IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

Read Time:22 Second

Posted by hyp3rlinx on Dec 30

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_Server_Side_Request_Forgery_CVE-2024-51463.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]www.ibm.com

[Product]
Navigator for i is a Web console interface where you can perform the
key tasks to administer your IBM i.
IBM Navigator for i supports the vast majority of tasks that…

EC2 Grouper Attack

What is the Attack?FortiGuard Labs Threat Team has observed recent attacks by a Threat Actor dubbed "EC2 Grouper" that leverages...

January 3, 2025

libxmp-4.6.1-2.fc41

FEDORA-2025-23e4aeeb91 Packages in this update: libxmp-4.6.1-2.fc41 Update description: Latest upstream release. Changelog: Fixes: CVE-2023-45679: Attempt to free an uninitialized memory...

January 3, 2025

libxmp-4.6.1-2.fc40

FEDORA-2025-c58133e520 Packages in this update: libxmp-4.6.1-2.fc40 Update description: Latest upstream release. Changelog: Fixes: CVE-2023-45679: Attempt to free an uninitialized memory...

January 3, 2025

xmlrpc-c-1.60.04-2.fc42

FEDORA-2025-a835dd04a0 Packages in this update: xmlrpc-c-1.60.04-2.fc42 Update description: Automatic update for xmlrpc-c-1.60.04-2.fc42. Changelog * Thu Jan 2 2025 Jonathan Wright...

January 2, 2025

xmlrpc-c-1.60.04-1.fc42

FEDORA-2025-482675dee5 Packages in this update: xmlrpc-c-1.60.04-1.fc42 Update description: Automatic update for xmlrpc-c-1.60.04-1.fc42. Changelog * Thu Jan 2 2025 Jonathan Wright...

January 2, 2025

mingw-poppler-24.02.0-4.fc41

FEDORA-2025-e39bfb1baa Packages in this update: mingw-poppler-24.02.0-4.fc41 Update description: Backport fix for CVE-2024-56378. Read More

January 1, 2025

Google Is Allowing Device Fingerprinting

Global Campaign Targets PlugX Malware with Innovative Portal

New DoubleClickjacking Attack Bypasses Protections

Fireside chat with Graham Cluley about risks of AI adoption in 2025

HIPAA Rules Update Proposed to Combat Healthcare Data Breaches

Hackers Leak Rhode Island Citizens’ Data on Dark Web

Dozens of Chrome Browser Extensions Hijacked by Data Thieves

US Treasury Computers Accessed by China in Supply Chain Attack

The AI Fix #31: Replay: AI doesn’t exist

IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

EC2 Grouper Attack

libxmp-4.6.1-2.fc41

libxmp-4.6.1-2.fc40

xmlrpc-c-1.60.04-2.fc42

xmlrpc-c-1.60.04-1.fc42

mingw-poppler-24.02.0-4.fc41