all other requests reject access to reserved buckets bucketName, _ := request2BucketObjectName(r) if isMinioReservedBucket(buc...

CVE-2023-4480: CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusion File Manager

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation. 

WordPress Media Library Assistant 3.09 LFI / Remote Code Execution

WordPress Media Library Assistant plugin versions prior to 3.10 are affected by an unauthenticated remote reference to Imagick() conversion which allows attacker to perform local file inclusion and remote code execution depending on the Imagick configuration on the remote server.

Hikvision Access Control Session Hijacking

Remote attackers can steal valid authentication session identifiers of Hikvision Access Control/Intercom Products. This is possible because a remote attacker can create a session identifier without restrictions. If an attacker requests a session ID at the same time as a valid user, the attacker receives the identical session ID. This session ID is immediately recognized as valid after successful authentication of the correct user.

Red Hat Security Advisory 2023-4961-01

Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

Internet Radio auna IR-160 SE UIProto DoS / XSS / Missing Authentication

Internet Radio auna IR-160 SE using the UIProto firmware suffers from missing authentication, cross site scripting, and denial of service vulnerabilities.

AtlasVPN Linux Client 1.0.3 IP Leak

Remote disconnect exploit for AtlasVPN Linux client version 1.0.3 that will allow a remote website to extract a client's real IP address.