NEWS & EVENTS

  • 09/12/2020 13:02:00

    Cyrano event will be held on December 16th, 2020 form 10 to 12 am, to share ideas about the sectorial challenges in cyber security.

    During this event Fabio Martinelli will introduce the cyber security observatory, also promoted by E-CORRIDOR. All the stakeholders...

  • 06/10/2020 18:01:22

    Il 9 ottobre, durante Internet Festival, avra’ luogo il Cybersecurity Day ( dell’Istituto di Informatica e Telematica del Cnr (IIT).

    All’evento parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività...

  • 29/09/2020 11:45:53

    Il 24 settembre scorso Fabio Martinelli è stato invitato dalla Commissione Europea a parlare delle prossime sfide in cyber security nell'ambito degli European research and innovation days 2020.

    In questa occasione ha avuto cosi modo di illustrare le prossime attivita' di ricerca del Cyber...

  • 04/09/2020 13:57:59

    Pubblicato il bando per la quinta edizione del Master in Cybersecurity dell'Università di Pisa, anno accademico 2020/21.

    Per immatricolarsi al Master, l’interessato deve collegarsi al Portale Alice all’indirizzo https://www.studenti.unipi.it...

SERVICES

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

LATEST CVE

Published Description
CVE-2021-21247
15-01-2021 21:15:00
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login page. This listener decodes and deserializes the `data` query parameter. We can access this listener by submitting a POST request to any page. This issue may lead to `post-auth RCE` This endpoint is subject to authentication and, therefore, requires a valid user to carry on the attack. This issue was addressed in 4.0.3 by encrypting serialization payload with secrets only known to server.
CVE-2021-21251
15-01-2021 21:15:00
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint untars user controlled data from the request body using TarUtils. TarUtils is a custom library method leveraging Apache Commons Compress. During the untar process, there are no checks in place to prevent an untarred file from traversing the file system and overriding an existing file. For a successful exploitation, the attacker requires a valid __JobToken__ which may not be possible to get without using any of the other reported vulnerabilities. But this should be considered a vulnerability in `io.onedev.commons.utils.TarUtils` since it lives in a different artifact and can affect other projects using it. This issue was addressed in 4.0.3 by validating paths in tar archive to only allow them to be in specified folder when extracted.
CVE-2021-21244
15-01-2021 20:15:00
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3 by disabling validation interpolation completely.
CVE-2021-21243
15-01-2021 20:15:00
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This issue may lead to pre-auth RCE. This issue was fixed in 4.0.3 by not using deserialization at KubernetesResource side.
CVE-2020-24641
15-01-2021 19:15:00
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface.

Pages

LATEST EXPLOIT

Pages