RedPacket Security - InfoSec News & Tutorials

The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack

August 18, 2023

While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats)...

14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown

August 18, 2023

A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced...

New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft

August 18, 2023

A new "mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect...

d4cdb44129c8f5c434f6c9fc861d280f1791955af9ae6d09ef290d4aad99d455

Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech support scams

August 18, 2023

Back in January 2020, we blogged about a tech support scam campaign dubbed WoofLocker that was by far using the...

Akira Ransomware Victim: RIMSS

August 18, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Genesys Administrator Extension cross-site scripting | CVE-2023-23208

August 18, 2023

NAME__________Genesys Administrator Extension cross-site scriptingPlatforms Affected:Genesys Administrator Extension 9.0.104.18 Genesys Administrator Extension 9.0.104.17 Genesys Administrator Extension 9.0.104.16Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Genesys...

a3 Portfolio Plugin for WordPress cross-site scripting |

August 18, 2023

NAME__________a3 Portfolio Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress a3 Portfolio Plugin for WordPress 3.1.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________a3 Portfolio Plugin for...

Parsec Loader privilege escalation | US-CERT VU#287122

August 18, 2023

NAME__________Parsec Loader privilege escalationPlatforms Affected:Parsec Parsec Loader 7Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Parsec Loader could allow a local authenticated attacker to gain...

InfiniteWP Client Plugin for WordPress information disclosure | CVE-2023-2916

August 18, 2023

NAME__________InfiniteWP Client Plugin for WordPress information disclosurePlatforms Affected:WordPress InfiniteWP Client Plugin for WordPress 1.11.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________InfiniteWP Client Plugin for...

Image Optimizer by 10web Plugin for WordPress cross-site scripting | CVE-2023-2122

August 18, 2023

NAME__________Image Optimizer by 10web Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Image Optimizer by 10web Plugin for WordPress 1.0.26Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting...

Zyxel XGS2220-30 denial of service | CVE-2023-28768

August 18, 2023

NAME__________Zyxel XGS2220-30 denial of servicePlatforms Affected:Zyxel XGS2220-30 4.80(ABXN.1) Zyxel XGS2220-30F 4.80(ABYE.1) Zyxel XGS2220-30HP 4.80(ABXO.1) Zyxel XGS2220-54 4.80(ABXP.1) Zyxel XGS2220-54FP 4.80(ACCE.1)...

PDF-XChange Editor information disclosure | CVE-2023-39504

August 18, 2023

NAME__________PDF-XChange Editor information disclosurePlatforms Affected:PDF-XChange Editor 9.4.363.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to obtain sensitive information,...

Cisco P Phone 6800, 7800, and 8800 Series cross-site request forgery | CVE-2023-20237

August 18, 2023

NAME__________Cisco P Phone 6800, 7800, and 8800 Series cross-site request forgeryPlatforms Affected:Cisco IP Phone 6800 Series Phones with Multiplatform Firmware...

Excalidraw cross-site scripting | CVE-2023-26140

August 18, 2023

NAME__________Excalidraw cross-site scriptingPlatforms Affected:Excalidraw Excalidraw 0.15.0 Excalidraw Excalidraw 0.14.2 Excalidraw Excalidraw 0.14.1 Excalidraw Excalidraw 0.14.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Excalidraw is vulnerable...

Tiempo.com plugin for WordPress cross-site request forgery | CVE-2023-2271

August 18, 2023

NAME__________Tiempo.com plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Tiempo.com plugin for WordPress 0.1.2Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tiempo.com plugin for WordPress is...

Tracker Software PDF-XChange Editor information disclosure | CVE-2023-39487

August 18, 2023

NAME__________Tracker Software PDF-XChange Editor information disclosurePlatforms Affected:Tracker Software PDF-XChange Editor 9.5.367.0Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tracker Software PDF-XChange Editor could allow a...

Tracker Software PDF-XChange Editor information disclosure | CVE-2023-39483

August 18, 2023

NAME__________Tracker Software PDF-XChange Editor information disclosurePlatforms Affected:Tracker Software PDF-XChange Editor 9.5.367.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Tracker Software PDF-XChange Editor could allow a...

Tracker Software PDF-XChange Editor code execution | CVE-2023-39485

August 18, 2023

NAME__________Tracker Software PDF-XChange Editor code executionPlatforms Affected:Tracker Software PDF-XChange Editor 9.5.367.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tracker Software PDF-XChange Editor could allow a...

Walchem Intuition 9 information disclosure | CVE-2023-32202

August 18, 2023

NAME__________Walchem Intuition 9 information disclosurePlatforms Affected:Walchem Intuition 9 4.20Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Walchem Intuition 9 could allow a remote authenticated attacker...

PDF-XChange Editor information disclosure | CVE-2023-39505

August 18, 2023

NAME__________PDF-XChange Editor information disclosurePlatforms Affected:PDF-XChange Editor 9.4.363.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to obtain sensitive information,...

PDF-XChange Editor information disclosure | CVE-2023-39503

August 18, 2023

Juniper Networks Junos OS on EX Series security bypass | CVE-2023-36844

August 18, 2023

NAME__________Juniper Networks Junos OS on EX Series security bypassPlatforms Affected:Juniper Networks EX Series Juniper Networks Junos OS 21.2 Juniper Networks...

PDF-XChange Editor code execution | CVE-2023-39490

August 18, 2023

NAME__________PDF-XChange Editor code executionPlatforms Affected:PDF-XChange Editor 9.4.363.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code...

PDF-XChange Editor code execution | CVE-2023-39491

August 18, 2023

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed