Featured Story
Experts Warn of Two BIG-IP Next Central Manager Flaws That Allow Device Takeover
F5 has addressed two high-severity vulnerabilities (CVE-2024-26026 and CVE-2024-21793) in BIG-IP Next Central Manager that allow attackers to gain full administrative control of devices. The flaws are SQL injection vulnerabilities within the API interface, enabling privilege escalation and data exfiltration. Exploitation could allow attackers to create accounts on any F5 assets managed by the system.
The vulnerabilities affect versions 20.0.1 to 20.1.0 and can be mitigated by upgrading to version 20.2.0. One flaw is only exploitable if LDAP is enabled; however, the other is exploitable in the default configuration.
Other Stories
High-Severity Vulnerability Affects Apache ActiveMQ
Apache ActiveMQ versions up to 6.1.1 have an insecure default configuration that leaves REST APIs exposed without authentication. The flaw, CVE-2024-32114, allows unauthenticated access and manipulation of the message broker.
Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE
Tinyproxy versions 1.10.0 and 1.11.1 are affected by CVE-2023-49606, a critical use-after-free flaw that can lead to denial-of-service or remote code execution. Over 50,000 vulnerable services have been identified online.
LiteSpeed Cache WordPress Plugin Actively Exploited in the Wild
The LiteSpeed Cache plugin for WordPress is vulnerable to CVE-2023-40000, a stored XSS issue that allows unauthenticated attackers to create rogue admin accounts. This affects versions 5.6 and earlier.
Beware of Message from a Postal Company
Scam messages impersonating postal services are circulating, claiming that shipping costs must be paid urgently. These messages contain links to malicious sites.
- verdacht@safeonweb.be
- suspect@safeonweb.be
- suspicious@safeonweb.be
Our SOC is always available if you have doubts about suspicious emails or messages.