CVE-2024-43582: RCE in RDP Servers, 8.1 ratingβοΈ
A use after free vulnerability in some RDP servers could allow an attacker to carry out remote code execution. The patch is already available.
Search at Netlas.io:
π Link: https://nt.ls/Jyn4r
π Dork: protocol:rdp
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43582
A use after free vulnerability in some RDP servers could allow an attacker to carry out remote code execution. The patch is already available.
Search at Netlas.io:
π Link: https://nt.ls/Jyn4r
π Dork: protocol:rdp
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43582
π₯7πΎ3
CVE-2024-9164 and other: Multiple vulnerabilitites in Gitlab, 3.7 - 9.6 rating π₯
Many vulnerabilities have been fixed in Gitlab again! The most critical one this time allows an attacker to run pipelines on arbitrary branches, while the others include XSS, SSRF attacks, etc.
Search at Netlas.io:
π Link: https://nt.ls/gqVLn
π Dork: host:gitlab.* OR http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef
Vendor's advisory: https://about.gitlab.com/releases/2024/10/09/patch-release-gitlab-17-4-2-released/
Many vulnerabilities have been fixed in Gitlab again! The most critical one this time allows an attacker to run pipelines on arbitrary branches, while the others include XSS, SSRF attacks, etc.
Search at Netlas.io:
π Link: https://nt.ls/gqVLn
π Dork: host:gitlab.* OR http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef
Vendor's advisory: https://about.gitlab.com/releases/2024/10/09/patch-release-gitlab-17-4-2-released/
πΎ4π₯3π1
CVE-2024-3656: Exposure of Sensitive Information in Keycloak, 8.1 rating π₯
A vulnerability in Keycloak's REST API could allow an attacker to execute commands and gain access to sensitive information.
Search at Netlas.io:
π Link: https://nt.ls/pcxk7
π Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Read more: https://access.redhat.com/security/cve/CVE-2024-3656
A vulnerability in Keycloak's REST API could allow an attacker to execute commands and gain access to sensitive information.
Search at Netlas.io:
π Link: https://nt.ls/pcxk7
π Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Read more: https://access.redhat.com/security/cve/CVE-2024-3656
π2π₯2πΎ2
Google Dorking in Cybersecurity: Examples and Automation π₯
Discover the most useful dorks, principles for constructing queries, examples, and even a script for automating reconnaissance within a given scope. Mastering Google Dorks has never been easier π
π Read now: https://netlas.io/blog/google_dorking_in_cybersecurity
Discover the most useful dorks, principles for constructing queries, examples, and even a script for automating reconnaissance within a given scope. Mastering Google Dorks has never been easier π
π Read now: https://netlas.io/blog/google_dorking_in_cybersecurity
netlas.io
Google Dorking in Cybersecurity - Netlas Blog
Explore Google dorking techniques to boost your OSINT and penetration testing. Learn automation tricks, best practices, and top analogues.
1π₯3πΎ3β€1π1
CVE-2024-49193: Email Spoofing in Zendesk π₯
Knowing the support email and ticket id, an attacker can view the entire history of the ticket, thus gaining access to sensitive data.
Search at Netlas.io:
π Link: https://nt.ls/dWuES
π Dork: http.unknown_headers.key:"x_zendesk_processed_host_header" OR http.unknown_headers.key:"x_zendesk_origin_server"
Read more: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52
Knowing the support email and ticket id, an attacker can view the entire history of the ticket, thus gaining access to sensitive data.
Search at Netlas.io:
π Link: https://nt.ls/dWuES
π Dork: http.unknown_headers.key:"x_zendesk_processed_host_header" OR http.unknown_headers.key:"x_zendesk_origin_server"
Read more: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52
πΎ3π2π₯2π€1
Critical vulnerability in Jetpack WordPress Plugin π₯
The vulnerability, fixed in the latest update, allowed registered users to read the forms of other site visitors, theoretically allowing access to sensitive information.
Search at Netlas.io:
π Link: https://nt.ls/hJKpB
π Dork: http.body:"plugins/jetpack"
Security bulletin: https://jetpack.com/blog/jetpack-13-9-1-critical-security-update/
The vulnerability, fixed in the latest update, allowed registered users to read the forms of other site visitors, theoretically allowing access to sensitive information.
Search at Netlas.io:
π Link: https://nt.ls/hJKpB
π Dork: http.body:"plugins/jetpack"
Security bulletin: https://jetpack.com/blog/jetpack-13-9-1-critical-security-update/
π₯3πΎ3
CVE-2024-9634: RCE in GiveWP WordPress Plugin, 9.8 rating π₯
Another one critical vulnerability in GiveWP. This time, attackers can inject PHP code using one parameter.
Search at Netlas.io:
π Link: https://nt.ls/9tUYx
π Dork: http.body:"plugins/give/assets/dist"
Read more: https://github.com/advisories/GHSA-6fx6-wrpf-cpgv
Another one critical vulnerability in GiveWP. This time, attackers can inject PHP code using one parameter.
Search at Netlas.io:
π Link: https://nt.ls/9tUYx
π Dork: http.body:"plugins/give/assets/dist"
Read more: https://github.com/advisories/GHSA-6fx6-wrpf-cpgv
π₯4πΎ3
CVE-2024-45216: Improper Authentication in Apache Solr, 9.8 rating π₯
Fake ending in Solr API URLs allows attackers to bypass authentication, which can lead to sensitive data leakage.
Search at Netlas.io:
π Link: https://nt.ls/x1SZG
π Dork: tag.name:"apache_solr"
Vendor's advisory: https://solr.apache.org/security.html#cve-2024-45216-apache-solr-authentication-bypass-possible-using-a-fake-url-path-ending
Fake ending in Solr API URLs allows attackers to bypass authentication, which can lead to sensitive data leakage.
Search at Netlas.io:
π Link: https://nt.ls/x1SZG
π Dork: tag.name:"apache_solr"
Vendor's advisory: https://solr.apache.org/security.html#cve-2024-45216-apache-solr-authentication-bypass-possible-using-a-fake-url-path-ending
π₯4πΎ2
CVE-2024-9264: Execute Arbitrary Code in Grafana, 9.9 rating π₯π₯π₯
Grafana users at Viewer level and above can perform command injection using a vulnerability in SQL Expressions.
More then 104k instances at Netlas.io:
π Link: https://nt.ls/oQJHO
π Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.title:"Grafana"
Vendor's advisory: https://grafana.com/blog/2024/10/17/grafana-security-release-critical-severity-fix-for-cve-2024-9264/
Grafana users at Viewer level and above can perform command injection using a vulnerability in SQL Expressions.
More then 104k instances at Netlas.io:
π Link: https://nt.ls/oQJHO
π Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.title:"Grafana"
Vendor's advisory: https://grafana.com/blog/2024/10/17/grafana-security-release-critical-severity-fix-for-cve-2024-9264/
π₯5πΎ2π1
CVE-2024-20329: Improper Neutralization of Command Delimiters in Cisco ASA, 9.9 rating π₯π₯π₯
The vulnerability allows an attacker with low privileges to remotely execute commands via SSH and thus gain full control of the system.
More then 140k instances at Netlas.io:
π Link: https://nt.ls/Rfjme
π Dork: http.body:"/+CSCOE+/logon.html"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF
The vulnerability allows an attacker with low privileges to remotely execute commands via SSH and thus gain full control of the system.
More then 140k instances at Netlas.io:
π Link: https://nt.ls/Rfjme
π Dork: http.body:"/+CSCOE+/logon.html"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF
π₯5π3πΎ3
CVE-2024-45157: Credentials exposure in Rancher, 9.1 rating π₯
Due to a discovered vulnerability, Rancher stored vSphere CPI/CSI passwords as a plaintext object.
Search at Netlas.io:
π Link: https://nt.ls/9fDwE
π Dork: http.favicon.hash_sha256:2d7adbc74e7c8941927d04e702acbff577d219fef8617c8c3014d34ae395525b
Vendor's advisory: https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v
Due to a discovered vulnerability, Rancher stored vSphere CPI/CSI passwords as a plaintext object.
Search at Netlas.io:
π Link: https://nt.ls/9fDwE
π Dork: http.favicon.hash_sha256:2d7adbc74e7c8941927d04e702acbff577d219fef8617c8c3014d34ae395525b
Vendor's advisory: https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v
1πΎ4π₯3π2
π₯ Netlas.io beta testing is finally over! π₯
In version 1.0, we've added a final touch β recurring payments to simplify the payment process for subscribers.
β How to enable recurring payments β
If you havenβt subscribed yet, simply select the "Recurring Payments" option at checkout.
If you're already a subscriber, wait until the end of your current billing period, then renew your subscription by choosing the "Recurring Payments" option.
π Read more in the changelog: https://docs.netlas.io/changelog/
In version 1.0, we've added a final touch β recurring payments to simplify the payment process for subscribers.
β How to enable recurring payments β
If you havenβt subscribed yet, simply select the "Recurring Payments" option at checkout.
If you're already a subscriber, wait until the end of your current billing period, then renew your subscription by choosing the "Recurring Payments" option.
π Read more in the changelog: https://docs.netlas.io/changelog/
1π₯4β‘2πΎ1
CVE-2024-46483: Integer Overflow in Xlight FTP Server, 9.8 rating π₯
By overflowing the variable, an attacker could cause remote code execution on the host or a denial of service.
Search at Netlas.io:
π Link: https://nt.ls/M8D2R
π Dork: \*.banner:"Xlight" OR raw_tcp.response_data:"Xlight"
Read more: https://github.com/kn32/cve-2024-46483
By overflowing the variable, an attacker could cause remote code execution on the host or a denial of service.
Search at Netlas.io:
π Link: https://nt.ls/M8D2R
π Dork: \*.banner:"Xlight" OR raw_tcp.response_data:"Xlight"
Read more: https://github.com/kn32/cve-2024-46483
π₯6πΎ2π1
CVE-2024-50388: OS Command Injection in QNAP NAS, critical rating π₯
A vulnerability exploited on Pwn2Own and affecting HBS 3 Hybrid Backup Sync allows attackers to carry out remote command execution.
More then 113k instances at Netlas.io:
π Link: https://nt.ls/MBHWB
π Dork: certificate.issuer_dn:"QNAP NAS" OR http.body_sha256:4a1815f3e87d6d623c22921d9c39b2de614351d71831976bbc807f571953ff21
Vendor's advisory: https://www.qnap.com/en-us/security-advisory/qsa-24-41
A vulnerability exploited on Pwn2Own and affecting HBS 3 Hybrid Backup Sync allows attackers to carry out remote command execution.
More then 113k instances at Netlas.io:
π Link: https://nt.ls/MBHWB
π Dork: certificate.issuer_dn:"QNAP NAS" OR http.body_sha256:4a1815f3e87d6d623c22921d9c39b2de614351d71831976bbc807f571953ff21
Vendor's advisory: https://www.qnap.com/en-us/security-advisory/qsa-24-41
1πΎ6π3π₯2
Pre-Auth RCE CyberPanel 0day by Chirag Artani π₯
Useful video from our friend's channel about one of the freshest big vulnerabilities with Netlas search π
We also recommend checking out his website and Twitter for more tips:
π Site: 3rag.com
π Twitter: x.com/Chirag99Artani
Useful video from our friend's channel about one of the freshest big vulnerabilities with Netlas search π
We also recommend checking out his website and Twitter for more tips:
π Site: 3rag.com
π Twitter: x.com/Chirag99Artani
YouTube
Pre-Auth Remote Code Execution CyberPanel 0day | Live Recon Using Netlas
CyberPanel v2.3.6 has a critical vulnerability that allows remote attackers to execute arbitrary commands on the server without prior authentication.
Impact: Attackers can exploit this vulnerability by crafting malicious requests that bypass authenticationβ¦
Impact: Attackers can exploit this vulnerability by crafting malicious requests that bypass authenticationβ¦
π₯6πΎ4β€2
CVE-2024-50550: Privilege Escalation in LiteSpeed Cache WP Plugin, 8.1 rating π₯
Weak security hash verification vulnerability allows an attacker to gain administrative privileges.
Search at Netlas.io:
π Link: https://nt.ls/A60iV
π Dork: http.body:"plugins/litespeed-cache"
Read more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/
Weak security hash verification vulnerability allows an attacker to gain administrative privileges.
Search at Netlas.io:
π Link: https://nt.ls/A60iV
π Dork: http.body:"plugins/litespeed-cache"
Read more: https://patchstack.com/articles/rare-case-of-privilege-escalation-patched-in-litespeed-cache-plugin/
πΎ5π3π₯3
CVE-2024-49768: Race Condition in Waitress Python server, 9.1 rating π₯
Due to an error, the server can process a request even if the connection should have been closed.
Search at Netlas.io:
π Link: https://nt.ls/VYS9t
π Dork: http.headers.server:"waitress"
Vendor's advisory: https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
Due to an error, the server can process a request even if the connection should have been closed.
Search at Netlas.io:
π Link: https://nt.ls/VYS9t
π Dork: http.headers.server:"waitress"
Vendor's advisory: https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
πΎ4π₯3π2
CVE-2024-46538: XSS in pfSense, 9.3 rating π₯
XSS injection allows an attacker to perform arbitrary code execution in the user's browser. The vulnerability is not the freshest, but now it has a PoC!
Search at Netlas.io:
π Link: https://nt.ls/BuwaN
π Dork: http.title:"pfSense - Login"
Vendor's advisory: https://redmine.pfsense.org/issues/15778
XSS injection allows an attacker to perform arbitrary code execution in the user's browser. The vulnerability is not the freshest, but now it has a PoC!
Search at Netlas.io:
π Link: https://nt.ls/BuwaN
π Dork: http.title:"pfSense - Login"
Vendor's advisory: https://redmine.pfsense.org/issues/15778
π₯4π3πΎ3
π§ Planned Maintenance π§
The application will be unavailable for a period of timeβοΈ
The maintenance is scheduled to start on November 6, 2024, at 08:00 UTC β°. It is expected to take about an hour, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The application will be unavailable for a period of timeβοΈ
The maintenance is scheduled to start on November 6, 2024, at 08:00 UTC β°. It is expected to take about an hour, and we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
π2πΎ2π΄1
Reminder: The maintenance begins in one hour. Netlas will be temporarily offline. We apologize for any inconvenience caused.
π3