#

Oracle WebLogic Remote Execution Vulnerability (CVE-2019-2729)

Recently, Oracle released a WebLogic remote execution vulnerability (CVE-2019-2729) that is rated as high. This vulnerability will cause issues in wls9_async component when deserialization handles input information, enabling an attacker to gain server privileges for remote code execution by sending a carefully crafted malicious HTTP request.

Date Published:2019-06-25 Read More >>

Recent Security Event

#

Alert: Remote Desktop Protocol (RDP) Remote Code Execution Vulnerability (CVE-2019-0708)

On May 14th, 2019, Microsoft released a RDP remote code execution vulnerability among its latest security updates, which allows an attacker can connect to the target system using RDP and send a specially crafted request to remotely execute codes on a target system without having been authenticated.

  • Source:SANGFOR Security Center
  • Date Published:2019-05-30
#

Alert: Spring Cloud Config Directory Traversal Vulnerability (CVE-2019-3799)

Recently, the Spring team exposed a directory traversal vulnerability in Spring Cloud Config in its latest security updates. The severity level of this vulnerability is rated as high officially. This vulnerability allows applications to serve arbitrary configuration files through the spring-cloud-config-server module. Attacker can send a request using a specially crafted URL that can lead to a directory traversal attack.

  • Source:SANGFOR Security Center
  • Date Published:2019-04-20
#

[Alert] Drupal 8 Remote Code Execution Vulnerability

On February 20, 2019, the Drupal security team has announced a highly critical remote code execution vulnerability in Drupal 8, tracked as SA-CORE-2019-003 and CVE-2019-6340, in the latest security update bulletin. The official site sets this vulnerability as Highly Critical, with a 21/25 security risk score. The vulnerability is actually caused by the lack of proper data sanitization in some fields when users enable Drupal Core RESTful Web Services (rest) module. In some cases, it allows arbitrary PHP code execution, remote and complete control over the server.

  • Source:SANGFOR Security Center
  • Date Published:2019-02-28
#

[Alert] Remote Code Execution Vulnerability in Multiple ThinkPHP 5 Versions

On December 9th, 2018, ThinkPHP released the latest security update that addressing a vulnerability of remote code execution.The vulnerability was caused by the framework's insufficient checks on controller names in case forced routing is not enabled. Eventually, GetShell vulnerability in the server may be exploited by hackers, affecting ThinkPHP 5.0, ThinkPHP 5.1 versions. Although it is not hard to exploit the vulnerability, the impact could be destructive.

  • Source:SANGFOR Security Center
  • Date Published:2018-12-22
#

[Alert] WebLogic Java Deserialization Vulnerability (CVE-2018-3245)

​In October, 2018, Oracle officially released the October Critical Patch Updates, including that for a high-risk remote code execution vulnerability (CVE-2018-3245) in WebLogic Server.

  • Source:SANGFOR Security Center
  • Date Published:2018-10-24