AtRisk September 19, 2024 Vol. XXIV

Jump to:

Internet Storm Center Spotlight
Recent CVEs
Sponsors
Read More

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Python Infostealer Patching Windows Exodus App

Published: 2024-09-18.

Last Updated: 2024-09-18 07:43:00 UTC

by Xavier Mertens (Version: 1)

A few months ago, I wrote a diary[1] about a Python script that replaced the Exodus[2] Wallet app with a rogue one on macOS. Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic applications that may handle sensitive information. Cryptocurrency wallets are another category of applications that are juicy for attackers. I spotted again an interesting malware that mimics an Exodus wallet by displaying a small GUI ...

https://isc.sans.edu/diary/Python+Infostealer+Patching+Windows+Exodus+App/31276/

Finding Honeypot Data Clusters Using DBSCAN: Part 2

Published: 2024-09-13.

Last Updated: 2024-09-13 14:45:14 UTC

by Jesse La Grew (Version: 1)

In an earlier diary, I reviewed how using tools like DBSCAN can be useful to group similar data. I used DBSCAN to try and group similar commands submitted to Cowrie and URL paths submitted to the DShield web honeypot. DBSCAN was very helpful to group similar commands, but it was also very useful when trying to determine whether commands from one honeypot were seen in another. How much overlap in attack data is there between honeypots? Is there any targeting based on the hosting location of the honeypot?

Once the data is separated into clusters and the appropriate EPS and Minsample values are selected, comparing the data in a table can help highlight differences ...

https://isc.sans.edu/diary/Finding+Honeypot+Data+Clusters+Using+DBSCAN+Part+2/31194/

Hygiene, Hygiene, Hygiene! [Guest Diary]

Published: 2024-09-11.

Last Updated: 2024-09-12 22:38:15 UTC

by Guy Bruneau (Version: 1)

[This is a Guest Diary by Paul Olson, an ISC intern as part of the SANS.edu BACS program]

Introduction

Starting my internship with SANS Internet Storm Center was daunting from the aspect of being unsure of what to expect. Over the years I’ve completed several SANS courses and have become comfortable with that experience; there is a flow to the courses and the SANS instructors exceed my expectations. In this respect, the ISC Internship is a completely different animal; it presents a more hands-on learning opportunity, requires more self-reliance, and provides a greater element of unpredictability than I have found in SANS course labs. With more of the Internship work behind me than in front of me I can say that I have gotten more out of this internship than I have from other similar experiences.

Some of my concerns were about the ‘unknown unknowns’. Setting up the DShield honeypot [3] was straightforward exercise; my biggest worry was meeting the objectives of the Internship. Over the years that I have had broadband Internet I have periodically reviewed the logs generated by my home firewall. The firewall logs didn’t provide a wealth of information (event time, source and destination IP, protocol and ports involved, etc.). My concern became “How am I going to produce seven attack observation reports out of this? Who is going to bother with this device connected in a basement to a broadband network in North Dakota, US?”.

As it turns out that wasn’t going to be an issue. This newly-minted honeypot was remotely interacted with over 1,600 times from 169 distinct IP addresses on the first day; the device currently averages 17,000 probes daily. Reviewing the honeypot logs, one of the first lessons I learned from the Internship is that there are vast differences between a single-dimension firewall log and the level of detail in the data the honeypot captures when it is probed.

https://isc.sans.edu/diary/Hygiene+Hygiene+Hygiene+Guest+Diary/31260/

23:59, Time to Exfiltrate! (2024.09.17)

https://isc.sans.edu/diary/2359+Time+to+Exfiltrate/31272/

Managing PE Files With Overlays (2024.09.16)

https://isc.sans.edu/diary/Managing+PE+Files+With+Overlays/31268/

YARA-X's Dump Command (2024.09.15)

https://isc.sans.edu/diary/YARAXs+Dump+Command/31264/

YARA 4.5.2 Release (2024.09.14)

https://isc.sans.edu/diary/YARA+452+Release/31258/

Python Libraries Used for Malicious Purposes (2024.09.11)

https://isc.sans.edu/diary/Python+Libraries+Used+for+Malicious+Purposes/31248/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Microsoft Windows 10 1507

CVSS Score: 8.8

** KEV since 2024-09-16 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43461

ISC Podcast: https://isc.sans.edu/podcastdetail/9140

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43461

Product: Microsoft Windows 10 1507

CVSS Score: 9.8

** KEV since 2024-09-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43491

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491

Product: Ivanti Cloud Services Appliance

CVSS Score: 7.2

** KEV since 2024-09-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8190

ISC Podcast: https://isc.sans.edu/podcastdetail/9138

NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190

Product: Ivanti Endpoint Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29847

ISC Podcast: https://isc.sans.edu/podcastdetail/9138

NVD References: https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022

Product: Ivanti Endpoint Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8191

