Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). “The two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable […]
Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, […]
Juniper Networks, a company that manufactures widely used networking equipment as well as security solutions, has issued a warning about vulnerabilities that are present in the operating systems of many of its devices. The business has acknowledged in not one but two distinct security alerts that were either released or revised this week that the […]
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. The Shadowserver Foundation said that it’s “seeing exploitation attempts from multiple IPs for Juniper J-Web CVE-2023-36844 (& friends) targeting /webauth_operation.php endpoint,” the same day a proof-of-concept (PoC) became available. The issues, […]
The security experts at Bishop Fox have identified a major issue in several FortiGate firewalls and have given it the tracking identifier CVE-2023-27997. This flaw puts the firewalls at danger, despite a recent security patch update that was released by Fortinet. This bug, which is known as an RCE flaw (which stands for “Remote Code […]
Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability, tracked as CVE-2023-27997, is “reachable pre-authentication, on every SSL VPN appliance,” Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet […]
Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw […]
Cybercriminal groups have been exploiting a critical vulnerability in F5 BIG-IP solutions to erase file systems on affected devices, rendering servers completely useless. Tracked as CVE-2022-1388, successful exploitation of the flaw would allow remote threat actors to execute commands on BIG-IP network devices with root user privileges, making it a critical security risk. The company […]
A recent cybersecurity report revealed the patching of at least four vulnerabilities in SonicOS, the operating system with which multiple solutions developed by the technology firm SonicWall work. According to this report, the successful exploitation of these flaws would have allowed threat actors to deploy multiple cyberattacks. Below are brief descriptions of the reported flaws, […]
U.S. authorities announced the closure of the Cyclops Blink botnet, run by the Sandworm hacking group, allegedly funded by the Russian government. The malware used by this group mainly targets ASUS routers and WatchGuard Firebox firewalls. The researchers mention that Cyclops Blink allowed threat actors to gain persistence on affected devices through firmware updates, providing […]
Information security specialists reported the detection of two security flaws affecting several firewall models developed by technology firm F5 Networks. According to the report, successful exploitation would allow malicious hackers to deploy severe attack scenarios. Below are brief descriptions of the reported flaws, in addition to their assigned tracking keys and scores according to the […]
Cybersecurity specialists from the University of Maryland and the University of Colorado Boulder have recently published the verdict of a flaw that they have found in the form of some middlebox models. They claimed that it is a term relating to computer network devices that modify, examine, filter, and manage traffic with a motive other […]
Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service (DoS) amplification attacks against any target, surpassing many of the existing UDP-based amplification factors to date. Detailed by a group of academics from the University of Maryland and the University of […]
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a “small subset” of its security products such as firewall and VPN servers. Attributing the attacks to a “sophisticated threat actor,” the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, […]
LightBulb is an open source python framework for auditing web application firewalls and filters. Web Applications Firewalls (WAFs) are fundamental building blocks of modern application security. For example, the PCI standard for organizations handling credit card transactions dictates that any application facing the internet should be either protected by a WAF or successfully pass a […]
The Completely Automated Public Turing test to tell Computers and Humans Apart, most commonly known as CAPTCHA, is a system for creating challenges that must be completed before users can advance on a website. According to IT system audit specialists, the main function of a CAPTCHA challenge is to prevent hackers from using automated bots […]
WAFNinja is a CLI tool written in Python and helps penetration testers to bypass a WAF by automating steps necessary for bypassing input validation. The tool was created with the objective to be easily extendible, simple to use and usable in a team environment. Many payloads and fuzzing strings, which are stored in a local […]
Currently Web Application Firewall performing a major role in Web application protection since the web applications are primary targets for cybercriminals and the impact that occurs due to cyber attack is unbearable one for any of the organization and it leads to financial and reputation loss. Also web applications an entry point of the attackers […]
Automate SSH communication with firewalls, switches, etc. Description These scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into […]
There are some phrases that you hear bandied about, and you think that you know what they are. You have a basic understanding and that suits your current needs. Firewall is one of these words. You will be familiar with it already, but do you really know what one is? In its simplest terms, a […]
WhatWaf is an advanced firewall detection tool who’s goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/–url […]