CySecurity News – Latest Information Security and Hacking Incidents
According to reports published by Microsoft and Akamai, cybercriminals are targeting SolarWinds devices with the Log4Shell vulnerability, and ZyXEL is known to use the Log4j library in their software.
Attacks have been reported on SolarWinds and ZyXEL devices using the log4j library, according to Microsoft and Akamai reports. CVE-2021-35247 has been assigned to the vulnerability, which has been paired with a zero-day in the SolarWinds Serv-U file-sharing service.
According to Microsoft’s Threat Intelligence Center (MSTIC), the SolarWinds vulnerability, dubbed CVE-2021-35247, is a data validation hole that might allow attackers to compose a query based on some data and send it across the network without sanitizing.
Jonathan Bar-Or, a Microsoft security researcher, is credited with identifying the flaw, which affects Serv-U versions 15.2.5 and earlier. In Serv-U version 15.3, SolarWinds patched the vulnerability. “A closer look helped discover the feed Serv-U data and it generates an LDAP query using the user unsanitized input!” he claimed. Not only might this be included in log4j attacks but it also is used for LDAP injection.
SolarWinds claimed in its advisory, the Serv-U online log-in screen for LDAP authentication is permitting symbols that are not appropriately sanitized and it had modified the input method “to do further validation and sanitization.” The attacker cannot log in to Serv-U, according to a
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article. 
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: