Ma veille technologique :
Les Vulnérabilités

Article : Hackers exploit Control Web Panel flaw to open reverse shells

Par Ionut Ilascu - Publié le 12 janvier 2023

Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly known as CentOS Web Panel.

CVE : CVE-2022-44877 - Critical score : 9.8/10

Article : Windows zero-day vulnerability exploited in ransomware attacks

Par Sergiu Gatlán - Publié le 11 avril 2023

This vulnerability affects all versions of Windows server and client, and allows SYSTEM privileges to be obtained.
It is exploited by local attackers in low-complexity attacks without user interaction, and is exploited in Nokoyawa ransomware attacks.
This vulnerability has been fixed by Microsoft.

CVE : CVE-2023-28252

Article : Hackers use Rilide browser extension to bypass 2FA, steal crypto

Par Bill Toulas - Publié le 6 avril 2023

A new strain of malware called Rilide targets Chromium-based web browsers such as Google Chrome, Brave, Opera and Microsoft Edge, to monitor users' browsing history, take screenshots and inject scripts capable of stealing cryptocurrency.

Article : GitLab 'strongly recommends' patching max severity flaw ASAP

Par Bill Toulas - Publié le 24 May 2023

GitLab a publié une mise à jour de sécurité d'urgence, version 16.0.1, pour corriger une faille de gravité maximale de traversée de chemin identifiée.
CVE : CVE-2023-2825

Article : Exploit released for critical VMware SSH auth bypass vulnerability

Par Sergiu Gatlan - Publié le 1 septembre 2023

Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool.
Successful exploitation enables remote attackers to bypass SSH authentication on unpatched appliances and access the tool's command line interface in low-complexity attacks that don't require user interaction.

CVE : CVE-2023-28252