Tag
#vulnerability
By Uzair Amir In today’s ever-evolving cyberspace, organizations face an ever-increasing number of cyber threats. Malicious actors are constantly seeking to… This is a post from HackRead.com Read the original post: Data Security: Leveraging AI for Enhanced Threat Detection and Prevention
### Summary API endpoint `/api/v1/watch/<uuid>/history` can be accessed by any unauthorized user. ### Details WatchHistory resource does not have `@auth.check_token` annotation, which means it can be accessed without providing `x-api-key` header. https://github.com/dgtlmoon/changedetection.io/blob/9510345e01ea8e308c339163d8e8b030ce5ac7f1/changedetectionio/api/api_v1.py#L129-L156 ### PoC 1. Get list of watch with `x-api-key`: ```sh $ curl -H "x-api-key: apikeyhere" http://localhost:5000/api/v1/watch {"uuid": ...} ``` 2. Call for history of snapshots without `x-api-key`. Expected - 401/403 error. Actual - list of snapshots is listed. ```sh $ curl http://localhost:5000/api/v1/watch/uuid/history {"timestamp": "/path/to/snapshot.txt"} ``` ### Impact Anybody can check one's watch history. However, because unauthorized party first needs to know watch UUID, and the watch history endpoint itself returns only paths to the snapshot on the server, an impact on users' data privacy is minima...
### Impact If a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. ### References - https://www.silverstripe.org/download/security-releases/CVE-2023-48714
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Voltronic Power Equipment: ViewPower Pro Vulnerabilities: Deserialization of Untrusted Data, Missing Authentication for Critical Function, Exposed Dangerous Method or Function, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition, obtain administrator credentials, or achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ViewPower Pro, an Uninterruptable Power Supply (UPS) management software, are affected: ViewPower Pro: 2.0-22165 3.2 Vulnerability Overview 3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502 The affected product deserializes untrusted data without sufficiently verifying the resulting data will be valid. CVE-2023-51570 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector stri...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable via adjacent network / low attack complexity Vendor: APsystems Equipment: Energy communication Unit (ECU-C) Power Control Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive data and execute specific commands and functions with full admin rights without authenticating. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following APsystems products are affected: Energy Communication Unit Power Control Software: C1.2.2 Energy Communication Unit Power Control Software: v3.11.4 Energy Communication Unit Power Control Software: W2.1.NA Energy Communication Unit Power Control Software: v4.1SAA Energy Communication Unit Power Control Software: v4.1NA 3.2 Vulnerability Overview 3.2.1 IMPROPER ACCESS CONTROL CWE-284 APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows a...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Westermo Equipment: Lynx 206-F2G Vulnerabilities: Cross-site Scripting, Code Injection, Cross-Origin Resource Sharing, Cleartext Transmission of Sensitive Information, Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access the web application, inject arbitrary code, execute malicious code, obtain sensitive information, or execute a malicious request. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Lynx 206-F2G, a layer three industrial Ethernet switch, are affected: Lynx: Model Version L206-F2G1 Lynx: Firmware Version 4.24. 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site sc...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: XPort Vulnerability: Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of XPort, a device server configuration manager, are affected: XPort Device Server Configuration Manager: Version 2.0.0.13 3.2 Vulnerability Overview 3.2.1 Weak Encoding for Password CWE-261 Lantronix XPort sends weakly encoded credentials within web request headers. CVE-2023-7237 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.7 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Energy, Healthcare, Transportation COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: United States 3.4 RESEARCHER Aarón Flecha Menéndez of S2...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Crestron Equipment: AM-300 Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their privileges to root-level access. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Crestron AirMedia Presentation System products are affected: AM-300: Version 1.4499.00018 3.2 Vulnerability Overview 3.2.1 CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access. CVE-2023-6926 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.4 has been calculated; the CVSS vector string is AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Multiple COUNT...
By Deeba Ahmed TeamViewer has been identified as the access point in two separate ransomware attacks targeting different companies. This is a post from HackRead.com Read the original post: TeamViewer Exploited to Obtain Remote Access, Deploy Ransomware
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible