Assetnote Research

https://www.assetnote.io

Fundamentally change how you secure your attack surface. Assetnote's industry-leading Attack Surface Management Platform gives security teams continuous insight and control over their ever-evolving exposure.

フィード

記事のアイキャッチ画像
How an obscure PHP footgun led to RCE in Craft CMS
Assetnote Research
Craft CMS is one of the most popular PHP-based CMSes globally, boasting over 150,000 sites worldwide. This blog post details a pre-authentication RCE vulnerability affecting Craft CMS versions below 4.13.1 and 5.5.1.
3日前
記事のアイキャッチ画像
Citrix Denial of Service: Analysis of CVE-2024-8534
Assetnote Research
An analysis of CVE-2024-8534, a memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway.
9日前
記事のアイキャッチ画像
Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x
Assetnote Research
Local file disclosure in Sitecore 8.x to 10.x that can lead to RCE (CVE-2024-46938) due to an order of operations bug within a handler responsible for reading local files.
1ヶ月前
記事のアイキャッチ画像
Insecurity through Censorship: Vulnerabilities Caused by The Great Firewall
Assetnote Research
We detail several practical client-side attacks that can result from DNS poisoning observed for domains hosted in China. These attacks impact every domain on the Internet that uses a nameserver located in China, and it's estimated that more than 30 million domains are vulnerable to this.
3ヶ月前
記事のアイキャッチ画像
Chaining Three Bugs to Access All Your ServiceNow Data
Assetnote Research
Through the course of 3/4 weeks, we were able to find a chain of vulnerabilities that allows full database access and full access to any MID servers configured. This resulted in 3 separate CVE's.
4ヶ月前
記事のアイキャッチ画像
Why nested deserialization is harmful: Magento XXE (CVE-2024-34102)
Assetnote Research
A critical, pre-authentication XML entity injection issue in Magento / Adobe Commerce (CVE-2024-34102), which Adobe rated as CVSS 9.8.
6ヶ月前
記事のアイキャッチ画像
Digging for SSRF in NextJS apps
Assetnote Research
At Assetnote, we encounter sites running NextJS extremely often; in this blog post we will detail some common misconfigurations we find in NextJS websites, along with a vulnerability we found in the framework.
7ヶ月前
記事のアイキャッチ画像
Advisory: Next.js SSRF (CVE-2024-34351)
Assetnote Research
Assetnote Security Advisory: A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. An attacker is able to read the full HTTP response when successfully exploiting this SSRF issue.
7ヶ月前
記事のアイキャッチ画像
Advisory: Progress WS_FTP RCE (CVE-2023-40044)
Assetnote Research
Assetnote Security Advisory: An attacker can exploit this vulnerability without authentication, to execute arbitrary commands on the Progress WS_FTP server through the deserialization of untrusted data. An attacker must be able to access the WS_FTP web server and the Ad Hoc Transfer application in order to exploit this issue.
7ヶ月前
記事のアイキャッチ画像
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Assetnote Research
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
9ヶ月前
記事のアイキャッチ画像
Citrix Bleed: Leaking Session Tokens with CVE-2023-4966
Assetnote Research
It's time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned "unauthenticated buffer-related vulnerabilities" and two CVEs. These issues affected Citrix NetScaler ADC and NetScaler Gateway.
9ヶ月前
記事のアイキャッチ画像
Continuing the Citrix Saga: CVE-2023-5914 & CVE-2023-6184
Assetnote Research
While most of the attention for vulnerabilities within Citrix has been on their NetScaler VPN product, we noticed that there were several other products offered by Citrix that require an on-premise deployment of a web application, that is sometimes internet facing. This piqued our interest and led us to investigate the security of these self-hosted applications.
9ヶ月前
記事のアイキャッチ画像
Zoom Zero Day Followup: Getting the RCE
Assetnote Research
10ヶ月前
記事のアイキャッチ画像
Ivanti's Pulse Connect Secure Auth Bypass Round Two
Assetnote Research
The Ivanti excitement continues! After an authentication bypass and command injection to kick off the year, Ivanti are following with a second authentication bypass and a privilege escalation. On January 22 Ivanti released this advisory describing the two new vulnerabilities in Ivanti Connect Secure, CVE-2024-21888 (privilege escalation) and CVE-2024-21893 (authentication bypass).
1年前
記事のアイキャッチ画像
Reversing Citrix Gateway for XSS
Assetnote Research
1年前
記事のアイキャッチ画像
RCE in Avaya Aura Device Services
Assetnote Research
1年前
記事のアイキャッチ画像
H2C Smuggling in the Wild
Assetnote Research
1年前
記事のアイキャッチ画像
RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
Assetnote Research
Over the last year or so, we've seen the mass exploitation of managed file transfer software. From GoAnywhere MFT, MOVEIt, and our own work on Citrix Sharefile. The threats towards enterprises through managed file transfer software has really hit home after the recent ransomware attack by Cl0p, leveraging a series of vulnerabilities in Progress MOVEIt.
1年前
記事のアイキャッチ画像
High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE
Assetnote Research
Last week, Ivanti disclosed two critical vulnerabilities affecting Ivanti Pulse Connect Secure - CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Remote Command Execution).
1年前
記事のアイキャッチ画像
Leaking File Contents with a Blind File Oracle in Flarum
Assetnote Research
Our security researchers identified a critical vulnerability inside Flarum (popular forum software) which allows attackers to read local files from the system.
1年前
記事のアイキャッチ画像
Advisory: Flarum LFI - CVE-2023-40033
Assetnote Research
Security Advisory: Our security researchers identified a critical vulnerability inside Flarum (popular forum software) which allows attackers to read local files from the system.
1年前
記事のアイキャッチ画像
A Glossary of Blind SSRF Chains
Assetnote Research
1年前
記事のアイキャッチ画像
Exploiting GraphQL
Assetnote Research
1年前