Rewterz Threat Advisory – Multiple Apache Fineract Vulnerabilities

March 29, 2023

Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs

March 29, 2023

Rewterz Threat Advisory – Multiple Apache OperOffice Vulnerabilities

March 29, 2023

Severity

High

Analysis Summary

CVE-2022-38745 CVSS:7.8

Apache OpenOffice could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw when adding empty entry to the Java class path. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2022-47502 CVSS:7.8

Apache OpenOffice could allow a remote attacker to execute arbitrary code on the system, caused by improper validating the links called by internal macros. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2022-38745
CVE-2022-47502

Affected Vendors

Apache

Affected Products

Apache OpenOffice 4.1.13

Remediation

Refer to Apache OpenOffice Advisory for patch, upgrade or suggested workaround information.

CVE-2022-38745

CVE-2022-47502

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Apache Fineract Vulnerabilities

Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.