Skip to content
Right-Side-Virsec-Large Group-Dots-Light Sections

Vulnerability Analysis

Vulnerability Report, Volume 2, 2021

The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities. Each week, the Virsec team details the top vulnerabilities in open source code and a few vulnerabilities in popular security controls, their affected version, vulnerability details, and how the Virsec Security Platform (VSP) can detect these vulnerabilities. This report includes:

1. CVE-2020-24639: AirWave Glass (Command Injection)
2. CVE-2020-35578: Nagios (Remote Code Execution Vulnerability)
3. CVE-2020-35687: PHP Fusion (CSRF Attack)
4. CVE-2021-1711: Microsoft Office (Remote Code Execution Vulnerability)
5. CVE-2020-4838: IBM API Connect (Cross Path Scripting)
6. CVE-2020-29017: Forti Deceptor (Remote Code Execution Vulnerability) (Confused Deputy)

Right-Side-Virsec-Large Group-Dots-Light Sections