|

|

Cybersecurity Updates: Vulnerabilities, August 19-25, 2024


CRITICAL SEVERITY VULNERABILITIES

TOTOLINK AC1200 T8 and AC1200 T10 | CVE-2024-8573: This is a critical vulnerability affecting TOTOLINK AC1200 T8 and AC1200 T10 routers running firmware versions 4.1.5cu.861_B20230220 and 4.1.8cu.5207, specifically within the setParentalRules function of the /cgi-bin/cstecgi.cgi file. The vulnerability allows remote attackers to exploit a buffer overflow by manipulating the ‘desc’ argument, posing significant risks to the confidentiality, integrity, and availability of affected systems.

SonicWall SonicOS Improper Access Control | CVE-2024-40766: An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

Microsoft Windows Update Remote Code Execution Vulnerability | CVE-2024-43491: Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support.

VICIdial Unauthenticated SQL Injection | CVE-2024-8503: A critical vulnerability affecting VICIdial, where an unauthenticated attacker can exploit a time-based SQL injection to enumerate database records. This vulnerability poses a high risk due to the default storage of plaintext credentials in the database, leading to potential unauthorized access and data breaches.

HIGH SEVERITY VULNERABILITIES

Linux Kernel PIE Stack Buffer Corruption | CVE-2017-1000253: Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat.

ImageMagick Improper Input Validation CVE-2016-3714: The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka “ImageTragick.”

Microsoft Windows Installer Privilege Escalation Vulnerability | CVE-2024-38014: With a severity of Important and a CVSS score of 7.8. An attacker exploiting this vulnerability could gain SYSTEM-level privileges, allowing complete control over the affected system. According to Microsoft, the proof-of-concept kit for exploiting the vulnerability is not yet publicly available.

MEDIUM SEVERITY VULNERABILITIES

itsourcecode Tailoring Management System ssms.php sql injection CVE-2024-8611: A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /report/ParkOutRecord/GetDataList. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

ZZCMS eginfo.php information disclosure | CVE-2024-7925: A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

itsourcecode Project Expense Monitoring System print.php sql injection | CVE-2024-7935: A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipulation of the argument map_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

iheap-buffer-overflow in do_search() in Vim < 9.1.0689 | CVE-2024-43790: Vim is an open-source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed.

iMage AI git content request remote arbitrary file leak | CVE-2024-45189: Mage AI allows remote users with the “Viewer” role to leak arbitrary files from the Mage server due to a path traversal in the “Git Content” request.