SonicWall Capture Labs threat research team became aware of the threat CVE-2023-22621, assessed its impact and developed mitigation measures for this vulnerability. CVE-2023-22621 is a high-severity vulnerability affecting Strapi versions 3.0.0 through 4.5.5.
The flaw permits authenticated Server-Side Template Injection (SSTI), allowing a remote attacker with access to the Strapi admin panel to bypass validation checks and execute arbitrary code on the server. With a CVSS score of 7.2 (NIST), this vulnerability arises from improper neutralization of special elements in outputs used by downstream components (CWE-74). The Exploit Prediction Scoring System (EPSS) assigns it a 64.09% probability of exploitation within 30 days, placing it in the 98th percentile of vulnerabilities most likely to be exploited.
Read more…
Source: SonicWall
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
September 5, 2017
Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON. The vulnerability (CVE-2017-9805) is a ...
- Kurat võtku! Estonia identifies security risk in almost 750,000 ID cards
September 5, 2017
The Estonian government has discovered a security risk in its ID card system, potentially affecting almost 750,000 residents. “When notified, Estonian authorities immediately took precautionary measures, including closing the public key database, in order to minimise the risk while the situation can be fully assessed and a solution developed,” according to an email by Kaspar Korjus, ...
- Alert: AT&T customers with Arris modems at risk of remote hacking, claim infosec bods
September 1, 2017
Infosec consulting firm Nomotion has reported vulnerabilities in Arris broadband modems and which it says are trivial to exploit, and could affect nearly 140,000 devices. The report claims the modems carry hard-coded credentials, serious since a firmware update turned on SSH by default. That would let a remote attacker access the modem’s cshell service and take a ...
- FDA Recalls Nearly Half a Million Pacemakers Over Hacking Fears
August 31, 2017
Almost half a million people in the United States are highly recommended to get their pacemakers updated, as they are vulnerable to hacking. The Food and Drug Administration (FDA) has recalled 465,000 pacemakers after discovering security flaws that could allow hackers to reprogram the devices to run the batteries down or even modify the patient’s heartbeat, ...
- Intel ME controller chip has secret kill switch
August 29, 2017
Security researchers at Moscow-based Positive Technologies have identified an undocumented configuration setting that disables Intel Management Engine 11, a CPU control mechanism that has been described as a security risk. Intel’s ME consists of a microcontroller that works with the Platform Controller Hub chip, in conjunction with integrated peripherals. It handles much of the data travelling between ...
- VoIP bods Fuze defuse triple whammy of portal security vulnerabilities
August 23, 2017
Messaging provider Fuze has resolved a trio of vulnerabilities in its TPN Handset Portal. The access controls and authentication flaws, discovered by security tools firm Rapid7, created a means for hackers to obtain personal data about Fuze users ranging from phone numbers to email addresses and access credentials. Once seized through brute-force attacks, this sensitive data could ...