Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbitrary code. CODESYS […]
Netgear is warning users of a critical remote code execution flaw that could allow an unauthenticated attacker to take control of its wireless routers. Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. […]
Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player. The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […]
Tech vendor Zyxel addresses a critical vulnerability in several network-attached storage (NAS) devices that is already being exploited in the wild. Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. The flaw can be exploited by an unauthenticated attacker, it resides in the weblogin.cgi CGI executable […]
Tech giant Cisco has recently addressed two high-severity vulnerabilities affecting its Webex and IOS XE Software products. Cisco Systems has released security fixes for two high-severity vulnerabilities in its products, including a remote code execution flaw in the Webex video conferencing platform. The Webex flaw resides in the web-based management interface of Cisco Webex Video […]
Experts disclosed PoC exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. Security researchers Miguel MĂ©ndez ZĂșñiga and Pablo Pollanco from TelefĂłnica Chile recently published Proof-of-concept (PoC) exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. The security duo published on Medium the technical details of the […]
Over the summer, the Apache Solr team addressed a remote code execution flaw, not a working exploit code was published online. The bug addressed by the Apache Solr team fixed over the summer is more dangerous than initially thought. Apache Solr is a highly reliable, scalable and fault-tolerant, open-source search engine written in Java. Solr […]
The popular rConfig network configuration management utility is affected by two critical remote code execution flaws that have yet to be patched. rConfig is a completely open-source, network configuration management utility used to validate and manage network devices, including switches, routers, firewalls, and load-balancer. The cyber security expert Mohammad Askar has discovered two critical remote code […]
vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […]
Microsoft October 2019Â Patch Tuesday addressed a total of 59 vulnerabilities. 9 of which are rated as critical and 49 as important. The tech giant released its October 2019 Patch Tuesday security updates to address a total of 59 vulnerabilities in Windows operating systems and other software, 9 of which are rated as ‘critical’, 49 are […]