Home
/
Reports
/
Weekly Threat & Vulnerabilities Report

Weekly Threat & Vulnerabilities Report

Report
July 5, 2024
Trending Critical Vulnerabilities
CVE’s from Cytellite Sensors
Vulnerabilities Abused by Botnet
Vulnerabilities Abused by Malware
Pre-NVDs from LOVI
CVE-2024-0769
arrow pointing top right
Command Injection
CISA-KEV
OSS
Zero Day
Critical
Affected Product
D-Link DIR-859 1.06B01
Exploited-in-Wild

D-Link DIR-859 1.06B01

CVSS Score
Unknown
9.8
EPSS Score
0.00212
Unknown
CVE-2024-20399
arrow pointing top right
OS Command Injection
CISA-KEV
OSS
Zero Day
Medium
Affected Product
Cisco NX-OS
Exploited-in-Wild

Cisco NX-OS

CVSS Score
Unknown
6.7
EPSS Score
0.00254
Unknown
CVE-2024-6387
arrow pointing top right
Race Condition
CISA-KEV
OSS
Zero Day
High
Affected Product
OpenSSH's server (sshd)
Exploited-in-Wild

OpenSSH's server (sshd)

CVSS Score
Unknown
8.1
EPSS Score
0.00063
Unknown
CVE-2024-39891
arrow pointing top right
Unauthenticated Endpoint
CISA-KEV
OSS
Zero Day
Medium
Affected Product
Twilio Authy API
Exploited-in-Wild

Twilio Authy API

CVSS Score
Unknown
5.3
EPSS Score
0.00045
Unknown
CVE-2024-38366
arrow pointing top right
Remote Code Execution
CISA-KEV
OSS
Zero Day
Critical
Affected Product
CocoaPods Trunk
Exploited-in-Wild

False

CVSS Score
Unknown
10
EPSS Score
0.00045
Unknown
CVE-2024-23692
arrow pointing top right
Template injection
CISA-KEV
OSS
Zero Day
Critical
Affected Product
Rejetto HTTP File Server
Exploited-in-Wild

Rejetto HTTP File Server

CVSS Score
Unknown
9.8
EPSS Score
0.0021
Unknown
Exploit Activity and Mass Scanning Observed on Cytellite Sensors
Telemetry collected from Loginsoft sensors were analyzed and processed to derive insights on what is actively being exploited and actively being scanned.  As source of truth, source IPv4 addresses & payloads can be provided on need-to-know basis.
CVE-2024-3400
arrow pointing top right
CISA-KEV
Critical

Command Injection vulnerability in theGlobalProtect feature of Palo Alto Networks PAN-OS

Affected Products
PaloAlto Networks PAN-OS
Exploited-in-Wild

PaloAlto Networks PAN-OS

CVE-2024-29973
arrow pointing top right
CISA-KEV
Critical

Command Injection vulnerability in “setCookie”parameter in Zyxel NAS326 and NAS542 devices

Affected Products
Zyxel NAS326 and NAS542 devices
Exploited-in-Wild

False

CVE-2024-22729
arrow pointing top right
CISA-KEV
Critical

Command injection vulnerability in NETIS SYSTEMSMW5360 V1.0.1.3031 via the password parameter on the login page

Affected Products
NETIS SYSTEMS MW5360 V1.0.1.3031
Exploited-in-Wild

False

CVE-2023-4966
arrow pointing top right
CISA-KEV
High

Buffer Overflow Vulnerability in Citrix NetScalerADC and NetScaler Gateway

Affected Products
Citrix Netscaler
Exploited-in-Wild

Citrix Netscaler

CVE-2023-6549
arrow pointing top right
CISA-KEV
High

Buffer Overflow vulnerability in Citrix NetScalerADC and NetScaler Gateway leads to unauthenticated denial of service

Affected Products
Citrix NetScaler ADC and NetScaler Gateway
Exploited-in-Wild

Citrix NetScaler ADC and NetScaler Gateway

CVE-2023-38646
arrow pointing top right
CISA-KEV
Critical

Remote code execution vulnerability in Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1.

Affected Products
Metabase open source/Enterprise
Exploited-in-Wild

Metabase open source/Enterprise

CVE-2023-33010
arrow pointing top right
CISA-KEV
Critical

Buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions leads to denial of service or remote code execution on affected device

Affected Products
Zyxel ATP series firmware
Exploited-in-Wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CVE-2023-20198
arrow pointing top right
CISA-KEV
Critical

Privilege escalation vulnerability in web UI feature of Cisco IOS XE Software

Affected Products
Cisco IOS XE Web UI
Exploited-in-Wild

Cisco IOS XE Web UI

CVE-2023-1389
arrow pointing top right
CISA-KEV
High

Command  Injection Vulnerability in TP-Link Archer AX-21.

Affected Products
TP-Link Archer AX-21
Exploited-in-Wild

TP-Link Archer AX21

CVE-2023-26801
arrow pointing top right
CISA-KEV
Critical

Command injectionvulnerability in LB-LINK devices.

Affected Products
LB-LINK
Exploited-in-Wild

LB-LINK

Vulnerabilities abused by Botnet
Identified vulnerabilities exploited by Botnets, including recent CVEs logged in Malware Information Sharing Platform (MISP). Presenting the top 5 CVEs with payloads suggestive of Botnet activities, like utilizing wget with IP addresses.
CVE-2023-1389
arrow pointing top right

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Affected Product
TP-Link Archer AX21
Exploit
green globe icon with magnifying glass

An unauthenticated command injection vulnerabilityfound in the TP-Link Archer AX21 WiFi router.

