Ridge Security annuncia la nuova release 4.2 con la nuova plugin library 4.11 – 4.16.

In questa versione, viene fornita un’opzione di aggiornamento online sia per il software RidgeBot che per la libreria dei plug-in. RidgeBot, in particolare, invierà automaticamente una nuova notifica di rilascio del software all’utente che potrà scegliere tra “aggiornamento online” e “aggiornamento offline”.

Nella versione 4.2, sarà inoltre aggiunto Microsoft Authenticator come autenticazione a due fattori. Infine, aumenta il numero massimo di destinazioni per attività ,da una subnet di classe C (256 IP) a quattro subnet di classe C (1024 IP).

Nuovi 
Plugin
New Application Scan Plugins New Exploit Plugins
Jellyfin RemoteImageController.cs SSRF (CVE-2021-29490) - WordPress BackupBuddy Plugin Arbitrary File Download (CVE-2022-31474) Bitbucket Server Remote Code Execution (CVE-2022-36804)
Bitbucket Server Remote Code Execution (CVE-2022-36804) - Nostromo Remote Command Execution (CVE-2019-16278) Gerapy Command Execution (CVE-2021-43857) -
Gerapy Command Execution (CVE-2021-43857) - ASP Code Injection Ruby Code Injection Perl code injection ThinkPHP 5.x Arbitrary File Read Android Debug Port Apache Superset Remote Code Execution (CVE-2020-13948)
Apache Superset Remote Code Execution (CVE-2020-13948) - Hongdian H8922 Arbitrary File Read (CVE-2021-28149)- Exchange SSRF (CVE-2022-41040) Nostromo Remote Command Execution (CVE-2019-16278)
SOAPpy XML External Entity Injection Vulnerability (CVE-2014-3242) -Apache Shiro Authentication Bypass (CVE-2022-40664) - Jenkins Arbitrary File Reading (CVE-2018-1999002) - Jquery XSS (CVE-2020-11022) Vsftpd Version 2.3.4 Code Execution (CVE-2011-2523)
VMware vCenter Server Log4j (CVE-2021-44228) -Jenkins User Enumeration (CVE-2018-1000110) - jQuery XSS (CVE-2020-11023) - jQuery XSS (CVE-2015-9251) Apache Solr Deserialization Remote Code Execution (CVE-2019-0192)
GitLab CE/EE Arbitrary Files Read (CVE-2020-10977) - Apache Solr Deserialization Remote Code Execution (CVE-2019-0192) - Fortinet Authentication Bypass (CVE-2022-40684) - Confluence Server Hardcoded (CVE-2022-26138) - jQuery XSS (CVE-2019-11358) -ClickHouse Unauthorized Access (CNVD-2020-55986) PrintNightmare-Windows Print Spooler Remote Code Execution Exploit (CVE-2021-34527) (Post Exploitation)

Compila il form per avere maggiori informazioni su RidgeBot

Torna in cima