Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-4277 — Pragmaticmates Realia: The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up
The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 21th percentile
CVE-2023-4276 — Johnkolbert Absolute_privacy: The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions
The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 26th percentile
CVE-2023-33468 — Kramerav Via_go2_firmware: VIA Connect (2) and VIA Go (2) devices with a version prior to
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen. CVSSv3.1 9.1 (CRITICAL) · EPSS 46th percentile
CVE-2023-39004 — Opnsense Opnsense: Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and
Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation. CVSSv3.1 9.8 (CRITICAL) · EPSS 53th percentile
CVE-2023-3632 — Kunduz Kunduz: Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass. This issue affects Kunduz - Homework Helper App: before 6.2.3. CVSSv3.1 9.8 (CRITICAL) · EPSS 6th percentile
CVE-2023-4243 — Full Full_-_customer: The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via
The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to execute code by installing plugins from arbitrary remote locations including non-repository sources onto the site, granted they are packaged as a valid WordPress plugin. CVSSv3.1 8.8 (HIGH) · EPSS 73th percentile
CVE-2023-4239 — Webcodingplace Real_estate_manager: The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions
The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'rem_save_profile_front' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update. CVSSv3.1 8.8 (HIGH) · EPSS 19th percentile
Finding and Exploiting Citrix NetScaler Buffer Overflow (CVE-2023-3519) (Part 3)
Assetnote published part 3 of a technical writeup on exploiting CVE-2023-3519, a heap buffer overflow in Citrix NetScaler that enables remote code execution. The article provides exploitation methodology and practical techniques for triggering and leveraging the vulnerability in the wild.
CVE-2023-36897 — Microsoft 365_apps: Visual Studio Tools for Office Runtime Spoofing Vulnerability
Visual Studio Tools for Office Runtime Spoofing Vulnerability CVSSv3.1 8.1 (HIGH) · EPSS 37th percentile
CVE-2023-3522 — A2technology License_portal_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 License Portal System allows SQL Injection.This issue affects License Portal System: before 1.48. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3386 — A2technology Camera_trap_tracking_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3651 — Digital-ant Digital_ant: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Ant E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: before 11. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3716 — Oduyo Online_collection: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oduyo Online Collection Software allows SQL Injection. This issue affects Online Collection Software: before 1.0.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3717 — Farmakom Remote_administration_console: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3898 — Mayanets E-commerce: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mAyaNet E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: before 1.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-36095 — Langchain Langchain: An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt. CVSSv3.1 9.8 (CRITICAL) · EPSS 65th percentile
CVE-2023-4142 — Smackcoders Wp_ultimate_csv_importer: The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus1' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that this means remote code ex CVSSv3.1 8.0 (HIGH) · EPSS 89th percentile
CVE-2023-4141 — Smackcoders Wp_ultimate_csv_importer: The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus2' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to create a PHP file and execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that thi CVSSv3.1 8.0 (HIGH) · EPSS 89th percentile
CVE-2023-38951 — Zkteco Biotime: 8.5.5 through 9.x before 9.0.1 (20240617.19506) allows authenticated attackers to create or
ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 (20240617.19506) allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input sanitization on the SSH Key field. Overwriting specific files may lead to arbitrary code execution as NT AUTHORITY\SYSTEM. CVSSv3.1 9.8 (CRITICAL) · EPSS 87th percentile
CVE-2023-38950 — Zkteco Biotime: A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. This vulnerability was fixed in version 9.0.120240617.19506 of ZKBioTime. CVSSv3.1 7.5 (HIGH) · EPSS 100th percentile
Impacket 0.11.0
Impacket 0.11.0 released with significant enhancements to Kerberos handling, SMB protocol support, and example tools. Notable additions include MS-TSTS Terminal Services protocol implementation, SASL LDAP authentication, improved ntlmrelayx capabilities with DNS record registration via LDAP, and new utilities like changepasswd.py and DumpNTLMInfo.py for credential and host enumeration.
CVE-2023-37679 — Nextgen Mirth_connect: A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to
A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile
CVE-2023-38954 — Zkteco Bioaccess_ivs: BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability. CVSSv3.1 9.8 (CRITICAL) · EPSS 40th percentile
CVE-2023-36255 — Eramba Eramba: An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. CVSSv3.1 8.8 (HIGH) · EPSS 99th percentile
CVE-2023-36082 — Gatesair Flexiva_fax_150w_firmware: An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to
An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials. CVSSv3.1 9.8 (CRITICAL) · EPSS 57th percentile