Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 14, 2023
Severity High Analysis Summary Kimsuky is a North Korean advanced persistent threat (APT) group, also known as “Black Banshee”. The group has been active since at […]September 14, 2023Severity High Analysis Summary CVE-2023-4213 CVSS:8.8 Simplr Registration Form Plus+ plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by an […]September 14, 2023Severity High Analysis Summary CVE-2023-41032 CVSS:7.8 Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 14, 2023Severity High Analysis Summary Kimsuky is a North Korean advanced persistent threat (APT) group, also known as “Black Banshee”. The group has been active since at […]September 14, 2023Severity High Analysis Summary CVE-2023-4213 CVSS:8.8 Simplr Registration Form Plus+ plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by an […]September 14, 2023Severity High Analysis Summary CVE-2023-41032 CVSS:7.8 Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Alert – Gamaredon APT Using COVID-19 Lures
April 23, 2020Rewterz Threat Alert – Nanocore RAT- IOC’s
April 24, 2020
Severity
High
Analysis Summary
CVE-2018-4061
A specially crafted authenticated HTTP request can inject arbitrary commands, resulting in remote code execution.
CVE-2018-4062
Activating SNMPD outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate SNMPD without any configuration changes to trigger this vulnerability.
CVE-2018-4063
A specially crafted authenticated HTTP request can upload a file, resulting in an executable, routable code upload to the web server.
CVE-2018-4065
A specially crafted HTTP ping request can cause reflected JavaScript to be executed and run on the user’s browser. An attacker can exploit this by convincing a user to click a link or embedded URL that redirects to the reflected cross-site scripting vulnerability.
CVE-2018-4066
A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests through an authenticated user. Triggering this vulnerability may allow an attacker access to authenticated pages via an authenticated user.
CVE-2018-4067
A specially crafted authenticated HTTP request can cause an information leak, resulting in the disclosure of internal file paths.
CVE-2018-4069
The ACEManager authentication functionality is delivered in plaintext XML to the web server. An attacker can listen to network traffic upstream from the device, which may allow access to credentials.
Impact
- OS Command Injection
- Use of Hard-coded Credentials
- Unrestricted Upload of File with Dangerous Type
- Cross-site Scripting
- Cross-site Request Forgery
- Information Exposure
- Missing Encryption of Sensitive Data
Affected Vendors
Sierra Wireless
Affected Products
AirLink ALEOS
Remediation
Refer to ICS advisory for the list of affected products and upgraded patches.