Pricing
Contact
Login
Start Free Trial
# Vulnerability Management

Blog

Unauthenticated RCE in Centos Web Panel 7 (CWP)  - CVE-2022–44877

Jan 26, 2023

Recent Posts

By Mohammad Hussam Alzeyyat
Jan 26, 2023

Unauthenticated RCE in Centos Web Panel 7 (CWP)  - CVE-2022–44877

In this blog, we are going to break down the Centos Web Panel RCE, dive deep into the dynamic and static analysis, also trying to simulate the backend code.
By Shahar Reichman
Jan 17, 2023

New Reboot & Message Box Popups

New restart popup window and custom message for your end user.
By Mohammad Hussam Alzeyyat
Jan 12, 2023

JWT Arbitrary Command Execution - CVE-2022–23529

I'm trying to analyze JsonWebToken CVE-2022–23529 and see if there is a possibility or how I may proceed to find a way to achieve full RCE, however, after the analysis, I'm not sure if this is possible.
By Paul Lighter
Jan 11, 2023

When the Target is Also the Threat

A software failure grounded thousands of flights today, raising a complicated question - how do you secure an unstable system? The answer has never been more urgent.
By Paul Lighter
Jan 06, 2023

The Uncomfortable Implications of the LastPass Attack

The recent attack on LastPass has people questioning if they can trust password managers. But there's a bigger issue lurking underneath - can you trust ANY security vendor?
By Mohammad Hussam Alzeyyat
Dec 31, 2022

Unique Exploit - Persistence through CVE-2022-30507

We are presenting a unique exploit that helps us exploit Notable app CVE-2022-30507, mainly we are using this for persistence and social engineering.
By Sagar Tiwari
Dec 30, 2022

Attacks on WebSockets

In a connected world, the instant transition of information is a must. Websocket is a protocol that comes in handy where speed and reliability are vital.
By Paul Lighter
Dec 28, 2022

ChatGPT Storms Onto the Cybersecurity Scene

The AI writer everyone's talking about could transform cybersecurity as with so much else. Here are three possible outcomes: good, bad, and ugly.
By Khurram Arif
Dec 24, 2022

WSO2 RCE (CVE-2022-29464)

Vulnerability CVE-2022-29464 being used in the wild to exploit arbitrary remote code execution through unfettered file uploads (RCE).
By Khurram Arif
Dec 23, 2022

CVE-2022-22965 Spring4Shell

Spring MVC or Spring WebFlux application running on JDK 9+ susceptible to remote code execution (RCE).
By Jenny R
Dec 14, 2022

Why do you need both IDS and IPS, or maybe the NGFW too?

I would like to straighten the defense of the web application by talking about Intrusion Detection and Prevention Systems (IDS and IPS) as the third member of this security trio defense: WAF, RASP, and IDPS.
By acephale 4w
Dec 13, 2022

Cyber Kill Chain

Cyber Kill Chain - what is it, and why do we need it.
By Paul Lighter
Dec 12, 2022

Zero Trust Guidance Rewrites US Cyber Strategy

With new guidance from the Department of Defense, the U.S. has made an unprecedented commitment to zero trust cybersecurity. But is this a sound strategy or a looming disaster?
By Khurram Arif
Dec 10, 2022

Out-of-Bound (OOB) Write Memory Flow CVE–2022-0995

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s
By Jenny R
Dec 06, 2022

Runtime Application Self-Protection

To protect the application besides adding a Web Application Firewall as a first-line defense we can also add Runtime Application Self-Protection (RASP). In this article, we will talk about this emerging technology!
...

Have questions?

By submitting this form, you agree to be contacted about TOPIA and other Vicarius products.

Vicarius develops an autonomous vulnerability remediation platform to help security teams protect their assets against software exploitation. Consolidating vulnerability assessment, prioritization, and remediation, Vicarius strengthens cyber hygiene and proactively reduces risk.
We're hiring!

Support

support@vicarius.io

Sales

sales@vicarius.io

Marketing

info@vicarius.io
Product
Product Overview
Vulnerability Management
Patch Management
Patchless Protection
Auto Actions
Network Scanner
xTags
0-Day Detection
Solution
Solution Overview
Case Studies
Knowledge
Research Center
Apps & OS Patch Catalog
Videos
Articles
Docs
Company
About
Investors
Partners
Trust
Careers
Pricing
Pricing
Compare
TOPIA vs. Automox
TOPIA vs. ManageEngine
TOPIA vs. Rapid7
TOPIA vs. Tenable
TOPIA vs. Tanium
TOPIA vs. RMMs
TOPIA vs. Vulcan
TOPIA vs. PDQ

Copyright © Vicarius. All rights reserved 2022. Privacy Policy and Terms of Use