NVD References: https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022

Product: Microsoft Windows 10 1507

CVSS Score: 7.8

** KEV since 2024-09-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38014

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014

Product: Microsoft Office

CVSS Score: 7.3

** KEV since 2024-09-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38226

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226

Product: Microsoft Windows 10 1507

CVSS Score: 5.4

** KEV since 2024-09-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38217

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217

Product: Zyxel NAS326

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6342

NVD References: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-nas-products-09-10-2024

Product: Microsoft Windows

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6596

NVD References: https://cert.vde.com/en/advisories/VDE-2024-041

Product: Dell InsightIQ

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39581

NVD References: https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities

Product: Dell InsightIQ

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39583

NVD References: https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities

Product: Siemens Totally Integrated Automation Portal (TIA Portal)

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33698

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-039007.html

Product: Siemens SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35783

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-629254.html

Product: Siemens Industrial Edge Management

CVSS Score: 10.0 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45032

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-359713.html

Product: Samsung Escargot

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-40754

NVD References: https://github.com/Samsung/escargot/pull/1369

Product: Loftware Spectrum

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37226

NVD References:

- https://code-white.com

- https://code-white.com/public-vulnerability-list/

- https://docs.loftware.com/spectrum-releasenotes/Content/Hotfix/4.6_HF14.htm

Product: Loftware Spectrum

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37227

NVD References:

- https://code-white.com

- https://code-white.com/public-vulnerability-list/

- https://docs.loftware.com/spectrum-releasenotes/Content/Hotfix/4.6_HF13.htm

Product: Loftware Spectrum

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37231

NVD References:

- https://code-white.com

- https://code-white.com/public-vulnerability-list/

- https://docs.loftware.com/spectrum-releasenotes/Content/Hotfix/4.6_HF14.htm

Product: Aladdin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44677

NVD References:

- https://github.com/elunez/eladmin

- https://github.com/jcxj/jcxj/blob/master/source/_posts/eladmin-%E5%A4%8D%E7%8E%B0.md

Product: Nix

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45593

NVD References:

- https://github.com/NixOS/nix/commit/eb11c1499876cd4c9c188cbda5b1003b36ce2e59

- https://github.com/NixOS/nix/security/advisories/GHSA-h4vv-h3jq-v493

Product: Microsoft Azure Web Apps

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38194

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38194

Product: Microsoft Azure Stack Hub

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38216

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38220

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38216

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38220

Product: Microsoft Dynamics 365 Business Central

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38225

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38225

Product: Microsoft Windows 10 1507

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38240

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38240

Product: Microsoft Windows Server 2008

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43455

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43455

Product: JimuSoftware JimuReport

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44893

NVD References: https://github.com/jeecgboot/JimuReport/issues/2904

Product: Ruby-SAML

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45409

NVD References:

- https://github.com/SAML-Toolkits/ruby-saml/commit/1ec5392bc506fe43a02dbb66b68741051c5ffeae

- https://github.com/SAML-Toolkits/ruby-saml/commit/4865d030cae9705ee5cdb12415c654c634093ae7

- https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2

- https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq

Product: Renwoxing Enterprise Intelligent Management System

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43040

NVD References: https://gist.github.com/X1lyS/75a8ea48c4997b683e8b41c94e79e5f9

Product: VICIdial

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8503

NVD References:

- https://korelogic.com/Resources/Advisories/KL-001-2024-011.txt

- https://www.vicidial.org/vicidial.php

Product: WordPress video carousel slider with lightbox plugin

Active Installations: 1,000+

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-25212

NVD References:

- https://plugins.trac.wordpress.org/changeset?old_path=/wp-responsive-video-gallery-with-lightbox/tags/1.0.6&new_path=/wp-responsive-video-gallery-with-lightbox/tags/1.0.7&sfp_email=&sfph_mail=#file41

- https://wordpress.org/plugins/wp-responsive-video-gallery-with-lightbox

- https://www.wordfence.com/threat-intel/vulnerabilities/id/85e70be3-3ed7-4ce1-a20c-046fb7c4ec31?source=cve

Product: WooCommerce Photo Reviews Premium (plugin)

Active Installations: 20,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8277

NVD References:

- https://codecanyon.net/item/woocommerce-photo-reviews/21245349

- https://www.wordfence.com/threat-intel/vulnerabilities/id/a1e2d370-a716-4d6b-8e23-74db2fbd0760?source=cve

Product: SO Planning online planning tool

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27114

NVD References: https://csirt.divd.nl/CVE-2024-27114

Product: Comfast CF-XR11

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44466

NVD References: https://github.com/CurryRaid/iot_vul/tree/main/comfast

Product: evilnapsis Inventio Lite

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44541

NVD References:

- https://github.com/evilnapsis/inventio-lite

- https://github.com/pointedsec/CVE-2024-44541/

Product: Solarwinds Access Rights Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28990

NVD References:

- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3-1_release_notes.htm

- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28990

Product: No-IP Dynamic Update Client (DUC)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-40457

NVD References:

- https://www.noip.com/support/knowledgebase/install-linux-3-x-dynamic-update-client-duc

- https://www.noip.com/support/knowledgebase/running-linux-duc-v3-0-startup-2

Product: Nozomi Networks SCADAguardian

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45824

NVD References: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1696.html

Product: GitLab-EE

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2743

NVD References:

- https://gitlab.com/gitlab-org/gitlab/-/issues/451014

- https://hackerone.com/reports/2411756

Product: GitLab CE/EE

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6678

NVD References:

- https://gitlab.com/gitlab-org/gitlab/-/issues/471923

- https://hackerone.com/reports/2595495

Product: Docker Desktop

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8695

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8696

NVD References: https://docs.docker.com/desktop/release-notes/#4342

Product: ORDAT FOSS-Online

CVSS Score: 9.3 NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34334

NVD References:

- http://foss-online.com

- http://ordat.com

- https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/

Product: Adobe ColdFusion 2021

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41874

NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html

Product: Best Free Law Office Management Software

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44430

NVD References:

- https://blog.csdn.net/samwbs/article/details/140954482

- https://github.com/samwbs/kortexcve/blob/main/xss_register_case/XSS_register_case.md

Product: AFMobi Boomplayer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8039

NVD References:

- https://security.tecno.com/SRC/blogdetail/307?lang=en_US

- https://security.tecno.com/SRC/securityUpdates?type=SA

Product: The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress

Active Installations: 200,000+

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8669

NVD References:

- https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1477

- https://plugins.trac.wordpress.org/changeset/3151205/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/6a061553-c988-4a31-a0a2-7a2608faa33f?source=cve

Product: Code-Projects Crud Operation System

CVSS Score: 9.8

NVD:

- https://nvd.nist.gov/vuln/detail/CVE-2024-8762

- https://github.com/Kangsiyuan/1/issues/1

CVE-2024-8868 - Code-projects Crud Operation System 1.0 is vulnerable to a critical sql injection issue in the file savedata.php through the argument sname.

Product: Code-Projects Crud Operation System

CVSS Score: 9.8

NVD:

- https://nvd.nist.gov/vuln/detail/CVE-2024-8868

- https://github.com/ppp-src/a/issues/7

CVE-2024-46918 - MISP allows org admins to view sensitive login fields of other org admins in the same org before version 2.4.198.

Product: MISP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46918

NVD References:

- https://github.com/MISP/MISP/commit/3a5227d7b3d4518ac109af61979a00145a0de6fa

- https://github.com/MISP/MISP/compare/v2.4.197...v2.4.198

CVE-2024-46942 - OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1 allows a controller with a follower role to configure flow entries in a clustering deployment.

Product: OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46942

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/mdsal.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/MDSAL-869

CVE-2024-46943 - OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3 allows a rogue controller to impersonate an offline peer by joining a cluster without possessing complete configuration information.

Product: OpenDaylight Authentication, Authorization and Accounting (AAA)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46943

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/aaa.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/AAA-285

CVE-2024-45694 & CVE-2024-45695 - Certain models of D-Link wireless routers are susceptible to Stack-based Buffer Overflow vulnerabilities, enabling unauthenticated remote attackers to execute arbitrary code on the device.

Product: Dlink Dir-X5460 and D-Link Dir-X4860

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45694

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45695

NVD References:

- https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html

- https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html

- https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html

- https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html

CVE-2024-45697 - D-Link wireless routers have a hidden telnet service vulnerability that allows unauthorized remote attackers to execute OS commands using hard-coded credentials.

Product: D-Link wireless routers

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45697

NVD References:

- https://www.twcert.org.tw/en/cp-139-8089-32df6-2.html

- https://www.twcert.org.tw/tw/cp-132-8088-590ed-1.html

CVE-2024-22399 - Apache Seata is vulnerable to deserialization of untrusted data when authentication is disabled on the Seata-Server and the Seata client SDK dependencies are not used, allowing for the construction of malicious requests using bytecode based on the Seata private protocol.

Product: Apache Seata

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22399

NVD References: https://lists.apache.org/thread/91nzzlxyj4nmks85gbzwkkjtbmnmlkc4

CVE-2024-46451 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46451

NVD References: https://github.com/offshore0315/loT-vulnerable/blob/main/TOTOLINK/AC1200%20T8/setWiFiAclRules.md

CVE-2024-46419 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46419

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setWizardCfg.md

CVE-2024-46937 - MFASOFT Secure Authentication Server (SAS) versions 1.8.x through 1.9.x before 1.9.040924 allows remote attackers to access user tokens without authentication by brute-forcing the serial parameter.

