Latest Security News about big ip

Big US Online Retailer NewEgg’s merchant data skimmed

According to the online security research companies Volexity and RiskIQ, New Egg, one of the top Online Retailers in US was hacked by notorious hacker group named Magecart , who was involved in the latest TickerMaster and British Airways hack incidents A javascript sniffer code is injected at the check out process of the website, which […]

The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula.

Overview : The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed. CVE-2020-8868   Contributors & Developers “Search Meter” has been translated into 2 locales. Thank you to the translators for [...]

NGINX Controller versions prior to 3.2.0,

Overview : In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of the system. CVE-ID        [...]

TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms,

  Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider since the affected driver is specific to AWS. CVE-2020-5862 [...]

cPanel before 84.0.20 allows a demo account to achieve remote code execution

Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). Vulnerability Details : CVE ID : CVE-2020-10119 Skip to end of metadata Created by Documentation, last modified yesterday at 3:08 PM Go to start of metadata 84.0.22 2020-03-16 [security] Fixed case SEC-505: Bandwidth suspensions can be triggered [...]