info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته اول فروردین‌ماه

این هفته در محصولات بسیار مهم سیسکو، IBM و Joomla! چندین آسیب‌پذیری با سطح خطر «حیاتی» و «بالا» شناسایی شد. همچنین محصولات پرکاربرد شرکت‌های VMware، Google  و Fortinet نیز چندین آسیب‌پذیری حیاتی داشتند. افزونۀ پرکاربرد WordPress Live Chat Support (با بیش از ۵۰ هزار نصب فعال) نیز آسیب‌پذیری با سطح خطر «خطرناک» داشت. بیشتر آسیب‌پذیری‌های این هفته از نوع ارتقاء امتیاز بودند.

نوع آسیبپذیری

محصول آسیب‌پذیر

شناسه آسیب‌پذیری

Privilege Escalation

Ansible Engine Fetch Module

CVE-2020-1735

Information Disclosure

Ansible Engine

CVE-2020-1736

Information Disclosure

Ansible Engine Kubernetes

CVE-2020-1753

Privilege Escalation

Ansible Engine Package Module

CVE-2020-1738

Privilege Escalation

Ansible Engine Vault

CVE-2020-1740

Weak Authentication

Apache Geode Hostname Verification

CVE-2019-10091

Denial of Service

Asus AsusWRT httpd APP_Installation.asp

CVE-2018-20335

Command Injection

Asus AsusWRT start_apply.htm

CVE-2018-20334

Information Disclosure

Asus AsusWRT USB Device update_applist.asp

CVE-2018-20333

Cross Site Request Forgery

Canon Oce Colorwave 500 CSRF Protection

CVE-2020-10671

Weak Authentication

Canon Oce Colorwave 500 home.jsp

CVE-2020-10669

Cross Site Scripting

Canon Oce Colorwave 500 Web Application home.jsp

CVE-2020-10668

Cross Site Scripting

Canon Oce Colorwave 500 Web Application indexExternalLocation.jsp

CVE-2020-10667

Cross Site Scripting

Canon Oce Colorwave 500 Web Application settingDialogContent.jsp

CVE-2020-10670

SQL Injection

CentOS-WebPanel.com CentOS Web Panel loader_ajax.php

CVE-2020-10230

Open Redirect

Centreon login.php

CVE-2019-19484

Command Injection

Centreon Plugin Test minPlayCommand.php

CVE-2019-19487

Directory Traversal

Centreon Plugin Test minPlayCommand.php

CVE-2019-19486

Privilege Escalation

CheckUser Extension Permission

CVE-2019-16529

Privilege Escalation

Cisco SD-WAN Solution CLI

CVE-2020-3266

Memory Corruption

Cisco SD-WAN Solution

CVE-2020-3264

Privilege Escalation

Cisco SD-WAN Solution

CVE-2020-3265

SQL Injection

Cisco SD-WAN Solution vManage Web UI

CVE-2019-16012

Cross Site Scripting

Cisco SD-WAN vManage Web-based Management Interface

CVE-2019-16010

Weak Authentication

Citrix SD-WAN SSL Certificate Validator

CVE-2020-6175

Privilege Escalation

closure-compiler-stream exports

CVE-2020-7603

Cross Site Request Forgery

Cloud Native Computing Foundation Harbor VMware Harbor Container Registry

CVE-2019-19025

Privilege Escalation

Cloud Native Computing Foundation Harbor VMware Harbor Container Registry

CVE-2019-19023

SQL Injection

Cloud Native Computing Foundation Harbor VMware Harbor Container Registry

CVE-2019-19029

SQL Injection

Cloud Native Computing Foundation Harbor VMware Harbor Container Registry

CVE-2019-19026

Cross Site Scripting

CMS Made Simple Filemanager moduleinterface.php

CVE-2020-10681

Privilege Escalation

CMS Made Simple Filemanager php.jpegd

CVE-2020-10682

Privilege Escalation

Combodo iTop Web Application

