Security Vulnerabilities - CVEs Published In April 2020
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6120 before 1.0.0.36, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-04-24
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6100 before 1.0.1.16, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, and WNR2000v5 before 1.0.0.58.
CVSS Score
6.3
EPSS Score
0.001
Published
2020-04-24
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.
CVSS Score
6.1
EPSS Score
0.005
Published
2020-04-24
In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.
CVSS Score
9.8
EPSS Score
0.039
Published
2020-04-24
A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability
CVSS Score
5.3
EPSS Score
0.004
Published
2020-04-24
Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-04-24
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-04-24
DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-04-24
The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-24
The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-24