Latest Security News about rce

Contact US For API Security>

Accentis Content Resource Management System suffer from a remote SQL injection vulnerability.

Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a remote SQL injection vulnerability. Affected Product(s) : Accentis Content Resource Management System Vulnerability Details : CVE ID : CVE-2015-3424 SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to […]

Contact US For API Security>

Accentis Content Resource Management System suffer from a cross site scripting vulnerability.

Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a cross site scripting vulnerability. Affected Product(s) : Accentis Content Resource Management System Vulnerability Details : CVE ID : CVE-2015-3425 Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to […]

Contact US For API Security>

Trend Micro Anti-Threat Toolkit (ATTK) RCE Vulnerability

Overview : Vulnerable versions of ATTK may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Affected Product(s) : Anti-Threat Toolkit (ATTK) 1.62.0.1218 and below Vulnerability Details : CVE ID : CVE-2019-9491 CVSS 3.0 Score(s): 7.5 – AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H Solution : Exploiting these type of […]

Contact US For API Security>

FiberHome HG2201T Pre-Auth RCE

Overview : FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Affected Product(s) : FiberHome HG2201T Vulnerability Details : CVE ID : CVE-2019-17187 Incorrect Access Control/Directory Traversal /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Solution : Apply the vendor Security Patch

Contact US For API Security>

Vulnerability issues found in Forcepoint VPN Client

Overview : Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. Affected […]