Rewterz Threat Advisory – CVE-2023-50089 – NETGEAR WNR2000v4 Vulnerability
December 19, 2023Rewterz Threat Advisory – Multiple Apache StreamPark Vulnerabilities
December 19, 2023Rewterz Threat Advisory – CVE-2023-50089 – NETGEAR WNR2000v4 Vulnerability
December 19, 2023Rewterz Threat Advisory – Multiple Apache StreamPark Vulnerabilities
December 19, 2023Severity
High
Analysis Summary
CVE-2023-46750
Apache Shiro could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability when “form” authentication is used. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
Impact
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2023-46750
Affected Vendors
Apache
Affected Products
- Apache Shiro 1.12.0
- Apache Shiro 2.0.0-alpha-3
Remediation
Upgrade to the latest version of Apache Shiro, available from the Apache Website.