Adeline Zhang

Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2020-0618) Threat Alert

March 3, 2020

Vulnerability Description

On February 12, Microsoft released a security update to announce the fix of the remote code execution vulnerability (CVE-2020-0618) in Microsoft SQL Server Reporting Services. SQL Server, developed by Microsoft, is a relational database management system (RDBMS) that is widely used in the world. (more…)

Apache Tomcat File Inclusion Vulnerability (CVE-2020-1938) Threat Alert

March 2, 2020

Vulnerability Description

On February 20, China National Vulnerability Database (CNVD) released an Apache Tomcat file inclusion vulnerability (CNVD-2020-10487/CVE-2020-1938). This vulnerability is due to a flaw in the Tomcat Apache JServ Protocol (AJP). An attacker could exploit this vulnerability to read arbitrary files from a web application directory on the server. If the target server also provides the file upload function, the attacker can further implement remote code execution. Currently, the vendor has released new versions to fix this vulnerability. Tomcat is an important project of the Apache Software Foundation (ASF). Owing to its stable performance and availability for free use, it is quite a popular web application server. Considering the widespread deployment of Tomcat, the vulnerability in question affects a large number of users. Tomcat users should take preventive measures to fix this vulnerability as soon as possible.

(more…)

Django SQL Injection (CVE-2020-7471) Threat Alert

February 28, 2020

Vulnerability Description

On February 3, Django Software Foundation (DSF) released a security bulletin, announcing the fix of a SQL injection vulnerability (CVE-2020-7471) that is exploited via a StringAgg delimiter. An attacker could break escaping and inject malicious SQL statements by passing a crafted delimiter to the aggregation function contrib.postgres.aggregates.StringAgg. (more…)

IP Reputation Report-02232020

February 27, 2020

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 23, 2020.

(more…)

Microsoft Multiple Products Critical Vulnerabilities Threat Alert

February 26, 2020

Vulnerability Description

On February 12, 2020, Microsoft released February security update that fixed 100 security issues, including critical vulnerabilities like privilege escalation and remote code execution, found in Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Office, and other widely used applications. (more…)

Apache Dubbo Deserialization Vulnerability (CVE-2019-17564) Threat Alert

February 25, 2020

Overview

Recently, researchers from the Chekmarx team discovered and released a deserialization vulnerability (CVE-2019-17564) existing in Apache Dubbo.

Apache Dubbo is a high-performance Java RPC framework. This vulnerability exists in Dubbo application which has the HTTP protocol enabled for communication. An attacker could exploit this vulnerability by submitting a POST request with a Java object, thereby completely compromising a Provider instance of Apache Dubbo. (more…)

Adobe Security Bulletins for February 2020 Security Updates Threat Alert

February 24, 2020

Overview

On February 11, 2020, local time, Adobe officially released February’s security updates to fix multiple vulnerabilities in its various products, including Adobe Experience Manager, Adobe Digital Editions, Adobe Flash Player, Adobe Acrobat and Reader, and Adobe Framemaker. (more…)

Microsoft’s Security Bulletin for February 2020 Patches That Fix 100 Security Vulnerabilities Threat Alert

February 21, 2020

Overview

Microsoft released the February 2020 security patches on Tuesday that fixes 100 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search Component, Remote Desktop Client, Secure Boot, SQL Server, Windows Authentication Methods, Windows COM, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Kernel-Mode Drivers, Windows Media, Windows NDIS, Windows RDP, Windows Shell, and Windows Update Stack. (more…)

IP Reputation Report-02162020

February 20, 2020

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 16, 2020.

(more…)

Cisco Discovery Protocol Vulnerabilities Threat Alert

February 19, 2020

Overview

On February 6, 2020, Beijing time, Cisco fixed five high-risk vulnerabilities in the Cisco Discovery Protocol (CDP) in new versions. The CDP protocol allows Cisco devices to share information in the intranet via multicast messages. These vulnerabilities affect VoIP (Voice over Internet Protocol) phones and cameras. (more…)

Search

Subscribe to the NSFOCUS Blog