New TunnelVision Attack Enables DHCP Manipulation-Based VPN Traffic Hijacking
May 13, 2024STOP aka DJVU Ransomware – Active IOCs
May 13, 2024New TunnelVision Attack Enables DHCP Manipulation-Based VPN Traffic Hijacking
May 13, 2024STOP aka DJVU Ransomware – Active IOCs
May 13, 2024Severity
High
Analysis Summary
CVE-2024-4345 CVSS:9.8
Startklar Elementor Addons Plugin for WordPress could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the 'process' function in the 'startklarDropZoneUploadProcess' class. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVE-2024-4346 CVSS:9.1
Startklar Elementor Addons Plugin for WordPress could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences to delete arbitrary files on the system.
CVE-2024-4393 CVSS:9.8
Social Connect Plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by insufficient verification on the OpenID server. By sending a specially crafted request, an attacker could exploit this vulnerability to update plugin settings.
Impact
- Gain Access
- Security Bypass
- Information Obtained
Indicators of Compromise
CVE
- CVE-2024-4345
- CVE-2024-4346
- CVE-2024-4393
Affected Vendors
Affected Products
- Startklar Elementor Addons plugin for WordPress 1.7.13
- Social Connect plugin for WordPress 1.2
Remediation
Refer to WordPress Plugin Directory for patch, upgrade, and suggested workaround information.