dcsimg

Critical Remote Code Execution Vulnerability CVE-2019-0708 Addressed in Patch Tuesday Updates

Microsoft has released its May 2019 Security Updates, which includes a fix for CVE-2019-0708, a critical remote code execution vulnerability affecting the Remote Desktop Service. Background Microsoft has released its monthly security update for May. Included in this month's Patch Tuesday release is CVE-2019-0708, a critical remote code execution vulnerability that could allow an unauthenticated … [Read more...]

CVE-2019-5021: Hard-Coded NULL root Password Found in Alpine Linux Docker Images

A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that utilize the system shadow file as an authentication database. Background In November 2015, a bug in Alpine Linux Docker Images was patched to prevent the /etc/shadow file from accepting a NULL … [Read more...]

Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Oracle WebLogic is vulnerable to a new deserialization vulnerability that could allow an attacker to execute remote commands on vulnerable hosts. Background On April 17, China National Vulnerability Database (CNVD) published a security bulletin about an unauthenticated remote command execution (RCE) vulnerability in Oracle WebLogic (CNVD-C-2019-48814). Oracle WebLogic Server is middleware for … [Read more...]

Magento Security Updates Fix Over 30 Bugs Including an Unauthenticated Remote Code Execution Vulnerability (PRODSECBUG-2198)

Magento Commerce and Open Source advisory provides fixes for RCE, XSS, SQLi, and XSRF vulnerabilities. Background Magento has released a security advisory for 30+ vulnerabilities, including an unauthenticated Remote Code Execution (RCE) vulnerability which Magento is highly recommending users patch as soon as possible. Magento is an e-commerce management tool widely used by many online platforms. … [Read more...]

Multiple Remote Code Execution Vulnerabilities Found in Grandstream Devices

Multiple security vulnerabilities found in Grandstream devices’ web interfaces include remote code execution and user credentials stored in plaintext. Background According to Threatpost, a number of Grandstream telephony and networking devices contain multiple vulnerabilities which could lead to remote code execution (RCE) attacks. Compromised devices would also allow an attacker to install … [Read more...]

Cisco March Advisory Addresses Multiple Vulnerabilities in FXOS and NX-OS

Cisco released security advisories for multiple vulnerabilities including CVE-2019-1614, an authenticated RCE vulnerability affecting many Cisco switches running NX-OS. Background On March 6th, Cisco released advisories for multiple vulnerabilities. One noteworthy update amongst them was an NX-API remote code injection vulnerability (CVE-2019-1614) wherein an authenticated remote attacker could … [Read more...]

Management Interfaces in Three Models of Cisco Networking Devices Are Vulnerable to RCE Attacks

New vulnerability (CVE-2019-1663) in Cisco RV110W, RV130W, and RV215W devices allows for RCE attacks from malicious HTTP requests. Background Cisco has released a security advisory for CVE-2019-1663, a remote code execution (RCE) vulnerability present in the remote management interface on certain router and firewall devices, the RV110W, RV130W, and RV215W. The vulnerability could allow an … [Read more...]

Management Interfaces in Three Models of Cisco Networking Devices Are Vulnerable to RCE Attacks

<p>New vulnerability (CVE-2019-1663) in Cisco RV110W, RV130W, and RV215W devices allows for RCE attacks from malicious HTTP requests.</p> <h3>Background</h3> <p>Cisco has <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ci... target="_blank" rel="noopener noreferrer" title="Cisco security advisory for … [Read more...]

CVE-2019-5736 Exploits the Common runc Container Binary to Escape to Host

CVE-2019-5736 allows for an escape to host attack in specific container configurations. Background A new vulnerability (CVE-2019-5736) was recently announced in runc, the runtime used by popular container platforms Docker and Kubernetes. The disclosure for this vulnerability details how a malicious container can escape its sandbox and execute arbitrary commands on the host. This attack does, … [Read more...]

LibreOffice Vulnerable to Code Execution in URL Mouseover Preview Feature

Researcher Alex Inführ discovered that LibreOffice 6.1.0-6.1.3.1 is susceptible to a code injection attack if a user hovers their mouse over a malicious URL. Background Researcher Alex Inführ disclosed a LibreOffice vulnerability (CVE-2018-16858) in versions 6.1.0-6.1.3.1 which shows that code injection is possible on both Linux and Windows versions when a user hovers their mouse over a malicious … [Read more...]