Security Vulnerabilities - CVEs Published In November 2022
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
CVSS Score
9.8
EPSS Score
0.012
Published
2022-11-07
The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the custom_wpadmin_slug settings, allowing unauthenticated attackers to update it with a crafted request
CVSS Score
5.3
EPSS Score
0.001
Published
2022-11-07
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the camera-file module.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-11-07
An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to the Bash interpreter. An attacker would need credentials to exploit this vulnerability. This is fixed in Object First Ootbi BETA build 1.0.13.1611.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-11-07
An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, an attacker can get access to system logs. An attacker would need credentials to exploit this vulnerability. This is fixed in Object First Ootbi BETA build 1.0.13.1611. Important note - This vulnerability is related to the Object First Ootbi BETA version, which is not released for production and therefore has no impact on the production environment. The production-ready Object First Ootbi version will have this vulnerability fixed.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-11-07
An issue was discovered in Object First Ootbi BETA build 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret key that is generated through a function that doesn't produce cryptographically strong sequences. An attacker can predict these sequences and generate a JWT token. As a result, an attacker can get access to the Web UI. This is fixed in Object First Ootbi BETA build 1.0.13.1611.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-11-07
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-11-07
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS Score
6.5
EPSS Score
0.028
Published
2022-11-07
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS Score
6.5
EPSS Score
0.021
Published
2022-11-07
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or EXE file.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-11-07