February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory –CVE-2021-37608 – Apache OFBiz File Upload Vulnerability
August 13, 2021Rewterz Threat Alert – LokiBot – Active IOCs
August 14, 2021Rewterz Threat Advisory –CVE-2021-37608 – Apache OFBiz File Upload Vulnerability
August 13, 2021Rewterz Threat Alert – LokiBot – Active IOCs
August 14, 2021
Severity
High
Analysis Summary
CVE-2021-37699
Node.js next module could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.
Impact
- Information Theft
- Security Bypass
Affected Vendors
Node.js
Affected Products
Node.js next 10.2.0
Node.js next 10.0.5
Node.js next 11.0.0
Node.js next 11.0.1
Remediation
Upgrade to the latest version of Next (11.1.0 or later), available from the NPM Web site.