Author: DEFENDEDGE
-
Vulnerability Summary for the Week of June 10, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info actpro — extra_product_options_for_woocommerce Missing Authorization vulnerability in actpro Extra Product Options for WooCommerce.This issue affects Extra Product Options for WooCommerce: from n/a through 3.0.6. 2024-06-10 8.8 CVE-2024-35727audit@patchstack.com adfinis–document-merge-service Document Merge Service is a document template merge service providing an API to manage… Read more
-
Microsoft Releases June 2024 Security Updates
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates: Microsoft Security Update Guide for June Read more
-
What are the Steps to Take During a Cyber Breach?
Detailed Steps after a Breach In today’s digital world, cyber breaches are an unfortunate reality that can affect organizations of all sizes. Knowing how to respond effectively can make the difference between a minor incident and a major catastrophe. Here are the best practices to follow during a cyber breach to mitigate damage and restore… Read more
-
Vulnerability Summary for the Week of June 3, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 8theme–XStore Core Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8. 2024-06-04 8.5 CVE-2024-33557audit@patchstack.com 8theme–XStore Improper Limitation of a Pathname to a… Read more
-
Vulnerability Summary for the Week of May 27, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASKEY–5G NR Small Cell ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server. 2024-05-27 7.2 CVE-2024-5403twcert@cert.org.tw Astrotalks–Astrotalks SQL injection vulnerability in… Read more
-
Vulnerability Summary for the Week of May 20, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASUS–ExpertWiFi ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS… Read more
-
Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication
Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance (ASA), Firepower Management Center (FMC), and Firepower Threat Defense (FTD) software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following publication and… Read more
-
Free Cyber Threat Assessment
What’s Included in Your Free Cyber Assessment? Why Choose DefendEdge? How It Works Get Your Free Assessment Today Don’t wait until it’s too late. Take proactive steps to protect your business by understanding your cybersecurity vulnerabilities. Your Trusted Advisors Request Your Free Cyber Threat and Vulnerability Assessment What Our Clients Say “DefendEdge’s free assessment opened… Read more
-
Protect Your Business
— Cutting-Edge Solutions Stay Ahead of Cyber Threats with DefendEdge Protect Your Business with DefendEdge Managed Security and Cyber Threat Intelligence Services In today’s digital landscape, protecting your business from cyber threats is more critical than ever. DefendEdge provides comprehensive managed security services and advanced cyber threat intelligence to safeguard your business and ensure you… Read more
-
Vulnerability Summary for the Week of May 13, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 8theme–XStore Core Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8. 2024-05-17 9.8 CVE-2024-33552audit@patchstack.com 8theme–XStore Core Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core:… Read more