Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apple macOS Ventura Vulnerabilities
July 31, 2023
Rewterz
Rewterz Threat Alert – Bitter APT Group – Active IOCs
July 31, 2023

Rewterz Threat Advisory – Multiple SolarWinds Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-33225 CVSS:6.8

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an unsafe deserialization flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands with SYSTEM privileges on the system.

CVE-2023-33224 CVSS:7.2

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incorrect behavior order flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands with NETWORK SERVICE privileges on the system.

CVE-2023-23844 CVSS:7.2

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incomplete list of disallowed inputs flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-23843 CVSS:7.2

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incorrect comparison flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-23842 CVSS:6.8

SolarWinds Network Configuration Manager could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to execute arbitrary commands on the system.

Impact

  • Command Execution
  • Gain Access

Indicators Of Compromise

CVE

  • CVE-2023-33225
  • CVE-2023-33224
  • CVE-2023-23844
  • CVE-2023-23843
  • CVE-2023-23842

Affected Vendors

SolarWinds

Affected Products

  • SolarWinds SolarWinds Platform 2023.2.1
  • SolarWinds Network Configuration Manager 2023.2.1

Remediation

Upgrade to the latest version of SolarWinds Platform and Network Configuration Manager, available from the SolarWinds Web site.

CVE-2023-33225

CVE-2023-33224

CVE-2023-23844

CVE-2023-23843

CVE-2023-23842