Remote Code Execution Vulnerability in ManageEngine Applications Manager 13.5
março 14, 2018
Recently, researchers discovered a serious remote code execution (RCE) vulnerability (CVE-2018-7890) in ManageEngine Applications Manager. Vulnerabilities originate from the publicly accessible testCredential.do endpoint, which can result in remote code execution when validating user-supplied credentials. At present, no official version has been released to fix this vulnerability. Reference links: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7890 https://www.securityfocus.com/bid/103358 https://pentest.blog/advisory-manageengine-applications-manager-remote-code-execution-sqli-and/ What is ManageEngine Applications Manager? […]
Cloud Expo Asia & Data Centre World 2018
março 12, 2018
Cloud Expo Asia & Data Centre World 2018 October 10-11, 2018 Marina Bay Sands, Singapore
2018 AUSCERT Cyber Security Conference
março 12, 2018
2018 AUSCERT Cyber Security Conference May 29- June 1, 2018 Gold Coast
Cloud & Cyber Security Expo 2018
março 12, 2018
Cloud & Cyber Security Expo 2018 May 16-17, 2018 HKCEC, Hong Kong
NSFOCUS Found Multiple Vulnerabilities in Schneider Pelco Sarix professional Cameras
março 6, 2018
Multiple vulnerabilities were found by NSFOCUS researchers in Schneider Pelco Sarix professional Cameras. These vulnerabilities included: CVE# Vulnerability Severity CVE-2018-7227 Information Disclosure Medium CVE-2018-7228 Admin Privilege Authentication Bypass High CVE-2018-7229 Admin Privilege Authentication Bypass High CVE-2018-7230 XML External Entity Vulnerability High CVE-2018-7231 Command Execution – ‘system.opkg.remove’ Critical CVE-2018-7232 Command Execution – ‘network.ieee8021x.delete_certs’ Critical CVE-2018-7233 Command […]
Deep Analysis of Memcached Large DRDoS Attacks – China Telecom DamDDoS & NSFOCUS Jointly Released
março 5, 2018
Recently, many domestic and foreign security companies and agencies issued warnings about the Memcached Distributed Reflection Denial of Service attack, which aroused the concern of all parties. According to our monitoring, the peak traffic for this attack has now reached 1.35T. On Feb. 27, Memcached’s reflection DDoS attacks ranged from hundreds of megabytes to a maximum of […]
