SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Microsoft August 2023 Patch Tuesday
Published: 2023-08-08
Last Updated: 2023-08-08 17:55:38 UTC
by Renato Marinho (Version: 1)
This month we got patches for 88 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.
One of the exploited vulnerabilities is .NET and Visual Studio Denial of Service Vulnerability (CVE-2023-38180). The max severity for the vulnerability is important and the CVSS is 7.5.
The other exploited vulnerability is Microsoft Office Defense in Depth Update (ADV230003). According to the advisory this defense in depth update is not a vulnerability, but installing this update stops the attack chain leading to the Windows Search security feature bypass vulnerability (CVE-2023-36884). Microsoft recommends installing the Office updates discussed in this advisory as well as installing the Windows updates from August 2023.
Moving to critical vulnerabilities, there are Remote Code Execution (RCE) vulnerabilities affecting Microsoft Message Queuing (CVE-2023-35385, CVE-2023-36910, and CVE-2023-36911). According to the advisory, the Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. The attack complexity is low, no privileges and no user interaction are required. The CVSS for this vulnerability is 9.8.
Read the full entry:
https://isc.sans.edu/diary/Microsoft+August+2023+Patch+Tuesday/30106/
From small LNK to large malicious BAT file with zero VT score
Published: 2023-08-03
Last Updated: 2023-08-03 15:49:44 UTC
by Jan Kopriva (Version: 1)
Last week, my spam trap caught an e-mail with LNK attachment, which turned out to be quite interesting.
The e-mail message was the usual malspam fare trying to appear as a purchase order sent to the recipient, however, the attachment, named “Purchase%20Order%20PO007289.pdf.zip”, was somewhat more intriguing. As you have probably guessed, it did not contain a PDF file, as its name might have suggested, but instead a 15 kB LNK.
If one were to look at the LNKs properties using the standard Windows dialog, one would only see the following string as the “target” for the shortcut, given that the textbox in the dialog supports only a fairly short string.
Since the “target” string begins with the ComSpec variable, we can clearly see that the LNK is pointing at cmd.exe (at least on any Windows system with usual configuration), but that is about all we can be certain about at this point. To get to further details, we might take advantage of some specialized tool for analyzing LNK files, however, any hex editor can serve us just as well.
Even if one didn’t understand the internal structure of the Shell Link file format, one would only have to locate a string in the file containing multiple “/shakir” substrings to be able to get to the entire command that the file is supposed to execute.
Read the full entry:
https://isc.sans.edu/diary/From+small+LNK+to+large+malicious+BAT+file+with+zero+VT+score/30094/
Are Leaked Credentials Dumps Used by Attackers?
Published: 2023-08-04
Last Updated: 2023-08-04 07:46:31 UTC
by Xavier Mertens (Version: 1)
Leaked credentials are a common thread for a while. Popular services like “Have I Been Pwned”[1] help everyone know if some emails and passwords have been leaked. This is a classic problem: One day, you create an account on a website (ex: an online shop), and later, this website is compromised. All credentials are collected and shared by the attacker. To reduce this risk, a best practice is to avoid password re-use (as well as to not use your corporate email address for non-business-related stuff).
I’ve been watching dumps of leaked credentials for a long time. My goal is not to compete with the service above. I do this for research purposes and to track potential leaks for juicy domains. Most of the "combo" files that you can find on the Internet are compilations of old leaks but presented as "fresh", "verified" or "valid" by the attacker:
250K-belgium-Combolist.txt
300kusa.txt
310k-yahoo-combos.txt
75k HQ Valid mail access.txt
83k mail_access.txt
50K Combo private BY AmrNet1 All Site.txt
...
The quality of these dumps is very poor. Most verifications I performed with 3rd parties always gave the same results: the account has not existed for a long time, our password policy has changed, etc.
Read the full entry:
https://isc.sans.edu/diary/Are+Leaked+Credentials+Dumps+Used+by+Attackers/30098/
Update: Researchers scanning the Internet (2023.08.07)
https://isc.sans.edu/diary/Update+Researchers+scanning+the+Internet/30102/
Zeek and Defender Endpoint (2023.08.02)
https://isc.sans.edu/diary/Zeek+and+Defender+Endpoint/30088/
Product: Papercut NG/MFCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39143ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8604NVD References: - https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/- https://www.papercut.com/kb/Main/securitybulletinjuly2023/CVE-2023-21709 - Microsoft Exchange Server Elevation of Privilege VulnerabilityProduct: Microsoft Exchange ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21709ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21709CVE-2023-34960 - Chamilo v1.11.* up to v1.11.18 enables command injections via a SOAP API call to wsConvertPpt with a manipulated PowerPoint name.Product: Chamilo CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34960NVD References: - http://chamilo.com- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-ExecutionCVE-2023-37478 - Pnpm package manager is susceptible to a malicious tarball vulnerability that allows compromised or malicious versions to be installed when using pnpm, despite appearing safe on npm registry.Product: Pnpm CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37478NVD References: - https://github.com/pnpm/pnpm/releases/tag/v7.33.4- https://github.com/pnpm/pnpm/releases/tag/v8.6.8- https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7CVE-2022-39986 - RaspAP versions 2.8.0 through 2.8.7, an unauthenticated command injection vulnerability allows attackers to execute arbitrary commands via the cfg_id parameter in certain PHP files.Product: RaspAPCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-39986NVD References: - https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php- https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2CVE-2023-31710 - TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow.Product: TP-Link Archer Ax21CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31710NVD References: https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710CVE-2023-34634 - Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.Product: Greenshot CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34634NVD References: - http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html- https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c- https://greenshot.atlassian.net/browse/BUG-3061- https://www.exploit-db.com/exploits/51633CVE-2023-4056 - Firefox, Firefox ESR, and Thunderbird versions prior to 116, 102.14, and 115.1 respectively suffer from memory safety bugs that could potentially allow arbitrary code execution through memory corruption.Product: Mozilla FirefoxCVSS Score: 9.8 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4056NVD References: - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847- https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html- https://www.debian.org/security/2023/dsa-5464- https://www.debian.org/security/2023/dsa-5469- https://www.mozilla.org/security/advisories/mfsa2023-29/- https://www.mozilla.org/security/advisories/mfsa2023-30/- https://www.mozilla.org/security/advisories/mfsa2023-31/CVE-2023-4057 - Firefox, Firefox ESR, and Thunderbird versions 115.0 suffer from memory safety bugs that could potentially lead to arbitrary code execution, affecting Firefox versions below 116 and Firefox ESR versions below 115.1.Product: Mozilla FirefoxCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4057NVD References: - https://bugzilla.mozilla.org/show_bug.cgi?id=1841682- https://www.mozilla.org/security/advisories/mfsa2023-29/- https://www.mozilla.org/security/advisories/mfsa2023-31/- https://www.mozilla.org/security/advisories/mfsa2023-33/CVE-2023-4058 - Firefox versions prior to 116 contain memory safety bugs that could allow potential hackers to run arbitrary code by exploiting the memory corruption.Product: Mozilla FirefoxCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4058NVD References: - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024- https://www.mozilla.org/security/advisories/mfsa2023-29/CVE-2023-33493 - PrestaShop through 2.3.0 allows remote attackers to upload dangerous files without restrictions.Product: Ajaxmanager Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33493NVD References: https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.htmlCVE-2023-36210 - MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the …
Product: Assaabloy Control ID IDSecureCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33369NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33369- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-33371 - IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to bypass authentication.Product: Assaabloy Control ID IDSecureCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33371NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33371- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-36082 - GatesAir Flexiva FM Transmitter/Exiter Fax 150W is vulnerable to remote privilege escalation through LDAP and SMTP credentials.Product: GatesAir Flexiva Fax 150WCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36082NVD References: - http://flexiva.com- http://gatesair.com- https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082CVE-2023-4068, CVE-2023-4069, CVE-2023-4070 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4068NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4069NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4070ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4068MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4069MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4070NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1466183- https://crbug.com/1465326- https://crbug.com/1462951- https://www.debian.org/security/2023/dsa-5467CVE-2023-4071 - Chromium: CVE-2023-4071 Heap buffer overflow in VisualsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4071ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4071NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1458819- https://www.debian.org/security/2023/dsa-5467CVE-2023-4072 - Chromium: CVE-2023-4072 Out of bounds read and write in WebGLProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4072ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4072NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464038- https://www.debian.org/security/2023/dsa-5467CVE-2023-4073 - Chromium: CVE-2023-4073 Out of bounds memory access in ANGLEProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4073ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4073NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1456243- https://www.debian.org/security/2023/dsa-5467CVE-2023-4074 - Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4074ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4074NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464113- https://www.debian.org/security/2023/dsa-5467CVE-2023-4075 - Chromium: CVE-2023-4075 Use after free in CastProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4075ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4075NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1457757- https://www.debian.org/security/2023/dsa-5467CVE-2023-4076 - Chromium: CVE-2023-4076 Use after free in WebRTCProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4076ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4076NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1459124- https://www.debian.org/security/2023/dsa-5467CVE-2023-4077 - Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4077ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4077NVD References: - https:/…
Product: Assaabloy Control ID IDSecureCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33371NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33371- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-36082 - GatesAir Flexiva FM Transmitter/Exiter Fax 150W is vulnerable to remote privilege escalation through LDAP and SMTP credentials.Product: GatesAir Flexiva Fax 150WCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36082NVD References: - http://flexiva.com- http://gatesair.com- https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082CVE-2023-4068, CVE-2023-4069, CVE-2023-4070 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4068NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4069NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4070ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4068MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4069MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4070NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1466183- https://crbug.com/1465326- https://crbug.com/1462951- https://www.debian.org/security/2023/dsa-5467CVE-2023-4071 - Chromium: CVE-2023-4071 Heap buffer overflow in VisualsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4071ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4071NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1458819- https://www.debian.org/security/2023/dsa-5467CVE-2023-4072 - Chromium: CVE-2023-4072 Out of bounds read and write in WebGLProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4072ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4072NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464038- https://www.debian.org/security/2023/dsa-5467CVE-2023-4073 - Chromium: CVE-2023-4073 Out of bounds memory access in ANGLEProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4073ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4073NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1456243- https://www.debian.org/security/2023/dsa-5467CVE-2023-4074 - Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4074ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4074NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464113- https://www.debian.org/security/2023/dsa-5467CVE-2023-4075 - Chromium: CVE-2023-4075 Use after free in CastProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4075ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4075NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1457757- https://www.debian.org/security/2023/dsa-5467CVE-2023-4076 - Chromium: CVE-2023-4076 Use after free in WebRTCProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4076ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4076NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1459124- https://www.debian.org/security/2023/dsa-5467CVE-2023-4077 - Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4077ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4077NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1451146- https://www.debian.org/security/2023/dsa-5467CVE-2023-4078 - Chromium: CVE-2023-4078 Inappropriate implementation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4078ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide…
cve-2023-2140712-en-US-409778.pdf">https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdfCVE-2023-21409 - Due to insufficient file permissions, unprivileged users could gain access to unencrypted administratorcredentials allowing the configuration of the application.Product: Axis License Plate VerifierCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21409NVD References: https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdfCVE-2023-4008 - GitLab CE/EE before versions 16.0.8, 16.1.3, and 16.2.2 allows the takeover of GitLab Pages using known random string for unique domain URLs.Product: Gitlab CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4008NVD References: https://gitlab.com/gitlab-org/gitlab/-/issues/415942CVE-2023-4120 - Beijing Baichuo Smart S85F Management Platform up to 20230722 is vulnerable to remote command injection via manipulation of the sql argument in importhtml.php, potentially leading to unauthorized access and attack exploitation.Product: Byzoro Smart S85FCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4120NVD References: - https://github.com/RCEraser/cve/blob/main/rce.md- https://vuldb.com/?ctiid.235967- https://vuldb.com/?id.235967CVE-2023-4121 - Beijing Baichuo Smart S85F Management Platform up to 20230722 allows remote attackers to execute unrestricted file uploads, classified as critical (VDB-235968).Product: Byzoro Smart