March 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs
March 29, 2023Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities
March 29, 2023Rewterz Threat Alert -Rhadamanthys Stealer – Active IOCs
March 29, 2023Rewterz Threat Advisory – Multiple IBM Aspera Vulnerabilities
March 29, 2023
Severity
High
Analysis Summary
CVE-2023-28444
Node.js angular-server-side-configuration module could allow a remote attacker to obtain sensitive information, caused by the inserting of environment variable during deployment of an Angular based app. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain environment variables information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-28444
Affected Vendors
Node.js
Affected Products
- Node.js angular-server-side-configuration 15.0.0
Remediation
Upgrade to the latest version of angular-server-side-configuration, available from the angular-server-side-configuration GIT Repository.