Jan 30 2025 5 mins 19
SANS ISC Stormcast Jan 31st 2025: Old Netgear Vuln in Depth; Lightning AI RCE; Canon Printer RCE; Deepseek Leak; PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary] https://isc.sans.edu/diary/PCAPs%20or%20It%20Didn%27t%20Happen%3A%20Exposing%20an%20Old%20Netgear%20Vulnerability%20Still%20Active%20in%202025%20%5BGuest%20Diary%5D/31638 RCE Vulnerablity in AI Development Platform Lightning AI Noma Security discovered a neat remote code execution vulnerability in Lightning AI. This vulnerability is exploitable by tricking a logged in user into clicking a simple link. https://noma.security/noma-research-discovers-rce-vulnerability-in-ai-development-platform-lightning-ai/ Canon Laser Printers and Small Office Multifunctional Printer Vulnerabilities Canon fixed three different vulnerablities affecting various laser and small office multifunctional printers. These vulnerabilities may lead to remote code execution, and there are some interesting exploit opportunities https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers Deepseek ClickHouse Database Leak https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak keywords: deepseek; clickhouse; canon; ai; lightning; netgear
