Latest vulnerabilities [Saturday, December 23, 2023]

Latest vulnerabilities [Saturday, December 23, 2023]
{{titre}}

Last update performed on 12/23/2023 at 11:57:05 PM

(0) CRITICAL VULNERABILITIES [9.0, 10.0]

(5) HIGH VULNERABILITIES [7.0, 8.9]

Source : moxa.com

Vulnerability ID : CVE-2023-5961

First published on : 23-12-2023 09:15:07
Last modified on : 23-12-2023 09:15:07

Description :
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.

CVE ID : CVE-2023-5961
Source : psirt@moxa.com
CVSS Score : 8.8

References :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability | source : psirt@moxa.com

Vulnerability : CWE-352


Source : wordfence.com

Vulnerability ID : CVE-2023-6971

First published on : 23-12-2023 02:15:45
Last modified on : 23-12-2023 02:15:45

Description :
The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP.

CVE ID : CVE-2023-6971
Source : security@wordfence.com
CVSS Score : 8.1

References :
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/backup-heart.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3012745/backup-backup | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/b380283c-0dbb-4d67-9f66-cb7c400c0427?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-6972

First published on : 23-12-2023 02:15:45
Last modified on : 23-12-2023 02:15:45

Description :
The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.

CVE ID : CVE-2023-6972
Source : security@wordfence.com
CVSS Score : 7.5

References :
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/backup-heart.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/bypasser.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3012745/backup-backup | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/0a3ae696-f67d-4ed2-b307-d2f36b6f188c?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2020-36769

First published on : 23-12-2023 10:15:08
Last modified on : 23-12-2023 10:15:08

Description :
The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2020-36769
Source : security@wordfence.com
CVSS Score : 7.4

References :
https://www.wordfence.com/blog/2020/04/unpatched-high-severity-vulnerability-in-widget-settings-importer-exporter-plugin/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e14f0fc6-fca4-4dd7-8f7b-ed5ed535c9af?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-7002

First published on : 23-12-2023 02:15:45
Last modified on : 23-12-2023 02:15:45

Description :
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system.

CVE ID : CVE-2023-7002
Source : security@wordfence.com
CVSS Score : 7.2

References :
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1503 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1518 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L88 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3012745/backup-backup | source : security@wordfence.com
https://www.linuxquestions.org/questions/linux-security-4/php-function-exec-enabled-how-big-issue-4175508082/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/cc49db10-988d-42bd-a9cf-9a86f4c79568?source=cve | source : security@wordfence.com


(5) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : moxa.com

Vulnerability ID : CVE-2023-5962

First published on : 23-12-2023 09:15:08
Last modified on : 23-12-2023 09:15:08

Description :
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.

CVE ID : CVE-2023-5962
Source : psirt@moxa.com
CVSS Score : 6.5

References :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability | source : psirt@moxa.com

Vulnerability : CWE-327


Source : wordfence.com

Vulnerability ID : CVE-2023-6744

First published on : 23-12-2023 10:15:10
Last modified on : 23-12-2023 10:15:10

Description :
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization and output escaping on user supplied custom field data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-6744
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://www.elegantthemes.com/api/changelog/divi.txt | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/999475c5-5f17-47fa-a0d0-47cb5a8a0eb4?source=cve | source : security@wordfence.com


Source : redhat.com

Vulnerability ID : CVE-2023-7008

First published on : 23-12-2023 13:15:07
Last modified on : 23-12-2023 13:15:07

Description :
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

CVE ID : CVE-2023-7008
Source : secalert@redhat.com
CVSS Score : 5.9

References :
https://access.redhat.com/security/cve/CVE-2023-7008 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222261 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2222672 | source : secalert@redhat.com
https://github.com/systemd/systemd/issues/25676 | source : secalert@redhat.com

Vulnerability : CWE-300


Source : vuldb.com

Vulnerability ID : CVE-2016-15036

First published on : 23-12-2023 20:15:37
Last modified on : 23-12-2023 20:15:37

Description :
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 2.3.3 is able to address this issue. The patch is named 31fe3bccbdde134a185752e53380330d16053f7f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248847. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2016-15036
Source : cna@vuldb.com
CVSS Score : 4.6

References :
https://github.com/deis/workflow-manager/commit/31fe3bccbdde134a185752e53380330d16053f7f | source : cna@vuldb.com
https://github.com/deis/workflow-manager/pull/94 | source : cna@vuldb.com
https://github.com/deis/workflow-manager/releases/tag/v2.3.3 | source : cna@vuldb.com
https://vuldb.com/?ctiid.248847 | source : cna@vuldb.com
https://vuldb.com/?id.248847 | source : cna@vuldb.com

Vulnerability : CWE-362


Source : cisco.com

Vulnerability ID : CVE-2023-49594

First published on : 23-12-2023 20:15:38
Last modified on : 23-12-2023 21:15:07

Description :
An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. A specially crafted HTTP request can lead to a disclosure of sensitive information. An user login to Keycloak using DuoUniversalKeycloakAuthenticator plugin triggers this vulnerability.

CVE ID : CVE-2023-49594
Source : talos-cna@cisco.com
CVSS Score : 4.5

References :
https://github.com/instipod/DuoUniversalKeycloakAuthenticator/releases/tag/1.0.8 | source : talos-cna@cisco.com
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1907 | source : talos-cna@cisco.com
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1907 | source : talos-cna@cisco.com

Vulnerability : CWE-201


(1) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2014-125108

First published on : 23-12-2023 17:15:07
Last modified on : 23-12-2023 17:15:07

Description :
A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as problematic. This issue affects some unknown processing of the file spellchecker. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is d6c21fd8187c5db2a50425ff80694149e75d722e. It is recommended to apply a patch to fix this issue. The identifier VDB-248849 was assigned to this vulnerability.

CVE ID : CVE-2014-125108
Source : cna@vuldb.com
CVSS Score : 3.1

References :
https://github.com/w3c/online-spellchecker-py/commit/d6c21fd8187c5db2a50425ff80694149e75d722e | source : cna@vuldb.com
https://vuldb.com/?ctiid.248849 | source : cna@vuldb.com
https://vuldb.com/?id.248849 | source : cna@vuldb.com

Vulnerability : CWE-79


(0) NO SCORE VULNERABILITIES [0.0, 0.0]

This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.