PaperCut have released a new patch for Papercut NG/MF to address multiple vulnerabilities which are currently being exploited. If you are using this product, we recommend you upgrade your PaperCut application to version 22.1.3. Please follow the instructions on...
Advisory: Fortinet SSL VPN vulnerability – CVE 2023-27997
We’re aware of a critical Remove Code Execution (RCE) vulnerability affecting Fortinet’s SSL VPN functionality. This vulnerability can be exploited without credentials and affects all SSL VPN appliances, even if multi-factor authentication is enabled. Due to the...
Advisory: cPanel admin console vulnerability CVE-2023-29489
We're aware of a cPanel admin console vulnerability with a severity rating of medium. cPanel is a common website and server management software. Exploitation of this vulnerability could allow a malicious actor to perform remote code execution against any user who...
Advisory: Ruckus wireless admin remote code execution vulnerability CVE-2023-25717
We’re aware of the new DDoS botnet, AndoryuBot, targeting Ruckus wireless admin panels. We have done a review of N4L-managed Ruckus products and can confirm all products are running unaffected versions. Mitigation If you own Ruckus products that are not managed by us,...
Advisory: Critical buffer underflow vulnerability in FortiOS impacting administrative interface CVE-2023-25610
We’re aware of a critical buffer underflow vulnerability CVE-2023-25610 affecting FortiOS’ administrative interface. This vulnerability could allow a malicious actor to remotely execute arbitrary code on the device. It may also allow an unauthenticated actor to...
Advisory: Microsoft Outlook critical vulnerability CVE-2023-23397
We’re aware of a critical Microsoft Outlook privilege escalation vulnerability that is being actively exploited. This vulnerability can be exploited by sending a specifically crafted email which triggers automatically when it is retrieved and processed by the...
Advisory: Critical vulnerability affecting PaperCut MF/NG
We’re aware of a critical Remote Code Execution (RCE) vulnerability affecting PaperCut MF or NG. This vulnerability is currently exploited in the wild. The affected PaperCut products are: PaperCut MF or NG version 8.0 or later, on all OS platforms PaperCut MF or NG...
Advisory: Security issue with 3CX desktop application
3CX, a company that supplies telephony solutions, has been affected by a supply chain attack affecting software downloaded from their website. This attack can affect users running the 3CX desktop clients for MacOS and Windows. The recommended action is to remove these...