Lucene search

K

Plug'n Play Firewall Security Vulnerabilities

github
github

Request smuggling leading to endpoint restriction bypass in Gunicorn

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-16 12:30 AM
34
hackread
hackread

Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor

By Deeba Ahmed Firewall on fire! This is a post from HackRead.com Read the original post: Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python...

10CVSS

7.3AI Score

0.957EPSS

2024-04-15 06:29 PM
32
osv
osv

Constallation has pods exposed to peers in VPC

Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....

6.8AI Score

2024-04-15 06:13 PM
4
github
github

Constallation has pods exposed to peers in VPC

Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....

6.8AI Score

2024-04-15 06:13 PM
5
wordfence
wordfence

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 25th, 2024, during our second Bug Bounty Extravaganza,.....

9.8CVSS

8.5AI Score

0.012EPSS

2024-04-15 03:00 PM
22
kitploit
kitploit

Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of Iframes, Allowing The Bypass Of Traditional Framebusters Implemented By Login Pages Like Microsoft And The Use With Evilginx

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I.....

6.7AI Score

2024-04-15 12:30 PM
19
securelist
securelist

Using the LockBit builder to generate targeted ransomware

The previous Kaspersky research focused on a detailed analysis of the LockBit 3.0 builder leaked in 2022. Since then, attackers have been able to generate customized versions of the threat according to their needs. This opens up numerous possibilities for malicious actors to make their attacks...

7.8AI Score

2024-04-15 10:00 AM
12
thn
thn

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature...

10CVSS

9.7AI Score

0.957EPSS

2024-04-15 08:17 AM
21
kitploit
kitploit

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

7.2AI Score

2024-04-14 09:24 PM
10
wired
wired

How Israel Defended Against Iran's Drone and Missile Attack

The Iron Dome, US allies, and long-range interceptor missiles all came into...

7.4AI Score

2024-04-14 01:01 AM
5
wallarmlab
wallarmlab

How to track and stop CVE-2024-3400: Palo Alto Networks API Exploit Causing Critical Infrastructure and Enterprise Epidemics

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto.....

10CVSS

10AI Score

0.957EPSS

2024-04-13 09:57 PM
59
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for...

10CVSS

9.8AI Score

0.957EPSS

2024-04-13 11:55 AM
133
githubexploit
githubexploit

Exploit for CVE-2024-3400

CVE-2024-3400 Vulnerability Checker Description...

10CVSS

9.9AI Score

0.957EPSS

2024-04-13 11:06 AM
175
thn
thn

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...

10CVSS

9.9AI Score

0.957EPSS

2024-04-13 08:25 AM
65
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

PAN-OS Firewall Exploit Script This script is designed to...

10CVSS

10AI Score

0.957EPSS

2024-04-13 05:16 AM
250
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45626)

An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

9.8CVSS

7.7AI Score

0.002EPSS

2024-04-13 12:00 AM
7
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45627)

An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please visit...

9.8CVSS

6.8AI Score

0.002EPSS

2024-04-13 12:00 AM
8
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45624)

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please.....

9.8CVSS

7.2AI Score

0.002EPSS

2024-04-13 12:00 AM
2
nessus
nessus

Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-45614)

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities...

9.8CVSS

9.1AI Score

0.002EPSS

2024-04-13 12:00 AM
6
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45622)

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot....

9.8CVSS

7.3AI Score

0.002EPSS

2024-04-13 12:00 AM
4
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45617)

There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to.....

9.8CVSS

6.8AI Score

0.002EPSS

2024-04-13 12:00 AM
5
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45620)

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please...

9.8CVSS

7.3AI Score

0.002EPSS

2024-04-13 12:00 AM
5
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45623)

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot....

9.8CVSS

7.3AI Score

0.002EPSS

2024-04-13 12:00 AM
11
nessus
nessus

Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-45616)

There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this...

9.8CVSS

9AI Score

0.002EPSS

2024-04-13 12:00 AM
6
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45621)

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please...

9.8CVSS

7.3AI Score

0.002EPSS

2024-04-13 12:00 AM
10
nessus
nessus

Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-45615)

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities...

9.8CVSS

9.1AI Score

0.002EPSS

2024-04-13 12:00 AM
4
nessus
nessus

Siemens Scalance W1750D Improper Neutralization of Special Elements used in a Command (CVE-2023-45625)

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This plugin only works with Tenable.ot. Please....

