Vulnerability Network Security News

The latest vulnerability network security stories, summarized by AI

vulnerability-network-security1.61 min read

Ivanti Releases Urgent Patches for Severe CSA Security Flaws

Ivanti has released critical security updates for its Cloud Services Application (CSA) and Connect Secure products to address multiple vulnerabilities, including an authentication bypass (CVE-2024-11639) with a CVSS score of 10.0, and several command and SQL injection flaws. These vulnerabilities could allow remote attackers to gain administrative access and execute arbitrary code. Users are urged to update to the latest versions to mitigate potential risks, although no active exploitation has been reported yet.

1 year ago•Source: The Hacker News

"Critical Flaw in TP-Link C5400X Router Exposes Gamers to Remote Attacks"

vulnerability-network-security

1.715 min•1 year ago

"Critical Flaw in TP-Link C5400X Router Exposes Gamers to Remote Attacks"

A critical security flaw in the TP-Link Archer C5400X gaming router, tracked as CVE-2024-5035, allows remote code execution via specially crafted requests. The vulnerability, with a CVSS score of 10.0, affects all firmware versions up to 1_1.1.6 and has been patched in version 1_1.1.7. The flaw is linked to the "rftest" binary, which can be exploited by injecting commands after shell meta-characters. Users are advised to update to the latest firmware to mitigate the risk.

via The Hacker News

Featured Vulnerability Network Security Stories

Ivanti Releases Urgent Patches for Severe CSA Security Flaws

"Critical Flaw in TP-Link C5400X Router Exposes Gamers to Remote Attacks"

More Vulnerability Network Security Stories