Rewterz Threat Alert – APT-C-41 StrongPity – IOCs
January 18, 2021Rewterz Threat Advisory – CVE-2020-11997 – Apache Guacamole information disclosure
January 19, 2021Rewterz Threat Alert – APT-C-41 StrongPity – IOCs
January 18, 2021Rewterz Threat Advisory – CVE-2020-11997 – Apache Guacamole information disclosure
January 19, 2021Severity
High
Analysis Summary
CVE-2020-27873
Multiple NETGEAR Routers could allow a remote attacker to obtain sensitive information, caused by improper access control by the SOAP API endpoint. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system.
CVE-2020-27872
Multiple NETGEAR Routers could allow a remote attacker to execute arbitrary code on the system, caused by improper state tracking in the password recovery process in the mini_httpd service. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of root.
Impact
- Information disclosure
- Gain access
Affected Vendors
NETGEAR
Affected Products
R7450
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches.