June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Bitter APT Group – Active IOCs
June 4, 2024
Highly Severe Oracle WebLogic Server OS Command Injection Flaw Actively Exploited
June 4, 2024
Bitter APT Group – Active IOCs
June 4, 2024
Highly Severe Oracle WebLogic Server OS Command Injection Flaw Actively Exploited
June 4, 2024
Severity
High
Analysis Summary
CVE-2024-36120
Node.js javascript-deobfuscator module could allow a local attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially crafted payload, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-36120
Affected Vendors
Node.js
Affected Products
- Node.js javascript-deobfuscator
Remediation
Upgrade to the latest version of javascript-deobfuscator, available from the Node.js GIT Repository.
