Critical RCE Flaw in the core Netgear Firmware Let Remote Attackers to Take Control of an Affected System

The cybersecurity organization GRIMM has recently announced vulnerability research towards a series of Netgear SOHO devices. The vulnerability that has been discovered generally enables remote code execution (RCE) as root and lets attackers take control of an affected system.  This vulnerability isn’t a typical router vulnerability, in this kind of vulnerability the actual source is […]

Continue Reading

U.S. Cyber Command Warns of Active Mass Exploitation Attempts Targeting Confluence Flaws

The cybersecurity authorities of the U.S. Cyber command have recently been notified regarding the increase in the number of scans and attempts to exploit a newly identified vulnerability in corporate servers along with the Atlassian Confluence wiki engine installed. CVE-2021-26084 in Confluence Server and Confluence Data Center software is the vulnerability that has been confirmed […]

Continue Reading

WhatsApp Image Filter Bug Let Hackers Steal Sensitive Data

The cybersecurity researchers of Check Point Software Technologies Ltd have recently detected a security vulnerability in the image filtering function of WhatsApp, the world’s most famous messaging application that has active users more than 2 billion. The news gets disclosed an hour after knowing that WhatsApp will have to pay 225 million dollars for not […]

Continue Reading

F5 BIG-IP Flaw Let Hackers Execute Arbitrary System Commands

F5 Networks have addressed critical vulnerabilities in its BIG-IP networking device. The vulnerability tracked as CVE-2021-23031 is a privilege escalation issue on BIG-IP Advanced Web Application Firewall (WAF) and Application Security Manager (ASM) Traffic Management User Interface (TMUI). BIG-IP Flaw According to the security advisory, when this vulnerability is exploited, an authenticated attacker with access […]

Continue Reading

Unpatched Fortinet Bug Would Allow Remote Attackers To Execute Arbitrary Commands

A 0-day command injection vulnerability was found in Fortinet FortiWeb (WAF), and the security report claimed that Fortinet will soon release a fix for this vulnerability. This vulnerability was initially detected by the cybersecurity researchers of Rapid7 it enables an authenticated attacker to administer arbitrary commands as root by the SAML server configuration page. Not […]

Continue Reading

Severe Vulnerabilities in Realtek SDK Affects Around Millions of IoT Devices

Researchers uncovered multiple severe vulnerabilities in Realtek SDK That affects nearly a million IoT devices, travel routers, Wi-Fi repeaters, IP camera, smart lights and more. Successful exploitation of these vulnerabilities allows attackers to fully compromise the target IoT devices and gain high-level privilege by executing the arbitrary code remotely. Realtek chipsets are used in various embedded devices […]

Continue Reading

Microsoft Reported Another Windows Print Spooler RCE Zero-day Bug

Another new zero-day vulnerability in “Windows Printing Spooler Service” has been reported by Microsoft. The experts of Microsoft have also stated that the threat actors who can strongly exploit this vulnerability could easily run the arbitrary code with SYSTEM privileges.  Microsoft recently patched remote code execution vulnerability in Windows Print Spooler. The flaw allows a […]

Continue Reading