| Ticket | Info |
|---|---|
| DE9427 | Made the 'BreakingPoint Meraki Manage MDM Network Nov17' super flow work correctly with proxy setups. Fixed erroneous URLs from HTTP headers that contained unescaped characters. |
| DE9444 | Made the 'BreakingPoint Baidu Browse Web Pages Feb 18' super flow work correctly with proxy setups. Fixed erroneous URLs from HTTP headers that contained unescaped characters. |
| DE9640 | Fixed erroneous order of TLS handshake and close notify actions within the miniduke super flow. |
| Ticket | Info |
|---|---|
| US83162 | HTTP proxy support was added to 'Twitter View Favorites' super flow. |
| US83166 | Added 'Proxy' tag to superflow Facebook iOS. |
| US84332 | Update for CVE-2018-7600 strike that includes:
- all Form API rendering parameters that can be used to obtain RCE: (pre_render, post_render, access_callback, lazy_builder); - variant for malicious base64-encoded URLs, as found in the wild; |
| US86750 | Added the second part of a new application mix containing traffic from top 20 most popular SaaS and Cloud applications of 2017. |
| US86755 | Added user interface support for elliptic curve selection in the Start TLS action. |
| Name | Info |
|---|---|
| Cloud Applications 2017 Part 2 | Part two of the traffic mix made of 2017's most common 20 cloud applications. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-0mu61 |
APSB-18-09 BID-104167 CVE-2018-4990 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) |
Exploits | This strike exploits a double free vulnerability in Adobe Reader and Acrobat. The vulnerability is due to improper validation of the NPC field of a Palette box. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PDF file, resulting in possible execution of arbitrary code. |
| 7.8 | E18-0orz2 |
BID-104190 CVE-2018-7503 CVSS-7.8 (AV:N/AC:L/AU:N/C:C/I:N/A:N) URL ZDI-18-471 |
Exploits | An arbitrary file overwrite vulnerability has been identified in Advantech WebAccess NMS. The vulnerability is caused by the lack of proper input sanitisation on file paths within DownloadAction servlet. The vulnerability can be exploited by sending a specially-crafted request, allowing the attacker to read arbitrary files. |
| 7.6 | D18-0jpi4 |
BID-103275 CVE-2018-0934 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-44397 GOOGLE-1503 |
Denial | This strike exploits a vulnerability in the Microsoft Edge. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to craft Javascript in such a way that will allow for access to arguments containing stack-allocated variables where they should not exist. This strike uses the Error constructor to iterate over each function and the arguments on the stack which end up invoking BoxStackInstance with the arguments. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-0jl41 |
BID-102401 CVE-2018-0776 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43723 GOOGLE-1420 |
Denial | This strike exploits a vulnerability in the Microsoft Edge. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to craft Javascript in such a way that will allow for access to arguments containing stack-allocated variables where they should not exist. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-0i0k1 |
BID-100763 CVE-2017-8740 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42764 GOOGLE-1310 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Chakra Javascript engine. It is possible to craft Javascript in such a way that DeferParse causes an incorrect opcode to be generated. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-3dw21 |
BID-102082 CVE-2017-11890 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43369 GOOGLE-1369 |
Denial | This strike exploits a vulnerability in the Microsoft Internet Explorer browser. Specifically, the vulnerability exists in the Javascript engine. It is possible to craft Javascript in such a way that causes a heap overflow when compiling a Regular Expression. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.5 | E18-0pq61 |
CVE-2018-8734 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-44560 |
Exploits | This strike exploits an SQL injection vulnerability in Nagios XI. The vulnerability is caused by insufficient validation of user input on HTTP requests which are used to create SQL queries. Successful exploitation could allow an attacker read/write abilities to sensitive information in target server. |
| 7.5 | E18-0k2y1 |
BID-103985 CVE-2018-1418 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a authentication bypass and code execution on IBM QRadar SIEM. This vulnerability is due to improper handling of the cookie values under HTTP parameter when a client sends http traffic to the server. A remote attacker can exploit this vulnerability by sending crafted http requests to the target server. Successful exploitation results in remote code execution and authentication bypass. |
| 6.8 | E18-0mty1 |
CVE-2018-4982 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL ZDI-18-466 |
Exploits | This strike exploits an integer overflow vulnerability in Adobe Acrobat Reader ImageConversion component. The vulnerability is due to improper parsing of BMP data records in an EMF file. Successful exploitation may result in execution of arbitrary code with user privileges. Failure to exploit will not typically result in a crash. |
| 6.5 | E18-0l071 |
CVE-2018-2615 CVSS-6.5 (AV:N/AC:L/AU:S/C:P/I:P/A:P) URL ZDI-18-115 |
Exploits | A command injection vulnerability was found in Oracle WebLogic Remote Diagnosis Assistant web interface. The vulnerability is due to improper user supplied sanitization, when input is supplied to the rda_tfa_ref_date menu command. The vulnerability can be exploited by sending a specially crafted HTTP request to the target server. Successful exploitation can result in arbitrary code execution in the context of the Administrator user. |
| 4.3 | E18-5hnz1 |
CVE-2018-10095 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | This strike exploits a reflected cross-site scripting vulnerability found in Dolibarr CRM. This vulnerability is due to inadequate input filtering in the web interface, while parsing input passed to foruserlogin parameter within adherents/cartes/carte.php. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |
| 3.5 | E18-0q232 |
CVE-2018-9163 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) EXPLOITDB-44666 URL |
Exploits | This strike exploits a cross-site scripting vulnerability in ManageEngine Recovery Manager Plus software. This vulnerability is due to inadequate input filtering in the web interface, while creating a new technician within the technicianAction.do form. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |
| 3.5 | E18-5iwa1 |
CVE-2018-11690 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) URL |
Exploits | This strike exploits a cross-site scripting vulnerability in Joomla! CMS equipped with Gridbox extension. This vulnerability is due to inadequate input filtering in the web interface, while parsing the input from 'app' and 'category' parameters. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser or stole the victim's cookie. |
| 3.5 | E18-5iw81 |
CVE-2018-11688 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) URL |
Exploits | This strike exploits a reflected cross-site scripting vulnerability found in Ignite Realtime Openfire Web interface. This vulnerability is due to inadequate input filtering in the web interface, while parsing input passed to 'url' parameter within login.jsp form. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |
| 3.5 | E18-5isg1 |
CVE-2018-11552 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) URL |
Exploits | This strike exploits a reflected cross-site scripting vulnerability found in AXONPBX Web interface. This vulnerability is due to inadequate input filtering in the web interface, while parsing input passed to name parameter within Auto-Dialer Agents form. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 7.5 | E18-0ouo1 |
CVE-2018-7600 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | Update for CVE-2018-7600 strike that includes:
- all Form API rendering parameters that can be used to obtain RCE: (pre_render, post_render, access_callback, lazy_builder); - variant for malicious base64-encoded URLs, as found in the wild; |