Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution

Rewterz Threat Advisory – CVE-2020-4414 – Memory leak in IBM DB2

August 24, 2020

Rewterz Threat Advisory – RTF Royal Road Drops a New MFC C++ Backdoor and Links to Goblin Panda

August 25, 2020

Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution

Severity

High

Analysis Summary

Node.js safe-eval module could allow a remote attacker to execute arbitrary commands on the system, caused by a sandbox escape flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the host system.

Impact

Gain Access

Affected Vendors

NodeJs

Affected Products

Node.js safe-eval 0.4.1

Remediation

Update to latest version.

Rewterz Threat Advisory – CVE-2020-4414 – Memory leak in IBM DB2

Rewterz Threat Advisory – RTF Royal Road Drops a New MFC C++ Backdoor and Links to Goblin Panda

Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan