CVE-2024-10811 - How Path Traversal in Ivanti EPM Exposes Sensitive Information
Recently, a critical vulnerability—CVE-2024-10811—was discovered in Ivanti Endpoint Manager (EPM). If you use this popular IT management tool, especially versions before the January
CVE-2024-7344 - Howyar UEFI "Reloader" Allows Unsigned Code Execution via Hardcoded Path Flaw
Unified Extensible Firmware Interface (UEFI) has become the standard for modern computer boot processes, promising increased security over legacy BIOS systems. But these benefits depend
CVE-2024-55591 - Authentication Bypass in FortiOS and FortiProxy via Node.js WebSocket
On June 2024, a severe vulnerability was disclosed in Fortinet’s FortiOS and FortiProxy products, identified as CVE-2024-55591. The flaw enables remote attackers to escalate
CVE-2024-48884 - Deep Dive into the Fortinet Path Traversal Vulnerability (with Code Examples and Exploit Details)
Fortinet, a well-known provider of network security solutions, recently disclosed a critical vulnerability: CVE-2024-48884. This bug is categorized as an “improper limitation of a pathname
CVE-2024-46668 - Unrestricted Resource Allocation in FortiOS—How Attackers Can Take Down Your Network with Large File Uploads
In June 2024, researchers discovered and disclosed CVE-2024-46668, a critical vulnerability in Fortinet’s FortiOS. This flaw affects a wide range of versions and allows
Episode
00:00:00
00:00:00