Rewterz Threat Alert – Phemedrone Malware Distributed via Exploitation of Windows SmartScreen Vulnerability – Active IOCs
January 16, 2024Rewterz Threat Advisory –More Than 178,000 SonicWall Next-Generation Firewalls Found Publicly Exploitable
January 16, 2024Rewterz Threat Alert – Phemedrone Malware Distributed via Exploitation of Windows SmartScreen Vulnerability – Active IOCs
January 16, 2024Rewterz Threat Advisory –More Than 178,000 SonicWall Next-Generation Firewalls Found Publicly Exploitable
January 16, 2024Severity
Medium
Analysis Summary
CVE-2023-46749
Apache Shiro could allow a remote authenticated attacker to bypass security restrictions, caused by a path traversal attack. By sending a specially crafted request with path rewriting, an attacker could exploit this vulnerability to perform authentication bypass.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-46749
Affected Vendors
Apache
Affected Products
- Apache Shiro 1.12.0
Remediation
Upgrade to the latest version of Apache Shiro, available from the Apache Website.