#vulnerability

### Summary There is a `ReDoS vulnerability risk` in the system, specifically when administrators create `notification` through the web service(`pushdeer` and `whapi`). If a string is provided that triggers catastrophic backtracking in the regular expression, it may lead to a ReDoS attack. ### Details The regular expression` \/*$\` is used to match zero or more slashes `/` at the end of a URL. When a malicious attack string appends a large number of slashes `/` and a non-slash character at the end of the URL, the regular expression enters a backtracking matching process. During this process, the regular expression engine starts checking each slash from the first one, continuing until it encounters the last non-slash character. Due to the greedy matching nature of the regular expression, this process repeats itself, with each backtrack checking the next slash until the last slash is checked. This backtracking process consumes significant CPU resources. ```js .replace(/\/*$/, "") ``` Fo...

The Ksenia home automation and burglar alarm system has a security flaw where the PIN required to disable the alarm is exposed in the 'basisInfo' XML file after initial authentication, allowing attackers who gain access to this file to bypass security measures. This design flaw enables unauthorized individuals to both disable the alarm system and manipulate smart home devices by simply retrieving the PIN from the server response, effectively rendering the security system useless since the supposedly secret PIN is easily obtainable once an attacker reaches the authenticated state. The system should never expose sensitive codes in API responses and should implement proper multi-factor authentication for critical functions like alarm deactivation.

The device provides access to an unprotected endpoint, enabling the upload of MPFS File System binary images. Authenticated attackers can exploit this vulnerability to overwrite the flash program memory containing the web server's main interfaces, potentially leading to arbitrary code execution.

Input passed via the 'redirectPage' GET parameter in 'cmdOk.xml' script is not properly verified before being used to redirect users. This can be exploited to redirect an authenticating user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

Ksenia Lares uses a weak set of default administrative credentials that can be found and used to gain full control of the system.

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected

In this podcast, Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity.

If you're using AWS, it's easy to assume your cloud security is handled - but that's a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer’s responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it's up to the customer to handle the locks, install the alarm systems,

Download Talos' 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.