PoC Week 2024-08-26
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2024-38189
- Severity: 8.8 HIGH
- Impacted Products: Various Microsoft products including Windows 10, Server 2019, Office 365.
- Description: An attacker could exploit this vulnerability to execute arbitrary code. An attacker would need to craft a malicious Microsoft Office Project file and lure a user to open it on a system with a specific configuration.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-38189
- PoC: https://github.com/vx7z/CVE-2024-38189/
CVE-2024-42850
- Severity: 7.3 HIGH
- Impacted Products: Silverpeas v6.4.2 and lower.
- Description: An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. (It just lets users set a one character password. 7.3 seems too high imo - Ed)
- Remediation: Follow developer guidance.
- More Info: CVE-2024-42850
- PoC: https://github.com/njmbb8/CVE-2024-42850
CVE-2024-4577
- Severity: 9.8 CRITICAL
- Impacted Products: PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages.
- Description: Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-4577
- PoC: https://github.com/watchtowrlabs/CVE-2024-4577/
CVE-2024-42813
- Severity: 9.8 CRITICAL
- Impacted Products: TRENDnet TEW-752DRU FW1.03B01.
- Description: Buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-42813
- PoC: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928
CVE-2024-42559
- Severity: 9.8 CRITICAL
- Impacted Products: Hotel Management System commit 79d688.
- Description: An issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providing a valid password.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-42559
- PoC: https://gist.github.com/topsky979/99d2ebf7b5598ef227262ba1b2bb392f
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.