RCE – RealinfoSec.Net

pfBlockerNG 2.1.4_26 – (RCE) Remote Code Execution

25 February 202325 February 2023 RiSec.n0tst3 0 Comments 2.1.4_26, pfBlockerNG, RCE

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Vulnerabilities

Open Web Analytics RCE 1.7.3 – Remote Code Execution

11 November 202211 November 2022 RiSec.n0tst3 0 Comments <1.7.4, Open Web Analytics, RCE, vuln

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

A Vulnerability was discovered in Open Web Analytics, by Security Researcher Yerodin Richards,the vulnerability, an RCE (Remote code execution) affects

Vulnerabilities

Backdoor.Win32.Psychward.10 MVID-2022-0651 Remote Command Execution

24 October 202224 October 2022 RiSec.Mitch 0 Comments Backdoor.Win32.Psychward., MVID-2022-0651, RCE

About
Latest Posts

RiSec.Mitch

Just your average information security researcher from Delaware US.

RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)

26 September 202226 September 2022 RiSec.n0tst3 0 Comments CVE-2022-3236, Exploited, RCE, Sophos Firewall

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix

Vulnerabilities

Gitea 1.16.6 Remote Code Execution (RCE) (Metasploit)

15 September 202215 September 2022 RiSec.n0tst3 0 Comments 1.16.6, CVE-2022-30781, Gitea, RCE, Remote code execution

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

A remote code execution vulnerability was discovered in Gitea affecting versions before 1.16.7, by security researcher, SAMGUY. Gitea before 1.16.7

Vulnerabilities

PAN-OS 10.0 RCE (Remote Code Execution) Vulnerability

9 August 20229 August 2022 RiSec.n0tst3 0 Comments PAN-OS, RCE, Remote code execution, Vulnerability

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

A Remote Code Execution vulnerability (Authenticated) was discovered in PAN-OS 10.0 by security researcher UND3SC0N0C1D0 Suggest an edit to this

Vulnerabilities

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3

21 July 202221 July 2022 RiSec.n0tst3 0 Comments 0.4.3, OctoBot WebInterface, poc, RCE

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Exploit Title: OctoBot WebInterface 0.4.3 – Remote Code Execution (RCE)Exploit Author: Samy Younsi, Thomas KnudsenVendor Homepage: https://www.octobot[DOT]online/Software Link: https://github.com/Drakkar-Software/OctoBotVersion: 0.4.0beta3

Data Security InfoSec News Vulnerabilities

Confluence servers hacked to deploy AvosLocker, Cerber2021 Ransomware

11 June 202211 June 2022 RiSec.n0tst3 0 Comments AvosLocker, Cerber2021, Confluence, RCE

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Ransomware gangs are now targeting a recently patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian Confluence Server

InfoSec News Vulnerabilities

Unpatched Critical Atlassian Confluence Zero-Day RCE Flaw Actively Exploited

3 June 20223 June 2022 RiSec.n0tst3 0 Comments Atlassian, critical, CVE-2022-26134, RCE, zero-day

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products.

Data Security InfoSec News Vulnerabilities

Threat Actors Are Actively Exploiting CVE-2022-1388 RCE in F5 BIG-IP

10 May 202210 May 2022 RiSec.n0tst3 0 Comments CVE-2022-1388, F5 BIG-IP, RCE, Threat Actors Exploiting, warning

About
Latest Posts

Connect

RiSec.n0tst3

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting

← Previous