Product: MFASOFT Secure Authentication Server (SAS)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46937

NVD References:

- https://github.com/WI1D-41/IDOR-in-MFASOFT-Secure-Authentication-Server

- https://mfasoft.ru

CVE-2024-45496 - OpenShift is vulnerable to arbitrary command execution due to misuse of elevated privileges in the build process, allowing an attacker to escalate permissions on the worker node.

Product: Red Hat OpenShift

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45496

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-45496

- https://bugzilla.redhat.com/show_bug.cgi?id=2308661

CVE-2024-7387 - Openshift/builder is vulnerable to command injection via path traversal allowing an attacker to execute arbitrary commands on the OpenShift node.

Product: Red Hat Openshift/builder

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7387

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-7387

- https://bugzilla.redhat.com/show_bug.cgi?id=2302259

CVE-2024-38812 - vCenter Server is vulnerable to a heap-overflow in the DCERPC protocol, allowing remote code execution by a malicious actor via a specially crafted network packet.

Product: VMware vCenter Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38812

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

CVE-2024-45798 - Arduino-esp32 is vulnerable to Poisoned Pipeline Execution (PPE) vulnerabilities affecting the `tests_results.yml` workflow and environment Variable injection.

Product: Arduino arduino-esp32

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45798

NVD References:

- https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection

- https://github.com/espressif/arduino-esp32/blob/690bdb511d9f001e2066da2dda2c631a3eee270f/.github/workflows/tests_results.yml

- https://github.com/espressif/arduino-esp32/security/advisories/GHSA-h52q-xhg2-6jw8

- https://securitylab.github.com/research/github-actions-preventing-pwn-requests

- https://securitylab.github.com/research/github-actions-untrusted-input

CVE-2024-8956 - The PTZOptics PT30X-SDI/NDI-xx camera before firmware 6.3.40 is vulnerable to an insufficient authentication issue, allowing a remote attacker to leak sensitive data and manipulate configuration settings without proper authentication.

Product: PTZOptics PT30X-SDI/NDI-xx

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8956

NVD References: https://ptzoptics.com/firmware-changelog/

NVD References: https://vulncheck.com/advisories/ptzoptics-insufficient-auth

CVE-2024-43976 & CVE-2024-43978 - Super Store Finder is vulnerable to SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions from n/a through 6.9.7.

Product: highwarden Super Store Finder

Active Installations: unknown

CVSS Score: 9.3 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43976

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43978

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-7-sql-injection-vulnerability?_s_id=cve

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-8-sql-injection-vulnerability?_s_id=cve

CVE-2024-44004 - WPTaskForce WPCargo Track & Trace allows SQL Injection through improper neutralization of special elements in SQL commands.

Product: WPTaskForce WPCargo Track & Trace

Active Installations: 10,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44004

NVD References: https://patchstack.com/database/vulnerability/wpcargo/wordpress-wpcargo-track-trace-plugin-7-0-6-sql-injection-vulnerability?_s_id=cve

Product: Code-Projects Crud Operation System

CVSS Score: 9.8

NVD:

- https://nvd.nist.gov/vuln/detail/CVE-2024-8868

- https://github.com/ppp-src/a/issues/7

CVE-2024-46918 - MISP allows org admins to view sensitive login fields of other org admins in the same org before version 2.4.198.

Product: MISP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46918

NVD References:

- https://github.com/MISP/MISP/commit/3a5227d7b3d4518ac109af61979a00145a0de6fa

- https://github.com/MISP/MISP/compare/v2.4.197...v2.4.198

CVE-2024-46942 - OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1 allows a controller with a follower role to configure flow entries in a clustering deployment.

Product: OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46942

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/mdsal.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/MDSAL-869

Product: OpenDaylight Authentication, Authorization and Accounting (AAA)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46943

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/aaa.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/AAA-285

Product: Dlink Dir-X5460 and D-Link Dir-X4860

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45694

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45695

NVD References:

- https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html

- https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html

- https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html

- https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html

CVE-2024-45697 - D-Link wireless routers have a hidden telnet service vulnerability that allows unauthorized remote attackers to execute OS commands using hard-coded credentials.

