#web

By Deeba Ahmed The vulnerabilities stem from the way Jenkins handles user-supplied data. This is a post from HackRead.com Read the original post: Excessive Expansion Vulnerabilities Leave Jenkins Servers Open to Attacks

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: Hitron Systems Equipment: DVR Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to affect the availability of the product through exploitation of an improper input validation vulnerability and default credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hitron Systems DVR, a digital video recorder, are affected: DVR HVR-4781: Versions 1.03 through 4.02 DVR HVR-8781: Versions 1.03 through 4.02 DVR HVR-16781: Versions 1.03 through 4.02 DVR LGUVR-4H: Versions 1.02 through 4.02 DVR LGUVR-8H: Versions 1.02 through 4.02 DVR LGUVR-16H: Versions 1.02 through 4.02 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 An improper input validation vulnerability exists in Hitron Systems DVR HVR-4781 versions 1.03 thro...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: LP30, LP40, LP50, and BM40 Operator Panels Vulnerability: Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to use specifically crafted communication requests to perform a denial-of-service condition, memory overwriting, or remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: LP30 Operator Panel: Versions prior to V3.5.19.0 LP40 Operator Pane: Versions prior to V3.5.19.0 LP50 Operator Panel: Versions prior to V3.5.19.0 BM40 Operator Panel: Versions prior to V3.5.19.0 3.2 Vulnerability Overview 3.2.1 IMPROPER VALIDATION OF CONSISTENCY WITHIN INPUT CWE-1288 After successful authentication, specifically c...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: EZSocket, FR Configurator2, GT Designer3 Version1(GOT1000), GT Designer3 Version1(GOT2000), GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX OPC Server DA/UA (Software packaged with MC Works64) Vulnerabilities: Missing Authentication for Critical Function, Unsafe Reflection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose, tamper with, destroy or delete information in the products, or cause a denial-of-service (DoS) condition on the products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric FA Engineering Software Products, are affected: EZSocket: Versions 3.0 and later FR Configurator2: All versions GT Designer3 Version1(GOT1000): All versions GT Designer3 Version1(GOT2000): All versions GX Works2: Versions 1.11M and later GX Works3: All ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix, GuardLogix Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device by exploiting a Denial-of-Service (DoS) vulnerability. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation ControlLogix and GuardLogix programmable logic controllers are affected: ControlLogix 5570: Firmware version 20.011 ControlLogix 5570 redundant: Firmware versions 20.054_kit1 GuardLogix 5570: Firmware version 20.011 3.2 Vulnerability Overview 3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119 A Denial-of-Service (DoS) vulnerability exists that, if exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart i...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC WS Series Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker to login to the modules and disclose or tamper with the programs and parameters in the modules. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric MELSEC WS Series Ethernet Interface Modules, are affected: WS0-GETH00200: All serial numbers 3.2 Vulnerability Overview 3.2.1 AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294 An authentication bypass vulnerability exists in the MELSEC WS Series Ethernet Interface Modules. A remote unauthenticated attacker can bypass authentication by capture-replay attack and login to the modules. As a result, the remote attacker who has logged in may be able to disclose or tamper with the programs and parameters in the modules. CVE-2023-6...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Service Platform Vulnerability: Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve user information and modify settings without any authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Smart Security Manager, a software management platform, are affected: FactoryTalk Service Platform: Versions prior to v6.4 3.2 Vulnerability Overview 3.2.1 IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347 A vulnerability exists in the affected product that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user informatio...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: Rosemount GC370XA, GC700XA, GC1500XA Vulnerabilities: Command Injection, Improper Authentication, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker with network access to run arbitrary commands, access sensitive information, cause a denial-of-service condition, and bypass authentication to acquire admin capabilities. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Emerson Rosemount Gas Chromatographs are affected: GC370XA: Version 4.1.5 GC700XA: Version 4.1.5 GC1500XA: Version 4.1.5 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer. CVE-2023-46687 ha...

Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and

By Waqas Banmeet Singh, an Indian national, was arrested in London, England, on April 26, 2019, and extradited to the United States on March 19, 2023. This is a post from HackRead.com Read the original post: Dark Web Drug Lord Pleads Guilty, Forfeits $150M Cryptocurrency