Common Vulnerabilities & Exposures
Vulnerability 1: DotCMS Remote Code Execution Vulnerability (10.0 Critical) Description: A Remote Code Execution (RCE) vulnerability exists within DotCMS v5.2.3. An RCE attack involves an attacker executing code from an external location without, technically, physically operating on the compromised device. In DotCMS’ situation, an attacker is able to specially craft a HTTP POST request, through […]
Common Vulnerabilities and Exposures August 2021
Vulnerability 1: ManageEngine ADSelfService Plus CSV Injection Vulnerability (9.3 Critical) Description: A CSV injection vulnerability lies within ManageEngine AD Self Service Plus system. A CSV injection attack involves an attacker exploiting improper validation techniques used by websites and web applications and by doing this they can execute applications and code. These types of attacks can […]
Common Vulnerabilities & Exposures
Vulnerability 1: Printnightmare Windows Spooler Service (9.0 Critical) Description: The Windows Spooler Service (WSS) holds a Remote Code Execution vulnerability. The WSS is used to implement the print roles for clients and servers, by enabling each connected system to act as a print client, administrative client or print server for printer services. A remote code execution (RCE) […]
Common Vulnerabilities & Exposures June 2021
Vulnerability 1: D-Link Insufficient Credential Protection (7.2 High) Description: D-Link is affected by a credential exposure vulnerability. Credential exposure allows an attacker the ability to access credentials without any hindrance at all, granting them access to critical systems. In the case of D-Link, credentials are insufficiently protected in D-Link DIR-2640-US 1.01B04 and in D-Link AC2600 […]
Common Vulnerabilities & Exposures May 2021
Vulnerability 1: UPDATED Microsoft Exchange Server RCE (9.8 Critical) Description: Microsoft Exchange Server has a new remote code execution vulnerability (RCE). These RCE’s enable an attacker to gain allow an attacker to execute code on a computer via a file that could be sent via email or delivered by USB and when downloaded can deploy […]
