13 matches found
Froxlor's API Authentication bypasses 2FA Authentication
Summary Froxlor's API authentication FroxlorRPC::validateAuth does not enforce Two-Factor Authentication. When a user admin or customer enables 2FA on their account, the web UI correctly requires a TOTP code after password verification. However, the API accepts requests authenticated with only an...
PT-2026-48125
Summary Froxlor's API authentication FroxlorRPC::validateAuth does not enforce Two-Factor Authentication. When a user admin or customer enables 2FA on their account, the web UI correctly requires a TOTP code after password verification. However, the API accepts requests authenticated with only an...
Malicious code in strapi-plugin-server (npm)
strapi-plugin-server is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology...
MAL-2024-10500 Malicious code in eth-cmeta (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e390d3f621f6795cefcac7ff48cd9734854f2734360b55599683db6ece8b468d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7865 Malicious code in some-dependency-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56bfd6dfa88a2c4dc649901d7693d3996a1297067a93e70d1b3382ff9b1448f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7102 Malicious code in @zitterorg/ab-fugiat-impedit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d432bd9ce4ff557027d8683e72756af43e8b5ee86165974fa36e7991bced1ecc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7225 Malicious code in @zitterorg/illum-perferendis-consectetur (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26c3bf9aa992411b0245993a478b6e6618a7ceb089afc8b5a9abbc82eb88e72d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7382 Malicious code in @zitterorg/sit-vel-delectus (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54bfa38d2b63aa8984c09de50f43e8a7e6edd21efa7ea6ba17bc4f63a7b4ab69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-278 Malicious code in wlwz-2312-1200 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0d1964220483403bc04aefa2c67663a5e8f8d7f044b20a8341d5e1fe25a3bb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6212 Malicious code in some-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8156422985121c50c8388169e03a62b1ace6399e2fb83cee3860fa03e57d3e1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in abu-news-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0e3522803d9a80fcb186ab8177b4349b1fd1ede2f311d263455a07bdf492bfb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6865 Malicious code in useragent-corev2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d6e212f2c61f9a29fd610a2668235854bd6c1a991cc52985782f710b2e33398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-652 Malicious code in @tinkoff-react-bui/context-menu (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f239b4e149956ae7fcbe368e6040942fc96e8fd6a13a332a4c1e64cffb9747d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...