66 matches found
EUVD-2016-3435
Malware in sbrugna...
EUVD-2016-3437
Malware in sbrugna...
EUVD-2016-3436
Malware in sbrugna...
EUVD-2019-15197
Malware in sbrugna...
EUVD-2008-3836
Malware in sbrugna...
EUVD-2016-3434
Malware in sbrugna...
EUVD-2008-6971
Malware in sbrugna...
Exploitation of Accellion File Transfer Appliance
Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,1 New Zealand,2 Singapore,3 the United Kingdom,4 and the United States.56 These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance...
VulnCheck KEV: CVE-2021-27101
Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to documentroot.html...
The vulnerability of the Accellion FTA security system, which stems from insufficiently validated incoming requests, allows a perpetrator to carry out a SSRF attack and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA security system is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack and gain unauthorized access to protected information through specially created POST requests...
The vulnerability of the Accellion FTA security management system, which stems from the failure to remove special elements used in the operating system’s command set, allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA File Transfer Application security system lies in the lack of measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely and gain unauthorized...
The vulnerability of the Accellion FTA security management system, which stems from the failure to remove special elements used in the operating system’s command set, allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA File Transfer Application security system lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows attackers to execute arbitrary commands and gain unauthorized access to...
CVE-2021-27730
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
Accellion FTA 注入漏洞
Accellion FTA is an enterprise content firewall from Accellion USA, Inc. It provides a protection against data leakage and breaches from third-party network risks. An injection vulnerability exists in Accellion FTA 912432 and earlier, which stems from being vulnerable to parameter injection via a...
Hackers Exploit Accellion Zero-Days in Recent Data Theft and Extortion Attacks
Cybersecurity researchers on Monday tied a string of attacks targeting Accellion File Transfer Appliance FTA servers over the past two months to data theft and extortion campaign orchestrated by a cybercrime group called UNC2546. The attacks, which began in mid-December 2020, involved exploiting...
Accellion FTA Server-Side Request Forgery Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. A server-side request forgery vulnerability exists in Accellion FTA 912411 and earlier versions. An attacker can exploit this...
Accellion FTA OS Command Injection Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. An OS command injection vulnerability exists in Accellion FTA 912370 and earlier versions. An attacker can exploit this vulnerability by...
CVE-2021-27104
Accellion FTA 912370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA912380 and later...
CVE-2021-27102
Accellion FTA 912411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA912416 and later...
PT-2021-2474
Name of the Vulnerable Software and Affected Versions Accellion FTA versions 9 12 411 and earlier Description The issue concerns Accellion FTA File Transfer Application and relates to a failure to neutralize specific elements used in an operating system command. Exploitation may allow an attacker...