Security
Headlines
HeadlinesLatestCVEs

Tag

#nginx

CVE-2021-31584: Sipwise C5 NGCP CSC Cross Site Request Forgery ≈ Packet Storm

Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges.

CVE
#csrf#vulnerability#web#debian#apache#php#nginx
CVE-2021-31583: Sipwise C5 NGCP CSC Cross Site Scripting ≈ Packet Storm

Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform version NGCP CE 3.0 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: Stored XSS in callforward/time/set/save (POST tsetname); Reflected XSS in addressbook (GET filter); Stored XSS in addressbook/save (POST firstname, lastname, company); and Reflected XSS in statistics/versions (GET lang).

CVE-2021-20989: Advisory: Fibaro Home Center - Multiple Vulnerabilities (CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992)

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be used to connect to the web management interface. Knowledge of authorization credentials to the management interface is required to perform any further actions.

CVE-2021-21333: Clean-up the template loading code by clokep · Pull Request #9200 · matrix-org/synapse

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject to HTML injection. In the case of the notification for missed messages, this could allow an attacker to insert forged content into the email. The account expiry feature is not enabled by default and the HTML injection is not controllable by an attacker. This is fixed in version 1.27.0.

CVE-2020-29238: High-Speed, Secure & Anonymous VPN Service | ExpressVPN

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request.

CVE-2021-22877: Wrong (malformed) external storage credentials saved in `oc_storages_credentials` · Issue #24600 · nextcloud/server

A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.

CVE-2021-26563: TALOS-2020-1158 || Cisco Talos Intelligence Group

Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors.

CVE-2020-35416: PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting ≈ Packet Storm

Multiple cross-site scripting (XSS) vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage (with different request parameters), allows remote attackers to inject arbitrary web script or HTML.

CVE-2020-27730

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.