U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
美国网络安全机构CISA将MRLG、PHPMailer、Rails Ruby on Rails和Zimbra Collaboration Suite的四个高危漏洞加入已知被利用漏洞目录，涉及缓冲区溢出、命令注入、路径遍历和SSRF攻击，要求联邦机构于2025年7月28日前修复。 2025-7-8 14:13:31 Author: securityaffairs.com(查看原文) 阅读量:25 收藏

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the descriptions for these flaws:

CVE-2014-3931 (CVSS score: 9.8) Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability
CVE-2016-10033 (CVSS score: 9.8) PHPMailer Command Injection Vulnerability
CVE-2019-5418 (CVSS score: 7.5) Rails Ruby on Rails Path Traversal Vulnerability
CVE-2019-9621 (CVSS score: 7.5) Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability

CVE-2014-3931 vulnerability in MRLG (Multi-Router Looking Glass) resides in the fastping.c component before version 5.5.0, and allows remote attackers to perform an arbitrary memory write, leading to memory corruption.

CVE-2016-10033 vulnerability was discovered by the notorious security expert Dawid Golunski from Legal Hackers, it could be exploited by a remote unauthenticated attacker to execute arbitrary code in the context of the web server and compromise the target web application. The CVE-2016-10033 affects all versions of the library before the PHPMailer 5.2.18 release.

CVE-2019-5418 vulnerability in Action View (a component of Ruby on Rails) is a File Content Disclosure issue that affects multiple versions. An attacker can send specially crafted Accept headers (used for content negotiation in HTTP requests) that manipulate the way Action View resolves templates. This can trick the framework into rendering arbitrary files from the server’s filesystem, including secret configuration files, and /etc/passwd.

CVE-2019-9621 vulnerability impacts Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3. The flaw allows SSRF via the ProxyServlet component.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix the vulnerabilities by July 28, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA)

文章来源: https://securityaffairs.com/179722/hacking/u-s-cisa-adds-mrlg-phpmailer-rails-ruby-on-rails-and-synacor-zimbra-collaboration-suite-flaws-to-its-known-exploited-vulnerabilities-catalog.html
如有侵权请联系:admin#unsafe.sh