SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Apache Commons vulnerability in the spotlight after proof-of-concept code becomes available
Description: Security researchers are warning users to patch for a recently disclosed critical vulnerability in Apache Commons Text that could allow an unauthenticated attacker to execute code remotely on servers running applications with the affected component. CVE-2022-42889 has a 9.8 out of a possible 10.0 CVSS severity ranking. Proof-of-concept code for the vulnerability is already available, though as of Tuesday, there were no reports of the vulnerability being exploited in the wild. Apache released a patch for this vulnerability back in September though it did not release an advisory on the issue until this week. Researchers and admins have continually focused on Apache software since last year’s Log4Shell vulnerability.
Snort SIDs: 60737 - 60742
Title: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Description: Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a dual-ethernet port wireless router that shares 3G and 4G wireless signals for use in industrial and internet-of-things environments. The router includes the use of open VPN tunneling, a cloud management platform to manage other devices and routers and different safeguards to manage data caps. Talos discovered five operating system command injection vulnerabilities in the router that an adversary could trigger by sending the targeted device a specially crafted network request. All these vulnerabilities have a CVSS severity score of 9.1 out of 10.
References: https://blog.talosintelligence.com/2022/10/vuln-spotlight-robustel-router.html
Snort SIDs: 60007 - 60035, 60388-60391, 60393 and 60455