Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

CVE-2023-24903: Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Microsoft Security Response Center
Open in Source
#vulnerability#web#windows#microsoft#rce#Windows Secure Socket Tunneling Protocol (SSTP)#Security Vulnerability
CVE-2023-28283: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2023-24941: Windows Network File System Remote Code Execution Vulnerability

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation: This vulnerability is not exploitable in NFSV2.0 or NFSV3.0. Prior to updating your version of Windows that protects against this vulnerability, you can mitigate an attack by disabling NFSV4.1. This could adversely affect your ecosystem and should only be used as a temporary mitigation. **Warning** You should NOT apply this mitigation unless you have installed the May 2022 Windows security updates. Those updates address CVE-2022-26937 which is a Critical vulnerability in NFSV2.0 and NFSV3.0. The following PowerShell command will disable those versions: PS C:\Set-NfsServerConfiguration -EnableNFSV4 $false After running the command, you will need to restart NFS server or reboot the machine. To restart NFS server, start a **cmd** window with...

CVE-2023-24943: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** When Windows Message Queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.

CVE-2023-30237: Bullied by Bugcrowd over Kape CyberGhost disclosure

CyberGhostVPN Windows Client before v8.3.10.10015 was discovered to contain a DLL injection vulnerability via the component Dashboard.exe.

CVE-2023-29693: fengsha/SetTftpUpgrad.md at main · Stevenbaga/fengsha

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad.

CVE-2023-29696: fengsha/aVersionSet.md at main · Stevenbaga/fengsha

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set.

CVE-2021-28998: CVE/File_upload_to_RCE.md at master · beerpwn/CVE

File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.

Ransomware review: May 2023

LockBit maintained its position as the top ransomware attacker and was also observed expanding into the Mac space. (Read more...) The post Ransomware review: May 2023 appeared first on Malwarebytes Labs.