PoC Week 2024-10-07
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2024-45519
- Severity: 9.8 CRITICAL
- Impacted Products: Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1.
- Description: The software sometimes allows unauthenticated users to execute commands.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2024-45519
- PoC: https://github.com/p33d/CVE-2024-45519/
CVE-2024-47076, CVE-2024-47176 & CVE-2024-47177
- Severity: Awaiting analysis
- Impacted Products: CUPS 2.x
- Description: Any value passed to
FoomaticRIPCommandLine
via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution. - Remediation: Follow developer guidance.
- More Info: NVD - CVE-2024-47177
- PoC: https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
CVE-2024-8877 & CVE-2024-8878
- Severity: 9.8 CRITICAL
- Impacted Products: Netman 204: through 4.05.
- Description: The software is vulnerable to SQL injection. In addition, the password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2024-8878
- PoC: https://packetstormsecurity.com/files/181794/CDSR-20240919-0.txt
CVE-2024-7120
- Severity: 5.3 MEDIUM
- Impacted Products: Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90.
- Description: This affects an unknown part of the file list_base_config.php of the component Web Interface. The manipulation of the argument template leads to os command injection. It is possible to initiate the attack remotely.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2024-7120
- PoC: https://github.com/fa-rrel/CVE-2024-7120/
CVE-2024-28987
- Severity: Awaiting analysis.
- Impacted Products: SolarWinds Web Help Desk (WHD)
- Description: A hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
- Remediation: Follow developer guidance.
- More Info: NVD - CVE-2024-28987
- PoC: https://github.com/horizon3ai/CVE-2024-28987/
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.