54 matches found
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution RCE on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping ORM library and prepared statements," SonarSource researcher Thomas...
Icinga Web 2.10 - Arbitrary File Disclosure
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...
Cacti 1.2.22 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti 1.2.22 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to ...
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to ...
Researchers Report Supply Chain Vulnerability in Packagist PHP Repository
Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks. "This vulnerability allows gaining control of Packagist," SonarSource researcher Thomas...
Exploit for CRLF Injection in Catchethq Catchet
CVE-2021-39172 Cachet 2.4: Code Execution via Laravel C...
CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 CVSS score: 7.5, the issue concerns a path...
CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue in question is CVE-2022-27924 CVSS score:...
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially...
Exposure of Sensitive Information to an Unauthorized Actor in SonarSource SonarQube API
A vulnerability in the API of SonarSource SonarQube before 7.5 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application. The vulnerability occurs because of improperly configured access controls that cause the API to return the...
Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails
An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability ... can be easily exploited by an attacker by sending a malicious email to a victim that uses...
Vulnerability Research Highlights 2021
At SonarSource we are constantly improving our code analyzers to help developers write Clean Code. The detection of severe code vulnerabilities plays an important role in this process so that applications are protected from attacks and security breaches. For this same reason, our research team...
Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD
GoCD, written in Java, is a popular CI/CD solution with a large range of users from NGOs to Fortune 500 companies with billions of dollars in revenue. Naturally, this makes it a critical piece of infrastructure and an extremely attractive target for attackers. In order to automate build and relea...
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
An out-of-bounds read vulnerability in the Squirrel programming language lets attackers break out of sandbox restrictions and execute arbitrary code within a Squirrel virtual machine VM, thus giving a malicious actor complete access to the underlying machine. Given where Squirrel lives – in games...
Product portals open: we want your input
SonarSource was born from open source software and most of what we do remains FLOSS, so openness and transparency have always been fundamental principles. With a recent change in how we approach product management, we've gone even further. We've recently opened up product portals on Productboard...
Cachet vulnerable to forced reinstall
Impact Authenticated users, regardless of their privileges User or Admin, can trick Cachet and install the instance again, leading to arbitrary code execution on the server. Patches This issue was addressed by improving the middleware ReadyForUse, which now performs a stricter validation of the...
Cachet vulnerable to new line injection during configuration edition
Impact Authenticated users, regardless of their privileges User or Admin, can exploit a new line injection in the configuration edition feature e.g. mail settings and gain arbitrary code execution on the server. Patches This issue was addressed by improving UpdateConfigCommandHandler and preventi...
Compilation database: An alternative way to configure your C or C++ analysis
Analyzing C or C++ code requires - in addition to the source code - the configuration that is used to build the code. At SonarSource, we have provided a tool to automate the extraction of this information, the build wrapper. This tool has been used successfully with many projects, yet there are...
Zimbra Server Bugs Could Lead to Email Plundering
Zimbra webmail server has two flaws that could let an attacker paw through the inbox and outbox of all the employees in all the enterprises that use the immensely popular collaboration tool, researchers say. In a Tuesday writeup, SonarSource called it a “drastic” situation, given Zimbra’s...