CyberSecurity news
FlagThis - #pathtraversal
|
info@thehackernews.com (The Hacker News)@The Hacker News - 74d
Multiple critical vulnerabilities have been discovered in Fortinet products, posing significant security risks. The most critical of these is CVE-2023-34990, a path traversal flaw in FortiWLM, which allows unauthenticated attackers to access sensitive files and potentially execute unauthorized code. This vulnerability, which has been given a CVSS score of 9.6 (or 9.8 by the NVD) stems from a lack of input validation on request parameters, enabling attackers to read log files which contain session IDs. Attackers can then use these session ID tokens to hijack sessions and gain access to authenticated endpoints, potentially granting admin access to the system.
Fortinet's FortiClient EMS has also been targeted, with a now-patched vulnerability (CVE-2023-48788) being actively exploited to deploy remote access tools like AnyDesk and ScreenConnect. This SQL injection flaw, which received a CVSS score of 9.3, enables attackers to execute unauthorized code. Hackers were observed using this flaw to gain initial access to systems, then dropping remote access software and password recovery tools to move laterally through the network. Other flaws include CVE-2024-48889, a command injection flaw in FortiManager, highlighting the wide range of vulnerabilities across multiple Fortinet products and underscoring the need for prompt patching.
Share:
References :
Classification:
Ameer Owda@socradar.io - 74d
Fortinet has issued warnings regarding critical vulnerabilities in its FortiWLM Wireless LAN Manager product. The most severe, tracked as CVE-2023-34990, is a path traversal flaw which allows remote, unauthenticated attackers to read sensitive files. This flaw stems from inadequate input validation on request parameters, enabling attackers to traverse directories and access log files which contain sensitive session ID tokens. By exploiting this vulnerability, malicious actors can gain unauthorized access to the system and potentially hijack user sessions for administrative control.
Additionally, a separate security flaw (CVE-2024-51479) has been found in Next.js, a popular React framework. This vulnerability represents an authorization bypass, which can compromise sensitive data and systems. It is important that users of both FortiWLM and Next.js implement patches as soon as possible, to mitigate the risk of code execution and unauthorized data access. Fortinet has also released updates for other products including FortiManager and FortiClient VPN addressing further security concerns.
Share:
References :
Classification:
Ameer Owda@socradar.io - 74d
A critical security flaw, identified as CVE-2024-51479, has been discovered in the popular React framework Next.js. This authorization bypass vulnerability affects versions 9.5.5 through 14.2.14, allowing attackers to potentially gain unauthorized access to pages located directly under the application's root directory. The vulnerability stems from how Next.js handles authorization checks in middleware based on pathname rules, specifically affecting routes such as https://example.com/foo while leaving routes like https://example.com/ or deeper nested routes like https://example.com/foo/bar unaffected.
The potential impact of this vulnerability is significant, given the widespread use of Next.js among developers. The severity is rated high with a CVSS score of 7.5 and the ease of exploitation makes it an attractive target for malicious actors. Developers are urged to immediately upgrade to version 14.2.15, which includes a patch for the issue. For applications hosted on Vercel, the vulnerability has already been automatically mitigated. No other workarounds have been officially released, making the update essential for preventing exploitation. The vulnerability was responsibly disclosed by security researcher Tyage from GMO Cybersecurity by IERAE.
Share:
References :
Classification:
|