Rewterz Threat Advisory – CVE-2022-24725 – Node.js shescape module Vulnerability

Rewterz Threat Advisory – CVE-2022-26336 – Apache POI Vulnerability

March 7, 2022

Rewterz Threat Alert – DanaBot Trojan – Active IOCs

March 7, 2022

Rewterz Threat Advisory – CVE-2022-24725 – Node.js shescape module Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-24725

Node.js shescape module could allow a local attacker to obtain sensitive information, caused by a flaw when using Bash with the “escape” or “escapeAll” functions from the shescape API with the “interpolation” option set to “true”. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain the home directory information on Unix system, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2022-24725

Affected Vendors

Node.js

Affected Products

Node.js shescape 1.5.0
Node.js shescape 1.4.0

Remediation

Upgrade to the latest version of shescape, available from the shescape GIT Repository.

https://github.com/ericcornelissen/shescape/security/advisories/GHSA-446w-rrm4-r47f

Rewterz Threat Advisory – CVE-2022-26336 – Apache POI Vulnerability

Rewterz Threat Alert – DanaBot Trojan – Active IOCs

Rewterz Threat Advisory – CVE-2022-24725 – Node.js shescape module Vulnerability

Severity

Analysis Summary

CVE-2022-24725

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan