Search Go hack yourself with Detectify

A web security blog from Detectify

Detectify Security Updates for September 17

September 17, 2020

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings,  features and improvements sourced from our security researchers. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. 

The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers. We added these tests to the Detectify scanner from August 31 – September 4.

CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure

This module checks if WordPress sites have directory listing enabled for the backup directory used by File Manager. If enabled an attacker will be able to list all files and sub-directories in the backup directory, which can lead to sensitive data exposure.

CVE-2020-15506: MobileIron Core Authentication Bypass / RCE
An authentication bypass vulnerability exists in MobileIron Core and Connector versions 10.6 and earlier that allows remote attackers to bypass the authentication mechanism. This would allow attackers to access services and the admin panel.

CVE-2020-5412: Netflix Hystrix Dashboard Proxy SSRF
Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard endpoint to make requests to any server reachable by the server hosting the dashboard. This would allow an attacker to reach systems on the same intranet as the affected application.

Atlassian Confluence Information Disclosures
A number of Information Disclosure 0-days in Atlassian Confluence plugins have been released: Jira Workflow Toolbox, Linchpin Enterprise News, and Space Admin for Confluence.

Atlassian Jira Plugin
A number of Information Disclosure 0-days in Atlassian Jira plugins have been released: Helix ALM for Jira, OBSS Jira Admin Tools, Surveys for Jira

Test your website's security with Detectify Sign up for a free trial

WordPress Plugin File Manager (wp-file-manager) RCE
This modules searches for a remote code execution vulnerability in the WordPress plugin File Manager.

Google Cloud Ignore File Exposure
This module looks for Google Cloud ignore files. The .gcloudignore file contains paths that should be excluded when building the program. These paths can disclose the location of various build secrets.

Google Compute Engine Private Key Disclosure
This module looks for exposed Google Compute Engine private keys. The private key may be used to interact with the service for which it belongs.

Oracle WebCenter Help Page XSS
An XSS vulnerability exists in the Oracle WebCenter Help Page. An attacker will be able to inject arbitrary HTML on the affected site and can run arbitrary JavaScript under the origin.

Questions or comments on the latest Detectify security updates? Let us know in the comments below.

Begin a scan for the latest vulnerabilities today. Start a free trial with Detectify here!

Already have an account? Login to check your assets.

Detectify is a continuous web vulnerability scanner service and we release Detectify security updates at least bi-weekly. Detectify offers a crowdsource-powered testbed of 2000+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!