Aggregator

Submit #398209 / VDB-275929

A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. This vulnerability was named CVE-2024-8217. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #398205 / VDB-275928

Submit #398204 / VDB-275927

Как одна учетная запись привела к краху IT-инфраструктуры.

A vulnerability, which was classified as critical, was found in MongoDB Server up to 5.0.13/6.0.2 on Linux. This affects an unknown part of the component Library Handler. The manipulation leads to process control. This vulnerability is uniquely identified as CVE-2024-8207. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Submit #398157 / VDB-275926

Submit #397985 / VDB-221739

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument recipt_no leads to improper access controls. This vulnerability is handled as CVE-2024-8216. The attack may be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

回复口令[加油]：“平淡如水”，获取今日最新情报！ tips强烈推荐[啤酒]：https://tix.qq.com - 高阶版免费体验：查询额度权益 - 每日最新封禁IOC获取 - 专家IP鉴定分析权限

Submit #393532 / VDB-275924

Why Did it Take So Long to Notify Regulators and Affected Patients?
A small rural Alabama hospital is notifying more than 61,000 patients that their sensitive information was potentially compromised in an October 2023 hacking incident. Why the many months-long delay in notifying regulators and affected individuals?

Activists Raise Concerns Over Privacy and Hostility to End-to-End Encryption
The Saturday evening arrest of Telegram CEO Pavel Durov by French law enforcement agencies thrust the already controversial social media platform further into the international spotlight as Paris authorities said the Russian billionaire will likely remain in custody at least through Wednesday.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-38856  Apache OFBiz Incorrect Authorization Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Versa Networks has released an advisory for a vulnerability (CVE-2024-39717) in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers (ISPs) and Managed Service Providers (MSPs). A cyber threat actor could exploit this vulnerability to take control of an affected system. 

CISA urges organizations to apply necessary updates, hunt for any malicious activity, report any positive findings to CISA, and review the following for more information: 

• Versa Security Bulletin: Update on CVE-2024-39717 – Versa Director Dangerous File Type Upload Vulnerability 

• Lumen: Taking the Crossroads: The Versa Director Zero-Day Exploitation 

CISA has added this vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.

Шадаев анонсировал новую стратегию Минцифры.

Malware is evolving faster than ever. As security measures improve, so do the techniques used to bypass them. This ongoing arms race has led to increasingly sophisticated obfuscation methods that challenge even seasoned analysts.  This blog post will explore some of the cutting-edge obfuscation tactics we’re seeing in the wild. We’ll break down how they […]

The post 6 Common Obfuscation Methods in Malware  appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected by this vulnerability is the function cgi_FMT_Std2R5_2nd_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2024-8214. The attack can be launched remotely. Furthermore, there is an exploit available. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. It is recommended to replace the affected component with an alternative.

A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is the function cgi_FMT_R12R5_1st_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2024-8213. It is possible to launch the attack remotely. Furthermore, there is an exploit available. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. It is recommended to replace the affected component with an alternative.