EXECUTIVE SUMMARY:
Multiple vulnerabilities have been added to the Known Exploited Vulnerabilities (KEV) catalog due to active exploitation. These flaws enable threat actors to execute arbitrary commands, access sensitive data, and conduct unauthorized operations, with exploitation linked to cyber espionage and ransomware campaigns. CVE-2023-45727 allows attackers to conduct an XML External Entity (XXE) attack, leading to unauthorized access and data manipulation. CVE-2024-11680 enables attackers to create accounts, upload web shells, and embed malicious scripts via improper authentication. CVE-2024-11667 is a path traversal vulnerability that permits file downloads and uploads via crafted URLs.
Active exploitation of these vulnerabilities highlights the need for prompt remediation. Organizations are urged to implement available patches and take preventive measures to secure their systems.
RECOMMENDATION:
We strongly recommend you update to below version:
REFERENCES:
The following reports contain further technical details:
https://thehackernews.com/2024/12/cisa-warns-of-active-exploitation-of.html