RSA Conference 2024
May 13, 2024
RSA Conference 2024 May 6 – 9, 2024 Moscone Center, San Francisco, CA NSFOCUS participated in RSA Conference 2024 as Bronze Sponsor at Booth 3301, South Center. Our principal security solution architect, presented our Security Large Language Model and NSFGPT that empower the next-gen SOC by seamlessly integrating into security operations, offering AI-driven Intelligent Triage […]
Multiple Security Vulnerabilities in Linux Kernel
December 27, 2022
Overview On December 26, 2022, NSFOCUS CERT detected multiple security vulnerabilities in Linux Kernel released online, relevant users are requested to take protective measures as soon as possible. Linux Kernel Remote Code Execution Vulnerability (CVE-2022-47939): A remote code execution vulnerability exists in Linux Kernel SMB2_TREE_DISCONNECT command processing. Due to the lack of verification of the […]
Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)
December 15, 2022
Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and Gateway. Due to deficiencies in the system’s control over the lifecycle of resources, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on a target system when Citrix ADC and Citrix […]
Fortinet FortiOS sslvpnd Remote Code Execution Vulnerability (CVE-2022-42475)
December 14, 2022
Overview Recently, NSFOCUS CERT detected that Fortinet officially fixed a remote code execution vulnerability (CVE-2022-42475) in FortiOS sslvpnd. Due to the flaw in sslvpnd’s validation of user input, an unauthenticated attacker can trigger a buffer overflow by sending a specially crafted packet, which can eventually execute arbitrary code on the target system. The CVSS score […]
Thinkphp Remote Code Execution Vulnerability Alert
December 11, 2022
Overview Recently, NSFOCUS CERT has monitored that the exploit details of the Thinkphp remote code execution vulnerability are publicly disclosed on the Internet. Due to the incoming parameter inspection defect in the Thinkphp program, when Thinkphp enables the multilingual function, unauthenticated attackers can pass in parameters through get, header, cookie, etc., to achieve directory traversal […]
Google Chrome V8 Type Confusion Vulnerability (CVE-2022-4262) Alert
December 6, 2022
Overview On December 5, NSFOCUS CERT found that Google officially released a type confusion vulnerability (CVE-2022-4262) in Google Chrome V8. A type confusion error occurs because a program uses one type of method to allocate or initialize a resource, such as a pointer, object, or variable, but then accesses that resource with another method that […]
Snapd Local Privilege Escalation Vulnerability (CVE-2022-3328)
December 3, 2022
Overview On December 2, NSFOCUS CERT detected that Qualys released a local privilege escalation vulnerability (CVE-2022-3328) in Snapd. There is a conditional race vulnerability in the must_mkdir_and_open_with_perms() function in snap-confine, an attacker with normal user privileges can use Multipath Privilege Escalation Vulnerability (CVE-2022-41974) and Multipath Symbolic Link Vulnerability, bind the /tmp directory to any directory […]
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781) Alert
November 23, 2022
Overview Recently, NSFOCUS CERT found that Atlassian officially fixed a command injection vulnerability in Bitbucket Server and Data Center. Due to flaws in Bitbucket Server and Data Center, attackers with user name control rights can implement command injection through environment variables, and eventually cause commands to be executed arbitrarily on the system. The CVSS score […]
Apache Airflow Remote Code Execution Vulnerability (CVE-2022-40127)
November 22, 2022
Overview On November 21, NSFOCUS CERT discovered on Internet a PoC of a remote code execution vulnerability (CVE-2022-40127) in Apache Airflow. Due to the flaw in Example Dags in Apache Airflow, an attacker with UI access rights can use this vulnerability to trigger Dags, and then by manually providing the run_id parameter, attacker can execute […]
Citrix Gateway and Citrix ADC Authentication Bypass Vulnerability (CVE-2022-27510) Alert
November 13, 2022
Overview Recently, NSFOCUS CERT detected that Citrix released a security notice, fixing an authentication bypass vulnerability (CVE-2022-27510). When Citrix Gateway is running with Citrix ADC as a gateway device (either using the SSL VPN feature or deployed as an ICA proxy with authentication enabled), an unauthenticated remote attacker can send malicious packets to the target […]