Victor Pasman
Role: CSIRT Teamlead level 2Articles / cases / cves
CSIRT Cases
- DIVD-2023-00011 - FortiNAC and FortiWeb RCE Vulnerability
- DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN
- DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
- DIVD-2022-00058 - ZK Framework - ZK AuUploader Servlet Upload Vulnerability
- DIVD-2022-00056 - Critical authentication bypass affecting Fortigate products
- DIVD-2022-00052 - Multiple vulnerabilities is Cloudflow software
- DIVD-2022-00045 - Injection vulnerability found within Socket.io
- DIVD-2022-00038 - Vulnerable Oracle WebLogic Server
- DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE
- DIVD-2022-00032 - Exchange backdoor
- DIVD-2022-00029 - Remote Code Execution on Sophos Firewall
- DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
- DIVD-2022-00026 - WSO2 Remote Code Executions - CVE-2022-29464
- DIVD-2022-00025 - VMware - CVE-2022-22954
- DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
- DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js
- DIVD-2022-00008 - XSS Zeroday in Zimbra
- DIVD-2021-00038 - Apache Log4j2
- DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-premise solution
- DIVD-2021-00033 - Sites with Potential SQL-Injection
- DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
- DIVD-2021-00015 - Telegram OD
- DIVD-2021-00006 - SmarterMail
CVEs contributed to
- CVE-2021-32233 - SmarterTools SmarterMail before Build 7776 allows XSS
- CVE-2021-32234 - SmarterTools SmarterMail before Build 7776 allows RCE
- CVE-2021-43977 - SmarterTools SmarterMail before 100.0.7803 allows XSS
- CVE-2022-0564 - Qlik sense Enterprise Domain User enumeration
- CVE-2022-2421 - Socket.io - Improper type validation in attachment parsing
- CVE-2022-2422 - Feathers - SQL injection via attribute aliases
- CVE-2022-25151 - ITarian - Session cookie not protected by HttpOnly flag
- CVE-2022-25152 - ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
- CVE-2022-25153 - ITarian - Local privilege escalation in Endpoint Manager agent on Windows
- CVE-2022-29822 - Feathers - Improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection
- CVE-2022-29823 - Feathers - Query “__proto__” is converted to real prototype
- CVE-2022-3901 - Visioweb.js - Prototype Pollution can results in XSS
- CVE-2022-41216 - Cloudflow - Local File Inclusion Vulnerability
- CVE-2022-41217 - Cloudflow - Unauthenticated file upload vulnerability
- CVE-2023-22577 - White Rabbit Switch - Password Disclosure Vulnerability
- CVE-2023-22578 - Sequalize - Default support for “raw attributes” when using parentheses
- CVE-2023-22579 - Sequalize - Unsafe fall-through in getWhereConditions
- CVE-2023-22580 - Sequalize - Bad query filtering leading to SQL errors
- CVE-2023-22581 - White Rabbit Switch - Unauthenticated remote code execution