![]() We have already informed GitHub and Netlify of the malicious activities and they have taken down the accounts. In this blog, we look into the abuse of GitHub and Netlify repositories and platforms for hosting cryptocurrency-mining tools and scripts. However, when we looked at the malicious samples abusing this vulnerability, we found more of these exploits being abused to target different gaps in products and packages for malicious mining of Monero. Official fixes have been rolled out by Apache HTTP Server Project. As the initial fix was deemed insufficient, a bypass was later reported for the fix and tracked as CVE-2021-42013. Under certain configurations where Common Gateway Interface (CGI) scripts are enabled for aliased paths, attackers can also use it for RCE. If this vulnerability is exploited, it allows attackers to map URLs to files outside the directories configured by Alias-like directives. Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and remote code execution (RCE) flaw in Apache HTTP Server 2.4.49.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |