Security News
A new malware botnet named 'AndoryuBot' is targeting a critical-severity flaw in the Ruckus Wireless Admin panel to infect unpatched Wi-Fi access points for use in DDoS attacks.Tracked as CVE-2023-25717, the flaw impacts all Ruckus Wireless Admin panels version 10.4 and older, allowing remote attackers to perform code execution by sending unauthenticated HTTP GET requests to vulnerable devices.
A new proof-of-concept exploit for an actively exploited PaperCut vulnerability was released that bypasses all known detection rules. The PaperCut vulnerability, tracked as CVE-2023-27350, is a critical severity unauthenticated remote code execution flaw in PaperCut MF or NG versions 8.0 or later that has been exploited in ransomware attacks.
Cisco has revealed the existence of a critical vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. "This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware," Cisco's security advisory explains.
Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices. These phone adapters are a popular choice in the industry for incorporating analog phones into VoIP networks without upgrading.
The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday released an Industrial Control Systems advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the CVSS scoring system for its low attack complexity.
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and execute commands. Apache Superset is an open-source data visualization and exploration tool initially developed for Airbnb before it became a top-level project at the Apache Software Foundation in 2021.
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. Ai, described the issue as "a dangerous default configuration in Apache Superset that allows an unauth attacker to gain remote code execution, harvest credentials, and compromise data."
APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices and, in a worst-case scenario, disabling its functionality altogether.While denial-of-service flaws are generally not considered very dangerous, as many UPS devices are located in data centers, the consequences of such an outage are magnified as it could block the remote management of devices.
Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. Today, the software developer updated its March 2023 security bulletin to warn customers that the vulnerabilities are now actively exploited by hackers.
Oxeye discovered a new vulnerability in the HashiCorp Vault Project, an identity-based secrets and encryption management system that controls access to API encryption keys, passwords, and certificates. The vulnerability was an SQL injection vulnerability that potentially could lead to a Remote Code Execution.