The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently:
WordPress forced the patching of WooCommerce Plugin
The WooCommerce Plugin is subject to a privilege escalation vulnerability where an unauthenticated attacker could gain admin access to vulnerable stores. This vulnerability allows attackers to impersonate administrators and take over vulnerable websites. At this point, the vulnerability was not publicly exploited on the internet. Admins that host their own installation of WordPress must manually install the update. Patched versions of WooCommerce Payments include the following: 4.8.2, 4.9.1, 5.0.4, 5.1.3, 5.2.2, 5.3.1, 5.4.1, 5.5.2, and 5.6.2. Once patched ensure that there are no indicators of compromise.
Acropalypse Privacy Bug affected Windows 11 Snipping Tool
Microsoft’s Windows 11 Snipping Tool was subject to partial restoration of cropped images. A patched version (11.2302.20.0) of the Snipping Tool was released to Windows Insiders via the Microsoft Store. This vulnerability initially discovered on Google Pixel devices and disclosed by security researchers David Buchanan and Simon Aarons, allows for the partial restoration of deleted content from cropped images. The bug exists because cropped images overwrite the original file, but do not remove the cropped-out data allowing for the restoration of images. The Windows 10 snipping tool also appears to be vulnerable, but no patch has been released.
Netgear Orbi Routers Are Vulnerable to a PoC
The Netgear Orbi 750 series routers and extender satellites are subject to a command execution vulnerability (CVE-2022-37337). This vulnerability was discovered by the Cisco Talos team. To exploit this issue an attacker needs to send a crafted HTTP request to a vulnerable router. The Cisco Talos team has released a PoC to demonstrate the issue. Netgear has since released firmware version 126.96.36.199 to resolve this issue.
GitHub.com Rotates Private SSH Key
GitHub has rotated the private SSH key to GitHub.com because the secret was accidentally published to a GitHub repository. The private RSA key was briefly exposed but out of caution, the service took action to replace the exposed RSA key. No changes occurred to the users that use ECDSA or ED25519.