Here are the CVE updates for the week of September 23 through the 29th.
Critical Severity Vulnerability
SourceCodester Advocate Office Management System forgot_pass.php sql injection | CVE-2024-9296: A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgot_pass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability | CVE-2024-7593: is a critical severity authentication bypass vulnerability. Exploitation of this flaw could allow an unauthenticated, remote attacker to create an administrator user. According to the advisory, access to the management interface of vTM is required in order to exploit this vulnerability.
Intelbras InControl incontrol-service-watchdog.exe unquoted search path | CVE-2024-9325: is a critical vulnerability affecting Intelbras InControl versions up to 2.21.56, specifically targeting the executable file located at C:\\Program Files (x86)\\Intelbras\\Incontrol Cliente\\incontrol_webcam\\incontrol-service-watchdog.exe. This vulnerability arises from an unquoted search path issue that can allow local attackers to exploit it easily.
PHPGurukul Online Shopping Portal Admin Panel index.php sql injection | CVE-2024-9326: A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
High Severity Vulnerability
IPv4 fragmentation reassembly code | CVE-2024-20467: is a high-severity vulnerability found in the IPv4 fragmentation reassembly code of Cisco IOS XE Software, affecting the Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers running specific software versions (17.12.1 or 17.12.1a). This flaw could allow unauthenticated remote attackers to exploit resource management errors by sending specially crafted fragmented packets, potentially leading to a denial of service (DoS) condition through device reloads.
DHCP Snooping feature of Cisco IOS XE Software | CVE-2024-20480: identifies a vulnerability in the DHCP Snooping feature of Cisco IOS XE Software specifically affecting Software-Defined Access (SD-Access) fabric edge nodes. This flaw allows unauthenticated, remote attackers to send specially crafted IPv4 DHCP packets, leading to high CPU utilization and potential denial of service (DoS) conditions that require manual intervention to recover devices.
Grafana Agent Flow on Windows Unquoted service path | CVE-2024-8996: is a vulnerability in Grafana Agent (Flow mode) on Windows that allows for privilege escalation from a local user to SYSTEM, affecting versions prior to 0.43.2. This vulnerability arises from an unquoted search path or element issue, posing high risks to an organization’s integrity and confidentiality due to its potential exploitation through local access.
Medium Severity Vulnerability
Access control list (ACL) | CVE-2024-20465: is a vulnerability found in the access control list (ACL) programming of Cisco IOS Software affecting Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches. This issue arises from improper handling of IPv4 ACLs on switched virtual interfaces when the Resilient Ethernet Protocol (REP) is enabled or disabled, allowing unauthorized remote attackers to bypass configured ACLs.
Cisco SD-WAN vManage Cross-Site Scripting Vulnerability | CVE-2024-20475: is a vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, allowing authenticated remote attackers to execute cross-site scripting (XSS) attacks. This issue arises from inadequate validation of user-supplied input within the interface, enabling attackers to insert malicious data.
Cross-Site Request Forgery (CSRF) vulnerability | CVE-2024-47305: This vulnerability can allow unauthorized actions to be performed on behalf of an authenticated user, potentially compromising the integrity of web applications. To remediate this issue, users should update the Use Any Font plugin to version 6.3.08 or later.
SourceCodester Online Railway Reservation System Message Us Form contact_us.php cross site scripting | CVE-2024-9300: A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contact_us.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | CVE-2024-20496: is a vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software that could enable an unauthenticated adjacent attacker to trigger a denial of service (DoS) by sending crafted UDP packets. Affected products include various versions of Cisco’s SD-WAN vEdge Software, which may become unresponsive or reboot as a result of this exploit.
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability | CVE-2024-20510: is a vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers that allows an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL). This issue arises from a logic error in activating pre-authentication ACLs received from the authentication, authorization, and accounting (AAA) server.
demozx gf_cms JWT Authentication auth.go init hard-coded credentials | CVE-2024-8005: identifies a vulnerability in the goTenna Pro ATAK Plugin, which fails to encrypt user callsigns, potentially exposing sensitive user information and leading to further exploitation. Affected products include various models such as y-MdLt, y-LgJT, and y-KL7R among others. The vulnerability has a medium severity rating with a CVSS base score of 4.3 and is categorized under CWE-319 due to the cleartext transmission of sensitive information.
goTenna Pro ATAK Plugin Insertion of Sensitive Information Into Sent Data | CVE-2024-41931: This vulnerability can allow unauthorized actions to be performed on behalf of an authenticated user, potentially compromising the integrity of web applications. To remediate this issue, users should update the Use Any Font plugin to version 6.3.08 or later.