BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • CISA Warns of Active Exploitation of ZK Java Framework RCE Vulnerability

    A dangerous flaw allows a hacker to steal sensitive data and take control of systems on a server.

    The US Cybersecurity and Infrastructure Protection Agency (CISA) added the CVE-2022-36537 vulnerability to its Catalog of Known Exploited Vulnerabilities after hackers began to actively use this flaw for remote code execution (RCE) in attacks.

    CVE-2022-36537 (CVSS v3.1:7.5) affects ZK Framework AuUploader servlets versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, 8.6.4.1 and allows attackers to gain access to sensitive information by sending a specially crafted POST request to the AuUploader component.

    The defect was discovered last year by Markus Wulftanj and fixed by ZK on May 5, 2022 in version 9.6.2.

    ZK is an open source Ajax web application framework written in Java that allows web developers to create graphical user interfaces for web applications with minimal effort and programming knowledge. The ZK framework is widely used in projects of all types and sizes, so the impact of a defect is wide and far reaching. Among the products that use the ZK framework are ConnectWise Recover and ConnectWise R1SoftServer Backup Manager.

    The addition of this vulnerability to the CISA catalog of known exploited vulnerabilities comes after NCC Group's Fox-IT team published a report that describes how this flaw is actively exploited in attacks.

    According to Fox-IT, the vulnerability allowed a cybercriminal to gain initial access to the ConnectWise R1Soft Server Backup Manager software. The attacker then took control of subsequent systems connected via R1Soft Backup Agent and deployed a malicious database driver with a backdoor function, allowing him to execute commands on all systems connected to this R1Soft server.

    Fox-IT found that attempts to exploit a vulnerability against R1Soft server software have been made around the world since November 2022, and as of January 9, 2023, at least 286 servers with a backdoor have been discovered. However, the exploitation of the vulnerability was expected, as numerous PoC exploits were published on GitHub in December 2022.

    Thus, tools to attack unpatched installations of R1Soft Server Backup Manager are widely available, so it is imperative for administrators to update them to the latest version.

    Author DeepWeb
    Updated Pakistani Trojan ReverseRAT targets Indian government agencies
    Asian scammers made about $3 million using "Pig Butchering" method

    Comments 0

    Add comment