CVE-2024-8672: Code Injection in Widget Options WordPress Plugin, 9.9 rating 🔥

The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.

Search at Netlas.io:
👉 Link: https://nt.ls/xOEZp
👉 Dork: http.body:"plugins/widget-options"

Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution

🚨 Netlas is down due to issues with a planned update. We’re rolling back and working to restore service ASAP. Apologies for the inconvenience—updates to follow.

✅ Netlas is back online, and all services are operational.

However, our team is continuing to monitor the system and address any lingering issues to ensure full stability. We apologize for the disruption and thank you for your patience and understanding.

⚠️ Private Scanner Temporarily Unavailable

Since yesterday, we’ve been addressing technical issues affecting parts of our infrastructure. Most Netlas App features were fully restored within an hour after an incident and are now working smoothly. However, the Private Scanner feature remains temporarily disabled.

Our team is working diligently to fully restore our scanning infrastructure and will update you as soon as the feature is back online. We sincerely apologize for the inconvenience this has caused and deeply appreciate your patience and understanding.

CVE-2024-48651: Vulnerability in ProFTPD Server, 7.5 rating❗️

A bug discovered a few days ago allows attackers to gain root level access on vulnerable systems.

Search at Netlas.io:
👉 Link: https://nt.ls/eKpeY
👉 Dork: ftp.banner:"ProFTPD"

Read more: https://github.com/proftpd/proftpd/issues/1830

CVE-2024-53907, -53908: DoS and SCLi in Django, high rating❗️

Some versions of Django are susceptible to vulnerabilities in the django.utils.html.strip_tags() and in the lookup django.db.models.fields.json.HasKey method, which allow DoS or SQL injection.

Search at Netlas.io:
👉 Link: https://nt.ls/VbueR
👉 Dork: tag.name:"django"

Vendor's advisory: https://www.djangoproject.com/weblog/2024/dec/04/security-releases/

CVE-2024-55579, -55580: RCE and Broken Access Control in Qlik Sense, 7.5 - 8.8 rating❗️

Vulnerabilities discovered in Qlik Sense allow attackers to run EXE files on the server, as well as remotely execute commands, potentially affecting confidentiality and integrity.

Search at Netlas.io:
👉 Link: https://nt.ls/9ok2E
👉 Dork: http.title:"Qlik Sense"

Vendor's advisory: https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004

✅ Private Scanner Restored

We’re happy to share that the Private Scanner feature is now fully restored and operational.

Thank you for your patience and understanding. All systems are working fine—happy scanning!

CVE-2024-11205: Missing Authorization in WPForms WordPress Plugin, 8.5 rating❗️

A vulnerability affecting several functions allows attackers to return payments made through the Stripe system.

Search at Netlas.io:
👉 Link: https://nt.ls/tFWxo
👉 Dork: http.body:"plugins/wpforms-lite"

Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpforms-lite/wpforms-184-1921-missing-authorization-to-authenticated-subscriber-payment-refund-and-subscription-cancellation

CVE-2024-49106 and other: Multiple vulnerabilities in Microsoft RDP Services, 8.1 rating❗️

In the latest advisories, Microsoft notifies about nine vulnerabilities in RDP protocol services. These include many RCEs as well as DoS.

Search at Netlas.io:
👉 Link: https://nt.ls/cfRLq
👉 Dork: rdp:*

Vendor's advisory: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-49106

CVE-2024-11274, -8233, other: Multiple vulnerabilities in GitLab, 7.5 - 8.7 rating❗

In a new release, GitLab talked about two important vulnerabilities. One of them allows attacker to carry out DoS, the second allows to steal session data and potentially gain unauthorized access to accounts. Several smaller vulnerabilities are also mentioned.

Search at Netlas.io:
👉 Link: https://nt.ls/xM1vs
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"

Vendor's advisory: https://about.gitlab.com/releases/2024/12/11/patch-release-gitlab-17-6-2-released/

CVE-2024-38819: Path Traversal in Spring Framework, 7.5 rating❗️

Another Path Traversal vulnerability in the Spring framework. This time there is even a PoC!

Search at Netlas.io:
👉 Link: https://nt.ls/AzCtg
👉 Dork: tag.name:"spring"

Vendor's advisory: https://spring.io/security/cve-2024-38819

Private Scanner API Documentation 📑

We’ve updated the Netlas documentation with a significant addition: a detailed guide on using the Private Scanner API.

👉 Read the docs: https://docs.netlas.io/automation/scanner_api/

CVE-2024-50379, -54677: RCE and DoS in Apache Tomcat, 5.3 - 9.8 rating 🔥

New vulnerabilities allow attackers to upload and execute malicious files disguised as legitimate ones, as well as cause OutOfMemoryError to shut down the server.

Search at Netlas.io:
👉 Link: https://nt.ls/WHRGO
👉 Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"

Read more: https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r

🚧 Cryptopayments Temporarily Unavailable

Due to a system failure, we’re resynchronizing our nodes. Bitcoin payments are expected to restore in 12 hours, while Litecoin payments may take up to 48 hours.

Sorry for any inconvenience.

CVE-2024-51479: Improper Authorization in Next.js, 7.5 rating❗️

The vulnerability allows attackers to access files in the root directory of the application when Next.js is authorized in the middleware.

Search at Netlas.io:
👉 Link: https://nt.ls/1jTTw
👉 Dork: http.headers.x_powered_by:"Next.js"

Vendor's advisory: https://github.com/vercel/next.js/security/advisories/GHSA-7gfc-8cq8-jh5f

CVE-2024-12727, -28, -29: Multiple vulnerabilties in Sophos Firewall, 8.8 - 9.8 rating 🔥

The disclosed vulnerabilities in Sophos Firewall include two SQL injections, as well as a weak SSH passphrase, which was not chosen at random.

Search at Netlas.io:
👉 Link: https://nt.ls/yyWUE
👉 Dork: http.favicon.hash_sha256:f1b3895ca4ba5ef27244a9a7cd45fad7d05afb261f08f375ee4d0bd7008f87d5

Vendor's advisory: https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce

Netlas Datastore from Command Line 🔍

Netlas SDK and Netlas CLI have been updated today. Now users can download datasets directly from their scripts.

👉 Read more: https://docs.netlas.io/changelog/

Netlas vs Fofa: A Comprehensive Analysis 🧮

We’re continuing our series of articles comparing Netlas with its largest competitors.

This time, we’ve taken a deep dive into Fofa – a formidable rival often seen as an equal to Shodan. Using 10+ key indicators, we’ve thoroughly analyzed both platforms to help you understand pros and cons of the two solutions.

👉 Read now: https://netlas.io/blog/netlas_vs_fofa/

CVE-2024-56145: Code Injection in Craft CMS, 9.3 rating 🔥

The vulnerability we almost missed allows an attacker to pass code in place of CLI arguments and gain RCE.

Search at Netlas.io:
👉 Link: https://nt.ls/HFQTJ
👉 Dork: http.headers.x_powered_by:"Craft CMS"

Vendor's advisory: https://github.com/craftcms/cms/security/advisories/GHSA-2p6p-9rc9-62j9

Using TLDFinder with the Netlas Module 🔍

Check out our latest article, where we walk you through setting up ProjectDiscovery TLDFinder and using it alongside Netlas data for top-level domains and subdomains searching.

👉 Read now: https://netlas.io/blog/tldfinder_and_netlas/