Product: D-Link wireless routers

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45697

NVD References:

- https://www.twcert.org.tw/en/cp-139-8089-32df6-2.html

- https://www.twcert.org.tw/tw/cp-132-8088-590ed-1.html

Product: Apache Seata

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22399

NVD References: https://lists.apache.org/thread/91nzzlxyj4nmks85gbzwkkjtbmnmlkc4

CVE-2024-46451 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46451

NVD References: https://github.com/offshore0315/loT-vulnerable/blob/main/TOTOLINK/AC1200%20T8/setWiFiAclRules.md

CVE-2024-46419 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46419

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setWizardCfg.md

Product: MFASOFT Secure Authentication Server (SAS)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46937

NVD References:

- https://github.com/WI1D-41/IDOR-in-MFASOFT-Secure-Authentication-Server

- https://mfasoft.ru

CVE-2024-45496 - OpenShift is vulnerable to arbitrary command execution due to misuse of elevated privileges in the build process, allowing an attacker to escalate permissions on the worker node.

Product: Red Hat OpenShift

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45496

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-45496

- https://bugzilla.redhat.com/show_bug.cgi?id=2308661

CVE-2024-7387 - Openshift/builder is vulnerable to command injection via path traversal allowing an attacker to execute arbitrary commands on the OpenShift node.

Product: Red Hat Openshift/builder

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7387

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-7387

- https://bugzilla.redhat.com/show_bug.cgi?id=2302259

CVE-2024-38812 - vCenter Server is vulnerable to a heap-overflow in the DCERPC protocol, allowing remote code execution by a malicious actor via a specially crafted network packet.

Product: VMware vCenter Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38812

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

CVE-2024-45798 - Arduino-esp32 is vulnerable to Poisoned Pipeline Execution (PPE) vulnerabilities affecting the `tests_results.yml` workflow and environment Variable injection.

Product: Arduino arduino-esp32

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45798

NVD References:

- https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection

- https://github.com/espressif/arduino-esp32/blob/690bdb511d9f001e2066da2dda2c631a3eee270f/.github/workflows/tests_results.yml

- https://github.com/espressif/arduino-esp32/security/advisories/GHSA-h52q-xhg2-6jw8

- https://securitylab.github.com/research/github-actions-preventing-pwn-requests

- https://securitylab.github.com/research/github-actions-untrusted-input

Product: PTZOptics PT30X-SDI/NDI-xx

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8956

NVD References: https://ptzoptics.com/firmware-changelog/

NVD References: https://vulncheck.com/advisories/ptzoptics-insufficient-auth

CVE-2024-43976 & CVE-2024-43978 - Super Store Finder is vulnerable to SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions from n/a through 6.9.7.

Product: highwarden Super Store Finder

Active Installations: unknown

CVSS Score: 9.3 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43976

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43978

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-7-sql-injection-vulnerability?_s_id=cve

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-8-sql-injection-vulnerability?_s_id=cve

CVE-2024-44004 - WPTaskForce WPCargo Track & Trace allows SQL Injection through improper neutralization of special elements in SQL commands.

Product: WPTaskForce WPCargo Track & Trace

Active Installations: 10,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44004

NVD References: https://patchstack.com/database/vulnerability/wpcargo/wordpress-wpcargo-track-trace-plugin-7-0-6-sql-injection-vulnerability?_s_id=cve

Product: MISP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46918

NVD References:

- https://github.com/MISP/MISP/commit/3a5227d7b3d4518ac109af61979a00145a0de6fa

- https://github.com/MISP/MISP/compare/v2.4.197...v2.4.198

Product: OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46942

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/mdsal.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/MDSAL-869

Product: OpenDaylight Authentication, Authorization and Accounting (AAA)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46943

NVD References:

- https://docs.opendaylight.org/en/latest/release-notes/projects/aaa.html

- https://doi.org/10.48550/arXiv.2408.16940

- https://lf-opendaylight.atlassian.net/browse/AAA-285

Product: Dlink Dir-X5460 and D-Link Dir-X4860

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45694

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45695

NVD References:

- https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html

- https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html

- https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html

- https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html

Product: D-Link wireless routers

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45697

NVD References:

- https://www.twcert.org.tw/en/cp-139-8089-32df6-2.html

- https://www.twcert.org.tw/tw/cp-132-8088-590ed-1.html

Product: Apache Seata

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22399

NVD References: https://lists.apache.org/thread/91nzzlxyj4nmks85gbzwkkjtbmnmlkc4

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46451

NVD References: https://github.com/offshore0315/loT-vulnerable/blob/main/TOTOLINK/AC1200%20T8/setWiFiAclRules.md

Product: TOTOLINK T8

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46419

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setWizardCfg.md

Product: MFASOFT Secure Authentication Server (SAS)

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46937

NVD References:

- https://github.com/WI1D-41/IDOR-in-MFASOFT-Secure-Authentication-Server

- https://mfasoft.ru

Product: Red Hat OpenShift

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45496

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-45496

- https://bugzilla.redhat.com/show_bug.cgi?id=2308661

CVE-2024-7387 - Openshift/builder is vulnerable to command injection via path traversal allowing an attacker to execute arbitrary commands on the OpenShift node.

