Wöchentliches Briefing: Top 5 Hacker-relevante Schwachstellen

Image cover for blog post.

15.11.2024

Profile image of ENTRYZERO

ENTRYZERO

Alle 15 Minuten tritt eine neue Schwachstelle auf, was zu durchschnittlich etwa 650 neuen Schwachstellen pro Woche führt – eine überwältigende Rate, die schwer zu bewältigen ist. Die durchschnittlichen Kosten eines Sicherheitsvorfalls sind weltweit auf ein Rekordhoch von 4,45 Millionen US-Dollar gestiegen. Um Organisationen zu helfen, ihre Ressourcen effektiv zuzuweisen und sich auf die risikoreichsten Schwachstellen zu konzentrieren, entwickeln wir einen neuartigen, entscheidungsbaum-basierten Priorisierungsansatz. Dieser wird auf Basis von über 100.000 Schwachstellen- und Bedrohungsinformationen trainiert und erweitert Industriestandards wie CVSS und EPSS, um das Echtzeitrisiko und den Kontext neuer Schwachstellen besser zu erfassen (ein großes Dankeschön an VulnCheck für die Bereitstellung umfassender und aktueller CVE-Daten). In dieser Serie präsentieren wir die Top 5 Schwachstellen der Woche, basierend auf einem Teilbaum unseres Modells.

Product | Access Vector | Description | CVE | References

Calendar Week 46 2024

  1. Rocket.Chat | Unauthenticated Remote Attack | Server-Side Request Forgery (SSRF) Vulnerability | CVE-2024-39713 | Details, PoC

  2. D-Link NAS Devices | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-10914 | Details, PoC

  3. Fortinet FortiManager | Unauthenticated Remote Attack | Missing Authentication Vulnerability | CVE-2024-47575 | Details, PoC

  4. Nginx UI | Unauthenticated Remote Attack | Logrotate Misconfiguration Vulnerability | CVE-2024-49368 | Details, PoC

  5. LiteSpeed Cache | Unauthenticated Remote Attack | Insufficiently Protected Credentials Vulnerability | CVE-2024-44000 | Details, PoC

Calendar Week 45 2024

  1. Jenkins Command Line Interface | Unauthenticated Remote Attack | Path Traversal Vulnerability | CVE-2024-23987 | Details, PoC

  2. ScienceLogic SL1 | Unauthenticated Remote Attack | Remote Code Execution Vulnerability | CVE-2024-9537 | Details

  3. Cisco Ultra-Reliable Wireless Backhaul Access Points | Unauthenticated Remote Attack | Improper Input Validation Vulnerability | CVE-2024-20418 | Details

  4. HPE Aruba Networking Access Points | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-42509 | Details

  5. Symphony PHP framework | Unauthenticated Remote Attack | Improper Input Validation Vulnerability | CVE-2024-50340 | Details, PoC

Calendar Week 44 2024

  1. CyberPanel | Unauthenticated Remote Attack | Authentication Bypass and Command Injection Vulnerabilities | CVE-2024-51567, CVE-2024-51378 | Details, PoC1, PoC2

  2. RoundCube Webmail | Unauthenticated Remote Attack | Cross-Site Scripting (XSS) Vulnerability | CVE-2024-37383 | Details, PoC

  3. PyTorch | Unauthenticated Remote Attack | Insecure Deserialization Vulnerability | CVE-2024-48063 | Details, PoC

  4. Microsoft Sharepoint | Authenticated Remote Attack | Insecure Deserialization Vulnerability | CVE-2024-38094 | Details

  5. Microsoft Windows Server | Authenticated Remote Attack | Elevation of Privilege Vulnerability | CVE-2024-43532 | Details

Calendar Week 43 2024

  1. Grafana | Authenticated Remote Attack | Code Injection Vulnerability | CVE-2024-9264 | Details, PoC1, PoC2

  2. pfSense | Unauthenticated Remote Attack | Cross-Site Scripting (XSS) Vulnerability | CVE-2024-46538 | Details, PoC

  3. Fortinet FortiManager | Unauthenticated Remote Attack | Missing Authentication Vulnerability | CVE-2024-47575 | Details1, Details2

  4. WordPress TI WooCommerce Wishlist Plugin | Unauthenticated Remote Attack | SQL Injection Vulnerability | CVE-2024-43917 | Details, PoC

  5. WordPress Premium ARForms Form Builder Plugin | Unauthenticated Remote Attack | Unauthenticated File Upload Vulnerability | CVE-2024-4620 | Details, PoC

Calendar Week 42 2024

  1. ConnectWise ScreenConnect | Unauthenticated Remote Attack | Authentication Bypass Vulnerability | CVE-2024-1709 | Details

  2. GitHub Enterprise Server | Unauthenticated Remote Attack | Improper Verification of Cryptographic Signature | CVE-2024-9487 | Details

  3. Ruby SAML | Unauthenticated Remote Attack | Improper Verification of SAML Response Signature | CVE-2024-45409 | Details, PoC