Abused by Botnet
CVE-2023-26801
arrow pointing top right

Command injection vulnerability in LB-LINKBL-AC1900_2.0 1.0.1, BL-WR9000 2.4.9, BL-X26 1.2.5 and BL-LTE300 1.0.8

Affected Product
LB-LINK BL Devices
Exploit
green globe icon with magnifying glass

Command injection vulnerability in LB-LINKBL-AC1900_2.0 1.0.1, BL-WR9000 2.4.9, BL-X26 1.2.5 and BL-LTE300 1.0.8

Abused by Botnet
CVE-2018-10562
arrow pointing top right

Command Injection vulnerability in Gpon home router

Affected Product
Gpon Home Router
Exploit
green globe icon with magnifying glass

Command Injection vulnerability in Gpon home router

Abused by Botnet
CVE-2017-17215
arrow pointing top right

Remote code execution vulnerability in Huawei HG532 router

Affected Product
Huawei HG532
Exploit
green globe icon with magnifying glass

Remote code execution vulnerability in Huawei HG532 router

Abused by Botnet

CVE-2016-10372
arrow pointing top right

Improper protocol access control vulnerability in Eir D1000 modem.

Affected Product
Eir D1000 modem
Exploit
green globe icon with magnifying glass

Improper protocol access control vulnerability in Eir D1000 modem.

Abused by Botnet
CVE-2015-2051
arrow pointing top right

Arbitrary command execution vulnerability in D-Link DIR-645 Wired/Wireless Router

Affected Product
D-Link DIR-645 Wired/Wireless Router
Exploit
green globe icon with magnifying glass

D-Link DIR-645 Wired/Wireless Router

Abused by Botnet
Vulnerabilities Abused by Malware
We proactively monitor the vulnerabilities which are targeted by adversaries. Each vulnerability is humanly studied and mapped with Mitre ATT&CK tactics and techniques. Source of information is derived from our vulnerability intelligence platform collected and curated information from various sources such as Twitter, Telegram, OSINT groups, Blogs, Data leak sites and more.
CVE-2024-20399
arrow pointing top right
Medium

OS Command Injection vulnerability in the CLI ofCisco NX_OS

Patch
green globe icon with magnifying glass

OS Command Injection vulnerability in the CLI ofCisco NX_OS

Targeted by Malware
CVE-2024-23692
arrow pointing top right
Critical

Template Injection vulnerability in Rejetto HTTPFile Server up to 2.3m version

Patch
green globe icon with magnifying glass

False

Targeted by Malware
CVE-2024-39891
arrow pointing top right
Medium

Observable Discrepancy vulnerability in TwilioAuthy API accessed by Authy Android and Authy iOS

Patch
green globe icon with magnifying glass

Observable Discrepancy vulnerability in TwilioAuthy API accessed by Authy Android and Authy iOS

Targeted by Malware
CVE-2021-40444
arrow pointing top right
High

Microsoft MSHTML Remote Code Execution Vulnerability

Patch
green globe icon with magnifying glass

Microsoft MSHTML Remote Code Execution Vulnerability

Targeted by Malware
PRE-NVD observed for this week
It refers to vulnerabilities discovered and potentially exploited before their official inclusion in the National Vulnerability Database. The LOVI Platform aggregates and distributes data from open sources and social media, currently tracking over 100 security alerts and planning to expand.
CVE-2024-27980
arrow pointing top right
Remote Command Execution
Affected Product
Node.js 18.x, 20.x, 21.x on windows
Reference
green globe icon with magnifying glass

Node.js 18.x, 20.x, 21.x on windows

CVE-2024-6249
arrow pointing top right
Stack-Based Buffer Overflow
Affected Product
Wyze Cam v3
Reference
green globe icon with magnifying glass

Wyze Cam v3

CVE-2024-6248
arrow pointing top right
Improper Authentication
Affected Product
Wyze Cam v3
Reference
green globe icon with magnifying glass

Wyze Cam v3

CVE-2024-6141
arrow pointing top right
Directory Traversal
Affected Product
Windscribe
Reference
green globe icon with magnifying glass

Windscribe

CVE-2024-5877
arrow pointing top right
Out-Of-Bounds Write
Affected Product
IrfanView
Reference
green globe icon with magnifying glass

IrfanView

CVE-2024-4708
arrow pointing top right
Use of Hard-coded Password
Affected Product
mySCADA myPRO
Reference
green globe icon with magnifying glass

mySCADA myPRO

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Accept
Green Plus icon

Subscribe to our Reports

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Cybersecurity Solutions
Cloud Security Posture ManagementCloud Workload ProtectionOSS - Software Composition AnalysisOSS - Dependancy DefenceOSS - Zero-Day DiscoverySecurity & Threat Intelligence IntegrationsVulnerability IntelligenceThreat IntelligenceExternal Attack Surface DiscoveryVulnerability & Configuration Management
IT Solutions
Data Science & AISoftware Development  & SupportQA AutomationStaff Augmentation
Platforms
LOVICytellite
Company
BlogsReportsAbout usCareers
Research
Research-as-a -ServiceZero-Day Discovery
1-703-956-7410info@loginsoft.com
© 2024 - Copyright
Privacy policy