#authenticationbypass — Public Fediverse posts

Cisco SD-WAN Flaw Exploited in Zero-Day Attacks

A critical vulnerability in Cisco's SD-WAN system is being actively exploited, allowing attackers to bypass authentication and gain unauthorized access. This high-risk flaw, tracked as CVE-2026-20182, affects both on-prem and cloud deployments of Cisco Catalyst SD-WAN products.

https://osintsights.com/cisco-sd-wan-flaw-exploited-in-zero-day-attacks?utm_source=mastodon&utm_medium=social

#ZeroDay #Cisco #Sdwan #Cve202620182 #AuthenticationBypass

Cisco SD-WAN Flaw Exploited in Zero-Day Attacks

A critical vulnerability in Cisco's SD-WAN system is being actively exploited, allowing attackers to bypass authentication and gain unauthorized access. This high-risk flaw, tracked as CVE-2026-20182, affects both on-prem and cloud deployments of Cisco Catalyst SD-WAN products.

https://osintsights.com/cisco-sd-wan-flaw-exploited-in-zero-day-attacks?utm_source=mastodon&utm_medium=social

#ZeroDay #Cisco #Sdwan #Cve202620182 #AuthenticationBypass

Cisco SD-WAN Flaw Actively Exploited for Admin Access

Cisco is urging customers to update their SD-WAN systems immediately due to a critical vulnerability that allows hackers to bypass authentication and gain admin access. This high-severity flaw, already being exploited, could put your entire system at risk if left unpatched.

https://osintsights.com/cisco-sd-wan-flaw-actively-exploited-for-admin-access?utm_source=mastodon&utm_medium=social

#Cisco #Sdwan #Cve202620182 #AuthenticationBypass #AdminAccess

cPanel Flaw Exploited to Deploy Filemanager Backdoor

Over 2,000 attacker source IPs worldwide are currently involved in automated attacks exploiting a critical cPanel vulnerability, CVE-2026-41940, which allows remote attackers to gain elevated control and deploy malicious backdoors. This flaw has been targeted by multiple actors for a range of malicious outcomes, including…

https://osintsights.com/cpanel-flaw-exploited-to-deploy-filemanager-backdoor?utm_source=mastodon&utm_medium=social

#CpanelVulnerability #Cve202641940 #AuthenticationBypass #EmergingThreats #MalwareOperations

cPanel Vulnerability Exploited to Target Gov't, MSP Networks

A critical cPanel vulnerability, CVE-2026-41940, is being actively exploited by attackers to bypass authentication and gain control of government, military, MSP, and hosting provider networks. This alarming threat uses hard-coded credentials and cleverly defeats CAPTCHA protections to wreak havoc on vulnerable systems.

https://osintsights.com/cpanel-vulnerability-exploited-to-target-govt-msp-networks?utm_source=mastodon&utm_medium=social

#CpanelVulnerability #Cve202641940 #AuthenticationBypass #GovernmentNetworks #Msp

cPanel flaw fuels mass Sorry ransomware attacks

A critical flaw in cPanel, tracked as CVE-2026-41940, has been exploited in a massive ransomware campaign, compromising at least 44,000 IP addresses. This alarming attack has already been used in the wild as a zero-day, with threat actors accessing control panels and wreaking havoc on web hosting systems.

https://osintsights.com/cpanel-flaw-fuels-mass-sorry-ransomware-attacks?utm_source=mastodon&utm_medium=social

#Cpanel #Cve202641940 #Ransomware #SorryRansomware #AuthenticationBypass

Vulnerability Exploits Surge Against cPanel and WHM Software

A critical vulnerability, CVE-2026-41940, with a near-perfect severity score of 9.8, has been discovered in cPanel and WHM software, allowing hackers to bypass authentication and gain unauthorized access to your control panel. This flaw puts your online security at risk, so taking immediate action is crucial.

https://osintsights.com/vulnerability-exploits-surge-against-cpanel-and-whm-software?utm_source=mastodon&utm_medium=social

#Cpanel #WhmSoftware #AuthenticationBypass #Cve202641940 #VulnerabilityExploits

cPanel vulnerability exploited in wild, CISA warns

A critical cPanel vulnerability, CVE-2026-41940, with a near-perfect 9.8 CVSS score, is being exploited in the wild, putting roughly 1.5 million exposed instances at risk of being opened without a password. This flaw allows attackers to bypass authentication by cleverly manipulating the password field with hidden line breaks.

