Rewterz Threat Update – SeroXen RAT Malware Distributed via Malicious NuGet Packages
November 6, 2023Rewterz Threat Alert – A New SolarMarker Infostealer – Active IOCs
November 7, 2023Rewterz Threat Update – SeroXen RAT Malware Distributed via Malicious NuGet Packages
November 6, 2023Rewterz Threat Alert – A New SolarMarker Infostealer – Active IOCs
November 7, 2023Severity
Medium
Analysis Summary
CVE-2023-33226 CVSS:8
SolarWinds Network Configuration Manager could allow a remote attacker traverse directories on the system, caused by improper validation of archive contents. By providing a specially-crafted archive file containing “dot dot” sequences (/../), an attacker could exploit this vulnerability to overwrite executable files and either invoke them remotely or wait for the system or user to call them to execute arbitrary code with SYSTEM privileges on the system.
CVE-2023-33228 CVSS:4.5
SolarWinds Network Configuration Manager could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the SolarWinds Web Console. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-33226
- CVE-2023-33228
Affected Vendors
SolarWinds
Affected Products
- SolarWinds Network Configuration Manager 2023.3.1
Remediation
Refer to SolarWinds Web site for patch, upgrade or suggested workaround information.