Rewterz Threat Alert – LokiBot Malware – Active IOCs

February 14, 2022

Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities

February 15, 2022

Rewterz Threat Advisory – Multiple Node.js Vulnerabilities

February 15, 2022

Severity

High

Analysis Summary

CVE-2021-23597

Node.js fastify-multipart module is vulnerable to a denial of service, caused by improper input validation. By providing a name=constructor property, a remote attacker could exploit this vulnerability to cause the application to crash.

CVE-2022-0508

Node.js @peertube/embed-api module is vulnerable to server-side request forgery, caused by a flaw in the URL download procedure. By using a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to enumerate local server files and media files.

Impact

Gain Access
Denial of Service

Indicators of Compromise

CVE

CVE-2022-0508
CVE-2021-23597

Affected Vendors

Node.js

Affected Products

Node.js @peertube/embed-api
Node.js fastify-multipart 5.3.0

Remediation

Refer to the vendor website to download patches, updates, and apply workarounds:

https://www.npmjs.com/package/fastify-multipart

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Microsoft Alerts on Node.js Exploitation in Malware Campaigns

ICS: Multiple Rockwell Automation ThinManager Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – LokiBot Malware – Active IOCs

Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.