Category Archives: Advisories

Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)

Read Time:1 Minute, 0 Second

What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the “Change Favicon” (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an image file. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-39717 to its “Known Exploited Vulnerabilities” list.What is the recommended Mitigation?Versa Networks has released a patch to address this vulnerability and has mentioned in their advisory that the vulnerability has already been exploited by an Advanced Persistent Threat actor.What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor to secure their systems and follow their system hardening guidelines.FortiGuard Labs has blocked known malware used in campaign related to the Versa Director Dangerous File Type Upload Vulnerability. Java/CVE_2024_39717.A!exploitThe FortiGuard Incident Response team can be engaged to help with any suspected compromise.FortiGuard Labs is further investigating to provide protections and will update this Threat Signal Report with more information once it becomes available.

Read More

Re: [SYSS-2024-038] DiCal-RED – Use of Password Hash Instead of Password for Authentication

Read Time:20 Second

Posted by J. Hellenthal via Fulldisclosure on Aug 27

Correct me if I’m wrong but I believe he is trying to relay that “on the backend” where the password hashes are
stored…. if accessed by those with admin access or a bad actor if you will gives them the immediate ability to access
every account without needing to decrypt the passwords.

This is a very bad practice.

Read More

USN-6981-1: Drupal vulnerabilities

Read Time:17 Second

It was discovered that Drupal incorrectly sanitized uploaded filenames. A
remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-13671)

It was discovered that Drupal incorrectly sanitized archived filenames. A
remote attacker could possibly use this issue to overwrite arbitrary files,
or execute arbitrary code. (CVE-2020-28948, CVE-2020-28949)

Read More

DSA-5759-1 python3.11 – security update

Read Time:27 Second

Multiple security issues were discovered in Python, a high-level,
interactive, object-oriented language:

CVE-2024-0397

A race condition in the ssl module was found when accessing
CA certificates.

CVE-2024-4032

The ipaddress module contained incorrect information whether
some ipv4 and ipv6 address ranges are designated as globally
reachable or private.

CVE-2024-8088

Incorrect handling of path names in the zipfile module could
result in an infinite loop when processing a zip archive
(resulting in denial of service)

https://security-tracker.debian.org/tracker/DSA-5759-1

Read More