#unrestricted-file-upload

[ follow ]
#cve-2018-4063 #sierra-wireless-airlink #remote-code-execution #cisa-kev #sap #insecure-deserialization
Information security
fromThe Hacker News
20 hours ago

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Critical unrestricted file-upload vulnerability in Sierra Wireless AirLink ALEOS routers (CVE-2018-4063) allows authenticated attackers to achieve remote code execution.
Information security
fromThe Hacker News
1 month ago

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP released patches for 13 vulnerabilities including a CVSS 10.0 insecure deserialization in NetWeaver AS Java enabling arbitrary OS command execution.
[ Load more ]