[2024.10 Vulnerability Report] PHP Stack Buffer Overflow Vulnerability

Posted on 2024-10-022024-10-11 by monitorapp_admin

Vulnerability report written by the TA team by analyzing “PHP Stack Buffer Overflow Vulnerability” CVE-2023-3824 is a stack buffer overflow vulnerability in PHP that occurs when reading PHAR (PHP Archive) files. This vulnerability could allow attackers to cause memory corruption or execute remote code on the affected system. To mitigate this risk, it is crucial Read more about [2024.10 Vulnerability Report] PHP Stack Buffer Overflow Vulnerability[…]

[2024.08] Web Attack Trend Report

Posted on 2024-09-252024-09-25 by marketing

Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF as Read more about [2024.08] Web Attack Trend Report[…]

[2024.09 Vulnerability Report] Jenkins Arbitrary File Read

Posted on 2024-09-252024-09-27 by marketing

Vulnerability report written by the TA team by analyzing “Jenkins Arbitrary File Read” The vulnerability is a random file read vulnerability in Jenkins that could allow an agent-accessible attacker to connect with the controller and read to any file in the controller, which could lead to an RCE attack. The vulnerabilities were patched in Jenkins Read more about [2024.09 Vulnerability Report] Jenkins Arbitrary File Read[…]

[2024.08 Vulnerability Report] MS Office Zero-day vulnerability Follina(CVE-2022-30190)

Posted on 2024-08-292024-09-02 by marketing

Vulnerability report written by the TA team by analyzing “MS Office Zero-day vulnerability Follina(CVE-2022-30190)” CVE-2022-30190 is a remote code execution (RCE) vulnerability in Microsoft Support Diagnostic Tool (MSDT) that could allow attackers to execute arbitrary commands on a victim’s system via a malicious Word document. To prevent this vulnerability, it is important to apply the Read more about [2024.08 Vulnerability Report] MS Office Zero-day vulnerability Follina(CVE-2022-30190)[…]

[2024.07] Web Attack Trend Report

Posted on 2024-08-262024-08-26 by marketing

[2024.08 Vulnerability Report] Atlassian Confluence Remote Code Execution (CVE-2024-21683)

Posted on 2024-08-222024-08-22 by marketing

Vulnerability report written by the TA team by analyzing “Atlassian Confluence Remote Code Execution (CVE-2024-21683)” Atlassian Confluence Remote Code Execution The vulnerability is an RCE vulnerability in Confluence Data Center and Server that allows users with “Confusion Administrator” privileges to upload malicious JS files through the “Add New Language” feature in General Configuration – Configuration Read more about [2024.08 Vulnerability Report] Atlassian Confluence Remote Code Execution (CVE-2024-21683)[…]

[2024.07 Vulnerability Report] Jenkins Arbitrary File Leak Vulnerability (CVE-2024-23897)

Posted on 2024-07-302024-08-13 by marketing

Vulnerability report written by the TA team by analyzing “Jenkins Arbitrary File Leak Vulnerability (CVE-2024-23897)” This vulnerability, identified in Jenkins’ built-in command line interface (CLI) and its interaction with the args4j library, allows attackers to exploit the ability to substitute the file contents for the “@” character after a file path in command arguments. Unfortunately, Read more about [2024.07 Vulnerability Report] Jenkins Arbitrary File Leak Vulnerability (CVE-2024-23897)[…]

[2024.07 Vulnerability Report] Adobe Commerce & Magento XML External Entity(XXE) Injection

Posted on 2024-07-262024-08-13 by marketing

Vulnerability report written by the TA team by analyzing “Adobe Commerce & Magento XML External Entity(XXE) Injection” Adobe Commerce & Magento XML External Entity(XXE) Injection The vulnerability is an XML External Entities (XXE) Injection vulnerability from Adobe Commerce’s Magento, which allows you to insert malicious XML data into a vulnerable class through REST API to Read more about [2024.07 Vulnerability Report] Adobe Commerce & Magento XML External Entity(XXE) Injection[…]

[2024.06] Web Attack Trend Report

Posted on 2024-07-242024-07-25 by marketing

Weekly web attack trends Weekly web attack trends allow you to see when web attacks are most prevalent. This can help you plan ahead to prevent and respond to web attacks during peak periods. The graph below shows the web attacks detected by AIWAF Read more about [2024.06] Web Attack Trend Report[…]

[2024.06 Vulnerability Report] MOVEit Transfer SQL Injection(CVE-2023-34362)

Posted on 2024-06-272024-06-28 by marketing

Vulnerability report written by the TA team by analyzing “MOVEit Transfer SQL Injection(CVE-2023-34362)” This vulnerability is an attack exploited by the CL0P ransomware group, causing significant damage. Malicious users took advantage of the vulnerability to leak data and request money for stolen files. This vulnerability could allow an unauthenticated attacker to access and manipulate a Read more about [2024.06 Vulnerability Report] MOVEit Transfer SQL Injection(CVE-2023-34362)[…]

Solutions			Company	Support
WAAP	SWG	ZTNA	Who we are	Contact us
CDN	CASB		What we do	FAQ
DDoS	FWaaS		Career
WSPC	NGDPI
	ATP
	RBI