Latest vulnerabilities [Saturday, December 16, 2023]

Latest vulnerabilities [Saturday, December 16, 2023]
{{titre}}

Last update performed on 12/16/2023 at 11:57:05 PM

(0) CRITICAL VULNERABILITIES [9.0, 10.0]

(4) HIGH VULNERABILITIES [7.0, 8.9]

Source : hackerone.com

Vulnerability ID : CVE-2023-39340

First published on : 16-12-2023 02:15:07
Last modified on : 16-12-2023 02:15:07

Description :
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.

CVE ID : CVE-2023-39340
Source : support@hackerone.com
CVSS Score : 7.5

References :
https://forums.ivanti.com/s/article/Security-fix-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US | source : support@hackerone.com


Source : wordfence.com

Vulnerability ID : CVE-2023-6559

First published on : 16-12-2023 13:15:07
Last modified on : 16-12-2023 13:15:07

Description :
The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.

CVE ID : CVE-2023-6559
Source : security@wordfence.com
CVSS Score : 7.5

References :
https://plugins.trac.wordpress.org/changeset/3007879/mw-wp-form | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/412d555c-9bbd-42f5-8020-ccfc18755a79?source=cve | source : security@wordfence.com


Source : vuldb.com

Vulnerability ID : CVE-2023-6848

First published on : 16-12-2023 07:15:44
Last modified on : 16-12-2023 07:15:44

Description :
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.48.04 is able to address this issue. The identifier of the patch is 63a4d5708d210f119c24afd941d01a943e25334c. It is recommended to upgrade the affected component. The identifier VDB-248209 was assigned to this vulnerability.

CVE ID : CVE-2023-6848
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/kalcaddle/kodbox/commit/63a4d5708d210f119c24afd941d01a943e25334c | source : cna@vuldb.com
https://github.com/kalcaddle/kodbox/releases/tag/1.48.04 | source : cna@vuldb.com
https://note.zhaoj.in/share/pf838kAzQyTQ | source : cna@vuldb.com
https://vuldb.com/?ctiid.248209 | source : cna@vuldb.com
https://vuldb.com/?id.248209 | source : cna@vuldb.com

Vulnerability : CWE-77


Vulnerability ID : CVE-2023-6849

First published on : 16-12-2023 08:15:06
Last modified on : 16-12-2023 08:15:06

Description :
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.48.04 is able to address this issue. The patch is identified as 63a4d5708d210f119c24afd941d01a943e25334c. It is recommended to upgrade the affected component. VDB-248210 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-6849
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/kalcaddle/kodbox/commit/63a4d5708d210f119c24afd941d01a943e25334c | source : cna@vuldb.com
https://github.com/kalcaddle/kodbox/releases/tag/1.48.04 | source : cna@vuldb.com
https://note.zhaoj.in/share/jSsPAWT1pKsq | source : cna@vuldb.com
https://vuldb.com/?ctiid.248210 | source : cna@vuldb.com
https://vuldb.com/?id.248210 | source : cna@vuldb.com

Vulnerability : CWE-918


(7) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : huntr.dev

Vulnerability ID : CVE-2023-6889

First published on : 16-12-2023 09:15:07
Last modified on : 16-12-2023 09:15:07

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17.

CVE ID : CVE-2023-6889
Source : security@huntr.dev
CVSS Score : 6.7

References :
https://github.com/thorsten/phpmyfaq/commit/1037a8f012e0d9ec4bf4c8107972f6695e381392 | source : security@huntr.dev
https://huntr.com/bounties/52897778-fad7-4169-bf04-a68a0646df0c | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6890

First published on : 16-12-2023 09:15:07
Last modified on : 16-12-2023 09:15:07

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17.

CVE ID : CVE-2023-6890
Source : security@huntr.dev
CVSS Score : 6.7

References :
https://github.com/thorsten/phpmyfaq/commit/97d90ebbe11ebc6081bf49a2ba4b60f227cd1b43 | source : security@huntr.dev
https://huntr.com/bounties/2cf11678-8793-4fa1-b21a-f135564a105d | source : security@huntr.dev

Vulnerability : CWE-79


Source : vuldb.com

Vulnerability ID : CVE-2023-6850

First published on : 16-12-2023 09:15:07
Last modified on : 16-12-2023 09:15:07

Description :
A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been declared as critical. This vulnerability affects unknown code of the file /index.php?pluginApp/to/yzOffice/getFile of the component API Endpoint Handler. The manipulation of the argument path/file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The patch is identified as 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. VDB-248218 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-6850
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/kalcaddle/KodExplorer/commit/5cf233f7556b442100cf67b5e92d57ceabb126c6 | source : cna@vuldb.com
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52.01 | source : cna@vuldb.com
https://note.zhaoj.in/share/L38RNzUOwOtN | source : cna@vuldb.com
https://vuldb.com/?ctiid.248218 | source : cna@vuldb.com
https://vuldb.com/?id.248218 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-6851

First published on : 16-12-2023 11:15:07
Last modified on : 16-12-2023 11:15:07

Description :
A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical. This issue affects the function unzipList of the file plugins/zipView/app.php of the component ZIP Archive Handler. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The patch is named 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248219.

