Code injection

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin...

CVE-2022-28223

Tekon KIO devices (up to 2022-03-30) are affected. An authenticated admin can escalate to root by uploading a malicious Lua plugin , enabling privilege escalation with high impact. The documents do not specify exact affected versions/models, root-cause details, or a published fix. No exploitation...

CVE-2022-28223

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin...

Tekon KIO 代码问题漏洞

Tekon KIO is a controller from the Russian company Tekon. A security vulnerability exists in the Tekon KIO device that originates from allowing an authenticated administrator user to elevate privileges to root by uploading a malicious Lua plugin...

CVE-2022-25757

In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the attacker can bypass the bodyschema validation in the request-validation plugin. For example,...

Input validation

In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the attacker can bypass the bodyschema validation in the request-validation plugin. For example,...

CVE-2022-25757

CVE-2022-25757 (Apache APISIX) affects APISIX up to version 2.12.x before 2.13.0. When decoding JSON with duplicate keys, lua-cjson returns the last value, allowing an attacker to bypass the body_schema validation in the request-validation plugin (e.g., {"string_payload":"bad","string_payload":"g...

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

Lua Resource Management Error Vulnerability

Lua is a lightweight, extended open source scripting language from the Lua LUA team. Lua interpreter versions 5.4.0 through 5.4.3 are vulnerable to a resource management error, which can be exploited by attackers to execute Sandbox Escape via a specially crafted script file...

Debian-specific Redis Server Lua Sandbox Escape Vulnerability

Redis is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

CLSA-2022-1648136411 Fix of CVE: CVE-2022-22721, CVE-2022-22719, CVE-2022-23943, CVE-2022-22720

CVE-2022-22719: modlua: error out if luareadbody or luawritebody fail - CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory - CVE-2022-23943: modsed: use sizet to allow for larger...

CLSA-2022-1648136371 Fix of CVE: CVE-2022-22721, CVE-2022-23943, CVE-2022-22719, CVE-2022-22720

CVE-2022-22719: modlua: error out if luareadbody or luawritebody fail - CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory - CVE-2022-23943: modsed: use sizet to allow for larger...

CLSA-2022-1648136327 Fix CVE(s): CVE-2022-23943, CVE-2022-22720, CVE-2022-22721, CVE-2022-22719

SECURITY UPDATE: modlua Use of uninitialized value of in r:parsebody - debian/patches/CVE-2022-22719.patch: refactor luareadbody in order to catch all possible errors - CVE-2022-22719 SECURITY UPDATE: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier -...

VulnCheck KEV: CVE-2022-0543

Redis is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.

...

USN-5333-2 apache2 vulnerabilities

USN-5333-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote...

Internet Bug Bounty: Use of uninitialized value of in req_parsebody method of lua_request.c

Software Versions Ubuntu - 18.04 64-bit Apache 2.4.51 - 64 bit Cause of Bug This bug is present in the reqparsebody method of luarequest.c file. Below mentioned lines of code cause this bug. cpp const char data; int i; sizet vlen = 0; sizet len = 0; if luareadbodyr, &data, aprofft &size,...

CVE-2021-44964

A flaw was found in the Lua interpreter. This flaw allows an attacker who can have a malicious script executed by the interpreter, to cause a use-after-free issue that may result in a sandbox escape. Mitigation Ensure that the Lua interpreter runs only trusted scripts...

DEBIAN-CVE-2021-44964

Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...

CVE-2021-44964

Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...