- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
3 CVEs Críticos Hoje: RCE em Baggage Freight Shipping Australia | Cyber Report
📡 CYBER REPORT - 2026-06-16
CVEs abordados no vídeo:
1️⃣ CVE-2018-25436 — WordPress plugin Baggage Freight Shipping Australia 0.1.0 (CVSS: 9.8)
Afeta: WordPress plugin Baggage Freight Shipping Australia 0.1.0
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: NONE | Interação: NONE
Fraqueza: CWE-434
Correção: verificar remoção/atualização do plugin e advisory do fornecedor
Resumo NVD: WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file exten...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2018-25436
Fonte: https://kaimi.io
Fonte: https://wordpress.org/plugins/baggage-freight/
Fonte: https://www.exploit-db.com/exploits/46061
2️⃣ CVE-2026-49952 — Discuz! X5.0 releases 20260320 a 20260501 (CVSS: 9.1)
Afeta: Discuz! X5.0 releases 20260320 a 20260501
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: NONE | Interação: NONE
Fraqueza: CWE-323
Correção: há commit/advisory referenciado; aplicar correção do projeto/fornecedor
Resumo NVD: Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integrati...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-49952
Fonte: https://gitee.com/Discuz/DiscuzX/commit/9962dad52c4c6999dabaf91ecd70377c680ff3c6
Fonte: https://karmainsecurity.com/KIS-2026-09
Fonte: https://karmainsecurity.com/chaining-bugs-in-discuz-from-race-condition-to-rce
3️⃣ CVE-2026-12174 — D-Link DCS-935L firmware 1.10.01 / HTTP Handler (CVSS: 8.8)
Afeta: D-Link DCS-935L firmware 1.10.01 / HTTP Handler
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: LOW | Interação: NONE
Fraqueza: CWE-119, CWE-134
Correção: desconhecido na NVD; restringir exposição e verificar firmware/advisory
Resumo NVD: A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. ...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-12174
Fonte: https://github.com/Real-Simplicity/cve-database/tree/main/CVE_Report_DLink_DCS935L_Format_String
Fonte: https://vuldb.com/cve/CVE-2026-12174
Fonte: https://vuldb.com/submit/837209
📌 Fonte principal: NVD NIST. Confirme detalhes e patches no advisory oficial do fornecedor.
#cybersecurity #cve #infosec #vulnerability #patch #cyberreport
Видео 3 CVEs Críticos Hoje: RCE em Baggage Freight Shipping Australia | Cyber Report канала Daily tech hack
CVEs abordados no vídeo:
1️⃣ CVE-2018-25436 — WordPress plugin Baggage Freight Shipping Australia 0.1.0 (CVSS: 9.8)
Afeta: WordPress plugin Baggage Freight Shipping Australia 0.1.0
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: NONE | Interação: NONE
Fraqueza: CWE-434
Correção: verificar remoção/atualização do plugin e advisory do fornecedor
Resumo NVD: WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file exten...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2018-25436
Fonte: https://kaimi.io
Fonte: https://wordpress.org/plugins/baggage-freight/
Fonte: https://www.exploit-db.com/exploits/46061
2️⃣ CVE-2026-49952 — Discuz! X5.0 releases 20260320 a 20260501 (CVSS: 9.1)
Afeta: Discuz! X5.0 releases 20260320 a 20260501
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: NONE | Interação: NONE
Fraqueza: CWE-323
Correção: há commit/advisory referenciado; aplicar correção do projeto/fornecedor
Resumo NVD: Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integrati...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-49952
Fonte: https://gitee.com/Discuz/DiscuzX/commit/9962dad52c4c6999dabaf91ecd70377c680ff3c6
Fonte: https://karmainsecurity.com/KIS-2026-09
Fonte: https://karmainsecurity.com/chaining-bugs-in-discuz-from-race-condition-to-rce
3️⃣ CVE-2026-12174 — D-Link DCS-935L firmware 1.10.01 / HTTP Handler (CVSS: 8.8)
Afeta: D-Link DCS-935L firmware 1.10.01 / HTTP Handler
Versões: ver advisory do fornecedor
Vetor: NETWORK | Privilégios: LOW | Interação: NONE
Fraqueza: CWE-119, CWE-134
Correção: desconhecido na NVD; restringir exposição e verificar firmware/advisory
Resumo NVD: A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. ...
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-12174
Fonte: https://github.com/Real-Simplicity/cve-database/tree/main/CVE_Report_DLink_DCS935L_Format_String
Fonte: https://vuldb.com/cve/CVE-2026-12174
Fonte: https://vuldb.com/submit/837209
📌 Fonte principal: NVD NIST. Confirme detalhes e patches no advisory oficial do fornecedor.
#cybersecurity #cve #infosec #vulnerability #patch #cyberreport
Видео 3 CVEs Críticos Hoje: RCE em Baggage Freight Shipping Australia | Cyber Report канала Daily tech hack
Комментарии отсутствуют
Информация о видео
16 июня 2026 г. 15:05:25
00:02:30
Другие видео канала
