CVE-2024-36072
https://notcve.org/view.php?id=CVE-2024-36072
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in the ability to execute system commands with root privileges. • https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html • CWE-779: Logging of Excessive Data •
CVE-2024-36073
https://notcve.org/view.php?id=CVE-2024-36073
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to overwrite sensitive configuration and subsequently execute system commands with SYSTEM/root privileges on a chosen client endpoint. • https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-36074
https://notcve.org/view.php?id=CVE-2024-36074
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint Protector or Unify server can cause a client to acquire and execute a malicious file resulting in remote code execution. • https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-39705
https://notcve.org/view.php?id=CVE-2024-39705
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. • https://github.com/nltk/nltk/issues/2522 https://github.com/nltk/nltk/issues/3266 https://www.vicarius.io/vsociety/posts/rce-in-python-nltk-cve-2024-39705-39706 • CWE-300: Channel Accessible by Non-Endpoint CWE-502: Deserialization of Untrusted Data •
CVE-2024-36075
https://notcve.org/view.php?id=CVE-2024-36075
The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify the archive on the server could obtain remote code execution as an administrator on an endpoint. • https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001E5lKAE.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •