Remote – Page 2 – OWASP Jakarta

Siemens device PIN susceptible to remote brute-force in older model

Siemens device PIN susceptible to remote brute-force in older model Siemens disclosed a critical vulnerability in an old power measuring device that enables a remote attacker to gain administrator access by brute-forcing a four-digit PIN. The flaw, tracked as CVE-2024-41798, affects the SENTRON 7KM PAC3200 model of energy monitoring devices Read more

By adminowasp, 10 months ago October 10, 2024

News

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications Oct 07, 2024Ravie LakshmananOpen Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. Read more

By adminowasp, 10 months ago October 7, 2024

News

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk Sep 23, 2024Ravie LakshmananIoT Security / Vulnerability A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries Read more

By adminowasp, 10 months ago September 30, 2024

News

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. “These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors Read more

By adminowasp, 10 months ago September 30, 2024

News

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution Sep 27, 2024Ravie LakshmananLinux / Vulnerability A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. “A remote unauthenticated attacker Read more

By adminowasp, 10 months ago September 27, 2024

News

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on Read more

By adminowasp, 12 months ago August 6, 2024

News

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions Read more

By adminowasp, 1 year ago June 8, 2024

News

The Next Generation of RBI (Remote Browser Isolation)

The Next Generation of RBI (Remote Browser Isolation) The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today’s SaaS-centric world. The Read more

By adminowasp, 1 year ago June 4, 2024

News

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all Read more

By adminowasp, 1 year ago May 28, 2024

News

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – Read more

By adminowasp, 1 year ago May 23, 2024