61 matches found
EUVD-2009-4610
Malware in sbrugna...
EUVD-2016-3435
Malware in sbrugna...
EUVD-2016-3436
Malware in sbrugna...
EUVD-2019-15197
Malware in sbrugna...
EUVD-2016-3437
Malware in sbrugna...
EUVD-2016-3434
Malware in sbrugna...
EUVD-2019-15198
Malware in sbrugna...
EUVD-2008-6971
Malware in sbrugna...
CVE-2009-4646
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string...
Accellion FTA Statecode Cookie Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Accellion FTA 'statecode' Cookie Arbitrary File Read", 'Description' = %q This module exploits a file disclosure vulnerability in the Accellion...
Exploitation of Accellion File Transfer Appliance
Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,1 New Zealand,2 Singapore,3 the United Kingdom,4 and the United States.56 These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance...
Ukrainian Police Nab Six Tied to CLOP Ransomware
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOPs victims this year alone include Stanford University Medical School, the University of...
The vulnerability of the Accellion FTA security system, which stems from insufficiently validated incoming requests, allows a perpetrator to carry out a SSRF attack and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA security system is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack and gain unauthorized access to protected information through specially created POST requests...
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance FTA server were exploited to steal sensitive business documents. As proof of access to the data...
CVE-2021-27730
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
CVE-2021-27731
Accellion FTA 912432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA912444 and later...
Accellion FTA 注入漏洞
Accellion FTA is an enterprise content firewall from Accellion USA, Inc. It provides a protection against data leakage and breaches from third-party network risks. An injection vulnerability exists in Accellion FTA 912432 and earlier, which stems from being vulnerable to parameter injection via a...
Accellion FTA Server-Side Request Forgery Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. A server-side request forgery vulnerability exists in Accellion FTA 912411 and earlier versions. An attacker can exploit this...
Accellion FTA OS Command Injection Vulnerability
Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. An OS command injection vulnerability exists in Accellion FTA 912370 and earlier versions. An attacker can exploit this vulnerability by...
CVE-2021-27103
Accellion FTA 912411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA912416 and later...