Emergency Response

Apache Solr velocity Remote Code Execution Vulnerability Handling Guide

November 12, 2019 | Mina Hao

Vulnerability Description On October 30, @_S00pY disclosed the exploitation of Apache Solr Remote Code Execution Vulnerability, which allows attackers to implement remote code execution via velocity templates. After testing, the vulnerability can be successfully triggered, and no official security patch has been released.

Kibana Remote Code Execution Vulnerability (CVE-2019-7609) Threat Alert

November 5, 2019 | Mina Hao

Vulnerability Description In February 2019, an official announcement was made that Kibana had a remote code execution vulnerability. The Kibana version prior to 5.6.15 and 6.6.1 had a functional flaw in the Timelion visualization tool, which allowed an attacker to use Kibana to execute arbitrary code on the server. Currently PoC has been announced; Ussers […]

Cisco Aironet Access Points Unauthorized Access Vulnerability Threat Alert

November 4, 2019 | Mina Hao

Overview On October 17, local time, Cisco issued a security notice claiming that an unauthorized access vulnerability to Aironet Access Points (APs) was fixed. The vulnerability stems from the fact that no specific URL is filtered. An attacker can obtain the access rights of the device by constructing a malicious URL and sending it to […]

Weblogic High Risk Vulnerability Threat Alert

November 1, 2019 | Mina Hao

Overview Recently, Oracle fixed two high-risk vulnerabilities in Weblogic (CVE-2019-2890 and CVE-2019-2891)  in its October critical patch update. References: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

phpfpm

Php-fpm Remote Code Execution Vulnerability (CVE-2019-11043) Threat Alert

October 29, 2019 | Mina Hao

Overview Recently, security researchers have published a vulnerability in php-fpm (CVE-2019-11043) that could lead to remote code execution in certain Nginx configurations. The vulnerability exists in the file sapi/fpm/fpm/fpm_main.c (https://github.com/php/php-src/blob/master/sapi/fpm/fpm/fpm_main.c#L1140), which assumes the prefix of env_path_info Equal to the path of the php script, but in fact the code does not check if this assumption […]

Weaver E-cology OA System SQL Ijection Vulnerability Threat Alert

October 28, 2019 | Mina Hao

Vulnerability Description On October 10, 2019, the national information security vulnerability sharing platform of China (CNVD) announced a SQL injection vulnerability (CNVD-2019-34241) in the Weaver e-cology OA system. When the workflowcentertreedata interface of the Weaver e-cology OA system uses the Oracle database, due to the loose splicing of the built-in SQL statements, there is a […]

Microsoft Released October Patches to Fix 61 Security Vulnerabilities

October 26, 2019 | Mina Hao

Overview Microsoft released the October security update patch on Tuesday, fixing 61 security issues ranging from simple spoofing attacks to remote code execution. Products include Azure, Internet Explorer, Microsoft Browsers, Microsoft Devices, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component. , Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Open […]

Joomla

Joomla! Content Management System Remote Code Execution Vulnerability Threat Alert

October 22, 2019 | Mina Hao

Overview Recently, security researcher Alessandro Groppo posted a blog about a remote code execution vulnerability in the early version of the content management system Joomla!. The vulnerability is a remote code execution caused by a PHP object injection discovered by researchers in the Joomla! CMS 3.0.0. to 3.4.6 (released from September 2012 to December 2015). […]

Oracle October 2019 Critical Patch Update for All Product Families Threat Alert

October 21, 2019 | Mina Hao

Overview On October 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its October 2019 Critical Patch Update (CPU) which fixes 240 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the appendix.

vBulletin Remote Code Execution Vulnerability (CVE-2019-16759) Threat Alert

October 18, 2019 | Mina Hao

Overview vBulletin is a powerful, scalable, and fully customizable forums package. Despite being a commercial product, vBulletin is still the most popular web forums package, whether from the market share or the actual installations.