Rewterz Threat Alert – WannaCry Ransomware – Active IOCs
August 23, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
August 23, 2021Rewterz Threat Alert – WannaCry Ransomware – Active IOCs
August 23, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
August 23, 2021Severity
High
Analysis Summary
CVE-2021-37598
Cerber Tech WP Cerber plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by improper validation of certain HTTP requests. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the access controls on an API endpoint
CVE-2021-37597
Cerber Tech WP Cerber plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by improper validation of certain HTTP parameters. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass administrative multi-factor authentication.
Impact
- Security Bypass
Affected Vendors
WordPress
Affected Products
Cerber Tech WP Cerber plugin for WordPress 8.9
Remediation
Upgrade to the latest version of WP Cerber plugin for WordPress, available from the Cerber Tech Website.