Ressources and Feeds (TLP:WHITE)
- critical CVE/CVSS-Definition: AttackVector == Network AND PrivilegesRequired == None AND UserInteraction == None AND (privilege escalation OR RCE)
- Rayvyn-CVE-Aggregator and Researchtool
- 2020-Edition
2021-02-25 [+]
- Unauthorized RCE in VMware vCenter ( CVE-2021-21972 ), with a detailed article by PTSwarm: Unauthorized RCE in VMware vCenter, a PoC is already circulating 24hrs after release
- BIND servers are vulnerable to a DoS and possible RCE when used withj a common but not default-config, see NIST and according article from ZDI
2021-02-02 [+]
- Zyxel starts 2021 with a backdoor in various Firewalls and VPN-products, a Scanner is available
- FortiWeb has some serious flaws released by PTSwarm, (SQLi CVE-2020-29015), Unauth Buffer Overflow (CVE-2020-29016 + CVE-2020-29019) but no PoCs seen so far
- Accellion-FTA seems to have an incomplete fix for their 2020-Bug, affecting multiples customers as news-reports suggest
- dnsmasq has some serious flaws (cache poisoning, buffer overflows) that comes with the first own names (dnsqpooq) in 2021, but the advisory is a great read
- Cisco had a couple of critical vulns in its SD-WAN - productline
- SonicWall has a 0day in its SMA X00 - Series
and reports surface, they might have been hacked by that very 0-day.
a private poc exists and attacks were seen in the wild, accoring to NCC
additionally, and older 0day-POC against Sonicwall-VPN-Gateways was published - Ransomware-Gangs are now using DDoS-Attacks as well
Fragen? Kontakt: info@zero.bs