Tag: Remote Code Execution
-
The Register: 700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Source URL: https://www.theregister.com/2024/10/02/draytek_routers_bugs/ Source: The Register Title: 700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking Feedly Summary: With 14 serious security flaws found, what a gift for spies and crooks Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS…
-
Hacker News: Bugs Found in Cups
Source URL: https://www.thestack.technology/critical-9-9-linux-bug-cups-your-ears-the-details-are-now-here/ Source: Hacker News Title: Bugs Found in Cups Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses several critical vulnerabilities in the Common UNIX Printing System (CUPS) that pose risks primarily to Linux distributions, including Red Hat Enterprise Linux. The vulnerabilities allow for potential remote code execution (RCE) via…
-
Hacker News: Attacking Unix Systems via Cups, Part I
Source URL: https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ Source: Hacker News Title: Attacking Unix Systems via Cups, Part I Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text presents a detailed analysis of vulnerabilities in the Common Unix Printing System (CUPS), particularly focusing on how these flaws can lead to Remote Code Execution (RCE) attacks on UNIX systems.…
-
The Register: Doomsday 9.9 RCE bug could hit every Linux system – and more
Source URL: https://www.theregister.com/2024/09/26/unauthenticated_rce_bug_linux/ Source: The Register Title: Doomsday 9.9 RCE bug could hit every Linux system – and more Feedly Summary: No fix plus a POC exploit equals bad news Details about a critical, 9.9-rated unauthenticated RCE affecting all GNU/Linux systems — and possibly others — will soon be revealed, according to bug hunter Simone Margaritelli, who…
-
Cisco Talos Blog: Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC
Source URL: https://blog.talosintelligence.com/talos-discovers-denial-of-service-vulnerability-in-microsoft-audio-bus-potential-remote-code-execution-in-popular-open-source-plc/ Source: Cisco Talos Blog Title: Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC Feedly Summary: Talos researchers have disclosed three vulnerabilities in OpenPLC, a popular open-source programmable logic controller. AI Summary and Description: Yes **Summary:** The text details the recent disclosure of multiple vulnerabilities…
-
Hacker News: Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability
Source URL: https://blog.sonicwall.com/en-us/2024/09/critical-exploit-in-mediatek-wi-fi-chipsets-zero-click-vulnerability-cve-2024-20017-threatens-routers-and-smartphones/ Source: Hacker News Title: Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes CVE-2024-20017, a critical zero-click vulnerability affecting MediaTek Wi-Fi chipsets used in various consumer devices. With a CVSS score of 9.8, this flaw allows remote code execution and has…
-
Hacker News: Attacking PowerShell Clixml Deserialization
Source URL: https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization Source: Hacker News Title: Attacking PowerShell Clixml Deserialization Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text details a series of research findings related to security vulnerabilities associated with PowerShell’s CLIXML deserialization mechanism. Specifically, it highlights the risks stemming from the serialization and deserialization processes in PowerShell, emphasizing how these…
-
Cisco Talos Blog: Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API
Source URL: https://blog.talosintelligence.com/vulnerability-roundup-sept-11-2024/ Source: Cisco Talos Blog Title: Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API Feedly Summary: CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges. AI Summary and Description: Yes Summary: The text…