DataGridSurface

Blog by DataGrid Surface

Published August 17, 2023

Grafana Took A Punch – And Rolled With It – CVE-2021-39226

On October 5, 2021, an open-source data visualization platform known as “Grafana” released important security updates, including a patch that addresses a critical security flaw, enlisted as CVE-2021-39226 on NVD.

Blog by DataGrid Surface

Published July 30, 2023

ProxyLogon – CVE-2021-27065

By sending a specifically crafted request to the server, an attacker can manipulate it into making arbitrary HTTP requests to internal and external network resources. This vulnerability allowed the attacker to interact with the server's internal systems and gather crucial information about the target environment.

Categories:

Cisco IOS Vulnerability in Handling the IKEv1 – CVE-2016-6415

This high-risk vulnerability emerged in 2016, affecting multiple products running Cisco IOS, Cisco IOS XE, and Cisco IOS XR. These products belong to a family of networking operating systems that are used by Cisco’s network infrastructure devices. The problematic component of these systems is the handling of IKEv1 (Internet Key Exchange v1) packet processing.

Heartbleed – Still Bleeding – CVE-2014-0160

In April 2014, the cybersecurity community witnessed the discovery of a critical vulnerability that ruined many people’s day - "Heartbleed", formally known as CVE-2014-0160.

CWP CentOS Vulnerability – CVE-2022-44877

On November 7, 2022, a record was created in Mitre’s database, describing a critical CVSS 9.8 scoring vulnerability discovered in CWP7 (Control Web Panel) for CentOS. Due to improper neutralization of special elements (CWE-78), it allowed an unauthenticated attacker to execute arbitrary commands on the system as a root user by sending a specially crafted […]

Cacti Vulnerability – CVE-2022-46169

Cacti is an open-source network monitoring and graphing tool that allows users to collect, analyze, and visualize data from a variety of network devices and servers. It is written in PHP and uses the open-source RRDtool to store and display performance data in graphs and tables. Cacti can be used to monitor a wide range […]

GoAnywhere Vulnerability – CVE-2023-0669

GoAnywhere MFT (Managed File Transfer) is a secure file transfer solution suitable for organizations of all sizes, from small businesses to large enterprises with complex file transfer requirements. It’s a streamlined service for environments that demand high confidentiality in terms of storing, transferring, and accessing data, offering features such as role-based access control, integration with […]

Validation Of Deserialized Input Vulnerability – CVE-2022-47966

The Zoho ManageEngine is a suite of IT management software designed to help businesses manage their IT infrastructure, including network, server, mobile, and desktop management. These apps are quite useful as we often need to integrate all of the resources we’re monitoring into a single dashboard for monitoring and management efficiency purposes. That means these […]

Your Art Gone Abstract – CVE-2022-27593

Let’s discuss a vulnerability that was used against a very unusual target (at least in comparison to the ones we normally wrote about). We probably talk more often about vulnerabilities that impact big targets, but today we are gonna cover one that’s going to balance that statistic. Now imagine this scenario: You work as a […]

Improper Input Validation – A Never-Ending Concern

Have you ever doubted your cybersecurity practice? Regardless of the role you fulfill in IT, you are bound to have a certain level of awareness in terms of risk and potential consequences involved in your line of work. If you’ve been reading our blog, we’re certain that you’ve recognized the pattern that spreads among the […]

Apache Spark Input Validation Vulnerability – CVE-2022-33891

Recently, a vulnerability was discovered in Apache Spark's ACL feature, which could potentially allow unauthorized access to sensitive data.

Seemingly Small Vulnerability – Big Consequences – CVE-2022-27926

Since the invasion of Ukraine began, we’ve witnessed a lot of military activity on the battlefield, as well as in the areas surrounding Russia and Ukraine both in a geographical and geopolitical sense. We’ve seen cargo planes flying over and military convoys transporting weapons, munitions, and whatnot.

SambaCry Vulnerability – CVE-2017-7494

In May 2017, a critical RCE vulnerability known as SambaCry was discovered in Samba, a popular open-source software that provides file and print services for SMB/CIFS clients.

Microsoft Outlook EoP – CVE-2023-23397

CVE-2023-23397 is a client-side vulnerability discovered in Microsoft Outlook, that allows the attackers to remotely exploit the target’s systems that use an old NTLM (new technology LAN manager) authentication protocol.

The vulnerability that doubts our approach to security – CVE-2023-26360

Adobe ColdFusion is a rapid web app development platform using a proprietary scripting language CFML (ColdFusion Markup Language).

XStream Flaw Exposes Systems to Remote Code Execution-CVE-2021-39144

XStream is a popular open-source library used to serialize and deserialize objects to and from XML. Recently, a critical vulnerability in XStream was discovered that could allow an attacker to execute arbitrary code remotely. In this article, we will explore that vulnerability in detail, including the vulnerable code and how it can be exploited, as well as provide recommendations for mitigating the risk.

How to build a cloud-based honeypot

As cyber threats continue to evolve, organizations are looking for new ways to improve their security. One approach that has gained a lot of popularity in recent years is the use of honeypots.

February 27, 2023

When security becomes a liability – CVE-2022-42475

In December of 2022, a vulnerability had been reported to the NVD regarding some security products by Fortinet. The products providing secure remote access which are affected by this issue are FortiOS VPN-SSL and FortiProxy VPN-SSL.

February 18, 2023

When was the last time you updated your Oracle E-Business Suite: CVE-2022-21587

Oracle EBS component Web Applications Desktop (WAD) Integrator handled uploaded files in a manner that caused an input validation flaw, resulting in a 9.8 Base Score vulnerability.

February 18, 2023

The ultimate MS Exchange vulnerability: CVE-2022-41080

We are talking about OWASSRF exploitation chain (Outlook Web Application Server-Side Request Forgery), based on CVE-2022-41080.

September 12, 2022

End To End Encryption Overview

End To End Encryption or E2EE is fundamentally the most important, privacy-vise, a mechanism for making communications as secure as possible.

September 12, 2022

Unauthenticated VNC feed-Over 9500 affected devices

We've noticed that people are not properly securing their assets when it comes to VNC protocol

September 11, 2022

Internet Chaos Caused By Apache Log4J Vulnerability

The vulnerability in the Java framework Log4J has been discovered in December of 2021 and it is confirmed that it affects versions 2.0-beta9 to 2.14.1 and some versions of log4j 1.*. This vulnerability allows remote attackers to execute the code on the vulnerable machine.