33 matches found
EUVD-2016-3435
Malware in sbrugna...
EUVD-2019-15197
Malware in sbrugna...
EUVD-2008-6971
Malware in sbrugna...
EUVD-2016-3436
Malware in sbrugna...
EUVD-2016-3434
Malware in sbrugna...
EUVD-2016-3437
Malware in sbrugna...
Exploitation of Accellion File Transfer Appliance
Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,1 New Zealand,2 Singapore,3 the United Kingdom,4 and the United States.56 These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance...
The vulnerability of the Accellion FTA security system, which stems from insufficiently validated incoming requests, allows a perpetrator to carry out a SSRF attack and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA security system is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack and gain unauthorized access to protected information through specially created POST requests...
CVE-2021-27730
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
Accellion FTA 注入漏洞
Accellion FTA is an enterprise content firewall from Accellion USA, Inc. It provides a protection against data leakage and breaches from third-party network risks. An injection vulnerability exists in Accellion FTA 912432 and earlier, which stems from being vulnerable to parameter injection via a...
Accellion FTA OS Command Injection Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. An OS command injection vulnerability exists in Accellion FTA 912370 and earlier versions. An attacker can exploit this vulnerability by...
Accellion FTA Server-Side Request Forgery Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. A server-side request forgery vulnerability exists in Accellion FTA 912411 and earlier versions. An attacker can exploit this...
CVE-2019-5622
Accellion File Transfer Appliance version FTA80540 suffers from an instance of CWE-798: Use of Hard-coded Credentials...
Hardcoded credentials
Accellion File Transfer Appliance version FTA80540 suffers from an instance of CWE-798: Use of Hard-coded Credentials...
Command injection
Accellion File Transfer Appliance version FTA80540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection'...
CVE-2019-5623 Accellion File Transfer Appliance Improper Neutralization of Special Elements used in a Command ('Command Injection')
Accellion File Transfer Appliance version FTA80540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection'...
CVE-2017-8796
An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...
Accellion File Transfer Appliance Arbitrary Command Execution Vulnerability
Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. A security vulnerability exists in Accellion FTA versions prior to FTA91240. A remote attacker can exploit the...
Authentication flaw
The Accellion File Transfer Appliance FTA before FTA91240 allows remote authenticated users to execute arbitrary commands by leveraging the YUMCLIENT restricted-user role...
Sql injection
SQL injection vulnerability in home/seos/courier/securitykey2.api on the Accellion File Transfer Appliance FTA before FTA91240 allows remote attackers to execute arbitrary SQL commands via the clientid parameter...