Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

A remote code execution vulnerability in the WebAdmin of SG UTM was recently discovered and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher. The vulnerability has been fixed. Sophos would like to thank Łukasz Rupala for responsibly disclosing this issue to Sophos. The remediation prevented users from remotely executing arbitrary code. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. Fix included in SG UTM v9.705 MR5, v9.607 MR7, and v9.511 MR11 on September 17, 2020 Users of older versions of SG UTM are required to upgrade to receive this fix Workaround Customers can protect themselves by ensuring their WebAdmin is not exposed to WAN. This can be achieved by keeping Internal (LAN) (Network) or another internal-only network definition as the sole entry in Management→WebAdmin Settings→WebAdmin Access Configuration→Allowed Networks.

VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extract sensitive data from the web server and in some cases can use this vulnerability in order to get a remote code execution on the remote web server.