The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. This week, I moved the post release day from Sunday to Monday.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-4879

• Severity: Awaiting analysis
• Impacted Products: ServiceNow, self hosted - SN-hosted platforms have been patched.
• Description: ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-4879
• PoC: https://github.com/Mr-r00t11/CVE-2024-4879/

CVE-2024-38094, CVE-2024-38024, CVE-2024-38023

• Severity: Awaiting analysis
• Impacted Products: SharePoint.
• Description: An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.
• Remediation: Follow developer guidance here.
• More Info: CVE-2024-38094
• PoC: https://packetstormsecurity.com/files/179460/MS-SharePoint-July-Patch-RCE-PoC-main.zip

CVE-2024-37770

• Severity: 9.1: CRITICAL
• Impacted Products: 14Finger v1.1.
• Description: Remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-37770
• PoC: https://github.com/k3ppf0r/CVE-2024-37770/

CVE-2024-39914

• Severity: 9.8: CRITICAL
• Impacted Products: FOG prior to 1.5.10.34
• Description: Packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. This vulnerability is fixed in 1.5.10.34.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-39914
• PoC: https://github.com/FOGProject/fogproject/security/advisories/GHSA-7h44-6vq6-cq8j

CVE-2024-39171

• Severity: 9.8: CRITICAL
• Impacted Products: PHPVibe v11.0.46
• Description: Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-39171
• PoC: https://github.com/751897386/PHPVibe_vulnerability_Directory-Traversal

CVE-2024-27292

• Severity: 7.5: HIGH
• Impacted Products: Docassemble versions 1.4.53 to 1.4.96
• Description: Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. The vulnerability has been patched in version 1.4.97 of the master branch.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-27292
• PoC: https://github.com/th3gokul/CVE-2024-27292

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.