** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.
Daily Archives: June 30, 2022
CVE-2013-4493
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.
CVE-2013-4464
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during CVE-2013-4464. Notes: none.
CVE-2013-4456
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.
CVE-2013-4323
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
ZuoRAT Malware Is Targeting Routers
Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets:
So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek. Dubbed ZuoRAT, the remote access Trojan is part of a broader hacking campaign that has existed since at least the fourth quarter of 2020 and continues to operate.
The discovery of custom-built malware written for the MIPS architecture and compiled for small-office and home-office routers is significant, particularly given its range of capabilities. Its ability to enumerate all devices connected to an infected router and collect the DNS lookups and network traffic they send and receive and remain undetected is the hallmark of a highly sophisticated threat actor.
More details in the article.
CVE-2013-4252
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-4144
There is an object injection vulnerability in swfupload plugin for wordpress.
openssl-1.1.1p-1.fc35
FEDORA-2022-5b1e1a67d1
Packages in this update:
openssl-1.1.1p-1.fc35
Update description:
* Thu Jun 30 2022 Clemens Lang <cllang@redhat.com> – 1:1.1.1p-1
– Upgrade to 1.1.1p
Resolves: CVE-2022-2068
Related: rhbz#2099975
Security fix for CVE-2022-2068
openssl1.1-1.1.1p-1.fc36
FEDORA-2022-3b7d0abd0b
Packages in this update:
openssl1.1-1.1.1p-1.fc36
Update description:
* Thu Jun 30 2022 Clemens Lang <cllang@redhat.com> – 1:1.1.1p-1
– Upgrade to 1.1.1p
Resolves: CVE-2022-2068
Related: rhbz#2099975
Security fix for CVE-2022-2068