CVE-2024-21733 Apache Tomcat HTTP Request Smuggling

CVE-2024-21733 Apache Tomcat HTTP Request Smuggling

Our security research team recently discovered a critical “0day” vulnerability which was assigned CVE-2024-21733. The vulnerability was discovered by xer0dayz from Sn1perSecurity LLC and allows attackers to force a victim’s browser to de-synchronize its connection with websites hosted on top of Apache Tomcat, causing sensitive data to be smuggled from the server and/or client connections. In some cases, this can leak sensitive data such as clear-text credentials.

Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes

(more…)

Dark Web Monitoring

Dark Web Monitoring: Securing Your External Attack Surface

In today’s digital era, data breaches and cyber-attacks are increasing day by day, and with the increasing amount of data being stored and transmitted online, the threat is real. Hackers and cybercriminals are constantly looking for vulnerabilities to exploit in your organization’s system. With the advent of the dark web, a new type of marketplace for hackers has emerged. Here, they can buy and sell stolen data, tools, and services, making it even easier for them to launch an attack. In this article, we will discuss what dark web monitoring is and how it can help secure your external attack surface.

(more…)

Sn1per-CVE-2022-26134-detection1

Confluence RCE via OGNL template injection (CVE-2022-26134)

A critical vulnerability affecting the Atlassian Confluence was disclosed and designated CVE-2022-26134 which allows an un-authenticated attacker to execute arbitrary code on vulnerable servers. A number of Proof-of-Concept (PoC) exploits were published online and exploit activity is actively being observed. Given the impact and severity of the vulnerability, Sn1perSecurity has released an out-of-band update to help detect vulnerable servers in your environment using Sn1per Professional and Sn1per Enterprise.

Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes

(more…)

Sn1per-CVE-2022-1388-Scanner1

BIG-IP iControl REST RCE (CVE-2022-1388) Detection with Sn1per Professional

A critical vulnerability affecting the F5 BIG-IP devices was disclosed and designated CVE-2022-1388 which allows an un-authenticated attacker to execute arbitrary code on vulnerable servers. A number of Proof-of-Concept (PoC) exploits were published online and exploit activity is actively being observed. Given the impact and severity of the vulnerability, Sn1perSecurity has released an out-of-band update to help detect vulnerable servers in your environment using Sn1per Professional.

Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes

(more…)

VMware Workspace ONE Access freemarker SSTI (CVE-2022-22954) Detection with Sn1per Professional

Information regarding a critical 0-day vulnerability affecting the VMware Workspace ONE Access and Identity Manager was disclosed and designated CVE-2022-22954 which allows an un-authenticated attacker to execute arbitrary code on vulnerable servers. On April 14th, CISA & US-Cert added CVE-2022-22954 to their catalog of known exploited vulnerabilities after a number of Proof-of-Concept (PoC) exploits were published online and exploit activity was actively observed. Given the impact and severity of the vulnerability, Sn1perSecurity has released an out-of-band update to help detect vulnerable servers in your environment using Sn1per Professional.

Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes

(more…)