This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50216.
Daily Archives: December 20, 2023
ZDI-23-1833: D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50217.
ZDI-23-1811: BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2023-50229.
ZDI-23-1812: BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2023-50230.
ZDI-23-1813: Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50218.
ZDI-23-1810: QEMU NVMe Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2023-4135.
Apache Struts2 Remote Code Execution Vulnerability (CVE-2023-50164)
What is the Vulnerability?
A remote attacker can manipulate the file upload parameters on the Apache Struts to enable path traversal and upload a malicious file. That can lead to perform remote code execution and complete control of the system. Apache Struts is an open-source and widely adopted framework for developing Java-based web applications.
What is the Vendor Solution?
Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.5.33 or Struts 6.3.0.2 or higher. https://cwiki.apache.org/confluence/display/WW/S2-066
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature “Apache.Struts.File.Upload.Remote.Code.Execution” to detect and block any attack attempts targeting the vulnerability.
FortiGuard Labs recommends organization to upgrade vulnerable versions as soon as possible, if not already done.
DSA-5581-1 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, sandbox escape or clickjacking.