MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)
Overview In this article we discuss a recent cross-site websocket hijacking (CSWSH) vulnerability that we identified in MeshCentral, a web-based remote monitoring and endpoint management solution. MITRE assigned the CVE identifier CVE-2024-26135. End users can use MeshCentral to install agents that communicate with a centralized server. The centralized server then ... Read More
MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)
Overview In this article we discuss a recent cross-site websocket hijacking (CSWSH) vulnerability that we identified in MeshCentral, a web-based remote monitoring and endpoint management solution. MITRE assigned the CVE identifier CVE-2024-26135. End users can use MeshCentral to install agents that communicate with a centralized server. The centralized server then ... Read More
Exploiting Kubernetes through Operator Injection
Intro The Kubernetes documentation describes operators as “software extensions to Kubernetes that use custom resources to manage applications and their components.” These operators automate application resource deployment and management with custom controllers tied to one or more custom resource definitions. Custom controllers create bespoke attack surfaces that attackers can target when they ... Read More
Exploiting Kubernetes through Operator Injection
Intro The Kubernetes documentation describes operators as “software extensions to Kubernetes that use custom resources to manage applications and their components.” These operators automate application resource deployment and management with custom controllers tied to one or more custom resource definitions. Custom controllers create bespoke attack surfaces that attackers can target when they ... Read More
Relution Remote Code Execution via Java Deserialization Vulnerability
Overview In this article we discuss a recent deserialization vulnerability we found in Relution (CVE-2023-48178), a mobile device management product that is popular among multinational German corporations. CVE-2023-48178 can potentially lead to remote code execution and complete compromise of the MDM application and clients managed by the solution. The deserialization ... Read More
Relution Remote Code Execution via Java Deserialization Vulnerability
Overview In this article we discuss a recent deserialization vulnerability we found in Relution (CVE-2023-48178), a mobile device management product that is popular among multinational German corporations. CVE-2023-48178 can potentially lead to remote code execution and complete compromise of the MDM application and clients managed by the solution. The deserialization ... Read More
