Security
Headlines
HeadlinesLatestCVEs

Tag

#web

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through

The Hacker News
Open in Source
#web#intel#auth#The Hacker News
GHSA-jg74-mwgw-v6x3: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.

Transport, Logistics Orgs Hit by Stealthy Phishing Gambit

Companies in this industry vertical tend toward large financial transactions with partners, suppliers, and customers.

GHSA-g54f-66mw-hv66: Agnai vulnerable to Relative Path Traversal in Image Upload

### Summary A vulnerability has been discovered in **Agnai** that permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for defacement. This does not affect: - agnai.chat - installations using S3-compatible storage - self-hosting that is not publicly exposed ### CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html ### CVSS4.0 - 2.3 Low CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N ### Details This is a path traversal vulnerability. An attacker can exploit this vulnerability by sending a specially crafted request to the `editCharacter` handler https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/character.ts#L140: ```tsx POST /api/character/28cbe508-2fa9-4890-886e-61d73e22006c%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%61%70%70%2f%6...

GHSA-h355-hm5h-cm8h: Agnai File Disclosure Vulnerability: JSON via Path Traversal

### CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html ### CVSSv3.1 4.3 - Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N ### Summary A vulnerability has been discovered in **Agnai** that permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information and exposure of confidential configuration files. **This only affects installations with `JSON_STORAGE` enabled which is intended to local/self-hosting only.** ### Details & PoC This is a path traversal vulnerability. An attacker can exploit this vulnerability by sending a specially crafted request: ```tsx GET /api/json/messages/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%61%70%70%2fpackage HTTP/1.1 ``` In this example, the attacker retrieves the `package.json` file content from the server by manipulating the file path. The request is processed by the `loadM...

Are hardware supply chain attacks “cyber attacks?”

It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process.

GHSA-j827-6rgf-9629: Layui has DOM Clobbering gadgets that leads to Cross-site Scripting

### Summary A DOM Clobbering vulnerability has been discovered in `layui` that can lead to Cross-site Scripting (XSS) on web pages where attacker-controlled HTML elements (e.g., `img` tags with unsanitized `name` attributes) are present. It's worth noting that we’ve identifed similar issues in other popular client-side libraries like Webpack ([CVE-2024-43788](https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986)) and Vite ([CVE-2024-45812](https://github.com/vitejs/vite/security/advisories/GHSA-64vr-g452-qvp3)), which might serve as valuable references. ### Backgrounds DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code snippet) living in the existing libraries to transform it into executable code. ### Impact This vulnerability can lead to cross-site scripting (XSS) on websites that uses ...

GHSA-rw3j-574h-mrcq: IDOR vulnerability in account profile page

### Impact Insecure direct object reference allowing an attacker to disable subscriptions and reviews of another customer

ABB Cylon Aspect 3.07.01 Hard-Coded Credentials

ABB Cylon Aspect version 3.07.01 BMS/BAS controller is operating with default and hard-coded credentials contained in install package while exposed to the Internet.