Threatninja Website

Vigilant is my middle name

Vulnerabilities

CVE 2019-11517

ByWan Ariff

Jun 12, 2019 ,

Lately, there is an old vulnerability that not yet been fixed in WampServer where it related to Cross Site Request Forgery. The previous CVE for this vulnerabilities is CVE-2018-8817(https://www.exploit-db.com/exploits/44385)

The attacker can still abuse this old flaw to get to the new vhosts that been deleted or added in the Apache configuration file

The score for this vulnerability are such as follows:

CVSS 3.0

  • Impact Score: 3.6
  • Exploitability Score: 2.8
  • Base Score: 6.5

CVSS 2.0

  • Impact Score: 4.9
  • Exploitability Score: 8.6
  • Base Score: 5.8

Recommendation

It was been advisable to update to the WampServer 3.1.9

Source: https://seclists.org/bugtraq/2019/Jun/10

By Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Related Post

Vulnerabilities

Microsoft Office hack that used in Mac OS

Aug 8, 2020 Wan Ariff
Vulnerabilities

1,000 exposed database has been wiped out by ‘Meow’ Attack

Jul 25, 2020 Wan Ariff
Vulnerabilities

New Ransomware active – Black Claw Ransomware

Jun 10, 2020 Wan Ariff

Leave a Reply

Your email address will not be published. Required fields are marked *

You missed

HackTheBox

Protected: HackTheBox: ScriptKiddie Machine Walkthrough – Easy Difficulty

Feb 28, 2021 Wan Ariff
News

Kali Linux 2021.1 new release review

Feb 28, 2021 Wan Ariff
HackTheBox

Protected: HackTheBox: Tenet Machine

Feb 24, 2021 Wan Ariff
HackTheBox

Protected: Hackthebox: Bucket Machine Walkthrough – Medium Difficulty

Feb 21, 2021 Wan Ariff