Overview Recently, NSFOCUS CERT detected that Zabbix released a security announcement and fixed the SQL injection vulnerability (CVE-2024-42327) of Zabbix server. Due to the SQLi vulnerability in the CUser class in the addRelatedObjects function, attackers with default user permission or API access can call the CUser.get function. This could lead...
Category: Emergency Response
Microsoft’s Security Update in November on High-Risk Vulnerabilities in Multiple Products
Overview On November 13, NSFOCUS CERT detected that Microsoft released a security update patch for November, which fixed 89 security issues, including Windows, Microsoft SQL Server, Microsoft Office, Azure, Open Source Software, Microsoft Visual Studio, System Center and other widely used products, including high-risk vulnerabilities such as privilege escalation vulnerability...
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2024-21216)
Overview Recently, NSFOCUS CERT detected that Oracle issued a security announcement and fixed the deserialization vulnerability in WebLogic Server (CVE-2024-21216). Since WebLogic does not strictly filter incoming data through the T3/IIOP protocol, when the T3/IIOP protocol is enabled, an unauthenticated remote attacker sends a special request to the server through...
Remote Code Execution Vulnerability Alert of Unix CUPS Print Service (CVE-2024-47076 / CVE-2024-47175 / CVE-2024-47177)
Overview Recently, NSFOCUS CERT monitored the disclosure of the details of remote code execution vulnerabilities for Unix CUPS printing service on the Internet. When the system enables cups-browsed process listening (default port 631) to receive UDP packets, unauthenticated attackers induce victims to configure by constructing a malicious IPP server. When...
Microsoft’s August Security Update on High-Risk Vulnerabilities in Multiple Products
Overview On August 14, NSFOCUS CERT detected that Microsoft released a security update patch for August, which fixed 90 security issues involving widely used products such as Windows, Microsoft Office, Visual Studio and Azure, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in...
JumpServer File Read and Upload Vulnerability (CVE-2024-40628/CVE-2024-40629) Notification
Overview Recently, NSFOCUS CERT detected that JumpServer issued a security announcement and fixed the file reading and uploading vulnerabilities in JumpServer (CVE-2024-40628/CVE-2024-40629). Due to improper permission configuration of the Ansible module in JumpServer, an attacker with a low-privilege account can use the ansible playbook to read arbitrary files in the...
