|

|

Cybersecurity Updates: Vulnerabilities, September 16 – 22, 2024


Critical Severity Vulnerabilities

WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability | CVE-2024-6670: is a critical SQL injection vulnerability found in versions of WhatsUp Gold released before 2024.0.0. This vulnerability allows unauthenticated attackers to retrieve encrypted passwords from the database by sending specially crafted SQL queries. If exploited, this could lead to significant security breaches, such as compromising sensitive data and unauthorized access to the affected system.

Oracle WebLogic Server Remote Code Execution Vulnerability | CVE-2020-14644: is a remote code execution (RCE) vulnerability found in Oracle WebLogic Server. It occurs due to improper deserialization of data in the WebLogic Server Console component. If exploited, this vulnerability allows attackers with network access via T3, IIOP, or other protocols to execute arbitrary code on the affected server without authentication.

Oracle ADF Faces Deserialization of Untrusted Data Vulnerability | CVE-2022-21445: Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise the Oracle Application Development Framework (ADF). Successful attacks of this vulnerability can result in takeover of Oracle Application Development Framework (ADF).

Apache HugeGraph-Server Improper Access Control Vulnerability | CVE-2024-27348: RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.

Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability | CVE-2024-8963: is a critical vulnerability found in Ivanti’s Cloud Services Appliance (CSA). This flaw is a path traversal issue that allows remote, unauthenticated attackers to access restricted functionality on the appliance. When combined with CVE-2024-8190, it can enable attackers to bypass administrator authentication and execute arbitrary commands on the system.

High Severity Vulnerabilities

Windows MSHTML Platform Spoofing Vulnerability | CVE-2024-43461: This vulnerability allows attackers to spoof content, tricking users into believing they are interacting with a legitimate webpage or file when it is actually malicious. Attackers exploited this vulnerability by delivering specially crafted HTML applications (HTA files) disguised as benign files (e.g., PDFs). This led to arbitrary code execution, allowing them to install malware, steal sensitive information, or take control of the target system.

Adobe Flash Player Double Free Vulnerability | CVE-2014-0502: The vulnerability allows a remote attacker to execute arbitrary code on the affected system by tricking users into visiting a malicious webpage or opening an embedded Flash file. A double free occurs when a program tries to free the same memory space more than once, potentially leading to memory corruption. Attackers can exploit this to inject and run malicious code with the privileges of the user running Flash Player.

Adobe Flash Player Code Execution Vulnerability | CVE-2013-0648: This vulnerability occurs due to improper handling of objects in memory, allowing a remote attacker to execute arbitrary code by tricking a user into visiting a malicious website or opening a malicious Flash file. Attackers could leverage this vulnerability by injecting malware or taking control of the user’s machine if exploited successfully. It was part of a broader campaign where attackers used malicious Flash content on websites to compromise user systems.

Adobe Flash Player Integer Underflow Vulnerability | CVE-2014-0497: is a memory corruption vulnerability in Adobe Flash Player. It arises due to improper handling of objects in memory, allowing attackers to exploit this flaw by tricking users into visiting a malicious website or opening a malicious Flash file. If successfully exploited, the vulnerability enables a remote attacker to execute arbitrary code on the affected system.

Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability | CVE-2020-0618: A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka ‘Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability.

Medium Severity Vulnerabilities

SourceCodester Telecom Billing Management System login buffer overflow | CVE-2024-9088: A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used.

itsourcecode Online Bookstore admin_add.php unrestricted upload | CVE-2024-9036: A vulnerability was found in itsourcecode Online Bookstore 1.0. This issue affects some unknown processing of the file admin_add.php. The manipulation of the argument image leads to an unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Codezips Online Shopping Portal insert-product.php unrestricted upload | CVE-2024-9038: A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.