Zyxel ATP Security Vulnerability

The Zyxel ATP is a firewall from China's Heqin Zyxel. A security vulnerability exists in Zyxel ATP firmware versions 4.32 through 5.37 Patch 1, which originates from a vulnerability that could allow an authenticated attacker to execute certain operating system commands on the affected device via...

How ransomware changed in 2023

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. The gangs novel approach challenged a bottleneck that makes it...

PT-2024-20096 · Siemens · Sinec Nms

Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V2.0 SP1 Description: A vulnerability has been identified in the affected application, allowing users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other...

CVE-2023-40263

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection via ftp...

Atos Unify OpenScape Command Injection Vulnerability

Atos Unify OpenScape is a native SIP-based real-time Voice over IP system from Atos Unify. A command injection vulnerability exists in Atos Unify OpenScape Voice Trace Manager V8 V8 prior to R0.9.11, which originates from allowing authenticated command injection via ftp...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition.

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ for Solaris. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

The vulnerability of the PASV mode on the Solar FTP Server allows a hacker to induce a service failure.

The vulnerability of the PASV mode on the Solar FTP Server communication server is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2024-1017

A vulnerability was found in Gabriels FTP Server 1.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument USERNAME leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

PT-2024-16083 · Unknown · Gabriels Ftp Server

Name of the Vulnerable Software and Affected Versions: Gabriels FTP Server version 1.2 Description: A problematic issue affects some unknown processing in the software. The manipulation of the USERNAME argument leads to denial of service. The attack may be initiated remotely. It is estimated that...

Patch now! Fortra GoAnywhere MFT vulnerability exploit available

On January 22, 2024, software company Fortra warned customers about a new authentication bypass vulnerability impacting GoAnywhere MFT Managed File Transfer that allows an attacker to create a new admin user. Fortra GoAnywhere MFT is a file transfer solution that organizations use to exchange the...

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

curl: FTP too eager connection reuse

A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic...

Golden FTP Server Security Vulnerability

Golden FTP Server is an FTP service. A security vulnerability exists in Golden FTP Server version 2.02b. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

VulnCheck KEV: CVE-2024-0204

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...

PT-2024-15894 · Kmint21 · Kmint21 Golden Ftp Server

Name of the Vulnerable Software and Affected Versions: Kmint21 Golden FTP Server version 2.02b Description: A vulnerability was found in the PASV Command Handler component, which can lead to denial of service when manipulated. The attack can be initiated remotely. Recommendations: For Kmint21...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

It is an exploit module targeting the GoAnywhere MFT vulnerabili...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)

Binary data fortragoanywheremftCVE-2024-0204.nbin...

The vulnerability of the TFTP Server component of the Korenix microprogramming software for switches allows a hacker to circumvent existing security restrictions.

The vulnerability of the TFTP Server component of the Korenix microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions from a remote location...