ABB Cylon Aspect version 3.08.01 BMS/BAS controller suffers from a remote code execution vulnerability. The vulnerable uploadFile() function in bigUpload.php improperly reads raw POST data using the php://input wrapper without sufficient validation. This data is passed to the fwrite() function, allowing arbitrary file writes. Combined with an improper sanitization of file paths, this leads to directory traversal, allowing an attacker to upload malicious files to arbitrary locations. Once a malicious file is written to an executable directory, an authenticated attacker can trigger the file to execute code and gain unauthorized access to the building controller.
da48953d86e3e633d210a21a755ad55098b6f12fdc0866504b37f9828d654fc5ABB Cylon Aspect version 3.08.01 MS/BAS controller suffers from an arbitrary file deletion vulnerability. Input passed to the file parameter in databasefiledelete.php is not properly sanitized before being used to delete files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using directory traversal sequences passed within the affected POST parameter.
5dbc986f6601c3bda5e54887231d2fa175f92f4f522e9ef2bc6cd9d2c722d9d9Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
8c99e850b8cc489e1f1607ffd2c922cb3802cf9159bd23abcbb331499a9dd22cThis Metasploit module exploits a remote code execution vulnerability in Traccar versions 5.1 through 5.12. Remote code execution can be obtained by combining path traversal and an unrestricted file upload vulnerabilities. By default, the application allows self-registration, enabling any user to register an account and exploit the issues. Moreover, the application runs by default with root privileges, potentially resulting in a complete system compromise. This Metasploit module, which should work on any Red Hat-based Linux system, exploits these issues by adding a new cronjob file that executes the specified payload.
0bc1add3ef020b8c6e70e1d2ec3bfd3d9c59d68531db58229710061c08ef8c2eUbuntu Security Notice 7030-1 - It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into extracting a specially crafted 7z archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host.
2bfb521c06914c0ab18ef41afbccc0e489130e6851f8731294fac550a8cd4a0bGentoo Linux Security Advisory 202409-24 - Multiple vulnerabilities have been found in Tor, the worst of which could result in denial of service. Versions greater than or equal to 0.4.8.9 are affected.
dcdb6938d55466a369a100e3406d9752f6a1d4460cc68ced7912fc9772b5a207Gentoo Linux Security Advisory 202409-23 - A vulnerability has been found in ZNC which could result in remote code execution. Versions greater than or equal to 1.9.1 are affected.
5276eaec5d294b149dd777f15a54635b812994f30b09515c6729b4c0b8503229A mitigation bypass / privilege escalation flaw has been discovered in Apple's iOS Screen Time functionality, granting one access to modify the restrictions. It allows a local attacker to acquire the Screen Time Passcode by bypassing the anti-bruteforce protections on the four-digit Passcode, and in consequence gaining total control over Screen Time (Parental Control) settings. Versions lower than 18 are affected.
75666d1dc71fb63eadc1180b8fde8bebebfa673977a37f948bb5e8bd009bd6f8Ubuntu Security Notice 7029-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.
23a7a47e5cb2c5a81b2a75efe93b379e63edd93720e34aaa0c1769e34132c3afNetman 204 version 4.05 suffers from remote SQL injection and unauthenticated password reset vulnerabilities.
9c87235443244a564a179cec6442609a57be8b1bcb3c5c9b1b6a264fe45368e8Gentoo Linux Security Advisory 202409-22 - A vulnerability has been discovered in GCC, which can lead to flawed code generation. Versions greater than or equal to 10.0 are affected.
bac25d9054ff835bb15bbfe7a279fbf18a38e72b5a0e38cb77ad397ed9e5a7c1Elaine's Realtime CRM Automation version 6.18.17 suffers from a cross site scripting vulnerability.
4b49b8787ad3de23e5938175a4235b63ac86724d249f7e14581b817cf1993384Ubuntu Security Notice 7007-3 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.
ef3c54a1054dde36cb3bb88462606dc7b4117a7ccefd9ff9d1de96a5c1e0b601PHP ACRSS version 1.0 suffers from a cross site request forgery vulnerability.
eae5bd10e0e3c0cb032d26f40702865ee30f2c293fef75064a152ed20917169eGentoo Linux Security Advisory 202409-21 - Multiple vulnerabilities have been discovered in Hunspell, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.1 are affected.
ec0c79de8e52535ee9af2ba078d9138f5de736bb282e88eca2bc85799ba039aaReservation Management System version 1.0 suffers from a backup disclosure vulnerability.
3fdb31b63dd3dffcc359c8fe22cdbfc2692c268e17a6a1cc41302fd995ff1353Rail Pass Management System version 1.0 suffers from an ignored default credential vulnerability.
9b616ee5d482ef2ecfbd81ee24873eba218fd61e3ce0cb54a3da94dd2290af0aRed Hat Security Advisory 2024-7052-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a denial of service vulnerability.
0ebcc4a3e61c5e4a67b2ab4b3e1b13d0fcbe2ff61b50aaa731975509da741278Red Hat Security Advisory 2024-7005-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
049ea29d306ce724f6e68a6b58d0db1fc5041caf0f546850e8b5cfb9eea67cdfRed Hat Security Advisory 2024-7004-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
dc3c5d30a4d64e72060b5a6b6cfce530454c1575f7163536bc9e679266667939PreSchool Enrollment System version 1.0 suffers from an ignored default credential vulnerability.
1d66855ad31d525ff1cd0aa67b987d6891d1fdd6e724a205e60af70bec92a07dPHP SPM version 1.0 suffers from a cross site request forgery vulnerability.
25519b806495665c5736468ca62dfab30a516399cf5e67d1acce326963a8b403Red Hat Security Advisory 2024-7003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include code execution and use-after-free vulnerabilities.
f5f3623ce18bfedef1df3b35b648def4e5367dabeb77d024bd2af317d581f432Ubuntu Security Notice 7021-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
d463b70754ae77b8d76a2f63079f954ac5540780f82f494a64ef54d0fd4ac7efRed Hat Security Advisory 2024-7002-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include code execution, null pointer, and use-after-free vulnerabilities.
bcb30235b9540c6741f9560c01ee3d3305536ea741d3e392b5c83e04abb796e9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed