Test Blog - Cloud WAF

CVE-2024-42365 : ASTERISK PBX CONFIGURATION FILE /ETC/ASTERISK/ PRIVILEGE DEFINED WITH UNSAFE ACTIONS

Description Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11…

Common Vulnerabilities and Exposures

CVE-2024-22169 : WESTERN DIGITAL WD DISCOVERY 3.8.229/4.0.251.0/4.4.396 NODE.JS ELECTRON_rUN_AS_NODE CODE INJECTION

Description WD Discovery versions prior to 5.0.589 contain a misconfiguration in the Node.js environment settings that could allow code execution by utilizing the 'ELECTRON_RUN_AS_NODE' environment…

Common Vulnerabilities and Exposures

CVE-2024-7314 : ANJI-PLUS AJ-REPORT UP TO 1.4.0 HTTP REQUEST /SWAGGER-UI INSUFFICIENT PERMISSIONS OR PRIVILEGES

Description anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and…

Common Vulnerabilities and Exposures

CVE-2024-36268 : APACHE INLONG TUBEMQ CLIENT UP TO 1.12.0 CODE INJECTION

Description Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead…

Common Vulnerabilities and Exposures

CVE-2024-40720 : CHANGING INFORMATION TECHNOLOGY TCBSERVISIGN PRIOR 1.0.24.0318 ON WINDOWS API REMOTE CODE EXECUTION

Description The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website,…

Common Vulnerabilities and Exposures

CVE-2024-38770 : REVMAKX BACKUP AND STAGING WP TIME CAPSULE PLUGIN UP TO 1.22.20 ON WORDPRESS PRIVILEGES MANAGEMENT

Description Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass. This issue affects Backup and Staging…