CRITICAL SEVERITY VULNERABILITIES
TOTOLINK AC1200 T8 and AC1200 T10 | CVE-2024-8573: A critical vulnerability affecting TOTOLINK AC1200 T8 and AC1200 T10 routers running firmware versions 4.1.5cu.861_B20230220 and 4.1.8cu.5207, specifically within the setParentalRules function of the /cgi-bin/cstecgi.cgi file. The vulnerability allows remote attackers to exploit a buffer overflow by manipulating the ‘desc’ argument, posing significant risks to the confidentiality, integrity, and availability of affected systems.
SonicWall SonicOS Improper Access Control | CVE-2024-40766: An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
Microsoft Windows Update Remote Code Execution Vulnerability | CVE-2024-43491: Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support.
VICIdial Unauthenticated SQL Injection | CVE-2024-8503: An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
HIGH SEVERITY VULNERABILITIES
Linux Kernel PIE Stack Buffer Corruption | CVE-2017-1000253: Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the “gap” between the stack and the binary.
ImageMagick Improper Input Validation | CVE-2016-3714: ImageMagick, a popular open-source image processing library, contains an improper input validation vulnerability that affects multiple coders, including EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT. This flaw allows a remote attacker to execute arbitrary code by crafting an image with malicious shell metacharacters.
Microsoft Windows Installer Privilege Escalation Vulnerability | CVE-2024-38014: A severity of Importance and a CVSS score of 7.8. An attacker exploiting this vulnerability could gain SYSTEM-level privileges, allowing complete control over the affected system. According to Microsoft, the proof-of-concept kit for exploiting the vulnerability is not yet publicly available.
Microsoft Publisher Security Feature Bypass Vulnerability | CVE-2024-38226: This means that an attacker could potentially bypass security features in Microsoft Publisher to execute malicious code. An attacker could exploit this vulnerability to bypass security features and execute malicious code on an affected system. Microsoft has confirmed that this vulnerability is being actively exploited in the wild.
MEDIUM SEVERITY VULNERABILITIES
itsourcecode Tailoring Management System ssms.php sql injection | CVE-2024-8611: A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file ssms.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability | CVE-2024-38217: Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System | CVE-2024-8705: A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDataKindByType of the file /DataSrvs/UCCGSrv.asmx. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Leave a Reply