近日,白帽汇安全研究院发现 Nagios XI 与 4 月 7 日发布的最新 5.6.13 版本修复了 CVE-2020-10819, CVE-2020-10820, CVE-2020-10821 跨站脚本漏洞。 Nagios XI 是一个企业级监测和报警方案。提供对所有关键任务基础架构组件的监视,包括应用程序,服务,操作系统,网络协议,系统指标和网络基础架构。 漏洞原理. 最新版本修复了在登录管理员帐号情况下,NRDP/NSCA 出站检查配置中的RCE漏洞;修复了在登录情况下的POST型跨站脚本漏洞(xss)三枚,相关漏洞编号:CVE-2020-10819,CVE-2020-10820,CVE….
Source link
【安全通报】Nagios XI 多个安全…
RELATED STORIES
Recently, an enterprising security researcher, Alex Birsan hacked tech companies and managed to pocket over...
Critical vulnerability found in Snow Software’s Inventory Agent A vulnerability in Snow Software’s Snow Inventory Agent...
Hello everyone, I have returned to tackle part four of my series on Windows exploitation,...
Yeastar NeoGate TG400 中存在路径遍历漏洞。该漏洞源于产品未能正确地过滤资源或文件路径中的特殊元素,经过身份验证的用户可以解密固件,并可以读取敏感信息,如密码或解密密钥。以下产品及版本受到影响:Yeastar NeoGate TG400 91.3.0.3。 Copyright © 北京奇虎科技有限公司 360网络攻防实验室 安全客 All Rights Reserved...
Description: Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion...
# -*- coding: utf-8 -*- import socket from time import sleep from os import system...
Source: Bombardier Business jet maker Bombardier is the latest company to suffer a data breach...
NEW RESOURCES National Gallery of Art: National Gallery of Art Announces Launch of Kress Collection...
Κινέζοι χάκερ “κλωνοποίησαν” και χρησιμοποιούσαν για χρόνια ένα zero-day exploit των Windows που κλάπηκε από...
In fact it was foreshadowed by Facebook itself, who told the government last year that...
You must be logged in to post a comment.