remote code execution

Fortinet has released a FortiOS SSL VPN high-risk security vulnerability (Vulnerability CVE: CVE-2024-21762) that may have been exploited in the wild.

Rapid Software LLC's industrial automation platform, Rapid SCADA, has been found to be susceptible to multiple critical vulnerabilities, posing significant risks of remote code execution, unauthorized access and privilege escalation. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a bulletin detailing the potential vulnerabilities and urging immediate action.

Juniper Networks (NASDAQ: JUNIER) has issued a security vulnerability advisory to fix a critical Remote Code Execution (RCE) vulnerability in the SRX Series Firewalls and EX Series Switches (CVE-2024-21591), as well as another high-risk vulnerability in Junos OS and Junos OS Evolved (CVE- 2024-21611), which can also be exploited by unauthenticated network attackers to cause a denial of service attack. 2024-21611) in Junos OS and Junos OS Evolved, which can also be exploited by an unauthenticated attacker to cause a denial-of-service attack.

The U.S. Cybersecurity and Infrastructure Security Administration (CISA) released six exploited vulnerabilities involving vendors Apple, Apache, Adobe, D-Link, Joomla! and others, and the CVE-2023-41990 vulnerability has been fixed by Apple, but is still being exploited by unknown attackers. It is recommended to affected to carry out vulnerability fixes to protect their network security.

Apache Struts code execution vulnerability (CVE-2023-50164) allows attackers to control file upload parameter execution path traversal, and in some cases can upload malicious files to execute arbitrary code.