Blog

NSFOCUS Weekly Cybersecurity Report (ID: 201826)

July 3, 2018 | Adeline Zhang

Internet Threat Status CVE Statistics The number of new CVE IDs in last week was 193, a decrease compared with the previous week.   Threat Review   WPA3 Standard Officially Launches With New Wi-Fi Security Features (06-25-2018) The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises to eliminate all the known […]

Arbitrary File Deletion Vulnerability in WordPress Core

June 28, 2018 | Adeline Zhang

RIPS Technologies (www. www.ripstech.com/) published an arbitrary file deletion vulnerability in the WordPress core on 26 June 2018. Any WordPress version including the current version is affected. After an attacker gains the privileges to edit and delete media files, the vulnerability can be used to escalate privileges attained through the takeover of an account with […]

NSFOCUS Weekly Cybersecurity Report (ID: 201825)

June 28, 2018 | Adeline Zhang

Internet Threat Status CVE Statistics From the figure above, we can see an obvious rise in CVE IDs over last week. Besides, the fact that quite a few vulnerabilites were disclosed or discovered recently also reminded people to keep close attention to their systems’ security. Threat Review Quarterly Threat Report |Q1 2018 Ransomware volumes reduced; […]

NSFOCUS Weekly Cybersecurity Report

June 20, 2018 | Adeline Zhang

(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs.   Threat Review New ‘Lazy FP State Restore’ Vulnerability Found in All Modern Intel CPUs Date: 06-13-2018 Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor’s […]

Zip Slip Vulnerability Advisory

June 7, 2018 | Adeline Zhang

On 5th June 2018 Snyk Security team disclosed a Zip Slip vulnerability, which could result in potential command execution using a specially crafted archive that holds directory traversal filenames . Reference: https://snyk.io/research/zip-slip-vulnerability Description Attackers could use a specially crafted archive holding directory traversal filenames (e.g. ../../evil.sh) to trigger this vulnerability. Once a vulnerable code database […]

Cisco IOS XE AAA RCE Vulnerability

June 7, 2018 | Adeline Zhang

Cisco released an advisory on 6th June for a critical vulnerability (CVE-2018-0315) in its Authentication, Authorization, and Accounting Login Authentication service. It could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to reload, resulting in a denial of service condition. Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-aaa Affected Versions Cisco […]

Drupal Remote Code Execution Vulnerability Analysis

May 31, 2018 | NSFOCUS

Overview Drupal released a security advisory on 28 March 2018 to disclose a remote execution code (RCE) vulnerability in the Drupal core, sa-core-2018-002 (CVE-2018-7600). Soon, two more security advisories were also published within a month, including a Cross-Site Scripting (XSS) vulnerability and a critical code execution vulnerability — sa-core-2018-004 (CVE-2018-7602). In the following two months, […]

Code Execution Vulnerability in Red Hat DHCP Client Script

May 16, 2018 | Adeline Zhang

  Red Hat released a security advisory on May 15 for fixing a critical vulnerability (CVE-2018-1111)in the DHCP Client. An attacker on local network could use a malicious DHCP server or a spoofed DHCP response to execute arbitrary command with root privileges on systems using NetworkManager which is configured to obtain network configuration using the […]

Adobe Fixed Nearly 50 Vulnerabilities in Acrobat and Reader

May 16, 2018 | Adeline Zhang

Adobe released updates on Monday for 47 vulnerabilities in its Acrobat and reader, including critical ones that allow information leakage and arbitrary code execution. Category Impact Severity CVE# Double Free Arbitrary Code Execution Critical CVE-2018-4990 Heap Overflow Arbitrary Code Execution Critical CVE-2018-4947, CVE-2018-4948, CVE-2018-4966, CVE-2018-4968, CVE-2018-4978, CVE-2018-4982, CVE-2018-4984 Use-after-free Arbitrary Code Execution Critical CVE-2018-4946, CVE-2018-4952, CVE-2018-4954, CVE-2018-4958, CVE-2018-4959, […]

Multiple Vulnerabilities Found in Spring

May 10, 2018 | Adeline Zhang

Spring released security advisories on May 9 local time for fixing its multiple vulnerabilities, including a critical remote code execution vulnerability. Reference link: https://pivotal.io/security  Vulnerability Description CVE-2018-1257 (High) Parts of Spring Framework versions allow application programs to use Spring message module to make public STOMP on WebSocket endpoint through simple memory STOMP broker. An attacker could […]