CVE ID : CVE-2023-6851
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/kalcaddle/KodExplorer/commit/5cf233f7556b442100cf67b5e92d57ceabb126c6 | source : cna@vuldb.com
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52.01 | source : cna@vuldb.com
https://note.zhaoj.in/share/D44UjzoFXYfi | source : cna@vuldb.com
https://vuldb.com/?ctiid.248219 | source : cna@vuldb.com
https://vuldb.com/?id.248219 | source : cna@vuldb.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-6852

First published on : 16-12-2023 12:15:07
Last modified on : 16-12-2023 12:15:07

Description :
A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The name of the patch is 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248220.

CVE ID : CVE-2023-6852
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/kalcaddle/KodExplorer/commit/5cf233f7556b442100cf67b5e92d57ceabb126c6 | source : cna@vuldb.com
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52.01 | source : cna@vuldb.com
https://note.zhaoj.in/share/P6lQNyqQn3zY | source : cna@vuldb.com
https://vuldb.com/?ctiid.248220 | source : cna@vuldb.com
https://vuldb.com/?id.248220 | source : cna@vuldb.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-6853

First published on : 16-12-2023 12:15:07
Last modified on : 16-12-2023 12:15:07

Description :
A vulnerability classified as critical was found in kalcaddle KodExplorer up to 4.51.03. Affected by this vulnerability is the function index of the file plugins/officeLive/app.php. The manipulation of the argument path leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The identifier of the patch is 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The identifier VDB-248221 was assigned to this vulnerability.

CVE ID : CVE-2023-6853
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/kalcaddle/KodExplorer/commit/5cf233f7556b442100cf67b5e92d57ceabb126c6 | source : cna@vuldb.com
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52.01 | source : cna@vuldb.com
https://note.zhaoj.in/share/oaYHbDTnPiU3 | source : cna@vuldb.com
https://vuldb.com/?ctiid.248221 | source : cna@vuldb.com
https://vuldb.com/?id.248221 | source : cna@vuldb.com

Vulnerability : CWE-918


Source : mitre.org

Vulnerability ID : CVE-2021-42794

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.

CVE ID : CVE-2021-42794
Source : cve@mitre.org
CVSS Score : 5.3

References :
https://www.aveva.com/en/products/edge/ | source : cve@mitre.org
https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | source : cve@mitre.org
https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf | source : cve@mitre.org


(0) LOW VULNERABILITIES [0.1, 3.9]

(7) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2020-17483

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed.

CVE ID : CVE-2020-17483
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02 | source : cve@mitre.org
https://www.uffizio.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2020-17484

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to construct a URL within the application that causes a redirection to an arbitrary external domain.

CVE ID : CVE-2020-17484
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02 | source : cve@mitre.org
https://www.uffizio.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2020-17485

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run commands, browse system files, and browse local resources

CVE ID : CVE-2020-17485
Source : cve@mitre.org
CVSS Score : /

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02 | source : cve@mitre.org
https://www.uffizio.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2021-42796

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.

CVE ID : CVE-2021-42796
Source : cve@mitre.org
CVSS Score : /

References :
https://www.aveva.com/en/products/edge/ | source : cve@mitre.org
https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | source : cve@mitre.org


Vulnerability ID : CVE-2021-42797

First published on : 16-12-2023 01:15:07
Last modified on : 16-12-2023 01:15:07

Description :
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.

CVE ID : CVE-2021-42797
Source : cve@mitre.org
CVSS Score : /

References :
https://www.aveva.com/en/products/edge/ | source : cve@mitre.org
https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | source : cve@mitre.org


Vulnerability ID : CVE-2022-24351

First published on : 16-12-2023 02:15:07
Last modified on : 16-12-2023 02:15:07

Description :
TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process.

CVE ID : CVE-2022-24351
Source : cve@mitre.org
CVSS Score : /

References :
https://www.insyde.com/security-pledge | source : cve@mitre.org
https://www.insyde.com/security-pledge/SA-2023038 | source : cve@mitre.org


Vulnerability ID : CVE-2023-31813

First published on : 16-12-2023 02:15:07
Last modified on : 16-12-2023 02:15:07

Description :
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-2804. Reason: This record is a duplicate of CVE-2023-2804. Notes: All CVE users should reference CVE-2023-2804 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

CVE ID : CVE-2023-31813
Source : cve@mitre.org
CVSS Score : /

References :


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.