HPE Aruba Access Points have Critical Command Injection Vulnerabilities
The vulnerabilities impact Access Points running Instant AOS-8 and AOS-10.
HPE Aruba Access Points have Critical Command Injection Vulnerabilities Read More »
2024
Harnessing Chisel for Covert Operations: Dissecting a Multi-Stage PowerShell Campaign
CRIL performs a comprehensive analysis of a complex multi-stage PowerShell infection chain, crafted to ensure persistence and bypass defenses, potentially facilitating attacks using Chisel.
Harnessing Chisel for Covert Operations: Dissecting a Multi-Stage PowerShell Campaign Read More »
No Fix for Critical Command Injection Vulnerability in Legacy D-Link NAS Devices
Over 61,000 vulnerable D-Link NAS devices have reached end-of-life and remain active on the internet.
No Fix for Critical Command Injection Vulnerability in Legacy D-Link NAS Devices Read More »
Path Traversal Vulnerability in WPLMS WordPress Theme Exposes Websites to RCE
A vulnerability in the WPLMS WordPress theme can put websites at risk of Remote Code Execution.
Path Traversal Vulnerability in WPLMS WordPress Theme Exposes Websites to RCE Read More »
CISA Finds Palo Alto Networks’ CVE-2024-5910 Exploited in the Wild
The flaw is a missing authentication vulnerability that allows an attacker with network access to takeover Palo Alto Expedition’s admin account and potentially access configuration secrets, credentials, and other data.
CISA Finds Palo Alto Networks’ CVE-2024-5910 Exploited in the Wild Read More »
Weekly ICS Vulnerability Intelligence Report: Rockwell Automation, Delta Electronics, Solar-Log
The most notable is a Cross-Site Scripting (XSS) flaw in Solar-Log Base 15, a widely used photovoltaic energy management product, which poses heightened risks
due to internet-facing deployments identified by Cyble’s ODIN scanner.
