CVE-2024-23119: Critical SQL Injection Vulnerability in Centreon
Overview The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-23119, assessed its impact and developed mitigation measures for this vulnerability. CVE-2024-23119 is a high-severity SQL Injection vulnerability in Centreon, impacting Centreon […]
CVE-2024-7928: FastAdmin Unauthenticated Path Traversal Vulnerability
Overview The SonicWall Capture Labs threat research team became aware of an unauthenticated directory traversal vulnerability affecting FastAdmin installations. Identified as CVE-2024-7928 and with a moderate score of 5.3 CVSSv3, the vulnerability is more severe […]
AutoIT Bot Targets Gmail Accounts First
Summary This week, the SonicWall Capture Labs threat research team observed an AutoIT-compiled executable that attempts to open Gmail login pages via MS Edge, Google Chrome and Mozilla Firefox. It has functionality to read clipboard […]
Cisco Smart Software Manager On-Prem Account Takeover
Overview The SonicWall Capture Labs threat research team became aware of an account takeover vulnerability in Cisco’s Smart Software Manager (SSM), assessed its impact and developed mitigation measures for the vulnerability. Identified as CVE-2024-20419 and […]
Understanding CVE-2024-38063: How SonicWall Prevents Exploitation
Contributing Researchers: Soumy Das and Hasib Vhora Overview CVE-2024-38063 is a critical remote code execution vulnerability in Windows systems with the IPv6 stack, carrying a CVSS score of 9.8. This zero-click, wormable flaw allows attackers […]
CVE-2024-23119: Critical SQL Injection Vulnerability in...September 6, 2024 - 5:45 am- CVE-2024-7928: FastAdmin Unauthenticated Path Traversal...August 28, 2024 - 8:32 am
- AutoIT Bot Targets Gmail Accounts FirstAugust 27, 2024 - 5:53 am
- Cisco Smart Software Manager On-Prem Account TakeoverAugust 21, 2024 - 6:25 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish