Ridge Security annuncia la nuova release 4.3 di RidgeBot con la nuova Plugin Library 4.51 – 4.52
Ridge Security annuncia RidgeBot 4.3, ora disponibile per il download, raggiungendo un traguardo significativo, grazie all’aggiunta di funzionalità di test greybox, tra cui il test di autenticazione di Windows.
In questo aggiornamento è stato introdotto un nuovo scenario: “‘Windows Authenticated Penetration“, tra i predefiniti. Qui, RidgeBot utilizza le credenziali utente fornite per accedere al sistema Windows e verificare le vulnerabilità, inclusa l’escalation dei privilegi locali. I test Graybox aiutano a comprendere i rischi a cui si potrebbe essere esposti qualora un hacker si aggirasse tra le difese di sicurezza o qualora ci fossero rischi provenienti da minacce interne. Integra i test blackbox fornendo una misura a 360 gradi del livello di sicurezza di un’organizzazione.
RidgeBot 4.3 introduce 66 nuovi plugin per contrastare 37 CVE critici, tra cui cinque vulnerabilità associate a “ivanti”, due a “ConnectWise” e molteplici nei dispositivi di rete di Fortinet, Juniper e F5.
Se i tuoi clienti avessero dubbi riguardo alle vulnerabilità sopra menzionate, invitali a testare i loro sistemi con RidgeBot 3.0.
| New Application Scan Plugins | New Exploit Plugins in Plugin Library 4.51 - 4.52 |
|---|---|
| Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability (CVE-2023-35078) / Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability (CVE-2023-35082) / Ivanti Connect Secure and Policy Secure Command Injection Vulnerability (CVE-2023-46805/CVE-2024-21887) | Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability Exploit(CVE-2023-35078) Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability Exploit(CVE-2023-35082) Ivanti Connect Secure and Policy Secure Command Injection Vulnerability Exploit(CVE-2023-46805/CVE-2024-21887) |
| Adobe ColdFusion Deserialization of Untrusted Data Vulnerability (CVE-2023-26360) Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298) Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-38205) Adobe ColdFusion Deserialization of Untrusted Data Vulnerability (CVE-2023-38203) | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability Exploit(CVE-2023-26360) Pulse Secure SSL VPN Arbitrary File Read/Write Exploit(CVE-2019-11510) F5 BIG-IP Authentication Bypass Exploit(CVE-2023-46747) F5 BIG-IP TUMI Remote Code Execution Exploit(CVE-2020-5902) MLFlow Path Traversal Exploit(CVE-2023-1177) Fortinet Authentication Bypass Exploit(CVE-2022-40684) F5 BIG-IP-IQ Remote Code Execution (CVE-2021-22986) |
| F5 BIG-IP Authentication Bypass (CVE-2023-46747) F5 BIG-IP TUMI Remote Code Execution (CVE-2020-5902) | WordPress plugin Canto Unauthenticated RFI Exploit(CVE-2023-3452) Wordpress plugin Royal Elementor Addons and Templates Unauthenticated Arbitrary File Upload Exploit(CVE-2023-5360) |
| Openfire addmin console path traversal (CVE-2023-32315) cPanel Cross-site Scripting (CVE-2023-29489) MLFlow Path Traversal (CVE-2023-1177) Wordpress plugin Backup Migration Unauthenticated RCE (CVE-2023-6553) Wordpress plugin Canto Unauthenticated RFI (CVE-2023-3452) Wordpress plugin Royal Elementor Addons and Templates Unauthenticated Arbitrary File Upload (CVE-2023-5360) | GitLab CE/EE Authenticated File Read Exploit(CVE-2023-2825) GitLab CE/EE Account Take Over Exploit(CVE-2023-7028) Microsoft SharePoint Server Elevation of Privilege Exploit(CVE-2023-29357) Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability Exploit(CVE-2024-21893) |
| Juniper Networks Junos OS PHP External Variable Modification (CVE-2023-36844) Juniper Networks Junos OS PHP Remote Code Execution (CVE-2023-36845 Juniper Networks Junos OS Arbitrary File Upload via user.php (CVE-2023-36846) Juniper Networks Junos OS Arbitrary File Upload via installAppPackage.php (CVE-2023-36847) Juniper Networks Junos OS Arbitrary File Upload via webauth_operation.php (CVE-2023-36851) Juniper Networks Junos OS Arbitrary File Upload via upload-file.php (CVE-2023-28962) | Ivanti Sentry Authentication Bypass Vulnerability Exploit(CVE-2023-38035) Jenkins Arbitrary File Read Exploit(CVE-2024-23897) Juniper Networks Junos OS PHP External Variable Modification Exploit(CVE-2023-36844) Juniper Networks Junos OS PHP Remote Code Execution Exploit(CVE-2023-36845 Juniper Networks Junos OS Arbitrary File Upload via user.php Exploit(CVE-2023-36846) |
| ConnectWise ScreenConnect Authentication Bypass (CVE-2024-1709) ConnectWise ScreenConnect Path Traversal (CVE-2024-1708) Windows end of life (Server 2008, 2008 R2, 2012, 2012 R2, 7, 8, Vista SP2, and 8.1) SQL Injection(JSON Support) Sensitive (Confidential) Data Disclosure | Juniper Networks Junos OS Arbitrary File Upload via installAppPackage.php Exploit(CVE-2023-36847) Juniper Networks Junos OS Arbitrary File Upload via webauth_operation.php Exploit(CVE-2023-36851) Juniper Networks Junos OS Arbitrary File Upload via upload-file.php Exploit(CVE-2023-28962) ConnectWise ScreenConnect Authentication Bypass Exploit(CVE-2024-1709) SQL Injection (JSON Support) Exploit |
Scopri RidgeBot
Compila il form per richiedere informazioni su RidgeBot
Articolo originale: RidgeBot 4.3 Release Annoucement – autore Ridge Security Marketing
Traduzione e riadattamento da parte di CIPS Informatica -Ridge Security Blog - © 2022 Ridge Security, Inc.
Articolo originale: RidgeBot 4.2.1 Release Annoucement – autore Ridge Security Marketing
Traduzione e riadattamento da parte di CIPS Informatica -Ridge Security Blog - © 2022 Ridge Security, Inc.