Rewterz Threat Advisory – CVE-2023-26132 – Node.js dottie module Vulnerability

Rewterz Threat Advisory – CVE-2023-27997 – Fortinet FortiGate and FortiOS Vulnerability

June 12, 2023

Rewterz Threat Alert – StormKitty Stealer: A Threatening Information-Stealing Malware – Active IOCs

June 12, 2023

Rewterz Threat Advisory – CVE-2023-26132 – Node.js dottie module Vulnerability

Severity

High

Analysis Summary

CVE-2023-26132

Node.js dottie module is vulnerable to a denial of service, caused by a prototype pollution flaw in the set() function in /dottie.js. By adding or modifying properties of Object.prototype using a proto or constructor payload, a remote attacker could exploit this vulnerability to cause a denial of service condition.

Impact

Denial of Service

Indicators Of Compromise

CVE

CVE-2023-26132

Affected Vendors

Node.js

Affected Products

Node.js dottie 2.0.3

Remediation

Upgrade to the latest version of dottie, available from the dottie.js GIT Repository.

dottie.js GIT Repository

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Advisory – CVE-2023-27997 – Fortinet FortiGate and FortiOS Vulnerability

Rewterz Threat Alert – StormKitty Stealer: A Threatening Information-Stealing Malware – Active IOCs

Rewterz Threat Advisory – CVE-2023-26132 – Node.js dottie module Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan