/
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
May 24, 2024
CVE-2023-43208
arrow pointing top right
Remote Code Execution (RCE)
CISA-KEV
OSS
Zero Day
Critical
Affected Product
NextGen Healthcare Mirth Connect
CVSS Score
9.8
EPSS Score
0.95978
CVE-2020-17519
arrow pointing top right
Improper access control vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Apache Flink
Exploited-in-Wild
CVSS Score
7.5
EPSS Score
0.97227
CVE-2024-4947
arrow pointing top right
Type Confusion
CISA-KEV
OSS
Zero Day
High
Affected Product
Google Chrome
Exploited-in-Wild
CVSS Score
8.8
EPSS Score
0.00229
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2023-49103
arrow pointing top right
CISA-KEV
Critical

Information DisclosureVulnerability in ownCloud graphapi.

Affected Products
ownCloud graphapi
Exploited-in-Wild
CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injectionvulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild
CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command  Injection Vulnerability in TP-Link Archer AX-21.

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild
CVE-2022-41040
arrow pointing top right
CISA-KEV
High

Server-Side RequestForgery Vulnerability in Microsoft Exchange Server.

Affected Products
Microsoft Exchange Server
Exploited-in-Wild
CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injectionvulnerability via the Ping function in Tenda Products.

Affected Products
Tenda Devices
Exploited-in-Wild
CVE-2022-34045
arrow pointing top right
CISA-KEV
Critical

Hardcodedencryption/decryption key vulnerability in Wavlink.

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-30489
arrow pointing top right
CISA-KEV
Medium

cross-site scriptingvulnerability in Wavlink Devices.

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-25168
arrow pointing top right
CISA-KEV
Critical

Command injectionvulnerability in Hadoop.

Affected Products
Apache Hadoop
Exploited-in-Wild

False

CVE-2022-24847
arrow pointing top right
CISA-KEV
High

Improper inputvalidation vulnerability in GeoServer.

Affected Products
GeoServer
Exploited-in-Wild
CVE-2022-22947
arrow pointing top right
CISA-KEV
Critical

Code InjectionVulnerability in VMware Spring Cloud Gateway.

Affected Products
VMware Spring Cloud Gateway
Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Command injection vulnerability in LB-LINK

Affected Product
Lb-Link Devices
Abused by Botnet

Remote code execution vulnerability in MVPower CCTVDVR models

Affected Product
MVPower CCTV DVR models
Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.

Elevation of Privilege (EoP) vulnerability in theDesktop Window Manager (DWM) Core Library of Microsoft Windows.

Authentication bypass vulnerability in the webcomponent of Ivanti ICS 9.x, 22.x

PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2023-50739
arrow pointing top right
Heap-Based Buffer Overflow
Affected Product
Lexmark CX331adwe
CVE-2023-52718
arrow pointing top right
Connection Hijacking Vulnerability
Affected Product
Huawei home routers
CVE-2024-30420
arrow pointing top right
Server-side request forgery
Affected Product
a-blog cms Versions earlier than Ver.3.1.12
CVE-2024-2046
arrow pointing top right
Arbitrary local file reading
Affected Product
Telegram Version 10.8.2
CVE-2024-28880
arrow pointing top right
Path Traversal
Affected Product
S-Mind LLC
Reference

Subscribe to our Newsletter

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.