Aggregator

01.NET内网安全攻防报刊小报童电子报刊【.NET内网安全攻防】也正式上线了，引入小报童也是为了弥补知识星球

HackerNews 编译，转载请注明出处： 黑客正积极利用热门TP-Link路由器中的漏洞发动攻击，这些路由器在亚马逊上拥有数万条用户评价。美国网络监管机构紧急呼吁用户停用无法获得安全更新的旧款路由器型号。 美国网络安全与基础设施安全局（CISA）已将TP-Link的一处命令注入漏洞添加到其“已知被利用漏洞目录”中。尽管该漏洞两年前已被发现，但此次目录更新表明网络犯罪分子近期正积极利用此漏洞实施攻击。 该命令注入漏洞被评定为高危级别（CVSS评分为8.8/10），攻击者可借此在未经授权的情况下向路由器执行恶意命令。CISA警告称：“此类漏洞常被恶意攻击者利用，对联邦机构构成重大风险。” 受影响的系列在消费市场广受欢迎： TP-Link TL-WR940N 450Mbps路由器：V2/V4硬件版本已终止支持周期，无法再获得安全更新。该型号新型号仍在亚马逊销售，拥有超9000条好评，其最后固件更新发布于2016年。 TP-Link TL-WR841N：V8/V10版本存在漏洞，最后固件更新发布于2015年。这款诞生于2005年的型号至今仍位居亚马逊路由器销量榜第165位，累计收获超77,000条评价，V11及更早版本均已终止支持。 TP-Link TL-WR740N：V1/V2版本同样存在漏洞，所有型号均已终止支持，相关版本已有15年未获更新。 漏洞原理与风险 概念验证攻击代码已在网络广泛流传。该漏洞存在于路由器网页管理界面——当设备处理GET请求中的特定参数时，未能正确验证用户输入，致使黑客可注入恶意命令。虽然暴露在公网且开启远程访问功能的路由器风险最高，但同一局域网内的攻击者同样可利用此漏洞。 应对措施 CISA严令联邦机构在2025年7月7日前从网络中移除这些路由器，并强烈建议所有机构采取相同措施。CISA强调：“用户应立即停止使用受影响产品。”       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as critical has been found in Samba up to 4.17.11/4.18.7/4.19.0. This affects an unknown part of the component smbd. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2023-3961. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Samba up to 4.17.11/4.18.7/4.19.0. This vulnerability affects unknown code of the component Kernel File System Handler. The manipulation leads to permission issues. This vulnerability was named CVE-2023-4091. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Samba up to 4.17.11/4.18.7/4.19.0. Affected is the function sleep of the component rpcecho Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-42669. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Samba up to 4.16.10/4.17.9/4.18.4. This affects an unknown part of the component SMB2 Packet Handler. The manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2023-3347. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in yt-dlp 2023.09.24.003044/2023.7.06/2023.11.14 and classified as critical. This issue affects some unknown processing of the component Working Directory Handler. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-38519. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124.0.0. It has been declared as problematic. This vulnerability affects unknown code of the component Event Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-29944. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Thunderbird. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-2614. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox ESR up to 115.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-2616. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 115.8. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-2616. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to up to 115.8. It has been classified as problematic. This affects the function SafeRefPtr. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-2612. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to up to 115.8. It has been declared as problematic. This vulnerability affects the function SafeRefPtr. The manipulation leads to use after free. This vulnerability was named CVE-2024-2612. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Pointer Lock Handler. The manipulation leads to clickjacking. This vulnerability is known as CVE-2024-2611. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-2614. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox. Affected is an unknown function of the component Pointer Lock Handler. The manipulation leads to clickjacking. This vulnerability is traded as CVE-2024-2611. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Track the Click Plugin up to 0.3.11 on WordPress. It has been classified as critical. Affected is an unknown function of the component REST Endpoint. The manipulation leads to sql injection. This vulnerability is traded as CVE-2023-5041. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in ExamSys 9150244. This issue affects some unknown processing of the file /Support/action/Pages.php. The manipulation of the argument s_score2 leads to sql injection. The identification of this vulnerability is CVE-2023-52285. Access to the local network is required for this attack to succeed. There is no exploit available.