Horizon3.ai
Horizon3.ai

Disclosures

Filters

Tags

Showing 7–12 of 15 results

Apache Superset Part II: RCE, Credential Harvesting and More

Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized attackers to gain admin access to these servers. We also alluded to methods that an attacker, logged in as an admin, could use to harvest credentials and execute...
Read More

CVE-2023-39143: PaperCut Path Traversal/File Upload RCE Vulnerability

Summary CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If you are a user of PaperCut on Windows, and have it exposed to the Internet, we recommend you check out the July 2023 PaperCut security bulletin and immediately...
Read More

CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution

Apache Superset is an open source data visualization and exploration tool. It has over 50K stars on GitHub, and there are more than 3000 instances of it exposed to the Internet. In our research, we found that a substantial portion of these servers – at least 2000 (two-thirds of all servers) – are running with a dangerous default configuration. As...
Read More

CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus

CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory. The vulnerability comprises several issues: untrusted Java deserialization, path traversal, and a blind XML External Entities (XXE) injection. This is a vulnerability that NodeZero, our autonomous pentesting product, has exploited to not only execute code...
Read More

Multiple Vulnerabilities in ResourceSpace

During our assessment of the ResourceSpace code base, we found three new vulnerabilities that could be exploited by an unauthenticated attacker. The most critical is CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse to gain remote code execution (RCE) privileges on the ResourceSpace server.
Read More

CVE-2021-27927: CSRF to RCE Chain in Zabbix

Zabbix is an enterprise IT network and application monitoring solution. In a routine review of its source code, we discovered a CSRF (cross-site request forgery) vulnerability in the authentication component of the Zabbix UI. Using this vulnerability, an unauthenticated attacker can take over the Zabbix administrator's account if the attacker can persuade the Zabbix administrator to follow a malicious link....
Read More

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.