CVE-2023-45124

Pending

Pending
Published
Pending
Updated

CVSS
Pending

2 Posts ‧ 32 Interactions

CVE Info

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Fediverse

Profile picture

First I've seen this. WordPress malware initiated via phish which claims your site is vulnerable to CVE-2023-45124. If you follow through with the URL, download and install, it will retrieve a PHP backdoor.

bit[.]ly/49ZZWbJ
-->
en-ca-wordpress[.]org/plugins/human-verification-challenge/3rx1ow9?continue
-->
en-ca-wordpress[.]org/plugins/cve-2023-45124/

8151443fcb1474b7e058c55829dfa55b4185d12bcbc9bb0770d1580371f2f00e cve-2023-45124[.]zip

After installing the plugin on WordPress an additional PHP backdoor payload
is retrieved from here:

wpgate[.]zip/runscan

1416·12 hours ago·
Profile picture

#WordPress users: watch out for this phishing attack.

PSA: Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
wordfence.com/blog/2023/12/psa

20·last hour·

CVE-2023-49103

KEV
Pending

21 Nov 2023
Published
21 Nov 2023
Updated

CVSS v3.1
CRITICAL (10.0)

2 Posts ‧ 11 Interactions

CVE Info

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.

Fediverse

Profile picture
54·14 hours ago·
Profile picture

Rapid7 compiled information about the mass exploitation of the ownCloud unauthenticated information disclosure vulnerability CVE-2023-49103 (CVSS: 10.0 critical severity, disclosed 21 November by ownCloud, added to CISA Kev Catalog on 30 November 2023). They describe what an indicator of compromise would appear as, and includes a SIGMA rule to help organizations identify possible exploitation activity.
🔗 rapid7.com/blog/post/2023/12/0

11·15 hours ago·

CVE-2023-4966

KEV
Citrix NetScaler ADC 

10 Oct 2023
Published
10 Oct 2023
Updated

CVSS v3.1
CRITICAL (9.4)

1 Post ‧ 2 Interactions

CVE Info

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. 

Fediverse

Profile picture

On 30 November 2023, U.S. Department of Health and Human Services (HHS) HC3 published a sector alert specifically warning hospitals and healthcare facilities of the CitrixBleed vulnerability (CVE-2023-4966, CVSS: 9.4 critical severity, disclosed 10 October by Citrix, identified by Mandiant as an exploited Zero-Day, has a publicly disclosed Proof of Concept, and added to the CISA KEV Catalog 18 October 2023). Ransomware actors like LockBit are actively leveraging CitrixBleed against healthcare industry, as noted in the CISA : LockBit 3.0 security advisory on 21 November. See related CISA Guidance for mitigation and resources.
🔗 aha.org/system/files/media/fil

11·8 hours ago·

CVE-2022-28958

KEV
Pending

Pending
Published
29 Nov 2023
Updated

CVSS
Pending

1 Post ‧ 9 Interactions

CVE Info

DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Fediverse

Profile picture

Hot off the press: CISA removed CVE-2022-28958 (D-Link DIR-816L Remote Code Execution Vulnerability) from the Known Exploited Vulnerabilities Catalog. The KEV Team determined that CVE-2022-28958 is no longer a valid vulnerability, as the CVE record has since been rejected by the issuing CVE Numbering Authority.
EDIT: 🔗 cisa.gov/news-events/alerts/20

54·16 hours ago·

CVE-2023-42916

Apple Safari

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS
Pending

3 Posts ‧ 2 Interactions

CVE Info

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Fediverse

Profile picture

17.1.2 and Sonoma 14.1.2 patch 2 actively exploited vulnerabilities

Both are vulnerabilities. Apparently there is indication these were exploited in the wild.

CVE-2023-42916 - out-of-bounds read. Processing web content may disclose sensitive information.

CVE-2023-42917 - memory corruption . Processing web content may lead to arbitrary code execution.

Update your devices ASAP.

9to5mac.com/2023/11/30/ios-17-

11·15 hours ago·
Profile picture

While CISA is usually timely on alerts and cybersecurity advisories, they buried the lede in that Apple's security updates from yesterday contain two actively exploited Zero-Days. CVE-2023-42916 affects WebKit and allows for sensitive information disclosure. CVE-2023-42917 also affects WebKit and allows for arbitrary code execution. "Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1."
🔗 cisa.gov/news-events/alerts/20

00·16 hours ago·
Profile picture

🏴‍☠️ Google researchers report critical zero-days in Chrome and all Apple OSes | Ars Technica

arstechnica.com/?p=1987731

#Cybersecurity #Chrome #iOS #iPadOS #MacOS #CVE20236345 #CVE202342916 #CVE202342917

00·17 hours ago·

CVE-2023-42917

Apple Safari

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS
Pending

3 Posts ‧ 2 Interactions

CVE Info

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Fediverse

Profile picture

17.1.2 and Sonoma 14.1.2 patch 2 actively exploited vulnerabilities

Both are vulnerabilities. Apparently there is indication these were exploited in the wild.

CVE-2023-42916 - out-of-bounds read. Processing web content may disclose sensitive information.

CVE-2023-42917 - memory corruption . Processing web content may lead to arbitrary code execution.

Update your devices ASAP.