https://osintsights.com/cpanel-vulnerability-exploited-in-wild-cisa-warns?utm_source=mastodon&utm_medium=social

#Cpanel #Cve202641940 #AuthenticationBypass #EmergingThreats #VulnerabilityExploitation

cPanel vulnerability exploited in wild, CISA warns

A critical cPanel vulnerability, CVE-2026-41940, with a near-perfect 9.8 CVSS score, is being exploited in the wild, putting roughly 1.5 million exposed instances at risk of being opened without a password. This flaw allows attackers to bypass authentication by cleverly manipulating the password field with hidden line breaks.

https://osintsights.com/cpanel-vulnerability-exploited-in-wild-cisa-warns?utm_source=mastodon&utm_medium=social

#Cpanel #Cve202641940 #AuthenticationBypass #EmergingThreats #VulnerabilityExploitation

Biometric Authentication Fortifies Against Stolen Credential Attacks

In a world where stolen credentials can turn authentication systems against us, traditional multifactor authentication can become just another vulnerability to exploit. Biometric authentication offers a powerful solution, fortifying defenses against stolen credential attacks by making it…

https://osintsights.com/biometric-authentication-fortifies-against-stolen-credential-attacks?utm_source=mastodon&utm_medium=social

#BiometricAuthentication #MultifactorAuthentication #StolenCredentials #AuthenticationBypass #EmergingThreats

Microsoft Authenticator’s Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)
This vulnerability is an Authentication Bypass, specifically a session hijacking issue affecting the Microsoft Authenticator app. The root cause was improper handling of deep links within the application, which allowed malicious actors to craft unclaimed deep links containing account tokens. When users clicked these links, their active sessions were hijacked, resulting in full account takeover without requiring any user interaction other than clicking a link. To exploit this, an attacker could generate a malicious deep link with an embedded account token and share it via SMS or email. The session hijack occurred due to the application's failure to verify the authenticity of deep links before processing them. This vulnerability has been assigned CVE-2026–26123. Microsoft rewarded $50,000 for this find and immediately patched the issue. To prevent similar vulnerabilities, it is crucial to thoroughly validate and sanitize all user-controlled inputs, including deep links. Key lesson: Always verify the authenticity of user-supplied data before processing it. #BugBounty #Cybersecurity #AuthenticationBypass #SessionHijacking #Infosec

https://infosecwriteups.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?source=rss------bug_bounty-5

LM Challenge-Response Hash Always Sent in SMB Authentication
This vulnerability is an Authentication Bypass due to the consistent transmission of LM Challenge-Response hash during SMB authentication. The application failed to disable the LM hash in favor of the more secure NTLM hash, allowing attackers to perform offline attacks against weak LM hashes. The researcher discovered this by observing the network traffic during SMB authentication and identifying the presence of LM hashes, which should have been deprecated. The LM hash is susceptible to dictionary attacks, allowing attackers to crack passwords offline. The system's flawed configuration resulted in the consistent transmission of LM hashes, making it easier for attackers to perform offline attacks. This vulnerability could lead to account takeovers, unauthorized access, and data breaches. The researcher received $5,000 for this discovery. To prevent similar issues, it is crucial to disable the LM hash and ensure that only NTLM hashes are transmitted during SMB authentication. Key lesson: Always use stronger authentication mechanisms like NTLM over deprecated LM hashes. #BugBounty #Cybersecurity #WebSecurity #AuthenticationBypass #SMB

https://hackerone.com/reports/3584491

A critical flaw in a popular WordPress theme has fueled over 150,000 cyberattack attempts, hitting SMEs hard. Could your site be next? Learn what's behind the spike and how to protect yourself.

https://thedefendopsdiaries.com/exploitation-of-jobmonster-wordpress-theme-vulnerability-trends-impact-and-mitigation/

#wordpresssecurity
#jobmonster
#cyberattacks
#authenticationbypass
#smeprotection

A tiny flaw in the Service Finder theme could let hackers in—and it's easier to fix than you think. Discover practical steps like regular audits and multi-factor authentication that can lock your site down.

https://thedefendopsdiaries.com/mitigating-authentication-bypass-in-the-service-finder-wordpress-theme-practical-steps-and-strategies/

#wordpresssecurity
#authenticationbypass
#websitemitigation
#servicefindertheme
#cybersecuritytips

High-severity vulnerability in Passwordstate credential manager. Patch now. - The maker of Passwordstate, an enterprise-grade password man... - https://arstechnica.com/security/2025/08/high-severity-vulnerability-in-passwordstate-credential-manager-patch-now/ #authenticationbypass #passwordmanagers #vulnerabilities #security #patches #biz&it

Passkey Login Bypassed via WebAuthn Process Manipulation https://www.securityweek.com/passkey-login-bypassed-via-webauthn-process-manipulation/ #authenticationbypass #browserextension #Identity&Access #Featured #passkey

Passkey Login Bypassed via WebAuthn Process Manipulation https://www.securityweek.com/passkey-login-bypassed-via-webauthn-process-manipulation/ #authenticationbypass #browserextension #Identity&Access #Featured #passkey

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass https://www.securityweek.com/flaws-expose-100-dell-laptop-models-to-implants-windows-login-bypass/ #authenticationbypass #EndpointSecurity #vulnerability #Featured #firmware #Revault #laptop #Dell

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass https://www.securityweek.com/flaws-expose-100-dell-laptop-models-to-implants-windows-login-bypass/ #authenticationbypass #EndpointSecurity #vulnerability #Featured #firmware #Revault #laptop #Dell

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications https://www.securityweek.com/flaw-in-vibe-coding-platform-base44-exposed-private-enterprise-applications/ #ArtificialIntelligence #authenticationbypass #ApplicationSecurity #vulnerability #vibecoding #Base44 #Wix #AI

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications https://www.securityweek.com/flaw-in-vibe-coding-platform-base44-exposed-private-enterprise-applications/ #ArtificialIntelligence #authenticationbypass #ApplicationSecurity #vulnerability #vibecoding #Base44 #Wix #AI

Critical Authentication Bypass Flaw Patched in Teleport – Source: www.securityweek.com https://ciso2ciso.com/critical-authentication-bypass-flaw-patched-in-teleport-source-www-securityweek-com/ #rssfeedpostgeneratorecho #authenticationbypass #CyberSecurityNews #vulnerabilities #securityweekcom #Vulnerability #securityweek #Teleport

Critical Authentication Bypass Flaw Patched in Teleport https://www.securityweek.com/critical-authentication-bypass-flaw-patched-in-teleport/ #authenticationbypass #Vulnerabilities #vulnerability #Teleport

Critical Authentication Bypass Flaw Patched in Teleport https://www.securityweek.com/critical-authentication-bypass-flaw-patched-in-teleport/ #authenticationbypass #Vulnerabilities #vulnerability #Teleport

CISA Warns of CrushFTP Exploit Letting Attackers Bypass Authentication https://thecyberexpress.com/cisa-adds-cve-2025-31161-to-kev-catalog/ #authenticationbypass #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202531161 #CyberNews #CrushFTP

GitLab's Critical Vulnerability Fixes: What You Need to Know

https://thedefendopsdiaries.com/gitlabs-critical-vulnerability-fixes-what-you-need-to-know/

#gitlab
#cybersecurity
#vulnerability
#saml
#authenticationbypass

Krytyczny błąd 0day w Fortigate. Jest w trakcie exploitacji, przejmują dostępy do VPNa w firmach.

Luka umożliwia pełne przejęcie urządzenia z poziomu Internetu. Tj. zdobycie uprawnień super-admina. Podatność jest wykorzystywana w realnych atakach, najprawdopodobniej od okolic grudnia 2024. Nie wiadomo dokładnie jaka grupa odpowiedzialna jest za ataki. W ramach ataków wykonywane są takie operacje jak: Podatne są FortiOS (7.0.0 do 7.0.16) oraz FortiProxy (linia 7.0.x...

#WBiegu #0Day #AuthBypass #AuthenticationBypass #Fortigate #VPN

https://sekurak.pl/krytyczny-blad-0day-w-fortigate-jest-w-trakcie-exploitacji-przejmuja-dostepy-do-vpna-w-firmach/

GitLab Urges Organizations To Patch For Authentication Bypass Vulnerability https://cybersecuritynews.com/gitlab-authentication-bypass-vulnerability/ #AuthenticationBypass #GitLabVulnerability #CyberSecurityNews #cybersecuritynews #SecurityUpdates #Vulnerability #CVE202445409

Critical Veeam Backup Enterprise Manager authentication bypass bug – Source: securityaffairs.com https://ciso2ciso.com/critical-veeam-backup-enterprise-manager-authentication-bypass-bug-source-securityaffairs-com/ #rssfeedpostgeneratorecho #ITInformationSecurity #authenticationbypass #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Security #hacking #Veeam

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

GitLab Security Update: Critical Patches Released

Date: April 24, 2024
CVE: Multiple (e.g., CVE-2024-4024, CVE-2024-2434)
Vulnerability Type: Authentication Issues, Path Traversal, DoS, Information Disclosure
CWE: [[CWE-287]], [[CWE-22]], [[CWE-400]], [[CWE-284]]
Sources: GitLab Security Release

Issue Summary

GitLab has released critical security updates (16.11.1, 16.10.4, 16.9.6) addressing multiple high and medium severity vulnerabilities across various versions. The identified issues include authentication bypass, path traversal, and denial of service attacks.

Technical Key findings

Key vulnerabilities allow unauthorized account access, server file reading, and service disruption due to inadequate input validation and authentication checks.

Table of security fixes

|Title|Severity|
|---|---|
|GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider|High|
|Path Traversal leads to DoS and Restricted File Read|High|
|Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search|High|
|Personal Access Token scopes not honoured by GraphQL subscriptions|Medium|
|Domain based restrictions bypass using a crafted email address|Medium|

Vulnerable products

• GitLab Community Edition (CE)
• GitLab Enterprise Edition (EE)all versions starting from 7.8 before 16.9.6all versions starting from 16.10 before 16.10.4 all versions starting from 16.11 before 16.11.1.

Impact assessment

Exploits could lead to account takeovers, unauthorized access to sensitive data, and significant service disruptions affecting availability and integrity.

Patches or workaround

Upgrading to the latest versions (16.11.1, 16.10.4, 16.9.6) is strongly recommended as they contain necessary security fixes. To update GitLab, see the Update page.

Tags

#GitLab #CVE-2024-4024 #CVE-2024-2434 #AuthenticationBypass #PathTraversal #DenialOfService #PatchRelease

GitLab Security Update: Critical Patches Released

Date: April 24, 2024
CVE: Multiple (e.g., CVE-2024-4024, CVE-2024-2434)
Vulnerability Type: Authentication Issues, Path Traversal, DoS, Information Disclosure
CWE: [[CWE-287]], [[CWE-22]], [[CWE-400]], [[CWE-284]]
Sources: GitLab Security Release

Issue Summary

GitLab has released critical security updates (16.11.1, 16.10.4, 16.9.6) addressing multiple high and medium severity vulnerabilities across various versions. The identified issues include authentication bypass, path traversal, and denial of service attacks.

Technical Key findings

Key vulnerabilities allow unauthorized account access, server file reading, and service disruption due to inadequate input validation and authentication checks.

Table of security fixes

|Title|Severity|
|---|---|
|GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider|High|
|Path Traversal leads to DoS and Restricted File Read|High|
|Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search|High|
|Personal Access Token scopes not honoured by GraphQL subscriptions|Medium|
|Domain based restrictions bypass using a crafted email address|Medium|

Vulnerable products

• GitLab Community Edition (CE)
• GitLab Enterprise Edition (EE)all versions starting from 7.8 before 16.9.6all versions starting from 16.10 before 16.10.4 all versions starting from 16.11 before 16.11.1.

Impact assessment

Exploits could lead to account takeovers, unauthorized access to sensitive data, and significant service disruptions affecting availability and integrity.

Patches or workaround

Upgrading to the latest versions (16.11.1, 16.10.4, 16.9.6) is strongly recommended as they contain necessary security fixes. To update GitLab, see the Update page.

Tags

#GitLab #CVE-2024-4024 #CVE-2024-2434 #AuthenticationBypass #PathTraversal #DenialOfService #PatchRelease

GitLab Security Update: Critical Patches Released

Date: April 24, 2024
CVE: Multiple (e.g., CVE-2024-4024, CVE-2024-2434)
Vulnerability Type: Authentication Issues, Path Traversal, DoS, Information Disclosure
CWE: [[CWE-287]], [[CWE-22]], [[CWE-400]], [[CWE-284]]
Sources: GitLab Security Release

Issue Summary

GitLab has released critical security updates (16.11.1, 16.10.4, 16.9.6) addressing multiple high and medium severity vulnerabilities across various versions. The identified issues include authentication bypass, path traversal, and denial of service attacks.

Technical Key findings

Key vulnerabilities allow unauthorized account access, server file reading, and service disruption due to inadequate input validation and authentication checks.

Table of security fixes

|Title|Severity|
|---|---|
|GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider|High|
|Path Traversal leads to DoS and Restricted File Read|High|
|Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search|High|
|Personal Access Token scopes not honoured by GraphQL subscriptions|Medium|
|Domain based restrictions bypass using a crafted email address|Medium|

Vulnerable products

• GitLab Community Edition (CE)
• GitLab Enterprise Edition (EE)all versions starting from 7.8 before 16.9.6all versions starting from 16.10 before 16.10.4 all versions starting from 16.11 before 16.11.1.

Impact assessment

Exploits could lead to account takeovers, unauthorized access to sensitive data, and significant service disruptions affecting availability and integrity.

Patches or workaround

Upgrading to the latest versions (16.11.1, 16.10.4, 16.9.6) is strongly recommended as they contain necessary security fixes. To update GitLab, see the Update page.

Tags

#GitLab #CVE-2024-4024 #CVE-2024-2434 #AuthenticationBypass #PathTraversal #DenialOfService #PatchRelease

GitLab Security Update: Critical Patches Released

Date: April 24, 2024
CVE: Multiple (e.g., CVE-2024-4024, CVE-2024-2434)
Vulnerability Type: Authentication Issues, Path Traversal, DoS, Information Disclosure
CWE: [[CWE-287]], [[CWE-22]], [[CWE-400]], [[CWE-284]]
Sources: GitLab Security Release

Issue Summary

GitLab has released critical security updates (16.11.1, 16.10.4, 16.9.6) addressing multiple high and medium severity vulnerabilities across various versions. The identified issues include authentication bypass, path traversal, and denial of service attacks.

Technical Key findings

Key vulnerabilities allow unauthorized account access, server file reading, and service disruption due to inadequate input validation and authentication checks.

Table of security fixes

|Title|Severity|
|---|---|
|GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider|High|
|Path Traversal leads to DoS and Restricted File Read|High|
|Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search|High|
|Personal Access Token scopes not honoured by GraphQL subscriptions|Medium|
|Domain based restrictions bypass using a crafted email address|Medium|

Vulnerable products

• GitLab Community Edition (CE)
• GitLab Enterprise Edition (EE)all versions starting from 7.8 before 16.9.6all versions starting from 16.10 before 16.10.4 all versions starting from 16.11 before 16.11.1.

Impact assessment

Exploits could lead to account takeovers, unauthorized access to sensitive data, and significant service disruptions affecting availability and integrity.

Patches or workaround

Upgrading to the latest versions (16.11.1, 16.10.4, 16.9.6) is strongly recommended as they contain necessary security fixes. To update GitLab, see the Update page.

Tags

#GitLab #CVE-2024-4024 #CVE-2024-2434 #AuthenticationBypass #PathTraversal #DenialOfService #PatchRelease

GitLab Security Update: Critical Patches Released

Date: April 24, 2024
CVE: Multiple (e.g., CVE-2024-4024, CVE-2024-2434)
Vulnerability Type: Authentication Issues, Path Traversal, DoS, Information Disclosure
CWE: [[CWE-287]], [[CWE-22]], [[CWE-400]], [[CWE-284]]
Sources: GitLab Security Release

Issue Summary

GitLab has released critical security updates (16.11.1, 16.10.4, 16.9.6) addressing multiple high and medium severity vulnerabilities across various versions. The identified issues include authentication bypass, path traversal, and denial of service attacks.

Technical Key findings

Key vulnerabilities allow unauthorized account access, server file reading, and service disruption due to inadequate input validation and authentication checks.

Table of security fixes

|Title|Severity|
|---|---|
|GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider|High|
|Path Traversal leads to DoS and Restricted File Read|High|
|Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search|High|
|Personal Access Token scopes not honoured by GraphQL subscriptions|Medium|
|Domain based restrictions bypass using a crafted email address|Medium|

Vulnerable products

• GitLab Community Edition (CE)
• GitLab Enterprise Edition (EE)all versions starting from 7.8 before 16.9.6all versions starting from 16.10 before 16.10.4 all versions starting from 16.11 before 16.11.1.

Impact assessment

Exploits could lead to account takeovers, unauthorized access to sensitive data, and significant service disruptions affecting availability and integrity.

Patches or workaround

Upgrading to the latest versions (16.11.1, 16.10.4, 16.9.6) is strongly recommended as they contain necessary security fixes. To update GitLab, see the Update page.

