ThinkPHP Remote Code Execution Vulnerability Handling Guide
dezembro 17, 2018
1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework’s insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access to the server. ThinkPHP is […]
ThinkPHP 5.x Remote Code Execution Vulnerability Threat Alert
dezembro 13, 2018
Overview
Recently, ThinkPHP posted a blog, announcing the release of an important update that addresses a critical vulnerability. This security update fixes a getShell vulnerability caused by the framework’s insufficient checks on controller names in case forced routing is not enabled. The vulnerability, which affects ThinkPHP 5.0 and 5.1, is fixed in the latest version. (mais…)
Adobe Flash Player 0-Day Vulnerabilities Threat Alert
dezembro 11, 2018
Overview
On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer. (mais…)
“WeChat Pay” Ransomware Analysis and Decryption Tool
dezembro 10, 2018
Risk Overview
Recently, over 20,000 PCs in China have fallen victim to WeChat Pay ransomware. Files on the affected devices are encrypted by the ransomware. To regain access to the files, users are asked to scan a WeChat QR code that appears in a pop-up window and pay 110 yuan (about $16) in ransom. So far, WeChat carrier has suspended the use of this QR code. It also steals passwords to popular platforms including Alipay, Baidu Cloud, internet company NetEase’s 163 email service, Tencent’s instant messaging platform QQ, Taobao, Tmall, and JD.com. (mais…)
Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
novembro 23, 2018
Overview
On November 20, 2018, local time, Adobe released a security advisory for documenting the remediation of a critical vulnerability in Adobe Flash Player. Successful exploitation of this vulnerability could allow attackers to remotely execute arbitrary code. (mais…)
Adobe September 2018 Security Updates Threat Alert
novembro 19, 2018
Overview
On November 13, local time, Adobe officially released security bulletins and advisories to announce the remediation of multiple vulnerabilities in such products as Adobe Flash Player, Adobe Acrobat and Reader, and Adobe Photoshop CC. (mais…)
Apache Struts2 Commons FileUpload Deserialization Remote Code Execution Vulnerability (CVE-2016-100031)Threat Alert
novembro 16, 2018
Vulnerability Overview
Recently, Apache Software Foundation (ASF) has released a security advisory to strongly advise users of Apache Struts2.3.X to upgrade the Apache Commons FileUpload component. Struts 2.3.x, by default, uses the Commons FileUpload component of V1.3.2. Early in 2016, this component of V1.3.2 is disclosed to contain a deserialization vulnerability (CVE-2016-100031) which could result in arbitrary code execution.
Commons is a Java subproject of ASF and FileUpload is a subproject for handling HTTP file uploads. The Commons FileUpload component is mainly used to assist developers in implementing the web file upload function.
VMware Virtual Machine Escape Vulnerabilities (CVE-2018-6981 and CVE-2018-6982) Threat Alert
novembro 15, 2018
Overview
Recently, VMware has released a security advisory to document the remediation of two critical vulnerabilities (CVE-2018-6981 and CVE-2018-6982) in VMware ESXi, Workstation, and Fusion. The two vulnerabilities were disclosed by a Chinese cybersecurity firm Chaitin Tech at the international hacking contest GeekPwn2018.
AVEVA InduSoft Web Studio and InTouch Edge HMI Critical Vulnerabilities Threat Alert
novembro 14, 2018
Overview
Recently, AVEVA released a security bulletin to announce the remediation of two critical vulnerabilities in industrial software.
CVE-2018-17916 is a stack overflow vulnerability that can be triggered by sending a crafted packet, leading to remote code execution by an unauthorized user.
CVE-2018-17914 stems from an empty password in the configuration file. An unauthorized attacker could exploit this vulnerability to remotely execute code with the same privilege as that of the affected software. (mais…)
Multiple Cisco Vulnerabilities Threat Alert
novembro 6, 2018
Overview
Recently, Cisco released an official security advisory to announce fixes for multiple high-risk vulnerabilities, which could cause a denial of service and remote code execution. (mais…)
