Content Description:
【CVE-2019-6693】Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability (CVSS v3.1: 6.5)
【Exploited by Ransomware: Unknown】 Fortinet FortiOS has a hard-coded credentials vulnerability, allowing attackers to encrypt and decrypt sensitive data in FortiOS configuration backup files using known hard-coded keys.
【Affected Platforms】 Please refer to the officially listed affected versions
-
【CVE-2024-0769】D-Link DIR-859 Router Path Traversal Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Unknown】 The D-Link DIR-859 router has a path traversal vulnerability in the /hedwig.cgi file within its HTTP POST request handling component, which could lead to privilege escalation and unauthorized device control.
【Affected Platforms】 Please refer to the officially listed affected versions
-
【CVE-2024-54085】AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Unknown】 AMI MegaRAC SPx has an authentication bypass vulnerability through spoofing in the Redfish host interface. Successful exploitation of this vulnerability could lead to loss of confidentiality, integrity, and/or availability.
【Affected Platforms】 Please refer to the officially listed affected versions
-
Affected Platforms:
Suggested Measures:
【CVE-2019-6693】 Official patches have been released for the vulnerability, please update to the relevant versions
【CVE-2024-0769】 Affected products may have reached End of Life (EoL) and/or End of Service (EoS). Users are advised to stop using these products.
【CVE-2024-54085】 Official patches have been released for the vulnerability, please update to the relevant versions
Computer and Communications Center
Network Systems Division Respectfully