Multiple Adobe Experience Manager and Animate Vulnerabilities

December 26, 2024

DarkCrystal RAT aka DCRat – Active IOCs

December 26, 2024

CVE-2024-45387 – Apache Traffic Control Vulnerability

December 26, 2024

Severity

High

Analysis Summary

CVE-2024-45387

An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request. Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.

Impact

Data Manipulation

Indicators of Compromise

CVE

CVE-2024-45387

Affected Vendors

Apache

Affected Products

Apache Traffic Control 8.0.0
Apache Traffic Control 8.0.1

Remediation

Refer to Apache Website for patch, upgrade, or suggested workaround information.

Apache Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Multiple D-Link Products Vulnerabilities

Multiple GitLab Products Vulnerabilities

CVE-2025-25012 – Elastic Kibana Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Adobe Experience Manager and Animate Vulnerabilities

DarkCrystal RAT aka DCRat – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation