This week’s overview highlights the most important security vulnerabilities impacting various products, including Mozilla Thunderbird, the WebKit browser engine, Intelbras routers, and more.
Mozilla has released an update to address an RCE-flaw (CVE-2020-26970), which could be used by a remote attacker to take over the target system. The vulnerability exists due to a boundary error when parsing SMTP server responses. A threat actor can trick the victim to connect to a malicious SMTP server, trigger stack-based buffer overflow and execute arbitrary code on the target system.
A high-risk vulnerability has been found in Intelbras Router RF 301K, which stems from improper permission validation and could be exploited to compromise the target system using a specially crafted request to read and write to the RouterCfm.cfg file. The issue affects Intelbras Router RF 301K version 1.1.2. Note, currently there is no patch available for this flaw.
Fujitsu Eternus Storage DX200 S4, a hybrid storage system, contains a severe vulnerability (CVE-2020-29127), using which a hacker can bypass authentication process. The cause of the problem lies in an error, which appears when root user has logged into the web portal. Due to this a remote attacker can bypass authentication process and gain access to the web portal with root privileges.
The WebKit browser engine is affected by several vulnerabilities, including one (CVE-2020-13558) that can be exploited for remote code execution by convincing the targeted user to visit a malicious website. The vulnerability exists due to a use-after-free error in the AudioSourceProviderGStreamer functionality. A remote attacker can trick a victim to visit a specially crafted webpage and execute arbitrary code on the target system.
Karenderia Multiple Restaurant System, a restaurant food ordering and restaurant membership system, contains an SQL injection vulnerability (CVE-2020-28994), which allows a remote attacker to execute arbitrary SQL queries in database and gain complete control over the affected application. There is currently no patch for the vulnerability.
Other unpatched vulnerabilities include the CVE-2020-29390 bug in ZeroShell Zeroshell, which may lead to arbitrary shell command execution and an arbitrary file upload issue in eClass LMS that allows a remote attacker to compromise vulnerable system by uploading a malicious file on the server.
Apache Tomcat contains a vulnerability CVE-2020-17527, which, if exploited, could allow an attacker to gain access to sensitive data. The vulnerability exists due to improper management of internal resources within the application when processing HTTP/2 requests in Apache Tomcat. The web server can re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. As a result a remote attacker can obtain sensitive information from another HTTP request.