Product: Red Hat Openshift/builder

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7387

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-7387

- https://bugzilla.redhat.com/show_bug.cgi?id=2302259

CVE-2024-38812 - vCenter Server is vulnerable to a heap-overflow in the DCERPC protocol, allowing remote code execution by a malicious actor via a specially crafted network packet.

Product: VMware vCenter Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38812

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

CVE-2024-45798 - Arduino-esp32 is vulnerable to Poisoned Pipeline Execution (PPE) vulnerabilities affecting the `tests_results.yml` workflow and environment Variable injection.

Product: Arduino arduino-esp32

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45798

NVD References:

- https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection

- https://github.com/espressif/arduino-esp32/blob/690bdb511d9f001e2066da2dda2c631a3eee270f/.github/workflows/tests_results.yml

- https://github.com/espressif/arduino-esp32/security/advisories/GHSA-h52q-xhg2-6jw8

- https://securitylab.github.com/research/github-actions-preventing-pwn-requests

- https://securitylab.github.com/research/github-actions-untrusted-input

Product: PTZOptics PT30X-SDI/NDI-xx

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8956

NVD References: https://ptzoptics.com/firmware-changelog/

NVD References: https://vulncheck.com/advisories/ptzoptics-insufficient-auth

CVE-2024-43976 & CVE-2024-43978 - Super Store Finder is vulnerable to SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions from n/a through 6.9.7.

Product: highwarden Super Store Finder

Active Installations: unknown

CVSS Score: 9.3 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43976

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43978

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-7-sql-injection-vulnerability?_s_id=cve

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-8-sql-injection-vulnerability?_s_id=cve

CVE-2024-44004 - WPTaskForce WPCargo Track & Trace allows SQL Injection through improper neutralization of special elements in SQL commands.

Product: WPTaskForce WPCargo Track & Trace

Active Installations: 10,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44004

NVD References: https://patchstack.com/database/vulnerability/wpcargo/wordpress-wpcargo-track-trace-plugin-7-0-6-sql-injection-vulnerability?_s_id=cve

Product: Red Hat Openshift/builder

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7387

NVD References:

- https://access.redhat.com/security/cve/CVE-2024-7387

- https://bugzilla.redhat.com/show_bug.cgi?id=2302259

CVE-2024-38812 - vCenter Server is vulnerable to a heap-overflow in the DCERPC protocol, allowing remote code execution by a malicious actor via a specially crafted network packet.

Product: VMware vCenter Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38812

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

CVE-2024-45798 - Arduino-esp32 is vulnerable to Poisoned Pipeline Execution (PPE) vulnerabilities affecting the `tests_results.yml` workflow and environment Variable injection.

Product: Arduino arduino-esp32

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45798

NVD References:

- https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection

- https://github.com/espressif/arduino-esp32/blob/690bdb511d9f001e2066da2dda2c631a3eee270f/.github/workflows/tests_results.yml

- https://github.com/espressif/arduino-esp32/security/advisories/GHSA-h52q-xhg2-6jw8

- https://securitylab.github.com/research/github-actions-preventing-pwn-requests

- https://securitylab.github.com/research/github-actions-untrusted-input

Product: PTZOptics PT30X-SDI/NDI-xx

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8956

NVD References: https://ptzoptics.com/firmware-changelog/

NVD References: https://vulncheck.com/advisories/ptzoptics-insufficient-auth

CVE-2024-43976 & CVE-2024-43978 - Super Store Finder is vulnerable to SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions from n/a through 6.9.7.

Product: highwarden Super Store Finder

Active Installations: unknown

CVSS Score: 9.3 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43976

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43978

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-7-sql-injection-vulnerability?_s_id=cve

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-8-sql-injection-vulnerability?_s_id=cve

CVE-2024-44004 - WPTaskForce WPCargo Track & Trace allows SQL Injection through improper neutralization of special elements in SQL commands.

Product: WPTaskForce WPCargo Track & Trace

Active Installations: 10,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44004

NVD References: https://patchstack.com/database/vulnerability/wpcargo/wordpress-wpcargo-track-trace-plugin-7-0-6-sql-injection-vulnerability?_s_id=cve

Product: VMware vCenter Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38812

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

Product: Arduino arduino-esp32

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45798

NVD References:

- https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection

- https://github.com/espressif/arduino-esp32/blob/690bdb511d9f001e2066da2dda2c631a3eee270f/.github/workflows/tests_results.yml

- https://github.com/espressif/arduino-esp32/security/advisories/GHSA-h52q-xhg2-6jw8

