Title: TRCore DVC – Arbitrary File Upload through Path Traversal
Published Date: Nov 18, 2024
Risk Index: 4.96 of 10 (Medium)
Summary: A critical vulnerability has been identified in the XML parser component of the TRCore DVC product, which allows unauthenticated remote attackers to upload arbitrary files to any directory through path traversal. This can lead to arbitrary code execution by uploading webshells.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. Specifically, it opens up possibilities for the attackers to upload malicious webshells which could be utilized to take full control of the system, exfiltrate sensitive data, disrupt services, or propagate further attacks within a network.
Title: TRCore DVC – Arbitrary File Upload through Path Traversal
Published Date: Nov 18, 2024
Risk Index: 4.96 of 10 (Medium)
Summary: A critical vulnerability has been identified in the Digital Video Controller (DVC) component of the TRCore software. This vulnerability involves a Path Traversal attack vector, allowing for the unrestricted upload of arbitrary files by remote attackers. If exploited, it could lead to arbitrary code execution by uploading webshells, posing severe security risks.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected TRCore DVC system. The severity of this impact is heightened by the potential for complete system compromise, data exfiltration, and further network penetration from the compromised host.
Title: Privilege escalation vulnerability
Published Date: Sep 17, 2024
Risk Index: 8.22 of 10 (High)
Summary: A critical vulnerability has been identified in the vCenter Server’s components. This vulnerability, known as CVE-2024-38813, allows a malicious actor with network access to the vCenter Server to escalate their privileges to root by sending a specially crafted network packet.
If exploited, this vulnerability could allow an attacker to gain unauthorized root-level access to the affected vCenter Server. This can enable them to execute arbitrary commands with root privileges, leading to a full compromise of the server, unauthorized data access, system modifications, and control over the entire virtualized environment managed by the compromised server.
Title: Remote code execution in GeoVision devices
Published Date: Nov 15, 2024
Risk Index: 9.64 of 10 (Critical)
Summary: A critical vulnerability has been identified in the OS Command Injection component of certain EOL GeoVision devices. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data, manipulate system configurations, extract surveillance footage, shut down surveillance operations, deploy additional malware, or even execute arbitrary code on the affected system, leading to complete system compromise.
Title: LoadMaster Pre-Authenticated OS Command Injection
Published Date: Feb 21, 2024
Risk Index: 9.15 of 10 (Critical)
Summary: A critical vulnerability has been identified in the LoadMaster management interface, which allows unauthenticated remote attackers to access the system and execute arbitrary system commands.
If exploited, this vulnerability could allow an attacker to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. The severity of this flaw means that attackers could potentially take complete control of the system, manipulate or steal data, disrupt services, and use the compromised system as a stepping stone for further attacks.