Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by...
Author: NSFOCUS
Drupal Code Execution Vulnerability Analysis
Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related...
ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections
It is no surprise that everyone, including organizations, are vulnerable to a large amount of threats on a daily basis. In Q3 of 2016 alone, Panda Labs captured 18 million new malware samples; that is not including samples detected by other companies. Furthermore, in a study done by Friedrich-Alexander University...
Local Privilege Escalation Vulnerability in Latest Ubuntu Server
The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability. Currently Ubuntu has not released the patch yet. Affected version: Currently we know:...
Remote Code Execution Vulnerability in ManageEngine Applications Manager 13.5
Recently, researchers discovered a serious remote code execution (RCE) vulnerability (CVE-2018-7890) in ManageEngine Applications Manager. Vulnerabilities originate from the publicly accessible testCredential.do endpoint, which can result in remote code execution when validating user-supplied credentials. At present, no official version has been released to fix this vulnerability. Reference links: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7890 https://www.securityfocus.com/bid/103358 https://pentest.blog/advisory-manageengine-applications-manager-remote-code-execution-sqli-and/...
