Rewterz Threat Advisory – CVE-2021-23017 – F5 Nginx Code Execution Vulnerability

Rewterz Threat Advisory – Multiple Google Chrome Code Execution Vulnerabilities

May 27, 2021

Rewterz Threat Alert – Malicious Covid-19 URLs

May 27, 2021

Rewterz Threat Advisory – CVE-2021-23017 – F5 Nginx Code Execution Vulnerability

Severity

High

Analysis Summary

CVE-2021-23017

Nginx could allow a remote attacker to execute arbitrary code on the system, caused by an off-by-one error in ngx_resolver_copy() while processing DNS responses. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Unauthorized Access

Affected Vendors

Affected Products

F5 NGINX Open Source 0.6.18
F5 NGINX Open Source 1.20.0
F5 NGINX Plus R13
F5 NGINX Plus R24

Remediation

Refer to F5 Security Advisory K36926027 for patch, upgrade or suggested workaround information. http://nginx.org/

Rewterz Threat Advisory – Multiple Google Chrome Code Execution Vulnerabilities

Rewterz Threat Alert – Malicious Covid-19 URLs

Rewterz Threat Advisory – CVE-2021-23017 – F5 Nginx Code Execution Vulnerability

Severity

Analysis Summary

CVE-2021-23017

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan