Home
/
Reports
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
June 14, 2024
Trending Critical Vulnerabilities
CVE’s from Cytellite Sensors
Vulnerabilities Abused by Botnet
Vulnerabilities Abused by Malware
Pre-NVDs from LOVI
CVE-2024-4610
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
Medium
Affected Product
ARM Mali GPU Kernel Driver
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.8
EPSS Score
0.21262
Unknown
CVE-2024-4577
arrow pointing top right
Security Feature Bypass
CISA-KEV
OSS
Zero Day
Critical
Affected Product
PHP-CGI
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
9.8
EPSS Score
0.93199
Unknown
CVE-2024-32896
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
High
Affected Product
Google Pixel Firmwire
Exploited-in-Wild

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
0
EPSS Score
0.00154
Unknown
CVE-2024-4358
arrow pointing top right
Authentication bypass
CISA-KEV
OSS
Zero Day
Critical
Affected Product
Telerik Report Server
Exploited-in-Wild

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
9.8
EPSS Score
0.05027
Unknown
CVE-2024-26169
arrow pointing top right
Improper Privilege Management
CISA-KEV
OSS
Zero Day
High
Affected Product
Windows Error Reporting Service
Exploited-in-Wild

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.8
EPSS Score
0.0004
Unknown
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-4577
arrow pointing top right
CISA-KEV
Critical
Affected Products
PHP-CGI
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVE-2024-1709
arrow pointing top right
CISA-KEV
Critical

Authentication Bypass Vulnerability in ConnectWise ScreenConnect.

Affected Products
ConnectWise ScreenConnect
Exploited-in-Wild

ConnectWise ScreenConnect

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code execution vulnerability in Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1.

Affected Products
Metabase open source/Enterprise
Exploited-in-Wild

Metabase open source/Enterprise

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild

LB-LINK

CVE-2023-1389
arrow pointing top right
CISA-KEV
High

An unauthenticated command injection vulnerability found in the TP-Link Archer AX21 WiFi router.

Affected Products
TP-Link Archer AX21
Exploited-in-Wild

TP-Link Archer AX21

CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injection vulnerability via the Ping function in Tenda Products.

Affected Products
Tenda Devices
Exploited-in-Wild

Tenda Devices

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.
CVE-2023-1389
arrow pointing top right

An unauthenticated command injection vulnerability found in the TP-Link Archer AX21 WiFi router.

Affected Product
TP-Link Archer AX21
Exploit
green globe icon with magnifying glass

An unauthenticated Command Injection vulnerability in the TP-Link Archer AX21 WiFi router

Abused by Botnet
CVE-2017-17215
arrow pointing top right

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Exploit
green globe icon with magnifying glass

Remote code execution vulnerability in Huawei HG532 router

Abused by Botnet
CVE-2016-10372
arrow pointing top right

Improper protocol access control vulnerability in Eir D1000 modem .

Affected Product
Eir D1000 modem
Exploit
green globe icon with magnifying glass

Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 - Metasploit

Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.
CVE-2024-26169
arrow pointing top right
High

Elevation of privilege vulnerability in the Windows Error Reporting Service.

Patch
green globe icon with magnifying glass

Elevation of privilege vulnerability in the Windows Error Reporting Service

Targeted by Malware
CVE-2023-33246
arrow pointing top right
Critical

Remote code execution (RCE) vulnerability Apache RocketMQ.

Patch
green globe icon with magnifying glass

Remote code execution (RCE) vulnerability Apache RocketMQ

Targeted by Malware
CVE-2019-9082
arrow pointing top right
High

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Patch
green globe icon with magnifying glass

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Targeted by Malware
CVE-2018-20062
arrow pointing top right
High

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Patch
green globe icon with magnifying glass

Remote code execution (RCE) vulnerability in the ThinkPHP framework.

Targeted by Malware
PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-22512
arrow pointing top right
Remote code execution
Affected Product
Allegra Versions lower 7.5.1
Reference
green globe icon with magnifying glass

Allegra Versions lower 7.5.1

CVE-2024-30419
arrow pointing top right
Denial of service
Affected Product
python-idna-3.7-1.fc39
Reference
green globe icon with magnifying glass

python-idna-3.7-1.fc39

CVE-2024-30420
arrow pointing top right
Server-side request forgery
Affected Product
a-blog cms Versions earlier than Ver.3.1.12
Reference
green globe icon with magnifying glass

Response to vulnerabilities reported on JVN

CVE-2024-36041
arrow pointing top right
Broken Authentication and Session Management
Affected Product
plasma-workspace package
Reference
green globe icon with magnifying glass

plasma-workspace package

CVE-2024-5719
arrow pointing top right
Command Injection
Affected Product
Unified SecOps Platform
Reference
green globe icon with magnifying glass

Unified SecOps Platform

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Subscribe to our Reports

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Cybersecurity Solutions
Cloud Security Posture ManagementCloud Workload ProtectionOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoverySecurity & Threat Intelligence IntegrationsVulnerability IntelligenceThreat IntelligenceExternal Attack Surface DiscoveryVulnerability & Configuration Management
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy