Emotet Malware Uninstalled From Infected Devices

Subscribe to Newsletters

Earn (ISC)2 CPEs at Interop Digital, April 29

More Informa Tech Live Events

White Papers

What Elite Threat Hunters See That Others Miss: Case Study

How to Optimize Your Windows 10 Defense Strategy

Top Threats to Cloud Computing: The Egregious 11

Lessons Learned Investigating the SUNBURST Software Supply Chain Attack

Zero Trust Evaluation Guide

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: “See? I told you no one understands Linux.”

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2021-30638
PUBLISHED: 2021-04-27

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to Apach…

CVE-2020-21987
PUBLISHED: 2021-04-27

HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s br…

CVE-2020-21989
PUBLISHED: 2021-04-27

HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if…

CVE-2020-21998
PUBLISHED: 2021-04-27

In HomeAutomation 3.3.2 input passed via the ‘redirect’ GET parameter in ‘api.php’ script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a…

CVE-2020-22000
PUBLISHED: 2021-04-27

HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the ‘set_command_on’ and ‘set_command_off’ POST parameters in ‘/system/syste…

The post Emotet Malware Uninstalled From Infected Devices appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/emotet-malware-uninstalled-from-infected-devices/?utm_source=rss&utm_medium=rss&utm_campaign=emotet-malware-uninstalled-from-infected-devices