[SBA-ADV-20240321-01] CVE-2024-5676: Paradox IP150 Internet Module Cross-Site Request Forgery

Read Time:24 Second

Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23

# Paradox IP150 Internet Module Cross-Site Request Forgery #

Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery

## Vulnerability Overview ##

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to
Cross-Site Request Forgery (CSRF) attacks due to
a lack of countermeasures and the use of the HTTP method `GET` to introduce
changes in the system.

* **Identifier**…

CrushFTP Authentication Bypass

What is the Vulnerability?FortiGuard Labs has observed in-the-wild attack attempts targeting CVE-2025-31161, an authentication bypass vulnerability in CrushFTP managed file...

April 9, 2025

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. FortiAnalyzer...

April 8, 2025

rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9

FEDORA-EPEL-2025-13a0cac2ac Packages in this update: rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0

FEDORA-EPEL-2025-2495fcffcc Packages in this update: rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1

FEDORA-EPEL-2025-15fa9fed48 Packages in this update: rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40

FEDORA-2025-472776e5dc Packages in this update: rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

Patch Tuesday, April 2025 Edition

The AI Fix #45: The Turing test falls to GPT-4.5

Google Releases April Android Update to Address Two Zero-Days

NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog

Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

Arguing Against CALEA

Boards Urged to Follow New Cyber Code of Practice

Russian bots hard at work spreading political unrest on Romania’s internet

[SBA-ADV-20240321-01] CVE-2024-5676: Paradox IP150 Internet Module Cross-Site Request Forgery

CrushFTP Authentication Bypass

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9

rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0

rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1

rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40