Recently Browsing 0 members
No registered users viewing this page.
Members online now
No members to show
By Kevin Beaumont
CVE-2018-13379 is being exploited in the wild on Fortigate SSL VPN firewalls. These exist as a perimeter security control, so it's a bad vulnerability.
Using BinaryEdge.io I can see scanning activity from last night for first time for this vulnerability:
The scanning traffic is taking place across the whole internet it appears, spray and pray style.
The vulnerability is ridiculously easy to exploit, it's a 1996 style pre-auth ../ webserver exploit to read plain text administrator credentials:
May 24th 2019 - Vendor posts advisory - https://fortiguard.com/psirt/FG-IR-18-384
June 4th 2019 - Vendor updates advisory to correct impacted versions
August 9th 2019 - Blog explaining the different vulnerabilities in FortiOS, including this one.
August 14th 2019 - Exploit appears on GitHub and exploitation details posted in TLP Rainbow.
August 17th 2019 - Another exploit, checks if vulnerable before exploit.
August 21nd 2019 - Exploitation seen in wild.
By Tim Corless
Came across this on my travels: https://portswigger.net/daily-swig/webmin-backdoor-blamed-on-software-supply-chain-breach
Webmin software was backdoored for over a year. If you're using one of those vulnerable versions, update now!
According to shodan and some google dorks, there are quite a lot still vulnerable
By Kevin Beaumont
CVE-2019-11510, impacting Pulse Secure SSL VPN, is being exploited in the wild.
I've seen it being exploited today, a few hours ago for first time, via BinaryEdge.
24th April 2019 - Vendor advisory.
14th August 2019 - TLP Rainbow post.
20th August 2019 - exploit posted publicly.
22nd August 2019 - exploitation in wild.
Pulse Secure is one of the "Zero Trust" secure SSL VPN systems where you get pwned by 1996 ../../ exploits.