Tags

#GitLab #CVE-2024-4024 #CVE-2024-2434 #AuthenticationBypass #PathTraversal #DenialOfService #PatchRelease

GitLab Vulnerability to GitHub-Style CDN Flaw Allowing Malware Hosting

Date: April 22, 2024
CVE: Not specifically assigned
Vulnerability Type: Authentication bypass
CWE: [[CWE-22]], [[CWE-427]]
Sources: Bleeping Computer Article, Duo Security Article

Issue Summary

GitLab has been identified as vulnerable to a similar flaw that was found in GitHub, where the platform's "comments" feature can be abused to host malware. This vulnerability allows threat actors to upload malicious files to GitLab's CDN under the guise of legitimate projects, making them appear as if they are part of reputable repositories.

Technical Key findings

The flaw stems from the ability to generate links to uploaded files in the comment section before saving or posting the comment. These files, although potentially never visible in a public comment, receive a CDN URL that remains accessible even if the comment is deleted.

The format followed by such files uploaded to GitLab CDN is:
_https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}_
For videos and images, the files will be stored under the /assets/ path instead.

Vulnerable products

The vulnerability affects all versions of GitLab that include the "comments" feature with file upload capabilities.

Impact assessment

This vulnerability can be exploited to distribute malware by disguising malicious files as legitimate project files, potentially leading to widespread security breaches if these files are executed by unsuspecting users.

Patches or workaround

As of the latest updates, specific patches for this CDN flaw have not been detailed. Users are advised to remain vigilant about files downloaded from repository-related URLs and verify their authenticity.

Tags

#GitLab #CDNFlaw #MalwareDistribution #AuthenticationBypass #SecurityVulnerability

"🚨 Urgent TeamCity Vulnerabilities Alert! Patch Now! 🚨"

JetBrains has just patched critical vulnerabilities in TeamCity On-Premises software, tagged CVE-2024-27198 and CVE-2024-27199, with alarming CVSS scores of 9.8 and 7.3. These flaws allow unauthorized access to potentially gain full control over the TeamCity servers. Versions up to 2023.11.3 are affected, urging an immediate update to v2023.11.4. Kudos to Rapid7 for the timely discovery on Feb 20, 2024. Given past abuses by notorious APT groups, securing your systems against such authentication bypasses is crucial to thwart potential supply chain assaults. 🛡️💻

🔗 Source: BleepingComputer

Tags: #JetBrains #TeamCity #CyberSecurity #VulnerabilityAlert #CVE2024-27198 #CVE2024-27199 #Rapid7 #PatchNow #SupplyChainSecurity #AuthenticationBypass #InfoSec

🌍🔐👥

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary

Experts warn of critical Zero-Day in Apache OfBiz – Source: securityaffairs.com https://ciso2ciso.com/experts-warn-of-critical-zero-day-in-apache-ofbiz-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #authenticationbypass #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #ApacheOFBiz #hackingnews #Security #hacking

Experts warn of critical Zero-Day in Apache OfBiz – Source: securityaffairs.com https://ciso2ciso.com/experts-warn-of-critical-zero-day-in-apache-ofbiz-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #authenticationbypass #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #ApacheOFBiz #hackingnews #Security #hacking

"⚠️ #HPEOneView Alert! Triple Vulnerability Threat Uncovered ⚠️"

Hewlett Packard Enterprise's OneView Software is under the spotlight with three critical vulnerabilities identified. These flaws can lead to authentication bypass, sensitive data exposure, and even denial of service. If you're using HPE OneView, it's time to patch up! 🛡️

Vulnerabilities:
1️⃣ CVE-2023-30908 – Remote Authentication Bypass: Scored a whopping 9.8 on CVSS, this flaw allows attackers to bypass authentication due to mishandling of user credentials in HPE OneView. Kudos to Sina Kheirkhah (@SinSinology) from the Summoning Team (@SummoningTeam) for reporting this! 🕵️‍♂️

2️⃣ CVE-2022-4304 – Disclosure of Sensitive Information: A timing-based side channel in OpenSSL's RSA Decryption can leak sensitive info. Attackers can exploit this by sending numerous trial decryption messages. 📩

3️⃣ CVE-2023-2650 – Denial of Service: This flaw lies in OpenSSL's OBJ_obj2txt() method, allowing attackers to launch a DoS attack on HPE OneView. 🚫

Impacted? 🤔 Versions prior to v8.5 and v6.60.05 patch are vulnerable. But don't fret! HPE has released patches for these versions. Head to the HPE Support Center and upgrade ASAP! ⏳

Source: Guru's Article, September 11, 2023

Tags: #Cybersecurity #HPE #VulnerabilityAlert #PatchNow #OpenSSL #DoS #AuthenticationBypass #SensitiveDataLeak #InfoSecCommunity