Cyberbytes Daily

CISA Warns Of CyberPanel, North Grid, ProjectSend & Zyxel Firewalls Flaws Exploited In Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding four critical vulnerabilities actively exploited in the wild, urging organizations to take immediate action to mitigate risks.

These flaws, affecting CyberPanel, North Grid Proself, ProjectSend, and Zyxel firewalls, pose significant threats to cybersecurity.

The vulnerabilities are tracked as:-

  • CVE-2024-51378
  • CVE-2023-45727
  • CVE-2024-11680
  • CVE-2024-11667

CISA highlighted the urgency of addressing these vulnerabilities as part of its Known Exploited Vulnerabilities (KEV) catalog under Binding Operational Directive (BOD) 22-01.

Failure to mitigate these flaws could lead to severe consequences, including data breaches, system compromises, and ransomware attacks.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

Flaws Exploited In Wild

CVE-2024-51378: CyberPanel Incorrect Default Permissions

This vulnerability in CyberPanel allows attackers to bypass authentication and execute arbitrary commands via shell metacharacters. It has been linked to ransomware campaigns. Organizations are advised to follow vendor mitigation instructions or discontinue use if fixes are unavailable. The deadline for federal agencies to address this issue is December 25, 2024.

CVE-2023-45727: North Grid Proself XXE Vulnerability

North Grid Proself Enterprise/Standard and related products are vulnerable to XML External Entity (XXE) attacks due to improper restrictions. This flaw could enable remote attackers to access sensitive files on the server. While its exploitation in ransomware campaigns remains unconfirmed, CISA recommends immediate patching or discontinuation of affected versions by December 24, 2024.

CVE-2024-11680: ProjectSend Improper Authentication

A critical flaw in ProjectSend allows unauthenticated attackers to modify application configurations, create accounts, and upload malicious webshells through crafted HTTP requests. With a CVSS score of 9.8, this vulnerability has been actively exploited. Organizations using ProjectSend are urged to update to version r1720 or later without delay.

CVE-2024-11667: Zyxel Firewall Path Traversal

Zyxel firewalls running ZLD firmware versions 5.00 through 5.38 are vulnerable to a path traversal flaw that enables attackers to upload or download files via crafted URLs. This vulnerability has been exploited in ransomware attacks such as Helldown, targeting both small businesses and larger organizations. Zyxel has released firmware updates addressing the issue and advises users to update immediately while also changing administrative passwords.

Apart from this, the organizations are advised to:-

  • Apply vendor-provided patches or mitigation steps.
  • Discontinue use of affected products if fixes are not available.
  • Strengthen monitoring for suspicious activity.

The deadline for federal agencies to remediate these vulnerabilities is December 24 or 25, 2024, depending on the specific flaw.

Private organizations are strongly encouraged to act promptly to safeguard their systems against exploitation.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses

The post CISA Warns Of CyberPanel, North Grid, ProjectSend & Zyxel Firewalls Flaws Exploited In Wild appeared first on Cyber Security News.

Tags

About Author

Chad Barr

Chad Barr is a visionary and executive leader, blending over two decades of expertise with a unique ability to demystify complex technical concepts. As a cybersecurity leader, prolific author, and director at AccessIT Group, Chad has empowered organizations across diverse industries to build resilient security frameworks. His engaging writing, speaking engagements, and thought leadership inspire proactive cybersecurity practices, making him a trusted voice in the ever-evolving digital landscape.

My Books

Cybersecurity News

  • Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
    by [email protected] (The Hacker News) on January 9, 2025 at 5:29 pm

    Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and

  • 5 Benefits Of A Malware Sandbox For Business Security
    by Balaji N on January 9, 2025 at 5:27 pm

    Imagine an employee receiving an email that looks completely legitimate, maybe it’s a fake invoice or a shipping update. They click on the attachment, and just like that, your network could be infected with ransomware, sensitive customer data stolen, or your entire system brought to a halt. It’s a nightmare scenario, but one that happens The post 5 Benefits Of A Malware Sandbox For Business Security appeared first on Cyber Security News.

  • Rapid Cyber Incident Response: Why Speed, Quality, and the Right Tools Matter
    by Kaaviya Ragupathy on January 9, 2025 at 4:48 pm

    As you probably know by now, it doesn’t really matter how big in size your business is, you’re going to be up against the risk of cyberattacks in some form or another. These can range in scope and scale with threats such as ransomware and phishing campaigns right through insider threats and advanced persistent attacks. The post Rapid Cyber Incident Response: Why Speed, Quality, and the Right Tools Matter appeared first on Cyber Security News.

  • Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace
    by Kaaviya Ragupathy on January 9, 2025 at 4:32 pm

    Criminal IP, a globally recognized Cyber Threat Intelligence (CTI) solution by AI SPERA, has launched its Criminal IP Malicious Link Detector add-in on the Microsoft Marketplace. This cutting-edge tool provides real-time phishing email detection and URL blocking for Microsoft Outlook, adding an essential layer of email security in the face of increasing cyber threats. Generative AI advancements The post Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace appeared first on Cyber Security News.

  • New AI Challenges Will Test CISOs & Their Teams in 2025
    by Josh Lemos on January 9, 2025 at 3:00 pm

    CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats.

Latest Posts

Categories

Tags

AI AWS ChatGPT Credit Card Fraud Cybercriminals Cyber News Cyber Security Cybersecurity News Data Breach Digital Transformation Gen AI IoT Nation-State Ransomware Security Skimmer Malware Starbucks