Path Traversal - Geek Feed

Adobe warns of critical ColdFusion bug with PoC exploit code

December 24, 2024December 24, 2024 geekfeed0Tagged adobe, ColdFusion, Emergency Update, exploit, Out-of-Band, Path Traversal, Security Update, Warning

Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. In an advisory released on Monday, the company says the flaw (tracked as CVE-2024-53961) is caused by a path traversal weakness that impacts Adobe ColdFusion versions 2023 and 2021 and can enable attackers to read arbitrary files on vulnerable servers. “Adobe is […]

2 mins read

D-Link won’t fix critical bug in 60,000 exposed EoL modems

November 13, 2024November 13, 2024 geekfeed0Tagged Authentication Bypass, Command Injection, D-Link, Dlink, hardware, Modem, Path Traversal, vulnerability

Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user’s password and take complete control of the device. The vulnerability was discovered in the D-Link DSL6740C modem by security researcher Chaio-Lin Yu (Steven Meow), who reported it to Taiwan’s […]

2 mins read

Ivanti warns of another critical CSA flaw exploited in attacks

September 20, 2024September 20, 2024 geekfeed0Tagged Actively Exploited, Cloud Services Appliance, Exploit Chain, Ivanti, Ivanti CSA, Path Traversal

Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure […]

3 mins read