All Articles

Page 4 of 4
Tech Editorials #Advisory #Exim #RCE #CVE

Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing



We reported an overflow vulnerability in the base64 decode function of Exim on 5 February, 2018, identified as CVE-2018-6789. This bug exists since the first commit of exim, hence ALL versions are affected. According to our research, it can be leveraged to gain Pre-auth Remote Code Execution and at least 400k servers are at risk. Patched version 4.90.1 is already released and we suggest to upgrade exim immediately.

Tech Editorials #Advisory #Facebook #BugBounty #RCE #CVE

Advisory: Accellion File Transfer Appliance Vulnerability



According to a public data reconnaissance, there are currently 1,217 FTA servers online around the world, most of which are located in the US, followed by Canada, Australia, UK, and Singapore. Determine from the domain name and SSL Certificate of these servers, FTA is widely used by governmental bodies, educational institutions, enterprises, including several well-known brands.