Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

GHSA-cvv5-9h9w-qp2m: Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)

### Summary The SSID is not sanitized when before it is passed as a parameter to cmd.exe in the `getWindowsIEEE8021x` function. This means that malicious content in the SSID can be executed as OS commands. ### Details I have exploited this vulnerability in a Windows service using version 5.22.11 of the module, to escalate privileges (in an environment where I am authorized to do so). However, as far as I can see from the code, it is still present in master branch at time of writing, on line [403/404 of network.js](https://github.com/sebhildebrandt/systeminformation/blob/3a92931c7d46605ffddc1aacb97a9727273b2888/lib/network.js#L403). The SSID is obtained from `netsh wlan show interface ...` in `getWindowsWirelessIfaceSSID`, and then passed to `cmd.exe /d /s /c "netsh wlan show profiles ...` in `getWindowsIEEE8021x`, without sanitization. ### PoC First, the command injection payload should be included in the connected Wi-Fi SSID. For example create hotspot on mobile phone or other lap...

ghsa
#vulnerability#windows#js#git#rce#auth#wifi
US Ban on TP-Link Routers More About Politics Than Exploitation Risk

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.

‘Fix It’ social-engineering scheme impersonates several brands

Criminals are luring victims looking to download software and tricking them into running a malicious command.

Welcome to the party, pal!

In the last newsletter of the year, Thorsten recalls his tech-savvy gift to his family and how we can all incorporate cybersecurity protections this holiday season.

Exploring vulnerable Windows drivers

This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about  malicious Windows drivers.

Hackers Exploiting Linux eBPF to Spread Malware in Ongoing Campaign

KEY SUMMARY POINTS Cybersecurity researchers Dr. Web have uncovered a new and active Linux malware campaign aimed at…

Thai Police Systems Under Fire From 'Yokai' Backdoor

Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of sophistication and amateurishness.

Hackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys

SUMMARY Datadog Security Labs’ cybersecurity researchers have discovered a new, malicious year-long campaign from a threat actor identified…

Cicada3301 Ransomware Claims Attack on French Peugeot Dealership

SUMMARY Cicada3301, a ransomware group, has claimed responsibility for a data breach targeting Concession Peugeot (concessions.peugeot.fr), a prominent…

Microsoft Teams Vishing Spreads DarkGate RAT

A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.