Found 3 bookmarks
Newest
90s Vulns In 90s Software (Exim) - Is the Sky Falling?
90s Vulns In 90s Software (Exim) - Is the Sky Falling?
A few days ago, ZDI went public with no less than six 0days in the popular mail server Exim. Ranging from ‘potentially world-ending' through to ‘a bit of a damp squib’, these bugs were apparently discovered way back in June 2022 (!) - but naturally got caught up in the void between the ZDI and Exim for quite some time. Mysterious void.
#labs.watchtowr#EN#2023#Exim#analysis#CVE-2023-42115
·labs.watchtowr.com·
90s Vulns In 90s Software (Exim) - Is the Sky Falling?
CVE-2023-36844 And Friends: RCE In Juniper Devices
CVE-2023-36844 And Friends: RCE In Juniper Devices
As part of our Continuous Automated Red Teaming and Attack Surface Management technology - the watchTowr Platform - we're incredibly proud of our ability to discover nested, exploitable vulnerabilities across huge attack surfaces. Through our rapid PoC process, we enable our clients to understand if they are vulnerable to emerging
#labs.watchtowr#EN#2023#CVE-2023-36844#Juniper#RCE#analysis
·labs.watchtowr.com·
CVE-2023-36844 And Friends: RCE In Juniper Devices
Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was
Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was
When Lexfo Security teased a critical pre-authentication RCE bug in FortiGate devices on Saturday 10th, many people speculated on the practical impact of the bug. Would this be a true, sky-is-falling level vulnerability like the recent CVE-2022-42475? Or was it some edge-case hole, requiring some unusual and exotic requisite before any exposure? Others even went further, questioning the legitimacy of the bug itself. Details were scarce and guesswork was rife.
#labs.watchtowr#EN#2023#Xortigate#XOR#RCE#CVE-2023-27997#FortiGate#analysis
·labs.watchtowr.com·
Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was