Home
/
Reports
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
July 12, 2024
Trending Critical Vulnerabilities
CVE’s from Cytellite Sensors
Vulnerabilities Abused by Botnet
Vulnerabilities Abused by Malware
Pre-NVDs from LOVI
CVE-2024-38080
arrow pointing top right
Privilege Escalation
CISA-KEV
OSS
Zero Day
High
Affected Product
Windows Hyper-V
Exploited-in-Wild

CISA Adds three known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
7.8
EPSS Score
0.00051
Unknown
CVE-2024-23692
arrow pointing top right
Template Injection
CISA-KEV
OSS
Zero Day
Critical
Affected Product
Rejetto HTTP File Server
Exploited-in-Wild

CISA Adds three known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
9.8
EPSS Score
0.95432
Unknown
CVE-2024-38112
arrow pointing top right
Spoofing vulnerability
CISA-KEV
OSS
Zero Day
High
Affected Product
Microsoft Windows MSHTML Platform
Exploited-in-Wild

CISA Adds three known Exploited Vulnerabilities to Catalog

CVSS Score
Unknown
8.1
EPSS Score
0.01649
Unknown
CVE-2024-29510
arrow pointing top right
Format String vulnerability
CISA-KEV
OSS
Zero Day
Medium
Affected Product
Artifex Ghostscript
Exploited-in-Wild

Artifex Ghostscript

CVSS Score
Unknown
6.3
EPSS Score
0.00129
Unknown
CVE-2024-5441
arrow pointing top right
Arbitrary File Upload
CISA-KEV
OSS
Zero Day
High
Affected Product
Modern Events Calendar plugin
Exploited-in-Wild

Modern Events Calendar plugin

CVSS Score
Unknown
8.8
EPSS Score
0.0005
Unknown
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2023-49103
arrow pointing top right
CISA-KEV
Critical

Information DisclosureVulnerability in ownCloud graphapi.

Affected Products
ownCloud graphapi
Exploited-in-Wild

ownCloud graphapi

CVE-2023-22527
arrow pointing top right
CISA-KEV
Critical

Template injection vulnerability in Out-of-DateVersions of Confluence Data Center and Server leads to remote code execution

Affected Products
Confluence Data Center and Server
Exploited-in-Wild

Confluence Data Center and Server

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code execution vulnerability in Metabaseopen source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1.

Affected Products
Metabase open source/Enterprise
Exploited-in-Wild

Metabase open source/Enterprise

CVE-2023-33010
arrow pointing top right
CISA-KEV
Critical

Buffer overflow vulnerability in the ID processingfunction in Zyxel ATP series firmware versions leads to denial of service orremote code execution on affected device

Affected Products
Zyxel ATP series firmware
Exploited-in-Wild

Zyxel ATP series firmware

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild

LB-LINK

CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command Injection Vulnerability in TP-Link ArcherAX-21.

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild

TP-Link Archer AX-21

CVE-2022-41040
arrow pointing top right
CISA-KEV
High

Server-Side Request Forgery Vulnerability inMicrosoft Exchange Server

Affected Products
Microsoft Exchange Server
Exploited-in-Wild

Microsoft Exchange Server

CVE-2022-34045
arrow pointing top right
CISA-KEV
Critical

Hardcoded encryption/decryption key vulnerabilityin Wavlink

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-30489
arrow pointing top right
CISA-KEV
Medium

cross-site scripting vulnerability in WavlinkDevices

Affected Products
Wavlink Devices
Exploited-in-Wild

False

CVE-2022-30023
arrow pointing top right
CISA-KEV
High

Command injection vulnerability via the Pingfunction in Tenda Products

Affected Products
Tenda Devices
Exploited-in-Wild

False

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.
CVE-2023-1389
arrow pointing top right

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Affected Product
TP-Link Archer AX21
Exploit
green globe icon with magnifying glass

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Abused by Botnet
CVE-2023-26801
arrow pointing top right

Command injection vulnerability in LB-LINKBL-AC1900_2.0 1.0.1, BL-WR9000 2.4.9, BL-X26 1.2.5 and BL-LTE300 1.0.8

Affected Product
LB-LINK BL Devices
Exploit
green globe icon with magnifying glass

Command injection vulnerability in LB-LINKBL-AC1900_2.0 1.0.1, BL-WR9000 2.4.9, BL-X26 1.2.5 and BL-LTE300 1.0.8

Abused by Botnet
CVE-2021-41773
arrow pointing top right

Path traversal vulnerability in Apache HTTP Server

Affected Product
Apache HTTP Server
Exploit
green globe icon with magnifying glass

Path traversal vulnerability in Apache HTTP Server

Abused by Botnet

Zerobot

CVE-2017-17215
arrow pointing top right

Remote code execution vulnerability in Huawei HG532router

Affected Product
Huawei HG532
Exploit
green globe icon with magnifying glass

Remote code execution vulnerability in Huawei HG532router

Abused by Botnet

Sysrvbotnet

CVE-2017-9841
arrow pointing top right

Arbitrary PHP code execution vulnerability inUtil/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3

Affected Product
Util/PHP/eval-stdin.php in PHPUni
Exploit
green globe icon with magnifying glass

Arbitrary PHP code execution vulnerability inUtil/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3

Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.
CVE-2024-21412
arrow pointing top right
High

Security Feature Bypass vulnerability in MicrosoftInternet Shortcut Files

Patch
green globe icon with magnifying glass

Security Feature Bypass vulnerability in MicrosoftInternet Shortcut Files

Targeted by Malware

CVE-2023-27532
arrow pointing top right
High

Missing authentication vulnerability in VeeamBackup & Replication component

Patch
green globe icon with magnifying glass

Missing authentication vulnerability in VeeamBackup & Replication component

Targeted by Malware

Estate Ransomware

PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-23967
arrow pointing top right
Stack-based Buffer Overflow
Affected Product
Autel MaxiCharger AC Elite Business C50
Reference
green globe icon with magnifying glass

Autel MaxiCharger AC Elite Business C50

CVE-2024-23960
arrow pointing top right
Improper Verification of Cryptographic Signature
Affected Product
Alpine Halo9
Reference
green globe icon with magnifying glass

Alpine Halo9

CVE-2024-23963
arrow pointing top right
Stack-based Buffer Overflow
Affected Product
Alpine Halo9
Reference
green globe icon with magnifying glass

Alpine Halo9

CVE-2024-5719
arrow pointing top right
Remote Code Execution
Affected Product
Logsign Unified SecOps Platform
Reference
green globe icon with magnifying glass

Logsign Unified SecOps Platform

CVE-2023-39180
arrow pointing top right
Denial-of-Service
Affected Product
Linux kernel
Reference
green globe icon with magnifying glass

Linux kernel

CVE-2023-39176
arrow pointing top right
Out-Of-Bounds Read
Affected Product
Linux kernel
Reference
green globe icon with magnifying glass

Linux kernel

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Subscribe to our Reports

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Cybersecurity Solutions
Cloud Security Posture ManagementCloud Workload ProtectionOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoverySecurity & Threat Intelligence IntegrationsVulnerability IntelligenceThreat IntelligenceExternal Attack Surface DiscoveryVulnerability & Configuration Management
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy