

Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs
March 29, 2023
Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities
March 29, 2023
Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs
March 29, 2023
Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities
March 29, 2023Severity
High
Analysis Summary
CVE-2023-28444
Node.js angular-server-side-configuration module could allow a remote attacker to obtain sensitive information, caused by the inserting of environment variable during deployment of an Angular based app. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain environment variables information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-28444
Affected Vendors
Node.js
Affected Products
- Node.js angular-server-side-configuration 15.0.0
Remediation
Upgrade to the latest version of angular-server-side-configuration, available from the angular-server-side-configuration GIT Repository.