Detectify Security Updates May 17

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.

The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers. We added these tests to the Detectify scanner in the last weeks:

CVE-2020-35481: Solarwinds Serv-U Macro Injection

This module looks for a macro injection vulnerability SolarWinds Serv-U before 15.2.2. An unauthenticated attacker can get critical information on the target including encrypted credentials from the configuration (SMTP, LDAP) and cleartext credentials of any connected user, thus leading to RCE.

CVE-2021-24278: WordPress Plugin “Redirection for Contact Form 7” (wpcf7-redirect) Arbitrary Nonce Generation

This module searches for an unauthenticated arbitrary nonce generation vulnerability in Redirection for Contact Form 7 prior to versions 2.3.3. Attackers could use this nonce generation vulnerability to exploit other vulnerabilities.

Adobe AEM CRX Package Manager Bypass

This module will try to bypass the AEM dispatcher to list all packages. After that, an attacker can download packages. An unauthenticated attacker will be able to download package which may contain sensitive data.

Concrete5

This module looks for a reflected XSS vulnerability in Concrete5 CMS before version 8.5.2. An attacker can use this flaw to steal credentials and otherwise execute JavaScript in the origin of the affected domain.

Panabit Console Exposure / Default Credentials

This module tries to find Panabit consoles using default credentials for admin authentication. An attacker will be able to authenticate to Panabit and gain privileges to the service.

CVE-2021-30461: VoIPmonitor RCE

This module looks for a remote code execution vulnerability in VoIPmanager before version 24.61. An attacker can execute arbitrary code on the server.