- https://securitylab.github.com/research/github-actions-preventing-pwn-requests

- https://securitylab.github.com/research/github-actions-untrusted-input

Product: PTZOptics PT30X-SDI/NDI-xx

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8956

NVD References: https://ptzoptics.com/firmware-changelog/

NVD References: https://vulncheck.com/advisories/ptzoptics-insufficient-auth

Product: highwarden Super Store Finder

Active Installations: unknown

CVSS Score: 9.3 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43976

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43978

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-7-sql-injection-vulnerability?_s_id=cve

NVD References: https://patchstack.com/database/vulnerability/superstorefinder-wp/wordpress-super-store-finder-plugin-6-9-8-sql-injection-vulnerability?_s_id=cve

Product: WPTaskForce WPCargo Track & Trace

Active Installations: 10,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44004

NVD References: https://patchstack.com/database/vulnerability/wpcargo/wordpress-wpcargo-track-trace-plugin-7-0-6-sql-injection-vulnerability?_s_id=cve

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SANS

Sevco Security

Fortinet, Inc.

SANS

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

The Consensus Security Vulnerability Alert

Share

Internet Storm Center Spotlight

Internet Storm Center Entries

Recent CVEs

CVE-2024-43461 - Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43491 - Servicing Stack in Windows 10 version 1507 has a vulnerability that could allow attackers to exploit previously mitigated vulnerabilities on systems with specific security updates installed.

CVE-2024-8190 - Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before is vulnerable to an OS command injection that allows a remote authenticated attacker to achieve remote code execution with admin level privileges.

CVE-2024-29847 - Ivanti EPM before 2022 SU6, or the 2024 September update, is vulnerable to remote unauthenticated code execution through deserialization of untrusted data in the agent portal.

CVE-2024-8191 - Ivanti EPM before 2022 SU6 or 2024 September update is vulnerable to SQL injection, enabling remote unauthenticated attackers to achieve remote code execution.

CVE-2024-38014 - Windows Installer Elevation of Privilege Vulnerability

CVE-2024-38226 - Microsoft Publisher Security Feature Bypass Vulnerability

CVE-2024-38217 - Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-6342 - Zyxel NAS326 and NAS542 firmware versions through V5.21(AAZF.18)C0 and V5.21(ABAG.15)C0, respectively, are vulnerable to command injection via crafted HTTP POST requests.

CVE-2024-6596 - An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context.

CVE-2024-39581 - Dell PowerScale InsightIQ, versions 5.0 through 5.1, has a vulnerability where external parties can access files or directories, allowing for unauthorized reading, modification, and deletion of files by remote attackers.

CVE-2024-39583 - Dell PowerScale InsightIQ versions 5.0 through 5.1 are vulnerable to a Use of a Broken or Risky Cryptographic Algorithm flaw, allowing unauthenticated attackers with remote access to potentially elevate privileges.

CVE-2024-45032 - Industrial Edge Management Pro and Industrial Edge Management Virtual versions prior to V1.9.5 and V2.3.1-1, respectively, are vulnerable to impersonation attacks due to improper validation of device tokens by affected components.

CVE-2024-40754 - Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.

CVE-2023-37226 - Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.

CVE-2023-37227 - Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.

CVE-2023-37231 - Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.

CVE-2024-44677 - Eladmin v2.7 and before is vulnerable to SSRF, enabling attackers to execute arbitrary code through DatabaseController.java.

CVE-2024-45593 - Nix package manager version 2.24 prior to 2.24.6 allows malicious users to write to arbitrary file system locations with root permissions.

CVE-2024-38194 - An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.

CVE-2024-38216 & CVE-2024-38220 - Azure Stack Hub Elevation of Privilege Vulnerabilities

CVE-2024-38225 - Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

CVE-2024-38240 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2024-43455 - Windows Remote Desktop Licensing Service Spoofing Vulnerability

CVE-2024-44893 - An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to escalate privileges via a crafted GET request.

CVE-2024-45409 - Ruby-SAML in &lt;= 12.2 and 1.13.0 &lt;= 1.16.0 allows an unauthenticated attacker to forge a SAML Response and log in as an arbitrary user.

CVE-2024-43040 - Renwoxing Enterprise Intelligent Management System before v3.0 is vulnerable to SQL injection via the parid parameter at /fx/baseinfo/SearchInfo.

CVE-2024-8503 - VICIdial is vulnerable to time-based SQL injection, allowing attackers to access plaintext credentials stored in the database.

CVE-2019-25212 - The video carousel slider plugin for WordPress is vulnerable to SQL Injection in versions up to 1.0.6, allowing authenticated attackers to extract sensitive data.

CVE-2024-8277 - The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass, allowing unauthenticated attackers to log in as an administrator or any user with a valid user transient.

CVE-2024-27114 - SO Planning online planning tool is vulnerable to unauthenticated Remote Code Execution (RCE) allowing attackers to upload and execute PHP files if public view setting is enabled, until version 1.52.02 was released to fix the issue.