S85FCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4121NVD References: - https://github.com/torres14852/cve/blob/main/upload.md- https://vuldb.com/?ctiid.235968- https://vuldb.com/?id.235968CVE-2023-36213 - MotoCMS v.3.4.3 is vulnerable to SQL injection, allowing remote attackers to gain privileges through the search function's keyword parameter.Product: MotoCMS CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36213NVD References: - https://packetstormsecurity.com/files/172698/MotoCMS-3.4.3-SQL-Injection.html- https://www.exploit-db.com/exploits/51504CVE-2023-36217 - Xoops CMS v.2.5.10 is vulnerable to Cross Site Scripting, allowing remote attackers to execute arbitrary code via the category name field of the image manager function.Product: Xoops CVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36217NVD References: - https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10- https://www.exploit-db.com/exploits/51520CVE-2023-33666 - ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.Product: Ai-Dev AioptimizedcombinationsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33666NVD References: - https://security.friendsofpresta.org/modules/2023/08/03/aioptimizedcombinations.html- https://www.boutique.ai-dev.fr/en/ergonomie/59-optimized-combinations.htmlCVE-2023-20214 - Cisco SD-WAN vManage software is vulnerable to an unauthenticated remote attacker gaining read or limited write permissions to the configuration through a crafted API request.Product: Cisco SD-WAN vManageCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-20214NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPACVE-2023-38951 - A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration.Product: ZKTeco BiotimeCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38951NVD References: - http://zkteco.com- https://claroty.com/team82/disclosure-dashboard/cve-2023-38951CVE-2023-33665 - ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.Product: Ai-Dev Ai-TableCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33665NVD References: - https://security.friendsofpresta.org/modules/2023/08/01/aitable.html- https://www.boutique.ai-dev.fr/en/ergonomie/56-table-attributes.htmlCVE-2023-36131 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.Product: PHPJabbers Availability Booking CalendarCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36131NVD References: - https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4- https://www.phpjabbers.com/availability-booking-calendar/CVE-2023-36132 - PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.Product: PHPJabbers Availability Booking CalendarCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36132NVD References: - https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4- https://www.phpjabbers.com/availability-booking-calendar/CVE-2023-36133 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.Product: PHPJabbers Availability B…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33372NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33372- https://www.connectedio.com/products/routersCVE-2023-33373 - Connected IO v2.1.0 and prior stores passwords and credentials in clear-text format, enabling attackers to steal them and impersonate devices.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33373NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33373- https://www.connectedio.com/products/routersCVE-2023-33374 - Connected IO v2.1.0 and prior allows arbitrary remote command execution through its communication protocol.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: P…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33373NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33373- https://www.connectedio.com/products/routersCVE-2023-33374 - Connected IO v2.1.0 and prior allows arbitrary remote command execution through its communication protocol.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, wi…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Sco…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3526NVD References: https://cert.vde.com/en/advisories/VDE-2023-017CVE-2023-3570 - PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 allow remote attackers with low privileges to gain full access via a specific HTTP DELETE request.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detai…
Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3526NVD References: https://cert.vde.com/en/advisories/VDE-2023-017CVE-2023-3570 - PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 allow remote attackers with low privileges to gain full access via a specific HTTP DELETE request.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3570NVD References: https://cert.vde.com/en/advisories/VDE-2023-018/CVE-2023-3571 - PHOENIX CONTACTs WP 6xxx series web panels prior to 4.0.10 allow remote attackers to gain full device access by exploiting a specific HTTP POST related to certificate operations.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-357…
*********** Sponsored By Dragos, Inc. ***********The Dragos public intelligence brief, COSMICENERGY – Not an Immediate Threat, provides an analysis of this latest malware discovery and how it compares to other more concerning threats like CRASHOVERRIDE and Industroyer2. We want to help you break through the hype with actionable defensive recommendations and potential impacts on ICS/OT environments. Download Intelligence Brief:
Upcoming webcast on Thu, August 17 at 1:00pm ET | How to Use Zero Trust to Secure Workloads in the Public Cloud- Register for this free virtual webcast to receive first free access to the accompanying whitepaper written by Dave Shackleford. | Register Now:
Upcoming webcast on Tue, August 22 at 1:00pm ET | The Future of Log Centralization for SIEMs and DFIR – Is the End Nigh? Tune in as we explore the pros and cons of centralized log data and will take a look at key questions like: Why might a decentralized approach be more attractive today, and what about normalization? | Register Now:
State of Threat Detection – The Defenders’ Dilemma | During this “Ask the Expert” webinar, we explored an independent global study of 2,000 SecOps analysts, and dove headfirst into the spiral of more that SOC analysts face. | Watch the Replay: