

Rewterz Threat Alert – Active IOCs – Lokibot
December 31, 2020
Rewterz Threat Advisory – CVE-2020-26288 – Node.js parse-server module information disclosure
January 1, 2021
Rewterz Threat Alert – Active IOCs – Lokibot
December 31, 2020
Rewterz Threat Advisory – CVE-2020-26288 – Node.js parse-server module information disclosure
January 1, 2021Severity
High
Analysis Summary
Zoom could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the proxy server function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Gain Access
Affected Vendors
Zoom
Affected Products
Zoom Zoom Client 4.6.239.20200613
Remediation
Upgrade to the latest version of Zoom.