9.8CVSS

8.3AI Score

0.002EPSS

2024-04-13 12:00 AM
8
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45619)

There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...

9.8CVSS

7.2AI Score

0.002EPSS

2024-04-13 12:00 AM
4
nessus
nessus

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45618)

There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the.....

9.8CVSS

7AI Score

0.002EPSS

2024-04-13 12:00 AM
6
githubexploit
githubexploit

Exploit for CVE-2024-3400

PAN-OS Firewall Exploit Script This script is designed to...

10CVSS

8.2AI Score

0.957EPSS

2024-04-12 05:39 PM
265
nvd
nvd

CVE-2024-30389

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....

5.8CVSS

5.7AI Score

0.0005EPSS

2024-04-12 04:15 PM
1
cve
cve

CVE-2024-30389

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....

5.8CVSS

6.8AI Score

0.0005EPSS

2024-04-12 04:15 PM
45
cvelist
cvelist

CVE-2024-30389 Junos OS: EX4300 Series: Firewall filter not blocking egress traffic

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....

5.8CVSS

6AI Score

0.0005EPSS

2024-04-12 03:24 PM
nvd
nvd

CVE-2024-30410

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...

5.8CVSS

5.7AI Score

0.0005EPSS

2024-04-12 03:15 PM
1
cve
cve

CVE-2024-30410

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...

5.8CVSS

6.8AI Score

0.0005EPSS

2024-04-12 03:15 PM
47
cvelist
cvelist

CVE-2024-30410 Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...

5.8CVSS

5.9AI Score

0.0005EPSS

2024-04-12 03:02 PM
rapid7blog
rapid7blog

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls

On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. According to the vendor advisory, if conditions for exploitability are met, the vulnerability...

10CVSS

9.8AI Score

0.957EPSS

2024-04-12 12:59 PM
40
thn
thn

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. "A command injection vulnerability in the...

10CVSS

9.7AI Score

0.957EPSS

2024-04-12 08:56 AM
42
nvd
nvd

CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....

10CVSS

10AI Score

0.957EPSS

2024-04-12 08:15 AM
2
cve
cve

CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....

10CVSS

9.8AI Score

0.957EPSS

2024-04-12 08:15 AM
457
In Wild
cvelist
cvelist

CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....

10CVSS

10AI Score

0.957EPSS

2024-04-12 07:20 AM
paloalto
paloalto

PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....

10CVSS

9.9AI Score

0.957EPSS

2024-04-12 06:55 AM
129
cisa_kev
cisa_kev

Palo Alto Networks PAN-OS Command Injection Vulnerability

Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the...

10CVSS

8.3AI Score

0.957EPSS

2024-04-12 12:00 AM
28
nessus
nessus

Palo Alto Networks PAN-OS 10.2.x < 10.2.9-h1 / 11.0.x < 11.0.4-h1 / 11.1.x < 11.1.2-h3 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.9-h1 or 11.0.x prior to 11.0.4-h1 or 11.1.x prior to 11.1.2-h3. It is, therefore, affected by a vulnerability. A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect...

10CVSS

10AI Score

0.957EPSS

2024-04-12 12:00 AM
73
attackerkb
attackerkb

CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....

10CVSS

10AI Score

0.957EPSS

2024-04-12 12:00 AM
67
talosblog
talosblog

The internet is already scary enough without April Fool’s jokes

I feel like over the past several years, the "holiday" that is April Fool's Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something you'd find on a news site any day of the week. And there are so many more serious issues that are.....

7.3AI Score

2024-04-11 06:00 PM
5
ibm
ibm

Security Bulletin: IBM Sterling B2B Integrator Document Service container vulnerable to multiple issues due to Apache Tomcat

Summary IBM Sterling B2B Integrator's Document Service container users Apache Tomcat. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-46589 DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper...

7.5CVSS

7.4AI Score

0.01EPSS

2024-04-11 01:22 PM
4
ics
ics

Siemens Scalance W1750D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

9.8CVSS

9.6AI Score

0.002EPSS

2024-04-11 12:00 PM
10
ics
ics

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

7.5CVSS

7.7AI Score

0.962EPSS

2024-04-11 12:00 PM
8
ics
ics

Siemens RUGGEDCOM APE1808 before V11.0.1

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

8.8CVSS

6.7AI Score

0.003EPSS

2024-04-11 12:00 PM
10
Total number of security vulnerabilities51218