Category: CVEE
-
Critical SonicOS Vulnerability: What You Need to Know
A critical vulnerability in SonicOS (CVE-2024-40766) could allow attackers to gain unauthorized access to your network or crash your firewall. Understanding the Vulnerability SonicWall’s recently disclosed flaw affects their SonicOS, which powers many of their firewalls. The identified vulnerability is a critical access control issue (CVE-2024-40766) with a severity rating of 9.3 out of 10.…
//
-
Windows TCP/IP RCE Vulnerability
CVE-2024-38063 This has to do with the Windows TCP/IP stack, affecting nearly all supported Windows . it has a CVSS score of 9.8, and poses a threat due to its remote code execution capability. Some Details: Nature of the Vulnerability: CVE-2024-38063 is a “zero-click” exploit, “Attackers” can remotely send specially crafted IPv6 packets to target…
//
-
CVE-2024-6387 openssh-server in Proxmox 8 (Debian Bookworm) time to Update
If you are running Proxmox 8, make sure you update the openssh-server package. This doesn’t affect version 7 as it’s based on Bullseye, not Bookworm. From https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt regreSSHion background The Qualys Threat Research Unit (TRU) discovered this unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. This bug marks the first OpenSSH…
//
