PoC Week 2024-09-09
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2024-6670
- Severity: 9.8 CRITICAL
- Impacted Products: WhatsUp Gold < 2024.0.0
- Description: SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-6670
- PoC: https://github.com/sinsinology/CVE-2024-6670/
CVE-2024-42905
- Severity: Awaiting Analysis
- Impacted Products: Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60
- Description: Command execution vulnerability which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-42905
- PoC: https://github.com/ZackSecurity/VulnerReport/blob/cve/DCN/1.md
CVE-2024-41369
- Severity: 9.8 CRITICAL
- Impacted Products: RPi-Jukebox-RFID v2.7.0
- Description: RPi-Jukebox-RFID was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.php
- Remediation: Follow developer guidance.
- More Info: CVE-2024-41369
- PoC: https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2401
CVE-2024-38856
- Severity: 9.8 CRITICAL
- Impacted Products: Apache OFBiz: through 18.12.14.
- Description: Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don’t explicitly check user’s permissions because they rely on the configuration of their endpoints).
- Remediation: Users are recommended to upgrade to version 18.12.15, which fixes the issue.
- More Info: CVE-2024-38856
- PoC: https://github.com/Praison001/CVE-2024-38856-ApacheOfBiz/
CVE-2023-7028
- Severity: 7.5 HIGH (NIST), 10.0 CRITICAL (GitLab Inc.)
- Impacted Products: GitLab CE/EE versions from 16.1 before 16.1.6, 16.2 before 16.2.9, 16.3 before 16.3.7, 16.4 before 16.4.5, 16.5 before 16.5.6, 16.6 before 16.6.4, and 16.7 before 16.7.2
- Description: User account password reset emails could be sent to an unverified email address.
- Remediation: Update to a patched version as per GitLab’s advisory.
- More Info: NVD - CVE-2023-7028
- PoC: https://github.com/V1lu0/CVE-2023-7028
CVE-2023-41993
- Severity: 8.8 HIGH (NIST)
- Impacted Products: macOS < Sonoma 14
- Description: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2023-41993
- PoC: https://github.com/po6ix/POC-for-CVE-2023-41993/
CVE-2023-22527
- Severity: 8.8 HIGH (NIST)
- Impacted Products: ‘older versions of Confluence Data Center and Server’
- Description: A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2023-22527
- PoC: https://github.com/Chocapikk/CVE-2023-22527/
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.