CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36985 – Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2024-36985
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application. • https://advisory.splunk.com/advisories/SVD-2024-0705 https://research.splunk.com/application/8598f9de-bba8-42a4-8ef0-12e1adda4131 • CWE-253: Incorrect Check of Function Return Value CWE-687: Function Call With Incorrectly Specified Argument Value •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36984 – Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows
https://notcve.org/view.php?id=CVE-2024-36984
The attacker could use the query to execute arbitrary code. • https://advisory.splunk.com/advisories/SVD-2024-0704 https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36983 – Command Injection using External Lookups
https://notcve.org/view.php?id=CVE-2024-36983
From there, the user could execute arbitrary code on the Splunk platform Instance. • https://advisory.splunk.com/advisories/SVD-2024-0703 https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.7EPSS: 0%CPEs: 475EXPL: 1CVE-2024-20399 – Cisco NX-OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-20399
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. Una vulnerabilidad en la CLI del software Cisco NX-OS podría permitir que un atacante local autenticado ejecute comandos arbitrarios como root en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos que se pasan a comandos CLI de configuración específicos. • https://github.com/Blootus/CVE-2024-20399-Cisco-RCE https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP https://www.sygnia.co/threat-reports-and-advisories/china-nexus-threat-group-velvet-ant-exploits-cisco-0-day • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 95%CPEs: 6EXPL: 14CVE-2024-36401 – OSGeo GeoServer GeoTools Eval Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-36401
Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. The GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. ... Antes de las versiones 2.23.6, 2.24.4 y 2.25.2, varios parámetros de solicitud de OGC permitían la ejecución remota de código (RCE) por parte de usuarios no autenticados a través de entradas especialmente diseñadas en una instalación predeterminada de GeoServer debido a la evaluación insegura de nombres de propiedades como expresiones XPath. ... In the GeoServer versions before 2.23.6, greater than or equal to 2.24.0, before 2.24.4 and greater than equal to 2.25.0, and before 2.25.1, multiple OGC request parameters allow remote code execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. ... This allows unauthenticated attackers to conduct remote code execution via specially crafted input. • https://github.com/daniellowrie/CVE-2024-36401-PoC https://github.com/Mr-xn/CVE-2024-36401 https://github.com/RevoltSecurities/CVE-2024-36401 https://github.com/Chocapikk/CVE-2024-36401 https://github.com/bigb0x/CVE-2024-36401 https://github.com/Niuwoo/CVE-2024-36401 https://github.com/zgimszhd61/CVE-2024-36401 https://github.com/yisas93/CVE-2024-36401-PoC https://github.com/jakabakos/CVE-2024-36401-GeoServer-RCE https://github.com/PunitTailor55/GeoServer-CVE-2024-3640 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •