Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Introduction On 18 July 2023, Citrix published a security advisory that addressed a critical vulnerability with CVSS score 9.8 for CVE-2023-3519 for RCE (Remote Code Execution) in NetScaler ADC (formerly known as Citrix ADC) and NetScaler Gateway (formerly known as Citrix Gateway). This vulnerability created a lot of buzz in ... Read More
Security Advisory: Apache Commons Text Remote Code Execution Vulnerability (CVE-2022-42889)
Background: On 13th Oct 2022 the Apache Software Foundation released a security advisory mentioning the patch and mitigation details to address a remote code execution vulnerability CVE-2022-42889. Same vulnerability has created too much buzz in the last several hours, especially after PoC showcasing verification of the vulnerability was published. Apache ... Read More
Coverage Advisory For Microsoft Exchange Server 2019, 2016, 2013 Vulnerabilities
Background: On 29 Sept, Microsoft disclosed that they started investigation on two zero-day vulnerabilities, CVE-2022-41040 and CVE-2022-41082 in Microsoft Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 . The CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability, and the other vulnerability, CVE-2022-41082, allows Remote Code Execution (RCE) when ... Read More
