Aggregator

持续深耕！再创辉煌！

Microsoft Azure’s role-based access control system has been found to contain critical security vulnerabilities that could expose enterprise networks to unauthorized access. Security researchers have identified a combination of over-privileged built-in roles and API implementation flaws that create dangerous attack vectors for malicious actors seeking to compromise cloud infrastructure and on-premises networks. The vulnerabilities center […]

The post Azure API Vulnerabilities Leak VPN Keys and Built-In Roles Allow Over-Privileged Access appeared first on Cyber Security News.

当前环境出现异常,需完成验证后方可继续访问,请前往验证页面进行操作。

A vulnerability was found in Advantech WebAccess 5.0/6.0. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2012-0241. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

文章介绍了安卓系统中Parcel反序列化漏洞的历史背景及危害，并分析了安卓13引入的LazyValue机制如何缓解相关问题。文中详细探讨了两个提权漏洞的攻击原理及修复过程，揭示了利用LazyValue对象绕过安全检查实现恶意操作的技术细节，并涉及多个CVE编号及修复补丁的分析。

HackerNews 编译，转载请注明出处： 全球数百万台Linux系统（包括运行关键服务的系统）现存在一个易于利用的新型sudo漏洞，可能允许未经授权的用户在Ubuntu、Fedora等服务器上以root权限执行命令。 sudo是Linux系统中允许用户以root或超级用户身份运行命令的实用程序。Stratascale网络安全研究单元（CRU）团队发现了两个影响sudo的关键漏洞。 安全研究人员警告称，任何用户都能快速获取无限制的系统访问权限。攻击者可利用此漏洞以root身份执行任意命令，完全接管系统。 该漏洞首次出现在2023年6月发布的1.9.14版本中，已在2025年6月30日发布的最新sudo版本1.9.17p1中修复。漏洞利用已在Ubuntu和Fedora服务器上验证成功，但可能影响更多系统。 报告指出：“这些漏洞可能导致受影响系统的权限提升至root级别。” 研究人员敦促管理员尽快安装最新sudo软件包，因为目前没有其他解决方案。 “默认sudo配置存在漏洞，”Stratascale网络安全研究单元的Rich Mirch解释道。 研究人员已公开概念验证代码，其他团队也成功复现了该漏洞。 漏洞涉及sudo的chroot功能 关键漏洞存在于sudo中较少使用的chroot选项中。该选项用于修改特定进程的根工作目录，限制其对文件系统的访问。 虽然本意是将用户限制在其主目录内，但漏洞允许用户突破限制并提升权限。利用此漏洞不需要为用户定义任何sudo规则。 研究人员表示：“因此，如果安装了易受攻击的版本，任何本地非特权用户都可能将权限提升至root。” 要利用此漏洞，攻击者需要在用户指定的根目录下创建文件，并欺骗sudo加载任意共享库。该文件定义了系统如何解析用户账户、组、主机名、服务等。 sudo维护者已确认该问题，并在1.9.17p1版本中弃用了chroot选项。 他们在公告中表示：“攻击者可利用sudo的chroot选项以root身份运行任意命令，即使他们未被列入sudoers文件。” Mirch的脚本演示了非特权攻击者如何创建临时目录、添加授予root权限的函数文件、编译恶意共享库，然后通过chroot选项欺骗sudo以提升的权限执行它。这样，攻击者就能完全控制系统。 由于chroot选项会降低环境安全性，建议管理员避免使用该功能。 数百万系统可能受此漏洞影响。德国媒体heise.de甚至发现，德国某大型云托管提供商新安装的Ubuntu虚拟机仍然存在漏洞，尽管补丁已经发布。 消息来源： Cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章介绍了HTTP错误代码521的含义及其常见原因，并指出该错误通常与Web服务器无法处理请求有关。

本文深入分析了 Android 系统中与 Parcel 反序列化相关的安全漏洞及其防御机制，重点讨论安卓13引入的LazyValue机制如何缓解此类漏洞，并详细剖析两个典型的提权漏洞（的利用方式及修复方案。

A vulnerability, which was classified as problematic, has been found in Booking X Plugin up to 1.1.2 on WordPress. Affected by this issue is the function export_now of the component HTTP POST Request Handler. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2025-6814. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in GoZen Forms Plugin up to 1.1.5 on WordPress and classified as critical. This vulnerability affects the function emdedSc. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-6783. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in GoZen Forms Plugin up to 1.1.5 on WordPress and classified as critical. This issue affects the function dirGZActiveForm. The manipulation of the argument forms-id leads to sql injection. The identification of this vulnerability is CVE-2025-6782. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Smart Docs Plugin up to 1.1.0 on WordPress. This affects the function smartdocs_search of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-6787. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Portfolio for Elementor & Image Gallery Plugin up to 3.2.0/3.2.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-7046. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The identification of this vulnerability is CVE-2025-7053. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and acted very professional. A patch and new release was made available very quickly.

HackerNews 编译，转载请注明出处： 思科公司已发布安全更新，修复其统一通信管理器（Unified Communications Manager，简称Unified CM）和统一通信管理器会话管理版（Unified CM SME）中的一个最高严重级别安全漏洞。该漏洞可能允许攻击者以root用户身份登录受影响的设备，从而获得权限提升。 该漏洞编号为CVE-2025-20309，CVSS评分为10.0。 思科在周三发布的公告中表示：“此漏洞源于为开发阶段预留的root账户静态用户凭证。攻击者可能利用该账户登录受影响系统。成功利用漏洞后，攻击者能够以root用户身份登录系统并执行任意命令。” 此类硬编码凭证通常源自开发阶段的测试或临时修复，但绝不应出现在生产环境中。对于处理企业语音通话和通信的Unified CM等工具而言，root权限可能使攻击者进一步渗透网络、窃听通话或篡改用户登录方式。 这家网络设备巨头表示，目前尚未发现该漏洞在野外被利用的证据，且漏洞是在内部安全测试期间发现的。 CVE-2025-20309影响Unified CM和Unified CM SME的15.0.1.13010-1至15.0.1.13017-1版本，与设备配置无关。 此次漏洞修复距思科修复身份服务引擎（ISE）和ISE被动身份连接器中的两个安全漏洞（CVE-2025-20281和CVE-2025-20282）仅数日。后两个漏洞可能允许未经身份验证的攻击者以root用户身份执行任意命令。   消息来源： thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章描述了错误代码521的原因、影响及解决措施。

Adrian Lamo 认为黑客是天生的，强调好奇心和动手能力的重要性。他指出黑客的本质在于对技术的热爱和探索精神，并认为这种特质无法通过学习获得。然而，作者对此持怀疑态度，认为 hacking 可以像其他技能一样通过学习掌握，并质疑 Lamo 的观点是否过于 elitist。

中国信通院&悬镜安全2025年度重磅硬核成果发布!

当前环境异常导致访问受限,需完成验证后方可继续访问。

A vulnerability classified as critical was found in WP Human Resource Management Plugin up to 2.2.17 on WordPress. Affected by this vulnerability is the function ajax_insert_employee of the component AJAX Handler. The manipulation of the argument role leads to missing authorization. This vulnerability is known as CVE-2025-5953. The attack can be launched remotely. There is no exploit available.