#NetworkSecurityRisk

Cisco SSM On-Prem bug lets hackers change any user’s password

by

July 17, 2024 at 01:34PM Cisco has fixed a critical vulnerability in its Smart Software Manager On-Prem, allowing potential attackers to change user passwords without authentication. The flaw affects earlier releases and can be exploited remotely. To address the issue, administrators are advised to upgrade to the fixed release as there are no workarounds available. … Read more

Over 1,450 pfSense servers exposed to RCE attacks via bug chain

by

December 12, 2023 at 09:57AM Around 1,450 pfSense instances online are vulnerable to command injection and cross-site scripting flaws, potentially allowing remote code execution. SonarCloud’s researchers discovered these flaws in mid-November, affecting older versions of pfSense. Netgate released security updates in November, but as of now, the majority of instances remain vulnerable, posing a significant … Read more