Rewterz Threat Alert – New eCh0raix Ransomware Target (NAS) Devices From QNAP – Active IOCs
August 11, 2021Rewterz Threat Advisory –CVE-2021-22932 – Citrix ShareFile Vulnerability
August 11, 2021Rewterz Threat Alert – New eCh0raix Ransomware Target (NAS) Devices From QNAP – Active IOCs
August 11, 2021Rewterz Threat Advisory –CVE-2021-22932 – Citrix ShareFile Vulnerability
August 11, 2021Severity
High
Analysis Summary
CVE-2021-21501
Apache ServiceComb Service-Center could allow a remote attacker to traverse directories on the system, caused by an improper configuration flaw. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Impact
- Information Theft
- Unauthorized Access
Affected Vendors
Apache
Affected Products
- Apache ServiceComb ServiceCenter 1.4.8
Remediation
Upgrade to the latest version of ServiceComb ServiceCenter available from the service comb-service-center Repository.
https://github.com/apache/servicecomb-service-center/pull/788