Aggregator

CVE-2024-7922 | D-Link DNS-1550-04 up to 20240814 /cgi-bin/myMusic.cgi command injection

VulDB Recent Entries
1 year 7 months ago
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_audio_search/cgi_create_playlist/cgi_get_album_all_tracks/cgi_get_alltracks_editlist/cgi_get_artist_all_album/cgi_get_genre_all_tracks/cgi_get_tracks_list/cgi_set_airplay_content/cgi_write_playlist of the file /cgi-bin/myMusic.cgi. The manipulation leads to command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2024-7922. The attack may be launched remotely. Furthermore, there is an exploit available. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. It is recommended to replace the affected component with an alternative.
vuldb.com

Experts warn of exploit attempt for Ivanti vTM bug

Security Affairs
1 year 7 months ago
Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit attempt based on the public proof of concept (PoC) for the Ivanti vTM bug, CVE-2024-7593. In Mid-August, Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS […]
Pierluigi Paganini

19th August – Threat Intelligence Report

Check Point Research
1 year 7 months ago

For the latest discoveries in cyber research for the week of 19th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The campaign of United States presidential nominee Donald Trump has had its internal communications hacked and leaked, allegedly by an Iranian threat actor. This aligns with Microsoft’s previous identification of a related […]

The post 19th August – Threat Intelligence Report appeared first on Check Point Research.

hagarb

Managed ad