CVE-2024-44466 - COMFAST CF-XR11 V2.7.2 is vulnerable to command injection via POST requests to /usr/bin/webmgnt.

CVE-2024-44541 - evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."

CVE-2024-28990 - SolarWinds Access Rights Manager (ARM) contains a hard-coded credential authentication bypass vulnerability that allows unauthorized access to the RabbitMQ management console.

CVE-2024-40457 - No-IP Dynamic Update Client (DUC) v3.x is vulnerable to cleartext credential exposure through command line arguments or in configuration files.

CVE-2024-45824 - IMPACT

CVE-2024-2743 - GitLab-EE versions 13.3 to 17.3.2 allow unauthorized attackers to modify on-demand DAST scans and leak variables.

CVE-2024-6678 - GitLab CE/EE allows an attacker to trigger a pipeline as an arbitrary user in versions 8.14 to 17.3.2.

CVE-2024-8695 & CVE-2024-8696 - Docker Desktop is vulnerable to remote code execution.

CVE-2024-34334 - ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function.

CVE-2024-41874 - ColdFusion versions 2023.9, 2021.15 and earlier have a Deserialization of Untrusted Data vulnerability that allows arbitrary code execution without user interaction.

CVE-2024-44430 - Best Free Law Office Management Software-v1.0 is vulnerable to SQL Injection, allowing attackers to execute arbitrary code and access sensitive information through a crafted payload.

CVE-2024-8039 - Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.

CVE-2024-8669 - The Backuply plugin for WordPress is vulnerable to SQL Injection, allowing authenticated attackers with administrator-level access to extract sensitive information from the database.

CVE-2024-8762 - Code-projects Crud Operation System 1.0 is vulnerable to a critical SQL injection attack through the argument sid in /updatedata.php, allowing for remote exploitation.

CVE-2024-8868 - Code-projects Crud Operation System 1.0 is vulnerable to a critical sql injection issue in the file savedata.php through the argument sname.

CVE-2024-46918 - MISP allows org admins to view sensitive login fields of other org admins in the same org before version 2.4.198.

CVE-2024-46942 - OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1 allows a controller with a follower role to configure flow entries in a clustering deployment.

CVE-2024-46943 - OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3 allows a rogue controller to impersonate an offline peer by joining a cluster without possessing complete configuration information.

CVE-2024-45694 & CVE-2024-45695 - Certain models of D-Link wireless routers are susceptible to Stack-based Buffer Overflow vulnerabilities, enabling unauthenticated remote attackers to execute arbitrary code on the device.

CVE-2024-45697 - D-Link wireless routers have a hidden telnet service vulnerability that allows unauthorized remote attackers to execute OS commands using hard-coded credentials.

CVE-2024-22399 - Apache Seata is vulnerable to deserialization of untrusted data when authentication is disabled on the Seata-Server and the Seata client SDK dependencies are not used, allowing for the construction of malicious requests using bytecode based on the Seata private protocol.

CVE-2024-46451 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.

CVE-2024-46419 - TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.

CVE-2024-46937 - MFASOFT Secure Authentication Server (SAS) versions 1.8.x through 1.9.x before 1.9.040924 allows remote attackers to access user tokens without authentication by brute-forcing the serial parameter.

CVE-2024-45496 - OpenShift is vulnerable to arbitrary command execution due to misuse of elevated privileges in the build process, allowing an attacker to escalate permissions on the worker node.

CVE-2024-7387 - Openshift/builder is vulnerable to command injection via path traversal allowing an attacker to execute arbitrary commands on the OpenShift node.

CVE-2024-38812 - vCenter Server is vulnerable to a heap-overflow in the DCERPC protocol, allowing remote code execution by a malicious actor via a specially crafted network packet.

CVE-2024-45798 - Arduino-esp32 is vulnerable to Poisoned Pipeline Execution (PPE) vulnerabilities affecting the `tests_results.yml` workflow and environment Variable injection.

CVE-2024-8956 - The PTZOptics PT30X-SDI/NDI-xx camera before firmware 6.3.40 is vulnerable to an insufficient authentication issue, allowing a remote attacker to leak sensitive data and manipulate configuration settings without proper authentication.

CVE-2024-43976 & CVE-2024-43978 - Super Store Finder is vulnerable to SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions from n/a through 6.9.7.

CVE-2024-44004 - WPTaskForce WPCargo Track &amp; Trace allows SQL Injection through improper neutralization of special elements in SQL commands.

Sponsors

SANS

Sevco Security

Fortinet, Inc.

SANS

CVE-2024-45409 - Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 allows an unauthenticated attacker to forge a SAML Response and log in as an arbitrary user.

CVE-2024-44004 - WPTaskForce WPCargo Track & Trace allows SQL Injection through improper neutralization of special elements in SQL commands.