CVE-2024-6321 – ScrollTo Bottom <= 1.1.1 - Cross-Site Request Forgery to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6321
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/scrollto-bottom/trunk/scrollto-bottom.php?rev=516875#L256 https://www.wordfence.com/threat-intel/vulnerabilities/id/d560f28f-899c-44cf-8640-55647c1de7dc?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2024-39202
https://notcve.org/view.php?id=CVE-2024-39202
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE) vulnerability via the dhcpd_startip parameter at /goform/set_lan_settings. Se descubrió que el firmware D-Link DIR-823X - 240126 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través del parámetro dhcpd_startip en /goform/set_lan_settings. • https://gist.github.com/Swind1er/40c33f1b1549028677cb4e2e5ef69109 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-34361 – Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2024-34361
Depending on some circumstances, the vulnerability could lead to remote command execution. • https://github.com/T0X1Cx/CVE-2024-34361-PiHole-SSRF-to-RCE https://github.com/pi-hole/pi-hole/commit/2c497a9a3ea099079bbcd1eb21725b0ed54b529d https://github.com/pi-hole/pi-hole/security/advisories/GHSA-jg6g-rrj6-xfg6 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2024-38346 – Apache CloudStack: Unauthenticated cluster service port leads to remote execution
https://notcve.org/view.php?id=CVE-2024-38346
Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code execution via agents on the hosts that may run as a privileged user. An attacker that can reach the cluster service on the unauthenticated port (default 9090), can exploit this to perform remote code execution on CloudStack managed hosts and result in complete compromise of the confidentiality, integrity, and availability of CloudStack managed infrastructure. Users are recommended to restrict the network access to the cluster service port (default 9090) on a CloudStack management server host to only its peer CloudStack management server hosts. • http://www.openwall.com/lists/oss-security/2024/07/05/1 https://cloudstack.apache.org/blog/security-release-advisory-4.19.0.2-4.18.2.1 https://lists.apache.org/thread/6l51r00csrct61plkyd3qg3fj99215d1 https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-39864 – Apache CloudStack: Integration API service uses dynamic port when disabled
https://notcve.org/view.php?id=CVE-2024-39864
An attacker that can access the CloudStack management network could scan and find the randomised integration API service port and exploit it to perform unauthorised administrative actions and perform remote code execution on CloudStack managed hosts and result in complete compromise of the confidentiality, integrity, and availability of CloudStack managed infrastructure. Users are recommended to restrict the network access on the CloudStack management server hosts to only essential ports. • http://www.openwall.com/lists/oss-security/2024/07/05/1 https://cloudstack.apache.org/blog/security-release-advisory-4.19.0.2-4.18.2.1 https://lists.apache.org/thread/6l51r00csrct61plkyd3qg3fj99215d1 https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-1-and-4-19-0-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-665: Improper Initialization •