The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-4577

• Severity: Awaiting Reanalysis
• Impacted Products: PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages.
• Description: Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-4577
• PoC: https://github.com/watchtowrlabs/CVE-2024-4577/

CVE-2024-25600

• Severity: Awaiting Analysis
• Impacted Products: This issue affects Bricks Builder: from n/a through 1.9.6.
• Description: Improper Control of Generation of Code (‘Code Injection’) vulnerability in Codeer Limited Bricks Builder allows Code Injection.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-25600
• PoC: https://github.com/Chocapikk/CVE-2024-25600

CVE-2024-4358

• Severity: Awaiting Analysis
• Impacted Products: Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier.
• Description: On IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-4358
• PoC: https://github.com/sinsinology/CVE-2024-4358

CVE-2024-37051

• Severity: Awaiting Analysis
• Impacted Products: JetBrains IDEs - various versions
• Description: GitHub access token could be exposed to third-party sites.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-37051
• PoC: https://github.com/LeadroyaL/CVE-2024-37051-EXP/pull/1

CVE-2024-29849

• Severity: Awaiting Analysis
• Impacted Products: Veeam Backup Enterprise Manager before 12.1.2.172
• Description: Unauthenticated users can log in as any user to enterprise manager web interface.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-29849
• PoC: https://github.com/sinsinology/CVE-2024-29849/

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.