Rockwell Automation Buffer Overflow Vulnerability

Recently Rockwell Automation fixed a critical vulnerability (CVE-2018-14829) found in its RSLinx Classic, a software platform that allows Logix 5000 Programmable Automation Controllers to connect to a wide variety of Rockwell Software applications. A remote attacker could make the device being accessed stop responding and crash by sending a malicious […]

Cisco IOS XE Software Static Credential Vulnerability

Yesterday, September 19th, Cisco announced an advisory for a critical vulnerability (CVE-2018-0150) that exists with their  IOS XE Software. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to […]

Vulnerabilities Discovered in NUUO Network Video Recorder

Tenable Research released two vulnerabilities in NVRMini2, NUUO’s Network Video Recorder software on September 17th. Risk information is as below: Reference link: https://www.tenable.com/security/research/tra-2018-25 Attack demo: https://www.youtube.com/watch?v=2EuFOZfRL4U Sketch of NVRMini2 structure: Vulnerability Description CVE-2018-1149: Unauthenticated Remote Stack Buffer Overflow The HTTP interface exposes the binary cgi_system through the http://<target>/cgi-bin/cgi_system endpoint. Much […]

Response Guide of IBM WebSphere Code Execution Vulnerability

Recently IBM released a remote code execution vulnerability (CVE-2018-1567) in WebSphere application server. It could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. CVSS: 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected versions: IBM WebSphere 9.0.0.0 – 9.0.0.9 IBM WebSphere 8.5.0.0 – 8.5.5.14 IBM […]

Multiple Vulnerabilities in Cisco Products

Cisco has released 30 security advisories on 5 September 2018 to address vulnerabilities affecting multiple products. Three of them are critical. Reference link: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities Vulnerability Description CVE-2018-11776 – Apache Struts Remote Code Execution Vulnerability Affecting Cisco Products (Critical) A vulnerability in Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary […]

Technical Analysis and Solution | Apache Struts 2 Remote Code Execution Vulnerability (S2-057)

On August 22, 2018, Beijing time, Apache Software Foundation (ASF) released a security bulletin, announcing a remote code execution vulnerability (CVE-2018-11776, CNVD-2018-15894, or CNNVD-201808-740) in Apache Struts 2. This vulnerability exists in either of the following cases: The namespace value is not set for a result defined in underlying XML […]

Apache Struts 2 Remote Code Execution Vulnerability

Tag:   Apache Struts2, CVE-2018-11776, Remote Code Execution, S2-057 Severity:Critical This vulnerability can lead to remote code execution. PoC has been made publicly available and may lead to significant, extensive impact. Description On August 22, Apache disclosed a remote code execution (RCE) vulnerability that has been asigned the CVE number CVE-2018-11776. […]

Multiple Vulnerabilities Found in Emerson DeltaV DSC Workstatios

Emerson DeltaV DCS Workstations fixed several vulnerabilities recently, including path traversal, privilege escalation, stack-based buffer overflow, etc. The highest CVSS 3.0 base score is 9.6. Emerson has released patches to address these problems. For detailed information, please visit: https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01 Description CVE-2018-14797 CVSS v3: 8.2 A specially crafted DLL file may […]