Introduction Introducing WPAD Web Proxy Auto-Discovery or WPAD provides organizations with a way to automatically configure a proxy server on the system; This feature means that you don’t need to set it manually in the organization. Introduction of NetBIOS and NetBIOS Name NetBIOS is a program that enables the communication between different computers within a…
Vulnerable Platform: Servers running Apache version 2.4.49. Security patch release date: 2021-10-05 version 2.4.50 Vulnerability type: path traversal Access resulting from using this vulnerability: unauthenticated remote code execution (if CGI mode is enabled) Introduction Apache version 2.4.49 was provided to improve URL validation, but the same changes made in this version caused the CVE-2021-41773…
Introducing the exploit Vulnerable platform: Oracle WebLogic Server Vulnerable versions: 10.3.6.0.0 to 14.1.1.0.0 Security patch release date: October 2020 Vulnerable module: Console component Vulnerability Type: Unauthenticated Remote Code Execution Introduction The vulnerability named CVE-2020-14882, which has a very high-risk level (CVSS 9.8), exists in the Console component of the Weblogic Server software. By using…
ID: CVE-2022-26809 Rating: 9.8 (out of 10) Severity: Critical Vulnerability: Remote code execution Error Type: Integer overflow in rpcrt4.dll Additional information Microsoft has fixed a new vulnerability in Windows RPC CVE-2022-26809, which has raised concerns among security researchers because of its potential for widespread and significant cyber attacks. Therefore, all organizations should apply Windows security…
ID: CVE-2022-22965 CVSS: 9.8 of 10 Severity: Critical Type: Remote Code Execution Error type: Parameters binding error in the “getCachedIntrospectionResults” method Technical Explanation Spring Core on its versions after JDK9, is vulnerable to a security flaw related to an old vulnerability (CVE-2010-1622), and currently, any represented solutions for that time are bypassed. Spring core is…
It was exactly one month ago, that we published our findings of the first real-world rootkit infecting HP iLO firmware. Along with the detailed report about the malware, its modules, and technical capabilities, we noted a simple method to detect the malware relying on the firmware UI’s appearance. As there was no tool for detecting…
ID: CVE-2021-44228 Score: 10 (Of 10) CVSS: Critical Type of vulnerability: Remote Code Execution Error type: Code injection Additional information A critical vulnerability (CVE-2021-44228) in the popular open-source library Apache Log4j threatens thousands of third-party applications and services that use this library. Published code to exploit a vulnerability indicates an attacker can use RCE (Remote…
Identification: CVE-2021-42321 CVSS: 8.8 of 10 Risk factor: high Type of vulnerability: remote code execution Type of the bug: incorrect authentication of .command-let (cmdlet) arguments Technical explanation This tracked security flaw known as CVE-2021-42321 that impacts Exchange Server 2016 and Exchange Server 2019, and according to Microsoft security advice, it occurs due to the incorrect…
Risk factor: very dangerous Score: 8.8 of 10 Type of vulnerability: remote code execution This bug which is identified as CVE-2021-34527, allows the intruder to abuse this vulnerability, and remotely execute codes with System-level access when Windows Print Spooler, improperly, executes a file with a high level of accessibility. To abuse this vulnerability, it is…
Identification: CVE-2021-31166 Score: 9.8 from 10 Risk factor: Highly dangerous Type of vulnerability: remote code execution Type of the bug: use-after-free in the http!UlpParseContentCoding of HTTP.sys drive Date of releasing the patch by Microsoft: 11-5-2021 This bug is known as “CVE-2021-31166” is found in HTTP Protocol Stack (HTTP.sys) and is used by Windows Internet Information…