The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-1709

• Severity: 10.0 CRITICAL
• Impacted Products: ConnectWise ScreenConnect 23.9.7 and prior
• Description: Authentication Bypass Using an Alternate Path or Channel vulnerability, may allow direct access to confidential information or critical systems.
• Remediation: Patch on-premise instances. Cloud instances patched already by vendor.
• More Info: NVD - CVE-2024-1709, Huntress Blog
• PoC: https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE/

CVE-2024-1651

• Severity: 10.0 CRITICAL
• Impacted Products: Torrentpier version 2.4.1
• Description: Allows executing arbitrary commands on the server due to insecure deserialization.
• Remediation: No patch currently available.
• More Info: NVD - CVE-2024-1651
• PoC: https://github.com/sharpicx/CVE-2024-1651-PoC/tree/main

CVE-2023-51388

• Severity: 9.8 CRITICAL
• Impacted Products: Hertzbeat real-time monitoring system
• Description: Vulnerability in CalculateAlarm.java due to insecure AviatorScript execution, leading to script injection. Fixed in version 1.4.1.
• Remediation: Update to Hertzbeat version 1.4.1.
• More Info: NVD - CVE-2023-51388
• PoC: https://github.com/dromara/hertzbeat/security/advisories/GHSA-mcqg-gqxr-hqgj

CVE-2024-1783

• Severity: 9.8 CRITICAL
• Impacted Products: Totolink LR1200GB firmware versions 9.1.0u.6619_B20230130 and 9.3.5u.6698_B20230810
• Description: Critical vulnerability in the Web Interface’s loginAuth function, leading to stack-based buffer overflow through http_host manipulation.
• Remediation: Not specified.
• More Info: NVD - CVE-2024-1783
• PoC: https://gist.github.com/manishkumarr1017/30bca574e2f0a6d6336115ba71111984

CVE-2023-50387

• Severity: 7.5 HIGH
• Impacted Products: Various DNS software and services implementing DNSSEC.
• Description: Known as “KeyTrap”, this vulnerability in the DNSSEC protocol allows remote attackers to cause denial of service via CPU consumption through DNSSEC responses.
• Remediation: Review advisories from affected vendors for patches and updates.
• More Info: NVD - CVE-2023-50387
• PoC: https://github.com/knqyf263/CVE-2023-50387

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.