NSFOCUS Threat Intelligence Portal
Threat News
According to a report with NCCIC on August 13, two vulnerabilities were found in WECON LeviStudioU. They are stack-based buffer overflow vulnerability (CVE-2018-10602) and heap-based buffer overflow vulnerability (CVE-2018-10606). NSFOCUS security team and Ghirmay Desta worked with Mat Powell of Trend Micro’s Zero Day Initiative to report these vulnerabilities to […]
Talos published multiple vulnerabilities related to Samsung SmartThings Hub recently including many critical vulnerabilities such as demand injection and remote code execution. CVSS v3 base score of 9.9 was assigned to many of these vulnerabilities. For details, please refer to: https://www.talosintelligence.com/vulnerability_reports/#disclosed Vulnerability Description Vulnerability CVE ID CVSS Score Samsung SmartThings Hub video-core […]
A critical vulnerability in Davolink DVW-3200N was disclosed on July 31. CVE-2018-10618 has been assigned to this vulnerability and the CVSS v3 base score is 9.8. This device generates a weak password hash that is easy to crack, allowing a remote attacker to gain access to the device. Reference: https://ics-cert.us-cert.gov/advisories/ICSA-18-212-01 […]
Oracle Critical Patch Update (CPU) Advisory was released on July 17. In this advisory, Oracle addressed a Weblogic deserialization problem (CVE-2018-2628) that disclosed in April but not completely fixed. The new CVE ID for the Weblogic vulnerability this time is CVE-2018-2893. Basic Scores (CVSS Version 3.0 Risk):9.8 You can […]
Cisco released an advisory on July 18 to alert users about a critical vulnerability (CVE-2018-0375) in its Cluster Manager of Cisco Policy Suite. This vulnerability could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability […]
Recently MODX announced two critical vulnerabilities (CVE-2018-1000207) in MODX Revolution 2.6.4 and earlier versions. A remote attacker could use the vulnerabilities to execute arbitrary code and further to control the website or delete files. Reference: https://forums.modx.com/thread/104040/revolution-2-6-4-and-prior-two-cricital-vulnerabilities-upgrade-mandatory-patch#dis-post-559515 Affected Versions MODX Revolution <= 2.6.4 Unaffected Versions Modx Revolution >= 2.6.5 Solution Users are […]
(Report ID: 201827) Internet Threat Status CVE Statistics The number of new CVE IDs increased considerably last week. Threat Review XXE in WeChat Pay Sdk|WeChat leave a backdoor on merchant websites (07-01-2018) A payment security researcher found an XXE vulnerability in the JAVA version SDK. The attacker can build […]
Internet Threat Status CVE Statistics The number of new CVE IDs in last week was 193, a decrease compared with the previous week. Threat Review WPA3 Standard Officially Launches With New Wi-Fi Security Features (06-25-2018) The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises […]
Internet Threat Status CVE Statistics From the figure above, we can see an obvious rise in CVE IDs over last week. Besides, the fact that quite a few vulnerabilites were disclosed or discovered recently also reminded people to keep close attention to their systems’ security. Threat Review Quarterly Threat Report […]
Overview Drupal released a security advisory on 28 March 2018 to disclose a remote execution code (RCE) vulnerability in the Drupal core, sa-core-2018-002 (CVE-2018-7600). Soon, two more security advisories were also published within a month, including a Cross-Site Scripting (XSS) vulnerability and a critical code execution vulnerability — sa-core-2018-004 (CVE-2018-7602). […]