CVE-2019-19821

Privilege Escalation

cPanel Account Suspension

CVE-2019-20491

Cross Site Scripting

cPanel Backup Restore Stored

CVE-2019-20497

Privilege Escalation

cPanel Branding API

CVE-2020-10118

Remote Code Execution

cPanel cpsrvd rsync Shell

CVE-2020-10120

Cross Site Scripting

cPanel HTML File Editor Stored

CVE-2020-10114

Cross Site Scripting

cPanel JSON

CVE-2019-20493

Privilege Escalation

cPanel Log

CVE-2019-20496

Privilege Escalation

cPanel Market UAPI Namespace

CVE-2020-10117

Information Disclosure

cPanel MySQL Dump

CVE-2019-20495

unknown vulnerability

cPanel Number Get

CVE-2019-20494

Code Execution

cPanel PassengerApps API

CVE-2020-10121

Weak Authentication

cPanel Password File

CVE-2019-20492

Code Execution

cPanel PowerDNS

CVE-2020-10115

Remote Code Execution

cPanel psrvd rsync Shell

CVE-2020-10119

Cross Site Scripting

cPanel Temporary Character-Set

CVE-2020-10113

Weak Authentication

cPanel WebDAV

CVE-2019-20498

Privilege Escalation

cPanel WebDisk UAPI

CVE-2020-10116

Denial of Service

cPanel WebMail

CVE-2020-10122

Weak Authentication

cPanel WebMail

CVE-2019-20490

Privilege Escalation

D-Link DAP-1650 Command

CVE-2019-12767

Information Disclosure

D-Link DSL-2875AL Web Management Server romfile.cfg

CVE-2019-15655

Information Disclosure

D-Link DSL-2875AL/DSL-2877AL Web Management Server index.asp

CVE-2019-15656

Privilege Escalation

docker-compose-remote-api exec

CVE-2020-7606

Cross Site Scripting

Dolibarr ERP CRM card.php

CVE-2019-19211

Cross Site Scripting

Dolibarr ERP CRM File Upload

CVE-2019-19210

Cross Site Scripting

Dolibarr ERP CRM fournisseurs.php

CVE-2019-19212

SQL Injection

Dolibarr ERP CRM

CVE-2019-19209

unknown vulnerability

dot Package Template Compiler Function()‎

CVE-2020-8141

Weak Authentication

Easy!Appointments Captcha

CVE-2018-13060

Information Disclosure

Easy!Appointments Hash

CVE-2018-13063

Information Disclosure

EasyBuild GitHub Integration Log

CVE-2020-5262

Weak Authentication

Entrust Entelligence Security Provider SSL Certificate Validator

CVE-2020-10659

Cross Site Scripting

ERPNext

CVE-2019-20521

Cross Site Scripting

ERPNext

CVE-2019-20520

Cross Site Scripting

ERPNext

CVE-2019-20518

Cross Site Scripting

ERPNext

CVE-2019-20517

Cross Site Scripting

ERPNext

CVE-2019-20516

Cross Site Scripting

ERPNext

CVE-2019-20515

Cross Site Scripting

ERPNext

CVE-2019-20514

Cross Site Scripting

ERPNext Email Address

CVE-2019-20519

Privilege Escalation

Fortinet FortiClient EMS Online Installer FortiClientEMSOnlineInstaller.exe

CVE-2020-9287

Privilege Escalation

Fortinet FortiClient Online Installer FortiClientOnlineInstaller.exe

CVE-2020-9290

Open Redirect

Fortinet FortiOS URL

CVE-2019-6696

Cross Site Scripting

Fortinet FortiWeb Disclaimer Description Stored

CVE-2020-6646

Information Disclosure

Foxit Studio Photo EPS File

CVE-2020-8883

Information Disclosure

Foxit Studio Photo PSD File

CVE-2020-8879

Information Disclosure

Foxit Studio Photo PSD File

CVE-2020-8877

Privilege Escalation

Foxit Studio Photo PSD File

CVE-2020-8882

Privilege Escalation

Foxit Studio Photo PSD File

CVE-2020-8878

Privilege Escalation

Foxit Studio Photo tif File

CVE-2020-8881

Privilege Escalation

Foxit Studio Photo tif File

CVE-2020-8880

Information Disclosure

FreeRADIUS EAP-PWD eap_pwd.c

CVE-2019-20510

Denial of Service

FreeRADIUS EAP-PWD Module Crash

CVE-2019-17185

Server-Side Request Forgery

Ghost CMS

CVE-2020-8134

Memory Corruption

GNOME gThumb cairo-image-surface-jpeg.c _cairo_image_surface_create_from_jpeg()‎

CVE-2019-20326

Weak Authentication

GnuPG SHA1

CVE-2019-14855

Denial of Service

Golang Facebook Thrift Server Memory Exhaustion

CVE-2019-11939

Privilege Escalation

Google Android App Uninstallation

CVE-2019-2089

Information Disclosure

Google Android Bluetooth Out-of-Bounds

CVE-2019-9474

Information Disclosure

Google Android Bluetooth Out-of-Bounds

CVE-2019-9473

Denial of Service

Google Android MPEG4Extractor.cpp parseTrackFragmentRun

CVE-2020-0088

spoofing

Google Android Notifications

CVE-2019-2216

Memory Corruption

Google Android Parcel.cpp readCString

CVE-2020-0086

Denial of Service

Google Go X.‎509 Certificate

CVE-2020-7919

Command Injection

gulp-scss-lint command.js

CVE-2020-7601

Privilege Escalation

gulp-styledocco Export index.js

CVE-2020-7607

Privilege Escalation

gulp-tape

CVE-2020-7605

Open Redirect

Halvotec RAQuest Admin Application

CVE-2019-19613

Weak Authentication

Halvotec RAQuest Session Fixation

CVE-2019-19610

Cross Site Scripting

Halvotec RAQuest Stored

CVE-2019-19612

Weak Authentication

HP Printer Lockout

CVE-2019-18917

Memory Corruption

Huawei CampusInsight/ManageOne Double-Free

CVE-2020-1862

Privilege Escalation

Huawei HEGE-560 Integrity Check

CVE-2020-1879

Weak Authentication

Huawei Mate 20/Mate 30 Pro Applock

CVE-2020-1793

Privilege Escalation

Huawei Mate 20/Mate 30 Pro Authorization

CVE-2020-1796

Privilege Escalation

Huawei Mate 20/Mate 30 Pro Digital Balance

CVE-2020-1795

Weak Authentication

Huawei Mate 20/Mate 30 Pro

CVE-2020-1794

Information Disclosure

Huawei Secospace AntiDDoS8000

CVE-2020-1864

Weak Authentication

Huawei Smartphone OxfordS-AN00A

CVE-2020-1878

Weak Authentication

IBM Cloud Automation Manager Session Fixation

CVE-2019-4617

Information Disclosure

IBM DataPower Gateway Access Control

CVE-2020-4203

Privilege Escalation

IBM DataPower Gateway

CVE-2020-4205

Information Disclosure

IBM MQ/MQ Appliance

CVE-2019-4719

Information Disclosure

IBM MQ/MQ Appliance

CVE-2019-4619

Denial of Service

IBM MQ/MQ Appliance Queue Crash

CVE-2019-4656

Cross Site Scripting

Ignite Realtime Openfire setup-datasource-standard.jsp

CVE-2019-20527

Cross Site Scripting

Ignite Realtime Openfire setup-datasource-standard.jsp

CVE-2019-20526

Cross Site Scripting

Ignite Realtime Openfire setup-datasource-standard.jsp

CVE-2019-20525

unknown vulnerability

JFrog Artifactory Import

CVE-2019-19937

Privilege Escalation

Joomla CMS com_fields

CVE-2020-10239

Cross Site Request Forgery

Joomla CMS com_templates

CVE-2020-10241

Privilege Escalation

Joomla CMS com_templates

CVE-2020-10238

Cross Site Scripting

Joomla CMS Protostar/Beez3

CVE-2020-10242

SQL Injection

Joomla CMS

CVE-2020-10243

Privilege Escalation

Joomla CMS User Table

CVE-2020-10240

Privilege Escalation

LearnPress Plugin Permission Check class-lp-admin-ajax.php be_teacher

CVE-2020-7916

Denial of Service

libvirt Monitor Job qemu_driver.c

CVE-2019-20485

Privilege Escalation

Liferay Portal JSONWS Deserialization

CVE-2020-7961

Cross Site Scripting

LimeSurvey Boxes box.php

CVE-2019-14512

unknown vulnerability

LINBIT csync2 SSL daemon.c csync_daemon_session

CVE-2019-15522

Privilege Escalation

LogicalDOC File Upload Command

CVE-2020-9423

Privilege Escalation

Micro Focus Service Manager Login Filter

CVE-2020-9518

Information Disclosure

Micro Focus Service Manager Web Services Config

CVE-2020-9519

Privilege Escalation

Mitsubishi Electric MELQIC IU1 TCP Argument Injection

CVE-2020-5546

Memory Corruption

Mitsubishi Electric MELQIC IU1 TCP

CVE-2020-5542

Denial of Service

Mitsubishi Electric MELQIC IU1 TCP NULL Pointer Dereference

CVE-2020-5544

Privilege Escalation

Mitsubishi Electric MELQIC IU1 TCP

CVE-2020-5547

Privilege Escalation

Mitsubishi Electric MELQIC IU1 TCP

CVE-2020-5545

Privilege Escalation

Mitsubishi Electric MELQIC IU1 TCP Session

CVE-2020-5543

Cross Site Scripting

MobileFrontend Extension Watchlist Feed

CVE-2019-15124

Privilege Escalation

Nagios Log Server Access Control

CVE-2020-6584

Cross Site Request Forgery

Nagios Log Server

CVE-2020-6585

Cross Site Scripting

Nagios Log Server profile

CVE-2020-6586

Command Injection

Nagios NRPE Filter

CVE-2020-6581

Memory Corruption

Nagios NRPE Heap-based

CVE-2020-6582

Privilege Escalation

NETSAS Enigma NMS CGI Script OS

CVE-2019-16072

Directory Traversal

NETSAS Enigma NMS

CVE-2019-16064

Code Execution

NETSAS Enigma NMS File Upload

CVE-2019-16066

Cross Site Request Forgery

NETSAS Enigma NMS manage_files.cgi

CVE-2019-16068

SQL Injection

NETSAS Enigma NMS manage_hosts_short.cgi

CVE-2019-16065

Privilege Escalation

NETSAS Enigma NMS

CVE-2019-16071

Privilege Escalation

NETSAS Enigma NMS

CVE-2019-16061

Cross Site Scripting

NETSAS Enigma NMS SNMP Stored

CVE-2019-16069

Weak Encryption

NETSAS Enigma NMS

CVE-2019-16062

Weak Encryption

NETSAS Enigma NMS Web Application Cleartext

CVE-2019-16067

Cross Site Scripting

NETSAS Enigma NMS Web Application Form Stored

CVE-2019-16070

Weak Encryption

NETSAS Enigma NMS Web Page Renderer

CVE-2019-16063

Denial of Service

Newlib libc Library _dtoa_r

CVE-2019-14872

Denial of Service

Newlib libc Library mprec.c __d2b

CVE-2019-14878

Denial of Service

Newlib libc Library mprec.c __i2b

CVE-2019-14874

Denial of Service

Newlib libc Library mprec.c __lshift

CVE-2019-14876

Denial of Service

Newlib libc Library mprec.c __mdiff

CVE-2019-14877

Denial of Service

Newlib libc Library mprec.c __multadd

CVE-2019-14873

Denial of Service

Newlib libc Library mprec.c __multiply

CVE-2019-14875

Privilege Escalation

Nextcloud Desktop Client Code Injection

CVE-2020-8140

Information Disclosure

Nextcloud Server Access Control download

CVE-2020-8139

Server-Side Request Forgery

Nextcloud Server IPv6

CVE-2020-8138

Privilege Escalation

node-prompt-here manager.js runCommand()‎

CVE-2020-7602

Privilege Escalation

Octopus Deploy On-Premise Active Directory

CVE-2020-10678

Privilege Escalation

ONAP Operations Manager DCAE

CVE-2019-12126

Privilege Escalation

ONAP Operations Manager Logging

CVE-2019-12125

Privilege Escalation

ONAP Operations Manager

CVE-2019-12130

Privilege Escalation

ONAP Operations Manager

CVE-2019-12129

Privilege Escalation

ONAP Operations Manager

CVE-2019-12128

Privilege Escalation

ONAP Operations Manager

CVE-2019-12127

Weak Authentication

OPC Foundation OPC UA .NET Standard Random Generator

CVE-2019-19135

Cross Site Scripting

Open edX Ironwood.‎1 certificates

CVE-2019-20513

Cross Site Scripting

Open Ticket Request System

CVE-2019-16375

Cross Site Scripting

OpenCart Image Upload

CVE-2020-10596

Privilege Escalation

openITCOCKPIT DEVELOPMENT

CVE-2020-10792

Privilege Escalation

Openshift MediaWiki

CVE-2020-1709

Privilege Escalation

Openshift mediawiki-apb

CVE-2019-19345

Privilege Escalation

Openshift postgresql-apb

CVE-2020-1707

Privilege Escalation

Openshift template-service-broker-operator

CVE-2020-1705

Memory Corruption

OpenWrt libubox Stack-based

CVE-2020-7248

Denial of Service

OpenWrt uhttpd Out-of-Bounds

CVE-2019-19945

Weak Authentication

OpenWrt/LEDE opkg Package Manager

CVE-2020-7982

unknown vulnerability

phpBB CSS

CVE-2019-16108

Cross Site Scripting

pki-core KRA Agent Service Reflected

CVE-2019-10179

Cross Site Scripting

pki-core pki-ca Module Reflected

CVE-2019-10221

Cross Site Scripting

pki-core Token Processing Service Stored

CVE-2020-1696

Privilege Escalation

PostgreSQL ALTER

CVE-2020-1720

Remote Code Execution

PRTG Network Monitor HttpTransactionSensor.exe

CVE-2019-11073

Privilege Escalation

PRTG Network Monitor phantomjs.exe

CVE-2019-11074

Privilege Escalation

pulverizr job.js

CVE-2020-7604

Code Execution

Pydio Core/Enterprise HttpDownload.php

CVE-2019-20453

Code Execution

Pydio Core/Enterprise RecycleBinManager.php

CVE-2019-20452

Cross Site Scripting

RainLoop Webmail XSS Protection Mechanism

CVE-2019-13389

Information Disclosure

rConfig head.inc.php

CVE-2020-9425

Information Disclosure

Rivet Killer Control Center KfeCo10X64.sys

CVE-2019-15662

Memory Corruption

Rivet Killer Control Center KfeCo10X64.sys

CVE-2019-15665

Memory Corruption

Rivet Killer Control Center KfeCo10X64.sys

CVE-2019-15664

Memory Corruption

Rivet Killer Control Center KfeCo10X64.sys

CVE-2019-15663

Memory Corruption

Rivet Killer Control Center KfeCo10X64.sys

CVE-2019-15661

SQL Injection

RMySQL

CVE-2020-10380

Information Disclosure

Rockwell Automation MicroLogix 1100/MicroLogix 1400/RSLogix 500 Credentials

CVE-2020-6980

Weak Encryption

Rockwell Automation MicroLogix 1100/MicroLogix 1400/RSLogix 500 Default Key

CVE-2020-6990

Weak Authentication

Rockwell Automation MicroLogix 1100/MicroLogix 1400/RSLogix 500

CVE-2020-6988

Weak Encryption

Rockwell Automation MicroLogix 1100/MicroLogix 1400/RSLogix 500

CVE-2020-6984

Cross Site Scripting

Sangoma FreePBX/PBXact Call Event Logger

CVE-2019-19852

Cross Site Scripting

Sangoma FreePBX/PBXact Superfecta Module

CVE-2019-19851

Privilege Escalation

Sangoma FreePBX/sysadmin

CVE-2019-19538

Cross Site Scripting

Simple Link Directory Plugin qcopd-shortcode-generator.php get_the_title()‎

CVE-2019-13463

Server-Side Request Forgery

Simple Machines Forum Subs-Package.php

CVE-2019-11574

unknown vulnerability

Squid Web Proxy cachemgr.cgi

CVE-2019-18860

unknown vulnerability

SuiteCRM API

CVE-2019-18785

Privilege Escalation

SuiteCRM htaccess

CVE-2019-18782

SQL Injection

SuiteCRM

CVE-2020-8786

SQL Injection

SuiteCRM

CVE-2020-8785

SQL Injection

SuiteCRM

CVE-2020-8784

SQL Injection

SuiteCRM

CVE-2020-8783

unknown vulnerability

SuiteCRM

CVE-2020-8787

XML External Entity

svglib Package svg2rlg 

CVE-2020-10799

Cross Site Scripting

Swisscom Centro Grande

CVE-2019-19941

Command Injection

Swisscom Centro Grande Telnet/SSH

CVE-2019-19940

spoofing

Swisscom Centro Grande/Centro Business Web Interface

CVE-2019-19942

Remote Code Execution

Systech NDS-5000/NDS-5008

CVE-2020-7006

Memory Corruption

tcpdump extract.h rx_cache_find

CVE-2018-19325

Denial of Service

Trend Micro Apex One DLL

CVE-2020-8470

Privilege Escalation

Trend Micro Apex One DLL

CVE-2020-8598

Privilege Escalation

Trend Micro Apex One

CVE-2020-8468

Privilege Escalation

Trend Micro Apex One/OfficeScan XG Migration Tool

CVE-2020-8467

Privilege Escalation

Trend Micro Apex One/OfficeScan XG

CVE-2020-8599

Directory Traversal

Trend Micro Worry-Free Business Security

CVE-2020-8600

Code Execution

Umbraco Cloud File Upload

CVE-2020-9471

Code Execution

Umbraco CMS File Upload

CVE-2020-9472

Denial of Service

UniValue read()‎

CVE-2019-18936

Remote Code Execution

Unraid

CVE-2020-5847

Weak Authentication

Unraid

CVE-2020-5849

Privilege Escalation

VMware Fusion Binary

CVE-2020-3950

Privilege Escalation

VMware Horizon Client/Remote Console/Workstation

CVE-2019-5543

Privilege Escalation

VMware Workstation/Fusion Cortado Thinprint

CVE-2020-3948

Memory Corruption

VMware Workstation/Fusion vmnetdhcp

CVE-2020-3947

Denial of Service

VMware Workstation/Horizon Client Cortado Thinprint Heap-based

CVE-2020-3951

Privilege Escalation

Walmart Labs Concord apikey

CVE-2020-10591

Weak Encryption

WildFly TLS Downgrade

CVE-2019-14887

Privilege Escalation

WP Live Chat Support REST API

CVE-2019-12498

unknown vulnerability

Xmidt cjwt

CVE-2019-19324

Privilege Escalation

yargs-parser

CVE-2020-7608

Cross Site Request Forgery

Zoho ManageEngine Password Manager Pro

CVE-2020-9346

Privilege Escalation

Zoho ManageEngine Password Manager Pro Excel Macro CSV Injection

CVE-2020-9347

Privilege Escalation

Zoho ManageEngine Remote Access Plus User Permission

CVE-2019-11361