9to5mac.com/2023/11/30/ios-17-

11·15 hours ago·
Profile picture

While CISA is usually timely on alerts and cybersecurity advisories, they buried the lede in that Apple's security updates from yesterday contain two actively exploited Zero-Days. CVE-2023-42916 affects WebKit and allows for sensitive information disclosure. CVE-2023-42917 also affects WebKit and allows for arbitrary code execution. "Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1."
🔗 cisa.gov/news-events/alerts/20

00·16 hours ago·
Profile picture

🏴‍☠️ Google researchers report critical zero-days in Chrome and all Apple OSes | Ars Technica

arstechnica.com/?p=1987731

#Cybersecurity #Chrome #iOS #iPadOS #MacOS #CVE20236345 #CVE202342916 #CVE202342917

00·17 hours ago·

CVE-2023-34060

VMware Cloud Director Appliance (VCD Appliance)

14 Nov 2023
Published
16 Nov 2023
Updated

CVSS
Pending

1 Post ‧ 1 Interaction

CVE Info

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present. VMware Cloud Director Appliance is impacted since it uses an affected version of sssd from the underlying Photon OS. The sssd issue is no longer present in versions of Photon OS that ship with sssd-2.8.1-11 or higher (Photon OS 3) or sssd-2.8.2-9 or higher (Photon OS 4 and 5).

Fediverse

Profile picture

On 30 November 2023 (16 days later), VMware released an official patch for VMware Cloud Director Appliance. 10.5.1 resolves CVE-2023-34060, an authentication bypass vulnerability that arises when Cloud Director Appliance is upgraded to 10.5 from an older version.
🔗 vmware.com/security/advisories

10·14 hours ago·

CVE-2023-6345

KEV
Google Chrome

29 Nov 2023
Published
29 Nov 2023
Updated

CVSS
Pending

1 Post

CVE Info

Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

Fediverse

Profile picture

🏴‍☠️ Google researchers report critical zero-days in Chrome and all Apple OSes | Ars Technica

arstechnica.com/?p=1987731

#Cybersecurity #Chrome #iOS #iPadOS #MacOS #CVE20236345 #CVE202342916 #CVE202342917

00·17 hours ago·

CVE-2023-4473

Zyxel NAS326 firmware

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS v3.1
CRITICAL (9.8)

1 Post ‧ 7 Interactions

CVE Info

A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Fediverse

Profile picture

advisory for authentication bypass and command injection vulnerabilities in products

CVE-2023-35137 - improper authentication
CVE-2023-35138 - command injection
CVE-2023-37927 - improper neutralization of special elements
CVE-2023-37928 - post auth command injection
CVE-2023-4473 - command injection
CVE-2023-4474 - improper neutralization of special elements

Fortunately, Zyxel has released patches for these. Update to the latest .

techspot.com/news/101025-zyxel

52·16 hours ago·

CVE-2023-4474

Zyxel NAS326 firmware

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS v3.1
CRITICAL (9.8)

1 Post ‧ 7 Interactions

CVE Info

The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Fediverse

Profile picture

advisory for authentication bypass and command injection vulnerabilities in products

CVE-2023-35137 - improper authentication
CVE-2023-35138 - command injection
CVE-2023-37927 - improper neutralization of special elements
CVE-2023-37928 - post auth command injection
CVE-2023-4473 - command injection
CVE-2023-4474 - improper neutralization of special elements

Fortunately, Zyxel has released patches for these. Update to the latest .

techspot.com/news/101025-zyxel

52·16 hours ago·

CVE-2023-35137

Zyxel NAS326 firmware

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS v3.1
HIGH (7.5)

1 Post ‧ 7 Interactions

CVE Info

An improper authentication vulnerability in the authentication module of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to obtain system information by sending a crafted URL to a vulnerable device.

Fediverse

Profile picture

advisory for authentication bypass and command injection vulnerabilities in products

CVE-2023-35137 - improper authentication
CVE-2023-35138 - command injection
CVE-2023-37927 - improper neutralization of special elements
CVE-2023-37928 - post auth command injection
CVE-2023-4473 - command injection
CVE-2023-4474 - improper neutralization of special elements

Fortunately, Zyxel has released patches for these. Update to the latest .

techspot.com/news/101025-zyxel

52·16 hours ago·

CVE-2023-37928

Zyxel NAS326 firmware

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS v3.1
HIGH (8.8)

1 Post ‧ 7 Interactions

CVE Info

A post-authentication command injection vulnerability in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an authenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Fediverse

Profile picture

advisory for authentication bypass and command injection vulnerabilities in products

CVE-2023-35137 - improper authentication
CVE-2023-35138 - command injection
CVE-2023-37927 - improper neutralization of special elements
CVE-2023-37928 - post auth command injection
CVE-2023-4473 - command injection
CVE-2023-4474 - improper neutralization of special elements

Fortunately, Zyxel has released patches for these. Update to the latest .

techspot.com/news/101025-zyxel

52·16 hours ago·

CVE-2023-35138

Zyxel NAS326 firmware

30 Nov 2023
Published
30 Nov 2023
Updated

CVSS v3.1
CRITICAL (9.8)

1 Post ‧ 7 Interactions

CVE Info

A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.

Fediverse

Profile picture

advisory for authentication bypass and command injection vulnerabilities in products

CVE-2023-35137 - improper authentication
CVE-2023-35138 - command injection
CVE-2023-37927 - improper neutralization of special elements
CVE-2023-37928 - post auth command injection
CVE-2023-4473 - command injection
CVE-2023-4474 - improper neutralization of special elements

Fortunately, Zyxel has released patches for these. Update to the latest .

techspot.com/news/101025-zyxel

52·16 hours ago·