Home
/
Reports
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
May 17, 2024
Trending Critical Vulnerabilities
CVE’s from Cytellite Sensors
Vulnerabilities Abused by Botnet
Vulnerabilities Abused by Malware
Pre-NVDs from LOVI
CVE-2024-30051
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
High
Affected Product
Windows DWM Core Library
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.8
EPSS Score
0.00144
Unknown
CVE-2024-30040
arrow pointing top right
Security Feature Bypass
CISA-KEV
OSS
Zero Day
High
Affected Product
Windows MSHTML Platform
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
8.8
EPSS Score
0.00806
Unknown
CVE-2024-4947
arrow pointing top right
Type Confusion
CISA-KEV
OSS
Zero Day
High
Affected Product
Google Chrome
Exploited-in-Wild

Stable Channel Update for Desktop

CVSS Score
Unknown
0
EPSS Score
0
Unknown
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-3273
arrow pointing top right
CISA-KEV
High

Command Injection vulnerability in D-Link DNS-320L,DNS-325, DNS-327L and DNS-340L up to 20240403

Affected Products
D-Link DNS devices
Exploited-in-Wild

D-Link DNS devices

CVE-2023-4966
arrow pointing top right
CISA-KEV
High

Sensitive information disclosure  vulnerability in NetScaler ADC and NetScaler Gateway

Affected Products
Citrix Netscaler
Exploited-in-Wild

Citrix Netscaler

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code  execution vulnerability in Metabase open source before 0.46.6.1 and Metabase  Enterprise before 1.46.6.1.

Affected Products
Metabase open source/enterprise
Exploited-in-Wild

Metabase open source/enterprise

CVE-2023-31192
arrow pointing top right
CISA-KEV
Medium

Information Disclosure vulnerability in the ClientConnect() functionality of SoftEther VPN .

Affected Products
SoftEther VPN
Exploited-in-Wild

False

CVE-2023-33010
arrow pointing top right
CISA-KEV
Critical

Buffer overflow vulnerability found in the ID processing function within Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1 and USG FLEX series devices.

Affected Products
Zyxel ATP series firmware
Exploited-in-Wild

Zyxel ATP series firmware

CVE-2023-23752
arrow pointing top right
CISA-KEV
Medium

Improper Access Control Vulnerability in Joomla!

Affected Products
Joomla
Exploited-in-Wild

Joomla

CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injection vulnerability via the Ping function in Tenda Products.

Affected Products
Tenda Devices
Exploited-in-Wild

Tenda Devices

CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command Injection Vulnerability in TP-Link Archer AX-21.

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild

TP-Link Archer AX-21

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild

LB-LINK

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.
CVE-2023-26801
arrow pointing top right

Command injection vulnerability affecting LB-LINK routers.

Affected Product
LB-LINK Devices
Exploit
green globe icon with magnifying glass

Old Wine in the New Bottle: Mirai Variant Targets Multiple IoT Devices

Abused by Botnet
CVE-2023-1389
arrow pointing top right

Command Injection Vulnerability in TP-Link Archer AX-21.

Affected Product
TP-Link Archer AX-21
Exploit
green globe icon with magnifying glass

Github Voyag3r-Security/CVE-2023-1389

Abused by Botnet
CVE-2017-17215
arrow pointing top right

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Exploit
green globe icon with magnifying glass

Github kd992102/CVE-2017-17275

Abused by Botnet
CVE-2016-10372
arrow pointing top right

Improper protocol access control vulnerability in Eir D1000 modem .

Affected Product
Eir D1000 modem
Exploit
green globe icon with magnifying glass

Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 - Metasploit

Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.
CVE-2024-30051
arrow pointing top right
High

Elevation of Privilege (EoP)  vulnerability in the Desktop Window Manager (DWM) Core Library of Microsoft Windows.

Patch
green globe icon with magnifying glass

Windows DWM Core Library Elevation of Privilege Vulnerability

Targeted by Malware
PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-30658
arrow pointing top right
Denial-of-Service
Affected Product
ROS Melodic Morenia (ROS_VERSION=1 and ROS_PYTHON_VERSION=3)
Reference
green globe icon with magnifying glass

Github Repository/yashpatelphd

CVE-2024-30419
arrow pointing top right
Stored cross-site scripting
Affected Product
a-blog cms Versions earlier than Ver.3.1.12
Reference
green globe icon with magnifying glass

JVN#70977403 Multiple vulnerabilities in a-blog cms

CVE-2024-30420
arrow pointing top right
Server-side request forgery
Affected Product
a-blog cms Versions earlier than Ver.3.1.12
Reference
green globe icon with magnifying glass

a-blog cms Versions earlier than Ver.3.1.12

CVE-2024-2046
arrow pointing top right
Arbitrary local file reading
Affected Product
Telegram Version 10.8.2
Reference
green globe icon with magnifying glass

Telegram Version 10.8.2

CVE-2024-28880
arrow pointing top right
Path Traversal
Affected Product
S-Mind LLC
Reference
green globe icon with magnifying glass

Multiple vulnerabilities in MosP attendance management

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Subscribe to our Reports

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Cybersecurity Solutions
Cloud Security Posture ManagementCloud Workload ProtectionOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoverySecurity & Threat Intelligence IntegrationsVulnerability IntelligenceThreat IntelligenceExternal Attack Surface DiscoveryVulnerability & Configuration Management
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy