CVE-2023-4473

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Nov 30, 2023 / Updated: 11mo ago

CVE-2023-37928 A post-authentication command injection vulnerability in the WSGI server in Zyxel NAS devices could allow an authenticated attacker to execute some OS commands by sending a crafted URL to a vulnerable device. CVE-2023-4474 The improper neutralization of special elements in the WSGI server in Zyxel NAS devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted URL to a vulnerable device.

Post-auth blind Python code injection vulnerabilities exist when some Zyxel NAS versions improperly handle user provided input. The web management interface appears to be vulnerable to Python code injection attacks.

For example, chaining this authentication bypass vulnerability with the package initialization mechanism's post-auth OS command injection vulnerability allows an unauthenticated, remote attacker to execute arbitrary commands on the affected device. The web management interface appears to be vulnerable to OS command injection because an attacker can use the semicolon "" character to append arbitrary commands to the intended command string executed by the application.

VulnCheck Initial Access Intelligence equips organizations and security teams with detection artifacts such as Suricata signatures, YARA rules, PCAPs, and private exploit PoCs to defend against initial access vulnerabilities that are either already being exploited or likely to be exploited soon. In July 2024, VulnCheck crossed 250+ Initial Access Intelligence (IAI) artifacts, developing artifacts for 14 CVEs, covering 13 different vendors and 10 different products.

While monitoring attacks targeting MS-SQL servers, AhnLab SEcurity intelligence Center (ASEC) recently identified cases of the TargetCompany ransomware group installing the Mallox ransomware . Cookies and other credentials remain a high value target for attackers, and we are trying to tackle this ongoing threat in multiple ways, including working on web standards like DBSC that will help disrupt the cookie theft industry since exfiltrating these cookies will no longer have any value .

IT Security News Daily Summary 2024-05-05 USENIX Security ’23 – A Bug’s Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy Bugs – Distinguished Paper Award Winner Don’t Overlook the Cyber Risks for Operational Technology Lineaje Tackles Open-Source Management with New Solution The Quantum Security Challenge: Data Resilience Around the Unknown AI Could Transform Detection and Response as Legacy MDRs Lack Report: Spanish Authorities Discover CPF Nomination Note on iPad of Slain Singaporean Woman in Spain Hackers are Targeting Routers Across the Globe NATO and the EU formally condemned Russia-linked APT28 cyber espionage Offensive Awakening: The 2024 Shift from Defensive to Proactive Security End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement CISA Ask Companies to Fix Path Traversal Vulnerabilities NSW Cybercrime Squad Arrests Suspect in Million-Person Data Breach Case GenAI Continues to Dominate CIO and CISO Conversations RSAC 2024 Innovation Sandbox Reality Defender: Deepfake Detection Platform Insect Farmers Embrace AI to Drive Down Production Costs Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks nslookup’s Debug Options, (Sun, May 5th) USENIX Security ’23 – Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs IT Security News Daily Summary 2024-05-04 Pay up, or else?

Google Cloud Threat Intelligence THREAT INTELLIGENCE/HUNTING

- www.securityweek.com : Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches For me, a few key takeaways: 1) the human is still the weak link to building an effective cybersecurity program – exploitation of authentication credentials; 2) Ransomware had a very good year in 2023 – increase in both attacks and payouts; and 3) software supply chain attacks also had a good year and has become a major concern for security professionals.