Three Known Exploited Vulnerabilities to Catalog by KEV
The latest news of vulnerabilities uncovered in various software systems has been making the cybersecurity world go crazy. KEV Catalogue, a cybersecurity organization, recently disclosed new vulnerabilities impacting TP-Link, Apache, and Oracle WebLogic Server. Let’s take a deeper look at each of these flaws.
The TP-Link router vulnerability allows attackers to remotely execute arbitrary code without authentication. This is a high-risk vulnerability since it allows hackers to take control of the device and perhaps get access to the victim’s network. To address the vulnerability, TP-Link has released a security patch. Users should update their firmware to the most recent version as soon as feasible. Meanwhile, users should restrict access to their routers by enabling the firewall and changing the default login credentials.
Apache, one of the most popular web servers, is also vulnerable to a remote code execution vulnerability. The flaw exists in the Apache Struts framework, which is a popular open-source platform for constructing web applications.
The vulnerability is deemed high-risk because it allows attackers to take control of the system and potentially access sensitive data. The vulnerability exists in all versions of Apache Struts previous to version 2.5.26, and users should update to the most recent version as soon as possible.
Oracle WebLogic Server:
Oracle WebLogic Server, a popular enterprise-level application server, is also vulnerable to a remote code execution vulnerability. The vulnerability exists in the server’s console component, which allows users to remotely operate the server. The vulnerability is deemed high-risk because it allows attackers to take control of the server and potentially access sensitive data. Oracle has issued a security patch to address the vulnerability, and customers are encouraged to upgrade their servers as soon as possible.
The TP-Link, Apache, and Oracle WebLogic Server vulnerabilities are substantial and constitute a serious threat to users. Users should update their software to the most recent version and take the appropriate actions to secure their systems. Users should also be cautious and report any unusual behaviour to their IT department or cybersecurity professionals. We can reduce the danger of cyber assaults and defend our systems from potential risks by taking proactive actions.
Author: Jasmine Sahoo