  4. Mozilla Firefox and Firefox ESR | Unauthenticated Remote Attack | Use After Free Vulnerability | CVE-2024-9680 | Details, PoC

  5. Veeam Backup and Replication | Unauthenticated Remote Attack | Deserialization of Untrusted Data Vulnerability | CVE-2024-40711 | Details, PoC

Calendar Week 41 2024

  1. Palo Alto Networks Expedition | Unauthenticated Remote Attack | OS and SQL Injection Vulnerabilities | CVE-2024-9463, CVE-2024-9464, CVE-2024-9465 | Details, PoC1, PoC2

  2. Mozilla Firefox and Firefox ESR | Unauthenticated Remote Attack | Use After Free Vulnerability | CVE-2024-9680 | Details

  3. Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb | Unauthenticated Remote Attack | Format String Vulnerability | CVE-2024-23113 | Details

  4. Windows RDP | Unauthenticated Remote Attack | Use After Free Vulnerability | CVE-2024-43582 | Details

  5. PostgreSQL pgAdmin | Unauthenticated Remote Attack | Insufficiently Protected Credentials in OAuth2 Authentication | CVE-2024-9014 | Details, PoC

Calendar Week 40 2024

  1. Cisco IOS XE | Unauthenticated Remote Attack | Improper Resource Management Vulnerability | CVE-2024-20467 | Details

  2. OpenPrinting CUPS | Unauthenticated Remote Attack | Binding to an Unrestricted IP Address and Input Validation Vulnerabilities | CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177 | Details, PoC1, PoC2

  3. Check Point Quantum Security Gateways | Unauthenticated Remote Attack | Information Disclosure Vulnerability | CVE-2024-24919 | Details, PoC

  4. Synacor Zimbra Collaboration | Unauthenticated Remote Attack | Improper Access Control Vulnerability | CVE-2024-45519 | Details, PoC

  5. Broadcom VMware vCenter Server | Unauthenticated Remote Attack | Heap Overflow Vulnerability | CVE-2024-38812 | Details

Calendar Week 39 2024

  1. OpenPrinting CUPS | Unauthenticated Remote Attack | Binding to an Unrestricted IP Address and Input Validation Vulnerabilities | CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177 | Details, PoC

  2. Aruba Access Points | Unauthenticated Remote Attack | Command Injection Vulnerabilities | CVE-2024-42505, CVE-2024-42506, CVE-2024-42507 | Details

  3. Cisco Smart Licensing Utility | Unauthenticated Remote Attack | Use of Hard-coded Credentials Vulnerability | CVE-2024-20439 | Details, PoC

  4. MediaTek Wi-Fi Chipsets | Unauthenticated Remote Attack | Out-of-Bounds Write Vulnerability | CVE-2024-20017 | Details, PoC

  5. Keycloak | Authenticated Remote Attack | Improper Signature Verification Vulnerability | CVE-2024-8698 | Details

Calendar Week 38 2024

  1. Apache HugeGraph | Unauthenticated Remote Attack |  Improper Access Control Vulnerability | CVE-2024-27348 | Details, PoC

  2. Ivanti Endpoint Manager | Unauthenticated Remote Attack | Improper Deserialization of Untrusted Data Vulnerability | CVE-2024-29847 | Details, PoC

  3. Thinkphp | Unauthenticated Remote Attack | Improper Deserialization of Untrusted Data Vulnerability | CVE-2024-44902 | Details, PoC

  4. Raisecom Gateway Devices | Unauthenticated Remote Attack | Command Injection Vulnerability | Details, PoC

  5. Broadcom vCenter Server | Unauthenticated Remote Attack | Heap Overflow Vulnerability | Details

Calendar Week 37 2024

  1. Kemp LoadMaster | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-1212 | Details, PoC

  2. Qualitor ITSM | Unauthenticated Remote Attack | Arbitrary File Upload Vulnerability | CVE-2024-44849 | Details, PoC

  3. Apache OFBiz | Unauthenticated Remote Attack | Server-Side Request Forgery Vulnerability | CVE-2024-45507 | Details, PoC

  4. SonicWall SonicOS | Unauthenticated Remote Attack | Improper Access Control Vulnerability | CVE-2024-40766 | Details

  5. GitLab CE/EE | Authenticated Remote Attack | Pipeline Execution Vulnerability | CVE-2024-6678 | Details

Calendar Week 36 2024

  1. Cisco Smart Licensing Utility | Unauthenticated Remote Attack | Sensitive Information in Log Files and Static Admin Credentials Vulnerabilities | CVE-2024-20439, CVE-2024-20440 | Details, PoC1, PoC2

  2. Veeam Backup & Replication | Unauthenticated Remote Attack | Remote Code Execution Vulnerability | CVE-2024-40711 | Details

  3. Ivanti Virtual Traffic Manager | Unauthenticated Remote Attack | Admin Authentication Bypass Vulnerability | CVE-2024-7593 | Details, PoC

  4. Zyxel APs and Security Router Devices | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-7261 | Details

  5. WhatsUp Gold | Unauthenticated Remote Attack | SQL Injection Vulnerability | CVE-2024-6670 | Details, PoC

Calendar Week 35 2024

  1. Wordpress Litespeed Cache | Unauthenticated Remote Attack | Incorrect Privilege Assignment Vulnerability | CVE-2024-28000 | Details, PoC

  2. AVTECH IP Cameras | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-7029 | Details, PoC

  3. Apache OFBiz | Unauthenticated Remote Attack | Path Traversal and Incorrect Authorization Vulnerabilities | CVE-2024-32113, CVE-2024-38856 | Details, PoC1, PoC2

  4. Google Chromium V8 | Unauthenticated Remote Attack | Confusion and Inappropriate Implementation Vulnerabilities | CVE-2024-5274, CVE-2024-7965 | Details, Details, PoC1

  5. SonicWall SonicOS | Unauthenticated Remote Attack | Improper Access Control Vulnerability | CVE-2024-40766 | Details

Calendar Week 34 2024

  1. GitHub Enterprise Server | Unauthenticated Remote Attack | Authentication Bypass Vulnerability | CVE-2024-6800 | Details

  2. Ingress Nginx Controller | Authenticated Remote Attack | Annotation Validation Bypass Vulnerability | CVE-2024-7646 | Details, PoC

  3. ServiceNow | Unauthenticated Remote Attack | Input Validation and Incomplete List of Disallowed Inputs Vulnerabilities | CVE-2024-5217, CVE-2024-4879 | Details, PoC1, PoC2

  4. Dahua IP Cameras, Video Intercom, NVR, XVR devices | Unauthenticated Remote Attack | Authentication Bypass Vulnerabilities | CVE-2021-33044, CVE-2021-33045 | Details, PoC

  5. Apache HTTP Server | Unauthenticated Remote Attack | Substitution Encoding Vulnerabilities | CVE-2024-38474, CVE-2024-38475 | Details, PoC

Calendar Week 33 2024

  1. TOTOLINK EX1800T and A3700R | Unauthenticated Remote Attack | Command Injection Vulnerabilities | CVE-2024-34257, CVE-2023-46574 | Details, PoC1, PoC2

  2. Windows 10, 11, and Server | Unauthenticated Remote Attack | TCP/IP Buffer Overflow Vulnerability in IPv6 Stack | CVE-2024-38063 | Details, PoC

  3. VMware ESXi | Authenticated Remote Attack | Authentication Bypass Vulnerability | CVE-2024-37085 | Details, PoC

  4. SolarWinds Web Help Desk | Unauthenticated Remote Attack | Deserialization of Untrusted Data Vulnerability | CVE-2024-28986 | Details

  5. Ivanti Virtual Traffic Manager | Unauthenticated Remote Attack | Admin Authentication Bypass Vulnerability | CVE-2024-7593 | Details

Calendar Week 33 2024

  1. Cacti Network Monitoring and Fault Management Framework | Unauthenticated Remote Attack | Command Injection Vulnerability | CVE-2024-29895 | Details, PoC

  2. Jenkins | Unauthenticated Remote Attack | Path Traversal Vulnerability | CVE-2024-43044 | Details, PoC

  3. ServiceNow | Unauthenticated Remote Attack | Input Validation and Incomplete List of Disallowed Inputs Vulnerabilities | CVE-2024-5217, CVE-2024-4879 | Details, PoC1, PoC2

  4. Progress WhatsUpGold | Unauthenticated Remote Attack | Improper Path Validation Vulnerability | CVE-2024-4885 | Details, PoC

  5. Apache OFBiz | Unauthenticated Remote Attack | Path Traversal and Incorrect Authorization Vulnerabilities | CVE-2024-32113, CVE-2024-38856 | Details, PoC1, PoC2

Alle Rechte vorbehalten von ENTRYZERO GmbH

Website by Sanico Software

IMPRESSUM: ENTRYZERO GmbH, Grabenstraße 38, 44787 Bochum, Sitz: Bochum, Registergericht: Amtsgericht Bochum, HRB Nr.: 21709, USt-IdNr: DE369315057, Geschäftsführer: Dr. Mohamad Sbeiti, Samet Gökbayrak, Tel.: +49 151 56561989, E-Mail: info@entryzero.ai

DATENSCHUTZERKLÄRUNG: Diese Website erhebt keine personenbezogenen Daten. Wir verwenden keine Cookies, Tracker, Formulare oder ähnliche Technologien. Durch den Besuch unserer Website erklären Sie sich jedoch damit einverstanden, dass bei jeder Seitenanfrage die folgenden nicht-personenbezogenen Informationen zu statistischen Zwecken, zur Erkennung/Verhinderung von Eindringversuchen und zur Fehlerbehebung auf dem Webserver gespeichert werden: angeforderte Adresse (URL), Anfragedatum und -uhrzeit, IP-Adresse des Clients, User-Agent und Referer. Es werden keine Informationen an Dritte weitergegeben oder mit Dritten geteilt