Home
/
Reports
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
June 7, 2024
Trending Critical Vulnerabilities
CVE’s from Cytellite Sensors
Vulnerabilities Abused by Botnet
Vulnerabilities Abused by Malware
Pre-NVDs from LOVI
CVE-2024-24919
arrow pointing top right
Information Disclosure Vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Check Point Quantum Security Gateways
Exploited-in-Wild

Check Point Quantum Security Gateways

CVSS Score
Unknown
8.6
EPSS Score
0.94504
Unknown
CVE-2024-1086
arrow pointing top right
Use-after-free vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Linux Kernel
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.8
EPSS Score
0.00969
Unknown
CVE-2017-3506
arrow pointing top right
Code execution vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Oracle WebLogic Server
Exploited-in-Wild

CISA Adds One Known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.4
EPSS Score
0.8686
Unknown
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-3273
arrow pointing top right
CISA-KEV
High

CommandInjection Vulnerability in D-Link NAS devices

Affected Products
D-Link DNS devices
Exploited-in-Wild

D-Link DNS devices

CVE-2023-49103
arrow pointing top right
CISA-KEV
Critical

Information DisclosureVulnerability in ownCloud graphapi

Affected Products
ownCloud graphapi
Exploited-in-Wild

ownCloud graphapi

CVE-2023-46747
arrow pointing top right
CISA-KEV
Critical

F5 BIG-IP ConfigurationUtility Authentication Bypass Vulnerability

Affected Products
F5 BIG-IP
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities Catalog

CVE-2023-4415
arrow pointing top right
CISA-KEV
High

ImproperAuthentication vulnerability in Ruijie RG-EW1200G 07161417 r483

Affected Products
Ruijie RG-EW1200G 07161417 r483
Exploited-in-Wild

False

CVE-2023-23752
arrow pointing top right
CISA-KEV
Medium

Joomla! Improper AccessControl Vulnerability

Affected Products
Joomla
Exploited-in-Wild

Joomla

CVE-2023-4966
arrow pointing top right
CISA-KEV
High

Buffer Overflow Vulnerability in Citrix NetScaler ADC andNetScaler Gateway

Affected Products
Citrix Netscaler
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities Catalog

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remotecode execution vulnerability in Metabase open source and Metabase Enterprise

Affected Products
Metabase open source/Enterprise
Exploited-in-Wild

Metabase open source/Enterprise

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

 Command  injection vulnerability in LB-LINK devices 

Affected Products
LB-LINK
Exploited-in-Wild

LB-LINK

CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command InjectionVulnerability in TP-Link Archer AX-21

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild

TP-Link Archer AX-21

CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injectionvulnerability via the Ping function in Tenda Products

Affected Products
Tenda Devices
Exploited-in-Wild

Tenda Devices

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.
CVE-2023-1389
arrow pointing top right

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Affected Product
TP-Link Archer AX21
Exploit
green globe icon with magnifying glass

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Abused by Botnet
CVE-2023-26801
arrow pointing top right

Command injection vulnerability in LB-LINK

Affected Product
Lb-Link Devices
Exploit
green globe icon with magnifying glass

Command injection vulnerability in LB-LINK

Abused by Botnet

Mirai

CVE-2017-17215
arrow pointing top right

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Exploit
green globe icon with magnifying glass

Remote code execution vulnerability in Huawei HG532 router

Abused by Botnet
CVE-2016-10372
arrow pointing top right

Improper protocol access control vulnerability in Eir D1000 modem.

Affected Product
Eir D1000 modem
Exploit
green globe icon with magnifying glass

Improper protocol access control vulnerability in Eir D1000 modem

Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.
CVE-2023-21839 
arrow pointing top right
High

critical vulnerability in Oracle WebLogic Server

Patch
green globe icon with magnifying glass

critical vulnerability in Oracle WebLogic Server

Targeted by Malware

8220 Gang 

CVE-2020-1472
arrow pointing top right
Critical

Microsoft Netlogon Privilege Escalation Vulnerability

Patch
green globe icon with magnifying glass

Microsoft Netlogon Privilege Escalation Vulnerability

Targeted by Malware

RansomHub

CVE-2018-4233
arrow pointing top right
High

Code execution vulnerability affecting WebKit

Patch
green globe icon with magnifying glass

Code execution vulnerability affecting WebKit 

Targeted by Malware

LightSpy

CVE-2018-4404
arrow pointing top right
High

Memory corruption vulnerability in Apple products iOS and macOS operating systems

Patch
green globe icon with magnifying glass

Memory corruption vulnerability in Apple products iOS and macOS operating systems

Targeted by Malware

LightSpy

CVE-2017-3506 
arrow pointing top right
High

critical vulnerability in the Oracle WebLogic Server

Patch
green globe icon with magnifying glass

critical vulnerability in the Oracle WebLogic Server

Targeted by Malware

8220 Gang 

PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-28038
arrow pointing top right
Stack-Based Buffer Overflow
Affected Product
Multiple multi-function printers by Sharp Corporation and Toshiba
Reference
green globe icon with magnifying glass

Multiple multi-function printers by Sharp Corporation and Toshiba

CVE-2023-26322
arrow pointing top right
Remote Code Execution
Affected Product
Xiaomi Pro 13
Reference
green globe icon with magnifying glass

Xiaomi Pro 13

CVE-2021-32007
arrow pointing top right
Information disclosure
Affected Product
Secomea GateManager webserver
Reference
green globe icon with magnifying glass

Secomea GateManager webserve

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Subscribe to our Reports

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Cybersecurity Solutions
Cloud Security Posture ManagementCloud Workload ProtectionOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoverySecurity & Threat Intelligence IntegrationsVulnerability IntelligenceThreat IntelligenceExternal Attack Surface DiscoveryVulnerability & Configuration Management
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy