Last updated on November 30, 2023 at 11:04 am
We’re aware of a vulnerability in the web-based interface used to manage RUCKUS access points that could allow a remote attacker to execute a cross-site scripting (XSS) attack against a user logged on to the interface of the affected device. Please note that Equipment...
Last updated on September 15, 2023 at 01:02 pm
The US Government CISA has issued an advisory concerning active exploitation of these vulnerabilities earlier in the year.The Fortinet vulnerability (CVE-2022-42475) does not affect schools with N4L-managed Fortinet firewalls.If your school uses an on-premise Zoho...
Last updated on September 1, 2023 at 10:44 am
We’re aware of multiple vulnerabilities that have been discovered in Google ChromeOS, the most severe of which could allow a remote attacker to conduct arbitrary code execution. Depending on the privileges associated with the targeted user, an attacker could install...
Last updated on September 1, 2023 at 10:44 am
We’re aware of a vulnerability (CVE-2023-39904, CVE-2023-39905, CVE-2023-39906) in the web-based management interface of the Ruckus ICX switch product line that could allow a remote attacker to execute XSS and CSRF attacks against the user of the interface. To exploit...
Last updated on September 1, 2023 at 10:44 am
We’re aware of a vulnerability in the web-based management interface of the Ruckus Unleashed product line that could allow an authenticated, remote attacker to execute arbitrary code on the Ruckus Unleashed system to make changes when “gateway mode” is enabled. Please...
Last updated on August 16, 2023 at 05:19 pm
PaperCut have released a new patch for Papercut NG/MF to address multiple vulnerabilities which are currently being exploited. If you are using this product, we recommend you upgrade your PaperCut application to version 22.1.3. Please follow the instructions on...
Last updated on September 1, 2023 at 10:45 am
We’re aware of a Remote Code Execution (RCE) vulnerability affecting all Aerohive / Extreme Networks access points running HiveOS/Extreme IQ Engine before version 10.6r2. Research has indicated that potential cyber attackers can exploit this vulnerability by...
Last updated on September 1, 2023 at 10:45 am
We’re aware of a Remote Code Execution (RCE) vulnerability that is affecting FortiGate devices running FortiOS and FortiProxy. The stack-based overflow vulnerability may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy...
Last updated on September 1, 2023 at 10:45 am
Update 9 Aug 2023: Microsoft have released a patch to fix this vulnerability. You can find more information on this here. We’re aware of a Remote Code Execution (RCE) vulnerability that is affecting Windows and Microsoft Office products. For an attacker to exploit...
Last updated on August 14, 2023 at 06:35 pm
We’re aware of a critical Remove Code Execution (RCE) vulnerability affecting Fortinet’s SSL VPN functionality. This vulnerability can be exploited without credentials and affects all SSL VPN appliances, even if multi-factor authentication is enabled. Due to the...