The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.



This update adds "Connect to" Agent Connection and fixes some issues.

Multiple vulnerabilities in the Security Service of Cisco AnyConnect Posture for Windows could allow an authenticated local attacker, to execute arbitrary commands with SYSTEM user privileges.

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem.

SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local privilege escalation from low privileged users to SYSTEM via a crafted openssl configuration file.

A vulnerability in the File Manager (wp-file-manager) plugin for WordPress, version 6.0 to 6.8, allows to unauthenticated remote attackers to upload and execute arbitrary PHP code because.



The root cause is an unsafe renaming of a example elFinder connector file with the php extension.



Successful exploitation of this vulnerability allows attackers to write php files to the wp-content/plugins/wp-file-manager/lib/files/ directory of Wordpress.

This update improves the reliability on Windows Server 2008 Enterprise Edition SP2 - x86-64.

An authenticated JNDI injection vulnerability in Oracle Weblogic Server allows attackers to execute a java class file to gain arbitrary code execution on the affected system.

This exploit leverages a vulnerability in Pulse Secure which allows an unauthenticated remote attacker to send a specially crafted URI to perform an arbitrary file reading vulnerability.

A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects.