/
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
June 7, 2024
Profile Icon

Jason Franscisco

CVE-2024-24919
arrow pointing top right
Information Disclosure Vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Check Point Quantum Security Gateways
CVSS Score
8.6
EPSS Score
0.94504
CVE-2024-1086
arrow pointing top right
Use-after-free vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Linux Kernel
CVSS Score
7.8
EPSS Score
0.00969
CVE-2017-3506
arrow pointing top right
Code execution vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Oracle WebLogic Server
CVSS Score
7.4
EPSS Score
0.8686
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-3273
arrow pointing top right
CISA-KEV
High

CommandInjection Vulnerability in D-Link NAS devices

Affected Products
D-Link DNS devices
Exploited-in-Wild
CVE-2023-49103
arrow pointing top right
CISA-KEV
Critical

Information DisclosureVulnerability in ownCloud graphapi

Affected Products
ownCloud graphapi
Exploited-in-Wild
CVE-2023-46747
arrow pointing top right
CISA-KEV
Critical

F5 BIG-IP ConfigurationUtility Authentication Bypass Vulnerability

Affected Products
F5 BIG-IP
CVE-2023-4415
arrow pointing top right
CISA-KEV
High

ImproperAuthentication vulnerability in Ruijie RG-EW1200G 07161417 r483

Affected Products
Ruijie RG-EW1200G 07161417 r483
Exploited-in-Wild

False

CVE-2023-23752
arrow pointing top right
CISA-KEV
Medium

Joomla! Improper AccessControl Vulnerability

Affected Products
Joomla
Exploited-in-Wild
CVE-2023-4966
arrow pointing top right
CISA-KEV
High

Buffer Overflow Vulnerability in Citrix NetScaler ADC andNetScaler Gateway

Affected Products
Citrix Netscaler
CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remotecode execution vulnerability in Metabase open source and Metabase Enterprise

Affected Products
Metabase open source/Enterprise
CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

 Command  injection vulnerability in LB-LINK devices 

Affected Products
LB-LINK
Exploited-in-Wild
CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command InjectionVulnerability in TP-Link Archer AX-21

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild
CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injectionvulnerability via the Ping function in Tenda Products

Affected Products
Tenda Devices
Exploited-in-Wild
Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Command injection vulnerability in LB-LINK

Affected Product
Lb-Link Devices
Abused by Botnet

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Abused by Botnet

Improper protocol access control vulnerability in Eir D1000 modem.

Affected Product
Eir D1000 modem
Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.

critical vulnerability in Oracle WebLogic Server

Microsoft Netlogon Privilege Escalation Vulnerability

Code execution vulnerability affecting WebKit

Memory corruption vulnerability in Apple products iOS and macOS operating systems

critical vulnerability in the Oracle WebLogic Server

PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-28038
arrow pointing top right
Stack-Based Buffer Overflow
Affected Product
Multiple multi-function printers by Sharp Corporation and Toshiba
CVE-2023-26322
arrow pointing top right
Remote Code Execution
Affected Product
Xiaomi Pro 13
Reference
CVE-2021-32007
arrow pointing top right
Information disclosure
Affected Product
Secomea GateManager webserver

Sign up to our Newsletter